22 lines
699 B
Python
22 lines
699 B
Python
"""Project custom permissions"""
|
|
from rest_framework.permissions import BasePermission
|
|
|
|
|
|
class IsAuthenticatedAndHasRefreshToken(BasePermission):
|
|
"""
|
|
Check if requested user is authenticated and has refresh token
|
|
"""
|
|
|
|
def has_permission(self, request, view):
|
|
token = request.data.get('refresh_token')
|
|
user = request.user
|
|
if token and hasattr(user, 'oauth2_provider_refreshtoken'):
|
|
refresh_token_qs = user.oauth2_provider_refreshtoken
|
|
return (
|
|
user.is_authenticated and
|
|
user.is_active and
|
|
refresh_token_qs.filter(token=token).exists()
|
|
)
|
|
else:
|
|
return False
|