Switch from database-persisted auth codes to stateless JSON Web Tokens :)
parent
41d490ea80
commit
1c09be1b1c
@ -0,0 +1,18 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.11.7 on 2017-11-02 05:35
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('lemonauth', '0001_initial'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.DeleteModel(
|
||||
name='IndieAuthCode',
|
||||
),
|
||||
]
|
@ -1,29 +0,0 @@
|
||||
from django.db import models
|
||||
from secrets import token_hex
|
||||
|
||||
|
||||
class IndieAuthCodeManager(models.Manager):
|
||||
def create_from_qdict(self, d):
|
||||
code = self.create(
|
||||
me=d['me'],
|
||||
client_id=d['client_id'],
|
||||
redirect_uri=d['redirect_uri'],
|
||||
response_type=d.get('response_type', 'id'),
|
||||
scope=" ".join(d.getlist('scope')),
|
||||
)
|
||||
code.code = token_hex(32)
|
||||
return code
|
||||
|
||||
|
||||
class IndieAuthCode(models.Model):
|
||||
objects = IndieAuthCodeManager()
|
||||
code = models.CharField(max_length=64, unique=True)
|
||||
me = models.CharField(max_length=255)
|
||||
client_id = models.CharField(max_length=255)
|
||||
redirect_uri = models.CharField(max_length=255)
|
||||
response_type = models.CharField(
|
||||
max_length=4,
|
||||
choices=(('id', 'id'), ('code', 'code')),
|
||||
default='id',
|
||||
)
|
||||
scope = models.CharField(max_length=200, blank=True)
|
@ -0,0 +1,27 @@
|
||||
import jwt
|
||||
|
||||
from datetime import datetime, timedelta
|
||||
from django.conf import settings
|
||||
|
||||
|
||||
def gen_auth_code(post):
|
||||
params = {'me': post['me']}
|
||||
if 'state' in post:
|
||||
params['state'] = post['state']
|
||||
|
||||
code = {
|
||||
'me': post['me'],
|
||||
'client_id': post['client_id'],
|
||||
'redirect_uri': post['redirect_uri'],
|
||||
'response_type': post.get('response_type', 'id'),
|
||||
'exp': datetime.utcnow() + timedelta(minutes=10),
|
||||
}
|
||||
if 'scope' in post:
|
||||
code['scope'] = ' '.join(post.getlist('scope'))
|
||||
|
||||
params['code'] = jwt.encode(code, settings.SECRET_KEY)
|
||||
return params
|
||||
|
||||
|
||||
def verify_auth_code(c):
|
||||
return jwt.decode(c, settings.SECRET_KEY)
|
Loading…
Reference in New Issue