|
2 | 2 | from __future__ import absolute_import, unicode_literals |
3 | 3 |
|
4 | 4 | import jwt |
5 | | -from django.contrib.auth import get_user_model |
6 | 5 | from django.utils.encoding import smart_text |
7 | 6 | from django.utils.translation import ugettext as _ |
8 | 7 | from rest_framework import exceptions |
|
13 | 12 | from rest_framework_sso.settings import api_settings |
14 | 13 |
|
15 | 14 | decode_jwt_token = api_settings.DECODE_JWT_TOKEN |
| 15 | +authenticate_payload = api_settings.AUTHENTICATE_PAYLOAD |
16 | 16 |
|
17 | 17 |
|
18 | 18 | class JWTAuthentication(BaseAuthentication): |
@@ -59,28 +59,7 @@ def authenticate(self, request): |
59 | 59 | return self.authenticate_credentials(payload=payload) |
60 | 60 |
|
61 | 61 | def authenticate_credentials(self, payload): |
62 | | - from rest_framework_sso.models import SessionToken |
63 | | - |
64 | | - user_model = get_user_model() |
65 | | - |
66 | | - if api_settings.VERIFY_SESSION_TOKEN: |
67 | | - try: |
68 | | - session_token = SessionToken.objects.\ |
69 | | - active().\ |
70 | | - select_related('user').\ |
71 | | - get(pk=payload.get('sid'), user_id=payload.get('uid')) |
72 | | - user = session_token.user |
73 | | - except SessionToken.DoesNotExist: |
74 | | - raise exceptions.AuthenticationFailed(_('Invalid token.')) |
75 | | - else: |
76 | | - try: |
77 | | - user = user_model.objects.get(pk=payload.get('uid')) |
78 | | - except user_model.DoesNotExist: |
79 | | - raise exceptions.AuthenticationFailed(_('Invalid token.')) |
80 | | - |
81 | | - if not user.is_active: |
82 | | - raise exceptions.AuthenticationFailed(_('User inactive or deleted.')) |
83 | | - |
| 62 | + user = authenticate_payload(payload=payload) |
84 | 63 | return user, payload |
85 | 64 |
|
86 | 65 | def authenticate_header(self, request): |
|
0 commit comments