jwt_token.py 1.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
  1. # -*- coding: utf-8 -*-
  2. from __future__ import unicode_literals
  3. from django.conf import settings
  4. from django.contrib.auth import authenticate
  5. from django.contrib.auth.models import User
  6. from django.utils.crypto import constant_time_compare
  7. from jwt import DecodeError
  8. import jwt
  9. '''
  10. '''
  11. def create_token(username, password):
  12. # Check if exists jwt key
  13. if not settings.JWT_SECRET_KEY:
  14. return None
  15. user = authenticate(username=username, password=password)
  16. # Check user authentication
  17. if not user:
  18. return user
  19. payload = {
  20. 'uid': user.id,
  21. 'password': user.password
  22. }
  23. return jwt.encode(payload, settings.JWT_SECRET_KEY, algorithm='HS256')
  24. '''
  25. '''
  26. def explode_token(token):
  27. # Normalize token
  28. if token.startswith(settings.JWT_PREFIX_HEADER):
  29. prefix_length = len(settings.JWT_PREFIX_HEADER)
  30. token = token[prefix_length + 1:]
  31. # Check if exists jwt key
  32. if not settings.JWT_SECRET_KEY:
  33. return None
  34. payload = None
  35. try:
  36. payload = jwt.decode(token, settings.JWT_SECRET_KEY, algorithm='HS256')
  37. except DecodeError:
  38. print('error')
  39. return False
  40. # Check payload parameters
  41. if 'uid' not in payload or 'password' not in payload:
  42. return False
  43. return payload
  44. '''
  45. '''
  46. def get_user(token):
  47. payload = explode_token(token)
  48. user = User.objects.get(pk=payload['uid'])
  49. return user
  50. '''
  51. '''
  52. def get_username(token):
  53. user = get_user(token)
  54. # Check if exists user
  55. if not user:
  56. return user
  57. return user.name
  58. '''
  59. '''
  60. def check_token(token):
  61. payload = explode_token(token)
  62. if not payload:
  63. return False
  64. print(payload['uid'])
  65. user = User.objects.get(pk=payload['uid'])
  66. # Check if exists user
  67. if not user:
  68. return False
  69. return constant_time_compare(user.password, payload['password'])