54 lines
1.4 KiB
Python
54 lines
1.4 KiB
Python
import logging
|
|
|
|
from django.http import JsonResponse
|
|
|
|
from rest_framework.decorators import api_view
|
|
from py_jwt_validator import PyJwtValidator, PyJwtException
|
|
import requests
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
def authorize(request: requests.Request):
|
|
logger.debug('Validating request: {}'.format(request))
|
|
|
|
if 'Authorization' not in request.headers:
|
|
print(f"Authorization header missing")
|
|
logger.error(f"Authorization header missing")
|
|
return None
|
|
|
|
bearer = request.headers['Authorization']
|
|
|
|
if len(bearer.split()) < 2:
|
|
return None
|
|
|
|
jwt = bearer.split()[1]
|
|
|
|
try:
|
|
validator = PyJwtValidator(jwt, auto_verify=False)
|
|
token = validator.verify(True)
|
|
if 'payload' in token:
|
|
payload = token['payload']
|
|
if 'sub' in payload:
|
|
return payload['sub']
|
|
except PyJwtException as e:
|
|
print(f"Exception caught. Error: {e}")
|
|
logger.error(f"Exception caught. Error: {e}")
|
|
return None
|
|
except UnicodeDecodeError as e2:
|
|
print(f"Exception caught. Error: {e2}")
|
|
logger.error(f"Exception caught. Error: {e2}")
|
|
return None
|
|
return None
|
|
|
|
|
|
class LoginClass:
|
|
@staticmethod
|
|
@api_view(['GET'])
|
|
def login(request: requests.Request):
|
|
user_sub = authorize(request)
|
|
if not user_sub:
|
|
return JsonResponse({}, status=401)
|
|
|
|
return JsonResponse({'user': user_sub}, safe=False, status=200)
|