Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add settings to allow customization of web auth JWT cookie #6

Merged
merged 1 commit into from
Jan 6, 2024
Merged

Add settings to allow customization of web auth JWT cookie #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions ninja_simple_jwt/auth/views/api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
from datetime import UTC, datetime

from django.conf import settings
from django.contrib.auth import authenticate
from django.http import HttpRequest, HttpResponse
from jwt.exceptions import PyJWTError
Expand All @@ -21,10 +20,11 @@
)
from ninja_simple_jwt.settings import ninja_simple_jwt_settings

auth_router = Router()
mobile_auth_router = Router()
web_auth_router = Router()


@auth_router.post("/mobile/sign-in", response=MobileSignInResponse)
@mobile_auth_router.post("/sign-in", response=MobileSignInResponse)
def mobile_sign_in(request: HttpRequest, payload: SignInRequest) -> dict:
payload_data = payload.dict()
user = authenticate(username=payload_data["username"], password=payload_data["password"])
Expand All @@ -35,7 +35,7 @@ def mobile_sign_in(request: HttpRequest, payload: SignInRequest) -> dict:
return {"refresh": refresh_token, "access": access_token}


@auth_router.post("/mobile/token-refresh", response=MobileTokenRefreshResponse)
@mobile_auth_router.post("/token-refresh", response=MobileTokenRefreshResponse)
def mobile_token_refresh(request: HttpRequest, payload: MobileTokenRefreshRequest) -> dict:
payload_data = payload.dict()
try:
Expand All @@ -46,7 +46,7 @@ def mobile_token_refresh(request: HttpRequest, payload: MobileTokenRefreshReques
return {"access": access_token}


@auth_router.post("/web/sign-in", response=WebSignInResponse)
@web_auth_router.post("/sign-in", response=WebSignInResponse)
def web_sign_in(request: HttpRequest, payload: SignInRequest, response: HttpResponse) -> dict:
payload_data = payload.dict()
user = authenticate(username=payload_data["username"], password=payload_data["password"])
Expand All @@ -58,15 +58,15 @@ def web_sign_in(request: HttpRequest, payload: SignInRequest, response: HttpResp
key=ninja_simple_jwt_settings.JWT_REFRESH_COOKIE_NAME,
value=refresh_token,
expires=datetime.fromtimestamp(refresh_token_payload["exp"], UTC),
httponly=True,
samesite="Strict",
secure=not settings.DEBUG,
path="/api/auth/web/token-refresh",
httponly=ninja_simple_jwt_settings.WEB_REFRESH_COOKIE_HTTP_ONLY,
samesite=ninja_simple_jwt_settings.WEB_REFRESH_COOKIE_SAME_SITE_POLICY,
secure=ninja_simple_jwt_settings.WEB_REFRESH_COOKIE_SECURE,
path=ninja_simple_jwt_settings.WEB_REFRESH_COOKIE_PATH,
)
return {"access": access_token}


@auth_router.post("/web/token-refresh", response=WebSignInResponse)
@web_auth_router.post("/token-refresh", response=WebSignInResponse)
def web_token_refresh(request: HttpRequest) -> dict:
cookie = request.COOKIES.get(ninja_simple_jwt_settings.JWT_REFRESH_COOKIE_NAME)
if cookie is None:
Expand Down
8 changes: 8 additions & 0 deletions ninja_simple_jwt/settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,10 @@ class NinjaSimpleJwtSettingsDict(TypedDict):
JWT_REFRESH_COOKIE_NAME: NotRequired[str]
JWT_REFRESH_TOKEN_LIFETIME: NotRequired[timedelta]
JWT_ACCESS_TOKEN_LIFETIME: NotRequired[timedelta]
WEB_REFRESH_COOKIE_SECURE: NotRequired[bool]
WEB_REFRESH_COOKIE_HTTP_ONLY: NotRequired[bool]
WEB_REFRESH_COOKIE_SAME_SITE_POLICY: NotRequired[str]
WEB_REFRESH_COOKIE_PATH: NotRequired[str]


DEFAULTS: NinjaSimpleJwtSettingsDict = {
Expand All @@ -24,6 +28,10 @@ class NinjaSimpleJwtSettingsDict(TypedDict):
"JWT_REFRESH_COOKIE_NAME": "refresh",
"JWT_REFRESH_TOKEN_LIFETIME": timedelta(days=30),
"JWT_ACCESS_TOKEN_LIFETIME": timedelta(minutes=15),
"WEB_REFRESH_COOKIE_SECURE": not settings.DEBUG,
"WEB_REFRESH_COOKIE_HTTP_ONLY": True,
"WEB_REFRESH_COOKIE_SAME_SITE_POLICY": "Strict",
"WEB_REFRESH_COOKIE_PATH": "/api/auth/web/token-refresh",
}

EMPTY_SETTINGS: NinjaSimpleJwtSettingsDict = {}
Expand Down
5 changes: 3 additions & 2 deletions readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,12 @@ Expose `Django-ninja`'s API and add `ninja_simple_jwt`;s auth API endpoint route
# urls.py

from ninja import NinjaAPI
from ninja_simple_jwt.auth.views.api import auth_router
from ninja_simple_jwt.auth.views.api import mobile_auth_router, web_auth_router
from django.urls import path

api = NinjaAPI()
api.add_router("/auth/", auth_router)
api.add_router("/auth/mobile/", mobile_auth_router)
api.add_router("/auth/web/", web_auth_router)

urlpatterns = [path("api/", api.urls)]
```
Expand Down
2 changes: 1 addition & 1 deletion setup.cfg
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[metadata]
name = django-ninja-simple-jwt
version = 0.2.1
version = 0.3.0
description = Simple JWT-based authentication using Django and Django-ninja
long_description = file: README.md
url = https://github.com/oscarychen/django-ninja-simple-jwt
Expand Down