22 lines
844 B
Python
22 lines
844 B
Python
"""Project custom permissions"""
|
|
from rest_framework.permissions import BasePermission
|
|
from authorization.models import BlacklistedAccessToken
|
|
from utils.methods import get_token_from_request
|
|
|
|
|
|
class IsAuthenticatedAndTokenIsValid(BasePermission):
|
|
"""
|
|
Check if user has a valid token and authenticated
|
|
"""
|
|
|
|
def has_permission(self, request, view):
|
|
"""Check permissions by access token and default rest permission IsAuthenticated"""
|
|
user = request.user
|
|
token = get_token_from_request(request)
|
|
blacklisted = BlacklistedAccessToken.objects.by_user(user)\
|
|
.by_token(token)\
|
|
.exists()
|
|
return bool(user and
|
|
user.is_authenticated and
|
|
not blacklisted)
|