Part 7

Author: egitimplus

medium/settings.py

@@ -131,7 +131,12 @@
 MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
 
 REST_FRAMEWORK = {
-    'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend']
+    'DEFAULT_FILTER_BACKENDS': [
+        'django_filters.rest_framework.DjangoFilterBackend'
+    ],
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework_simplejwt.authentication.JWTAuthentication',
+    ],
 }
 
 VERSATILEIMAGEFIELD_RENDITION_KEY_SETS = {
@@ -153,3 +158,10 @@
 ]
 
 CORS_ALLOW_CREDENTIALS = True
+
+from datetime import timedelta
+
+SIMPLE_JWT = {
+    'REFRESH_TOKEN_LIFETIME': timedelta(days=15),
+    'ROTATE_REFRESH_TOKENS': True,
+}

medium/urls.py

@@ -1,17 +1,21 @@
 from django.contrib import admin
-from django.conf.urls import url, include
-from reviews.views import ProductViewSet, ImageViewSet
+from django.urls import path, include
+from reviews.views import ProductViewSet, ImageViewSet, MyObtainTokenPairView
 from rest_framework.routers import DefaultRouter
 from django.conf import settings
 from django.conf.urls.static import static
+from rest_framework_simplejwt.views import TokenRefreshView
+
 
 router = DefaultRouter()
 router.register(r'product', ProductViewSet, basename='Product')
 router.register(r'image', ImageViewSet, basename='Image')
 
 urlpatterns = [
-    url(r'^admin/', admin.site.urls),
-    url(r'^', include(router.urls)),
+    path('admin/', admin.site.urls),
+    path('token/', MyObtainTokenPairView.as_view(), name='token_obtain_pair'),
+    path('token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
+    path('', include(router.urls)),
 ]
 
 if settings.DEBUG:

reviews/serializers.py

@@ -2,6 +2,7 @@
 from .models import Product, Category, Company, ProductSize, ProductSite, Comment, Image
 from django.contrib.auth.models import User
 from versatileimagefield.serializers import VersatileImageFieldSerializer
+from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
 
 
 class CompanySerializer(FlexFieldsModelSerializer):
@@ -72,3 +73,16 @@ class ImageSerializer(FlexFieldsModelSerializer):
     class Meta:
         model = Image
         fields = ['pk', 'name', 'image']
+
+
+
+class MyTokenObtainPairSerializer(TokenObtainPairSerializer):
+
+    @classmethod
+    def get_token(cls, user):
+        token = super(MyTokenObtainPairSerializer, cls).get_token(user)
+
+        # Add custom claims
+        token['username'] = user.username
+        return token
+

reviews/views.py

@@ -1,8 +1,10 @@
-from .serializers import ProductSerializer, ImageSerializer
+from .serializers import ProductSerializer, ImageSerializer, MyTokenObtainPairSerializer
 from .models import Product, Image
 from rest_framework.viewsets import ReadOnlyModelViewSet
 from rest_flex_fields.views import FlexFieldsMixin, FlexFieldsModelViewSet
 from rest_flex_fields import is_expanded
+from rest_framework.permissions import IsAuthenticated, AllowAny
+from rest_framework_simplejwt.views import TokenObtainPairView
 
 
 class ProductViewSet(FlexFieldsMixin, ReadOnlyModelViewSet):
@@ -36,3 +38,9 @@ class ImageViewSet(FlexFieldsModelViewSet):
 
     serializer_class = ImageSerializer
     queryset = Image.objects.all()
+    permission_classes = [IsAuthenticated]
+
+
+class MyObtainTokenPairView(TokenObtainPairView):
+    permission_classes = (AllowAny,)
+    serializer_class = MyTokenObtainPairSerializer