[ADD] token managing

api/resources/jwt_resource.py

@@ -0,0 +1,93 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+from django.conf.urls import url
+from tastypie.resources import Resource
+from api.utils import jwt_token
+import simplejson as json
+
+'''
+'''
+class JWTResource(Resource):
+    class Meta:
+        allowed_methods = ['post']
+        resource_name = 'auth'
+
+    '''
+    '''
+    def prepend_urls(self):
+        return [
+            url(r'^%s/get_token/$' % self._meta.resource_name, self.wrap_view('get_token'), name="api_get_token"),
+            url(r'^%s/check_token/$' % self._meta.resource_name, self.wrap_view('check_token'), name="api_check_token"),
+        ]
+
+    '''
+    '''
+    def get_token(self, request, **kwargs):
+        self.method_check(request, allowed=self._meta.allowed_methods)
+
+        # Check content type
+        if request.content_type != 'application/json':
+            return self.create_response(request, {
+                'error': 'request is not json'
+            })
+
+        # Check body
+        if not request.body:
+            return self.create_response(request, {
+                'error': 'request body is empty'
+            })
+
+        body = json.loads(request.body)
+
+        # Check required parameters
+        if 'username' not in body or 'password' not in body:
+            return self.create_response(request, {
+                'error': 'username or password not provided in request'
+            })
+
+        token = jwt_token.create_token(body['username'], body['password'])
+
+        # Check user
+        if not token:
+            return self.create_response(request, {
+                'error': 'cannot authenticate user'
+            })
+
+        bundle = self.build_bundle(obj={
+            'token': token
+        }, request=request)
+
+        return self.create_response(request, bundle.obj)
+
+    '''
+    '''
+    def check_token(self, request, **kwargs):
+        self.method_check(request, allowed=self._meta.allowed_methods)
+
+         # Check content type
+        if request.content_type != 'application/json':
+            return self.create_response(request, {
+                'error': 'request is not json'
+            })
+
+        # Check body
+        if not request.body:
+            return self.create_response(request, {
+                'error': 'request body is empty'
+            })
+
+        body = json.loads(request.body)
+
+        # Check required parameters
+        if 'token' not in body:
+            return self.create_response(request, {
+                'error': 'token not provided in request'
+            })
+
+        nice_token = jwt_token.check_token(body['token'])
+
+        bundle = self.build_bundle(obj={
+            'status': nice_token
+        }, request=request)
+
+        return self.create_response(request, bundle.obj)

api/urls.py

@@ -6,6 +6,7 @@ from tastypie.api import Api
 from api.resources.user_resource import UserResource
 from api.resources.permission_resource import PermissionResource
 from api.resources.group_resource import GroupResource
+from api.resources.jwt_resource import JWTResource
 from api.resources.request_resource import RequestResource
 from api.resources.task_resource import TaskResource
 
@@ -13,5 +14,6 @@ v1_api = Api(api_name='v1')
 v1_api.register(UserResource())
 v1_api.register(PermissionResource())
 v1_api.register(GroupResource())
+v1_api.register(JWTResource())
 v1_api.register(RequestResource())
 v1_api.register(TaskResource())

api/utils/jwt_token.py

@@ -2,26 +2,47 @@
 from __future__ import unicode_literals
 from django.conf import settings
 from django.contrib.auth import authenticate
+from django.contrib.auth.models import User
+from django.utils.crypto import constant_time_compare
 import jwt
 
 '''
 '''
-def create_token(self, username, password):
+def create_token(username, password):
+    # Check if exists jwt key
+    if not settings.JWT_SECRET_KEY:
+        return None
+
     user = authenticate(username=username, password=password)
 
-    if user is None:
+    # Check user authentication
+    if not user:
         return user
 
     payload = {
         'uid': user.id,
-        'password': password
+        'password': user.password
     }
 
-    print(user)
-
-
+    return jwt.encode(payload, settings.JWT_SECRET_KEY, algorithm='HS256')
 
 '''
 '''
-def check_token(self, parameter_list):
-    pass
+def check_token(token):
+    # Check if exists jwt key
+    if not settings.JWT_SECRET_KEY:
+        return None
+
+    payload = jwt.decode(token, settings.JWT_SECRET_KEY, algorithm='HS256')
+
+    # Check payload parameters
+    if 'uid' not in payload or 'password' not in payload:
+        return False
+
+    user = User.objects.get(pk=payload['uid'])
+
+    # Check if exists user
+    if not user:
+        return False
+
+    return constant_time_compare(user.password, payload['password'])