Skip to content
Snippets Groups Projects
Normal view History Permalink
authentication.py 728 B
Newer Older
Eliot Berriot's avatar
Fixed #15 again, now check authorization also using query param
Eliot Berriot committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 
from rest_framework import exceptions
from rest_framework_jwt import authentication
from rest_framework_jwt.settings import api_settings


class JSONWebTokenAuthenticationQS(
        authentication.BaseJSONWebTokenAuthentication):

    www_authenticate_realm = 'api'

    def get_jwt_value(self, request):
        token = request.query_params.get('jwt')
        if 'jwt' in request.query_params and not token:
            msg = _('Invalid Authorization header. No credentials provided.')
            raise exceptions.AuthenticationFailed(msg)
        return token

    def authenticate_header(self, request):
        return '{0} realm="{1}"'.format(
            api_settings.JWT_AUTH_HEADER_PREFIX, self.www_authenticate_realm)