41 lines
1.5 KiB
Python
41 lines
1.5 KiB
Python
"""Project custom permissions"""
|
|
from rest_framework.permissions import BasePermission
|
|
from rest_framework_simplejwt.tokens import AccessToken
|
|
|
|
from authorization.models import JWTRefreshToken
|
|
from utils.tokens import GMRefreshToken
|
|
|
|
|
|
class IsAuthenticatedAndTokenIsValid(BasePermission):
|
|
"""
|
|
Check if user has a valid token and authenticated
|
|
"""
|
|
|
|
def has_permission(self, request, view):
|
|
"""Check permissions by access token and default REST permission IsAuthenticated"""
|
|
user = request.user
|
|
access_token = request.COOKIES.get('access_token')
|
|
if user.is_authenticated and access_token:
|
|
access_token = AccessToken(access_token)
|
|
valid_tokens = user.access_tokens.valid()\
|
|
.by_jti(jti=access_token.payload.get('jti'))
|
|
return valid_tokens.exists()
|
|
else:
|
|
return False
|
|
|
|
|
|
class IsRefreshTokenValid(BasePermission):
|
|
"""
|
|
Check if user has a valid refresh token and authenticated
|
|
"""
|
|
def has_permission(self, request, view):
|
|
"""Check permissions by refresh token and default REST permission IsAuthenticated"""
|
|
refresh_token = request.COOKIES.get('refresh_token')
|
|
if refresh_token:
|
|
refresh_token = GMRefreshToken(refresh_token)
|
|
refresh_token_qs = JWTRefreshToken.objects.valid()\
|
|
.by_jti(jti=refresh_token.payload.get('jti'))
|
|
return refresh_token_qs.exists()
|
|
else:
|
|
return False
|