refactored remember flag in login
This commit is contained in:
Anatoly
parent
e22a54114b
commit
0db7b52df7
|
|
@ -12,6 +12,8 @@ from rest_framework_simplejwt import tokens
|
||||||
class JWTGenericViewMixin(generics.GenericAPIView):
|
class JWTGenericViewMixin(generics.GenericAPIView):
|
||||||
"""JWT view mixin"""
|
"""JWT view mixin"""
|
||||||
|
|
||||||
|
JWT_SETTINGS = settings.SIMPLE_JWT
|
||||||
|
|
||||||
ACCESS_TOKEN_HTTP_ONLY = False
|
ACCESS_TOKEN_HTTP_ONLY = False
|
||||||
ACCESS_TOKEN_SECURE = False
|
ACCESS_TOKEN_SECURE = False
|
||||||
|
|
||||||
|
|
@ -38,18 +40,26 @@ class JWTGenericViewMixin(generics.GenericAPIView):
|
||||||
"""
|
"""
|
||||||
COOKIES = list()
|
COOKIES = list()
|
||||||
|
|
||||||
|
# Set max_age for tokens
|
||||||
|
if permanent:
|
||||||
|
access_token_max_age = self.JWT_SETTINGS.get('ACCESS_TOKEN_LIFETIME_SECONDS')
|
||||||
|
refresh_token_max_age = self.JWT_SETTINGS.get('REFRESH_TOKEN_LIFETIME_SECONDS')
|
||||||
|
else:
|
||||||
|
access_token_max_age = settings.COOKIES_MAX_AGE
|
||||||
|
refresh_token_max_age = settings.COOKIES_MAX_AGE
|
||||||
|
|
||||||
# Write to cookie access and refresh token with secure flag
|
# Write to cookie access and refresh token with secure flag
|
||||||
if access_token and refresh_token:
|
if access_token and refresh_token:
|
||||||
_access_token = self.COOKIE(key='access_token',
|
_access_token = self.COOKIE(key='access_token',
|
||||||
value=access_token,
|
value=access_token,
|
||||||
http_only=self.ACCESS_TOKEN_HTTP_ONLY,
|
http_only=self.ACCESS_TOKEN_HTTP_ONLY,
|
||||||
secure=self.ACCESS_TOKEN_SECURE,
|
secure=self.ACCESS_TOKEN_SECURE,
|
||||||
max_age=None if permanent else settings.COOKIES_MAX_AGE)
|
max_age=access_token_max_age)
|
||||||
_refresh_token = self.COOKIE(key='refresh_token',
|
_refresh_token = self.COOKIE(key='refresh_token',
|
||||||
value=refresh_token,
|
value=refresh_token,
|
||||||
http_only=self.REFRESH_TOKEN_HTTP_ONLY,
|
http_only=self.REFRESH_TOKEN_HTTP_ONLY,
|
||||||
secure=self.REFRESH_TOKEN_SECURE,
|
secure=self.REFRESH_TOKEN_SECURE,
|
||||||
max_age=None if permanent else settings.COOKIES_MAX_AGE)
|
max_age=refresh_token_max_age)
|
||||||
COOKIES.extend((_access_token, _refresh_token))
|
COOKIES.extend((_access_token, _refresh_token))
|
||||||
return COOKIES
|
return COOKIES
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -333,8 +333,10 @@ GEOIP_PATH = os.path.join(PROJECT_ROOT, 'geoip_db')
|
||||||
|
|
||||||
# JWT
|
# JWT
|
||||||
SIMPLE_JWT = {
|
SIMPLE_JWT = {
|
||||||
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5),
|
'ACCESS_TOKEN_LIFETIME': timedelta(hours=6),
|
||||||
'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
|
'ACCESS_TOKEN_LIFETIME_SECONDS': 21600, # 6 hours in seconds
|
||||||
|
'REFRESH_TOKEN_LIFETIME': timedelta(days=30),
|
||||||
|
'REFRESH_TOKEN_LIFETIME_SECONDS': 2592000, # 30 days in seconds
|
||||||
'ROTATE_REFRESH_TOKENS': True,
|
'ROTATE_REFRESH_TOKENS': True,
|
||||||
'BLACKLIST_AFTER_ROTATION': True,
|
'BLACKLIST_AFTER_ROTATION': True,
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user