Skip to content

Commit 947a973

Browse files
egitimplusegitimplus
committed
Part 10
1 parent e49996c commit 947a973

5 files changed

Lines changed: 41 additions & 25 deletions

File tree

auth/serializers.py

Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,9 @@
1-
from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
21
from rest_framework import serializers
32
from django.contrib.auth.models import User
43
from rest_framework.validators import UniqueValidator
54
from django.contrib.auth.password_validation import validate_password
65

76

8-
class MyTokenObtainPairSerializer(TokenObtainPairSerializer):
9-
10-
@classmethod
11-
def get_token(cls, user):
12-
token = super(MyTokenObtainPairSerializer, cls).get_token(user)
13-
14-
# Add custom claims
15-
token['username'] = user.username
16-
return token
17-
18-
197
class RegisterSerializer(serializers.ModelSerializer):
208
email = serializers.EmailField(
219
required=True,

auth/urls.py

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,15 @@
11
from django.urls import path
2-
from auth.views import MyObtainTokenPairView, RegisterView, ChangePasswordView, UpdateProfileView
3-
from rest_framework_simplejwt.views import TokenRefreshView
2+
from auth.views import RegisterView, ChangePasswordView, UpdateProfileView, LogoutView, LogoutAllView
3+
from rest_framework_simplejwt.views import TokenRefreshView, TokenObtainPairView
44

55

66
urlpatterns = [
7-
path('login/', MyObtainTokenPairView.as_view(), name='token_obtain_pair'),
7+
path('login/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
88
path('login/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
99
path('register/', RegisterView.as_view(), name='auth_register'),
1010
path('change_password/<int:pk>/', ChangePasswordView.as_view(), name='auth_change_password'),
1111
path('update_profile/<int:pk>/', UpdateProfileView.as_view(), name='auth_update_profile'),
12+
path('logout/', LogoutView.as_view(), name='auth_logout'),
13+
path('logout_all/', LogoutAllView.as_view(), name='auth_logout_all'),
1214
]
1315

auth/views.py

Lines changed: 31 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,12 @@
1-
from .serializers import MyTokenObtainPairSerializer, RegisterSerializer, ChangePasswordSerializer, UpdateUserSerializer
1+
from .serializers import RegisterSerializer, ChangePasswordSerializer, UpdateUserSerializer
22
from rest_framework.permissions import AllowAny, IsAuthenticated
3-
from rest_framework_simplejwt.views import TokenObtainPairView
43
from rest_framework import generics
54
from django.contrib.auth.models import User
6-
7-
8-
class MyObtainTokenPairView(TokenObtainPairView):
9-
permission_classes = (AllowAny,)
10-
serializer_class = MyTokenObtainPairSerializer
5+
from rest_framework.views import APIView
6+
from rest_framework_simplejwt.tokens import RefreshToken
7+
from rest_framework.response import Response
8+
from rest_framework import status
9+
from rest_framework_simplejwt.token_blacklist.models import BlacklistedToken, OutstandingToken
1110

1211

1312
class RegisterView(generics.CreateAPIView):
@@ -28,3 +27,28 @@ class UpdateProfileView(generics.UpdateAPIView):
2827
queryset = User.objects.all()
2928
permission_classes = (IsAuthenticated,)
3029
serializer_class = UpdateUserSerializer
30+
31+
32+
class LogoutView(APIView):
33+
permission_classes = (IsAuthenticated,)
34+
35+
def post(self, request):
36+
try:
37+
refresh_token = request.data["refresh_token"]
38+
token = RefreshToken(refresh_token)
39+
token.blacklist()
40+
41+
return Response(status=status.HTTP_205_RESET_CONTENT)
42+
except Exception as e:
43+
return Response(status=status.HTTP_400_BAD_REQUEST)
44+
45+
46+
class LogoutAllView(APIView):
47+
permission_classes = (IsAuthenticated,)
48+
49+
def post(self, request):
50+
tokens = OutstandingToken.objects.filter(user_id=request.user.id)
51+
for token in tokens:
52+
t, _ = BlacklistedToken.objects.get_or_create(token=token)
53+
54+
return Response(status=status.HTTP_205_RESET_CONTENT)

db.sqlite3

36 KB
Binary file not shown.

medium/settings.py

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
11
import os
2+
from datetime import timedelta
3+
24
"""
35
Django settings for medium project.
46
@@ -40,6 +42,7 @@
4042
'django.contrib.staticfiles',
4143
'corsheaders',
4244
'rest_framework',
45+
'rest_framework_simplejwt.token_blacklist',
4346
'django_filters',
4447
'versatileimagefield',
4548
'reviews',
@@ -159,10 +162,9 @@
159162

160163
CORS_ALLOW_CREDENTIALS = True
161164

162-
from datetime import timedelta
163-
164165
SIMPLE_JWT = {
165166
'REFRESH_TOKEN_LIFETIME': timedelta(days=15),
166-
'ROTATE_REFRESH_TOKENS': True,
167+
'ROTATE_REFRESH_TOKENS': False,
168+
'BLACKLIST_AFTER_ROTATION': False
167169
}
168170

0 commit comments

Comments
 (0)