backend django set jwt token auth

coderj001 · coderj001 · commit a1d4f359fa86 · 2021-04-08T21:54:11.000+05:30
diff --git a/backend/Backend/settings.py b/backend/Backend/settings.py
@@ -1,5 +1,7 @@
-from pathlib import Path
 import os
+from datetime import timedelta
+from pathlib import Path
+from django.conf import settings
 
 BASE_DIR = Path(__file__).resolve().parent.parent
 
@@ -23,6 +25,41 @@
     'core.apps.CoreConfig'
 ]
 
+REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework_simplejwt.authentication.JWTAuthentication',
+    )
+}
+
+
+SIMPLE_JWT = {
+    'ACCESS_TOKEN_LIFETIME': timedelta(days=30),
+    'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
+    'ROTATE_REFRESH_TOKENS': False,
+    'BLACKLIST_AFTER_ROTATION': True,
+    'UPDATE_LAST_LOGIN': False,
+
+    'ALGORITHM': 'HS256',
+    'SIGNING_KEY': settings.SECRET_KEY,
+    'VERIFYING_KEY': None,
+    'AUDIENCE': None,
+    'ISSUER': None,
+
+    'AUTH_HEADER_TYPES': ('Bearer',),
+    'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
+    'USER_ID_FIELD': 'id',
+    'USER_ID_CLAIM': 'user_id',
+
+    'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
+    'TOKEN_TYPE_CLAIM': 'token_type',
+
+    'JTI_CLAIM': 'jti',
+
+    'SLIDING_TOKEN_REFRESH_EXP_CLAIM': 'refresh_exp',
+    'SLIDING_TOKEN_LIFETIME': timedelta(minutes=5),
+    'SLIDING_TOKEN_REFRESH_LIFETIME': timedelta(days=1),
+}
+
 MIDDLEWARE = [
     'corsheaders.middleware.CorsMiddleware',
 
diff --git a/backend/Backend/urls.py b/backend/Backend/urls.py
@@ -1,7 +1,7 @@
-from django.contrib import admin
-from django.urls import path, include
 from django.conf import settings
 from django.conf.urls.static import static
+from django.contrib import admin
+from django.urls import include, path
 
 urlpatterns = [
     path('admin/', admin.site.urls),
diff --git a/backend/Pipfile b/backend/Pipfile
@@ -8,6 +8,7 @@ django = "*"
 djangorestframework = "*"
 django-cors-headers = "*"
 pillow = "*"
+djangorestframework-simplejwt = "*"
 
 [dev-packages]
 django-linter = "*"
diff --git a/backend/Pipfile.lock b/backend/Pipfile.lock
diff --git a/backend/core/serializer.py b/backend/core/serializer.py
@@ -1,10 +1,50 @@
 from django.contrib.auth.models import User
-from rest_framework.serializers import ModelSerializer
+from rest_framework.serializers import ModelSerializer, SerializerMethodField
+from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
+from rest_framework_simplejwt.tokens import RefreshToken
 
 from core.models import Order, OrderItem, Product, Review, ShippingAddress
 
 
+class UserSerializer(ModelSerializer):
+    _id = SerializerMethodField(read_only=True)
+    isAdmin = SerializerMethodField(read_only=True)
+
+    class Meta:
+        model = User
+        fields = ('_id', 'username', 'email', 'isAdmin')
+
+    def get__id(self, obj):
+        return obj.id
+
+    def get_isAdmin(self, obj):
+        return obj.is_staff
+
+
+class UserSerializerWithToken(UserSerializer):
+    token = SerializerMethodField(read_only=True)
+
+    class Meta:
+        model = User
+        fields = ('_id', 'username', 'email', 'isAdmin', 'token')
+
+    def get_token(self, obj):
+        token = RefreshToken.for_user(obj)
+        return str(token.access_token)
+
+
 class ProductSerializer(ModelSerializer):
     class Meta:
         model = Product
         fields = '__all__'
+
+
+class MyTokenObtainPairSerializer(TokenObtainPairSerializer):
+    def validate(self, attrs):
+        data = super().validate(attrs)
+
+        serializer = UserSerializerWithToken(self.user).data
+        for k, v in serializer.items():
+            data[k] = v
+
+        return data
diff --git a/backend/core/urls.py b/backend/core/urls.py
@@ -1,9 +1,13 @@
 from django.urls import path
-from core.views import getProducts, getProduct
+
+from core.views import (MyTokenObtainPairView, getProduct, getProducts,
+                        getUserProfile)
 
 APP_NAME = 'core'
 
 urlpatterns = [
+    path('users/login/', MyTokenObtainPairView.as_view(), name="token_obtain_pair"),
+    path('users/profile/', getUserProfile, name="user-profile"),
     path('products/', getProducts, name="get-products"),
     path('product/<int:id>/', getProduct, name="get-product"),
 ]
diff --git a/backend/core/views.py b/backend/core/views.py
@@ -1,8 +1,21 @@
 from rest_framework.decorators import api_view
 from rest_framework.response import Response
+from rest_framework_simplejwt.views import TokenObtainPairView
 
 from core.models import Order, OrderItem, Product, Review, ShippingAddress
-from core.serializer import ProductSerializer
+from core.serializer import (MyTokenObtainPairSerializer, ProductSerializer,
+                             UserSerializer)
+
+
+class MyTokenObtainPairView(TokenObtainPairView):
+    serializer_class = MyTokenObtainPairSerializer
+
+
+@api_view(['GET'])
+def getUserProfile(request):
+    user = request.user
+    serializer = UserSerializer(user, many=False)
+    return Response(serializer.data)
 
 
 @api_view(['GET'])
