|
|
|
|
@@ -1,7 +1,6 @@
|
|
|
|
|
import typing
|
|
|
|
|
from rest_framework.permissions import AllowAny
|
|
|
|
|
from apps.authentication.api.v1.serializers.jwt import CustomizedTokenObtainPairSerializer
|
|
|
|
|
from rest_framework_simplejwt.authentication import JWTAuthentication
|
|
|
|
|
from rest_framework.decorators import action, permission_classes
|
|
|
|
|
from apps.authentication import permissions as auth_permissions
|
|
|
|
|
from apps.authentication.api.v1.serializers.serializer import (
|
|
|
|
|
@@ -14,6 +13,8 @@ from apps.authentication.api.v1.serializers.serializer import (
|
|
|
|
|
)
|
|
|
|
|
from rest_framework_simplejwt.views import TokenObtainPairView
|
|
|
|
|
from apps.authorization.api.v1 import api as authorize_view
|
|
|
|
|
from rest_framework.permissions import IsAuthenticated
|
|
|
|
|
from apps.authentication.tools import get_token_jti
|
|
|
|
|
from rest_framework.viewsets import ModelViewSet
|
|
|
|
|
from apps.authentication.models import (
|
|
|
|
|
User,
|
|
|
|
|
@@ -24,16 +25,14 @@ from apps.authentication.models import (
|
|
|
|
|
BankAccountInformation,
|
|
|
|
|
BlacklistedAccessToken
|
|
|
|
|
)
|
|
|
|
|
from django.db import transaction
|
|
|
|
|
from rest_framework.response import Response
|
|
|
|
|
from common.tools import CustomOperations
|
|
|
|
|
from rest_framework.views import APIView
|
|
|
|
|
from django.core.cache import cache
|
|
|
|
|
from rest_framework import status
|
|
|
|
|
from django.db import transaction
|
|
|
|
|
from common.sms import send_sms
|
|
|
|
|
import random
|
|
|
|
|
from rest_framework.views import APIView
|
|
|
|
|
from rest_framework.permissions import IsAuthenticated
|
|
|
|
|
from apps.authentication.tools import get_token_jti
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class CustomizedTokenObtainPairView(TokenObtainPairView):
|
|
|
|
|
@@ -41,24 +40,6 @@ class CustomizedTokenObtainPairView(TokenObtainPairView):
|
|
|
|
|
serializer_class = CustomizedTokenObtainPairSerializer
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class LogoutView(APIView):
|
|
|
|
|
permission_classes = [IsAuthenticated]
|
|
|
|
|
|
|
|
|
|
def post(self, request):
|
|
|
|
|
token_str = request.auth # access token from header
|
|
|
|
|
jti, user_id = get_token_jti(str(token_str))
|
|
|
|
|
|
|
|
|
|
if not jti:
|
|
|
|
|
return Response({'detail': 'Invalid token'}, status=status.HTTP_400_BAD_REQUEST)
|
|
|
|
|
|
|
|
|
|
BlacklistedAccessToken.objects.get_or_create(jti=jti, defaults={
|
|
|
|
|
'token': token_str,
|
|
|
|
|
'user_id': user_id,
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
return Response({'detail': 'Access token blacklisted.'}, status=status.HTTP_200_OK)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class UserViewSet(ModelViewSet):
|
|
|
|
|
""" Crud operations for user model """
|
|
|
|
|
queryset = User.objects.all()
|
|
|
|
|
@@ -307,3 +288,23 @@ class GeneralOTPViewSet(ModelViewSet):
|
|
|
|
|
if entered_code == cached_code:
|
|
|
|
|
return Response(status=status.HTTP_200_OK)
|
|
|
|
|
return Response(status=status.HTTP_403_FORBIDDEN)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class LogoutView(APIView):
|
|
|
|
|
""" logout user """
|
|
|
|
|
|
|
|
|
|
permission_classes = [IsAuthenticated]
|
|
|
|
|
|
|
|
|
|
def post(self, request): # noqa
|
|
|
|
|
token_str = request.auth # access token from header
|
|
|
|
|
jti, user_id = get_token_jti(str(token_str))
|
|
|
|
|
|
|
|
|
|
if not jti:
|
|
|
|
|
return Response({'detail': 'Invalid token'}, status=status.HTTP_400_BAD_REQUEST)
|
|
|
|
|
|
|
|
|
|
BlacklistedAccessToken.objects.get_or_create(jti=jti, defaults={
|
|
|
|
|
'token': token_str,
|
|
|
|
|
'user_id': user_id,
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
return Response({'detail': 'Access token blacklisted.'}, status=status.HTTP_200_OK)
|
|
|
|
|
|
