Remodelled client authorization

2021-04-30 15:42:59 +02:00 · 2021-04-30 15:42:59 +02:00 · ca1d7fdb7a
commit ca1d7fdb7a
parent 7dd3232139
2 changed files with 34 additions and 32 deletions
--- a/backend/app_be/urls.py
+++ b/backend/app_be/urls.py
@ -21,7 +21,6 @@ from app_be.views.rest_api import *

 urlpatterns = [
    path('admin/', admin.site.urls),
-    url(r'^test/', TestApiClass.test_api),
    url(r'^api/login', LoginClass.login),
 ]

--- a/backend/app_be/views/rest_api.py
+++ b/backend/app_be/views/rest_api.py
@ -3,48 +3,51 @@ import logging
 from django.http import JsonResponse

 from rest_framework.decorators import api_view
-from oauthlib import openid
 from py_jwt_validator import PyJwtValidator, PyJwtException
 import requests

 logger = logging.getLogger(__name__)


-class TestApiClass:
-    @staticmethod
-    @api_view(['GET'])
-    def test_api(request):
-        logger.debug('Test api call: {}'.format(request))
-        return JsonResponse({'Result': 'success'}, safe=False)
+def authorize(request: requests.Request):
+    logger.debug('Validating request: {}'.format(request))
+
+    if 'Authorization' not in request.headers:
+        print(f"Authorization header missing")
+        logger.error(f"Authorization header missing")
+        return None
+
+    bearer = request.headers['Authorization']
+
+    if len(bearer.split()) < 2:
+        return None
+
+    jwt = bearer.split()[1]
+
+    try:
+        validator = PyJwtValidator(jwt, auto_verify=False)
+        token = validator.verify(True)
+        if 'payload' in token:
+            payload = token['payload']
+            if 'sub' in payload:
+                return payload['sub']
+    except PyJwtException as e:
+        print(f"Exception caught. Error: {e}")
+        logger.error(f"Exception caught. Error: {e}")
+        return None
+    except UnicodeDecodeError as e2:
+        print(f"Exception caught. Error: {e2}")
+        logger.error(f"Exception caught. Error: {e2}")
+        return None
+    return None


 class LoginClass:
    @staticmethod
    @api_view(['GET'])
    def login(request: requests.Request):
-        logger.debug('Validating request: {}'.format(request))
-
-        if 'Authorization' not in request.headers:
-            print(f"Authorization header missing")
-            logger.error(f"Authorization header missing")
+        user_sub = authorize(request)
+        if not user_sub:
            return JsonResponse({}, status=401)

-        bearer = request.headers['Authorization']
-
-        if len(bearer.split()) < 2:
-            return JsonResponse({}, status=401)
-
-        jwt = bearer.split()[1]
-
-        try:
-            PyJwtValidator(jwt)
-        except PyJwtException as e:
-            print(f"Exception caught. Error: {e}")
-            logger.error(f"Exception caught. Error: {e}")
-            return JsonResponse({}, status=401)
-        except UnicodeDecodeError as e2:
-            print(f"Exception caught. Error: {e2}")
-            logger.error(f"Exception caught. Error: {e2}")
-            return JsonResponse({}, status=401)
-
-        return JsonResponse({}, safe=False, status=200)
+        return JsonResponse({'user': user_sub}, safe=False, status=200)