wip

shop/shopapi/routers.py

@@ -1,9 +1,12 @@
 from django.urls import path
+from rest_framework import routers
 
 from . import viewsets
 
+router = routers.DefaultRouter()
 
-urlpatterns = [
+
+urlpatterns = router.urls +  [
     path('address/list/', viewsets.getAddressList, name='address-list'),
     path('address/create/', viewsets.createAddress, name='address-create'),
     path('address/<str:pk>/', viewsets.getAddress, name='address-detail'),

shopproject/settings_base.py

@@ -185,18 +185,44 @@
 # }
 
 REST_FRAMEWORK = {
-    'DEFAULT_PERMISSION_CLASSES': (
-        'rest_framework.permissions.IsAuthenticated',
-    ),
-    'DEFAULT_AUTHENTICATION_CLASSES': (
-        # 'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework_simplejwt.authentication.JWTAuthentication',
         'rest_framework.authentication.SessionAuthentication',
-        'rest_framework.authentication.BasicAuthentication',
-    ),
+    ],
     'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
     'PAGE_SIZE': 2,
 }
 
-JWT_AUTH = {
-    'JWT_RESPONSE_PAYLOAD_HANDLER': 'users.utils.my_jwt_response_handler'
+
+from datetime import timedelta
+SIMPLE_JWT = {
+    'ACCESS_TOKEN_LIFETIME': timedelta(days=30),
+    'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
+    'ROTATE_REFRESH_TOKENS': False,
+    'BLACKLIST_AFTER_ROTATION': False,
+    'UPDATE_LAST_LOGIN': False,
+
+    'ALGORITHM': 'HS256',
+    'SIGNING_KEY': SECRET_KEY,
+    'VERIFYING_KEY': None,
+    'AUDIENCE': None,
+    'ISSUER': None,
+    'JWK_URL': None,
+    'LEEWAY': 0,
+
+    'AUTH_HEADER_TYPES': ('Bearer',),
+    'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
+    'USER_ID_FIELD': 'id',
+    'USER_ID_CLAIM': 'user_id',
+    'USER_AUTHENTICATION_RULE': 'rest_framework_simplejwt.authentication.default_user_authentication_rule',
+
+    'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
+    'TOKEN_TYPE_CLAIM': 'token_type',
+    'TOKEN_USER_CLASS': 'rest_framework_simplejwt.models.TokenUser',
+
+    'JTI_CLAIM': 'jti',
+
+    'SLIDING_TOKEN_REFRESH_EXP_CLAIM': 'refresh_exp',
+    'SLIDING_TOKEN_LIFETIME': timedelta(minutes=5),
+    'SLIDING_TOKEN_REFRESH_LIFETIME': timedelta(days=1),
 }

shopproject/urls.py

@@ -18,11 +18,10 @@
 from django.conf import settings
 from django.conf.urls.static import static
 
-from rest_framework.authtoken import views as api_views
-
-# from rest_framework_jwt.views import (
-#   obtain_jwt_token, refresh_jwt_token, verify_jwt_token
-# )
+from rest_framework_simplejwt.views import (
+    TokenObtainPairView,
+    TokenRefreshView,
+)
 
 from .views import TestView
 from shop.views import IndexView
@@ -36,8 +35,9 @@
     path('users/', include('users.urls')),
     path('users/api/', include('users.api.routers')),
     path('profiles/', include('profiles.urls')),
-    path('api-token-auth/', api_views.obtain_auth_token, name='api-token'),
     path('api-auth/', include('rest_framework.urls')),
+    path('api-auth/login/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
+    path('api/login/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
     # path('api-token-auth/', obtain_jwt_token),
     # path('api-token-refresh/', refresh_jwt_token),
     #path('api-token-verify/', verify_jwt_token),

users/api/routers.py

@@ -7,6 +7,7 @@
 router.register(r'groups', viewsets.GroupViewSet)
 
 urlpatterns = router.urls + [
+    path('login/', viewsets.MyTokenObtainPairView.as_view(), name='token_obtain_pair'),
     path('current_user/', viewsets.current_user),
     path('register/', viewsets.RegisterApi.as_view()),
     # path('users/', UserList.as_view())

users/api/serializers.py

@@ -1,6 +1,7 @@
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Group
 from rest_framework import serializers
+from rest_framework_simplejwt.tokens import RefreshToken
 
 User = get_user_model()
 
@@ -29,7 +30,18 @@ def create(self, validated_data):
 class UserSerializer(serializers.HyperlinkedModelSerializer):
     class Meta:
         model = User
-        fields = ['url', 'username', 'email', 'groups']
+        fields = ['url', 'email', 'groups']
+
+
+class UserSerializerWithToken(UserSerializer):
+    token = serializers.SerializerMethodField(read_only=True)
+    class Meta:
+        model = User
+        fields = ['id','email', 'first_name', 'is_staff', 'token']
+
+    def get_token(self,obj):
+        token = RefreshToken.for_user(obj)
+        return str(token.access_token)
 
 
 class GroupSerializer(serializers.HyperlinkedModelSerializer):

users/api/viewsets.py

@@ -5,15 +5,20 @@
 from rest_framework import generics, permissions
 from rest_framework.decorators import api_view
 
+from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
+from rest_framework_simplejwt.views import TokenObtainPairView
+
 User = get_user_model()
 
 
 from .serializers import (
     UserSerializer, GroupSerializer,
-    RegisterSerializer
+    RegisterSerializer,
+    UserSerializerWithToken
 )
 
 
+
 @api_view(['GET'])
 def current_user(request):
     """
@@ -55,3 +60,25 @@ class GroupViewSet(viewsets.ModelViewSet):
     queryset = Group.objects.all()
     serializer_class = GroupSerializer
     permission_classes = [permissions.IsAuthenticated]
+
+
+class MyTokenObtainPairSerializer(TokenObtainPairSerializer):
+    # @classmethod
+    # def get_token(cls, user):
+    #     token = super().get_token(user)
+    #     # Add custom claims
+    #     token['usernamename'] = user.username
+
+
+    #     return token
+    def validate(self, attrs):
+        data = super().validate(attrs)
+
+        serializer = UserSerializerWithToken(self.user).data
+        for k, v in serializer.items():
+            data[k] = v
+
+        return data
+
+class MyTokenObtainPairView(TokenObtainPairView):
+    serializer_class = MyTokenObtainPairSerializer