Added sign-in view and simple protected view

2024-02-29 20:42:06 +03:00
parent fcf4499787
commit 2ea64e2bcb
6 changed files with 161 additions and 68 deletions
@@ -0,0 +1,29 @@
+import jwt
+from django.conf import settings
+from rest_framework.authentication import BaseAuthentication
+from rest_framework.exceptions import AuthenticationFailed
+
+from users.models import Profile
+
+
+class JWTAuthentication(BaseAuthentication):
+    def authenticate(self, request):
+        token = request.headers.get("Authorization", "").split("Bearer ")[-1]
+
+        if not token:
+            return None
+
+        try:
+            payload = jwt.decode(
+                token, settings.SECRET_KEY, algorithms=["HS256"]
+            )
+
+            user = Profile.objects.get(login=payload["login"])
+
+            return (user, None)
+        except Profile.DoesNotExist:
+            raise AuthenticationFailed("Invalid token")
+        except jwt.ExpiredSignatureError:
+            raise AuthenticationFailed("Token has expired")
+        except jwt.InvalidTokenError:
+            raise AuthenticationFailed("Invalid token")