B b\ @sddlmZddlmZddlmZddlmZm Z ddl m Z ddl m Z ddlmZddlmZdd lmZejZGd d d eZGd d d e ZGddde ZdS))unicode_literals) gettext_lazy)settings)TokenAuthenticationSessionAuthentication)JSONWebTokenAuthentication) exceptions) api_settings) StaffToken)Employeec@seZdZdZdZeZdS)StaffTokenAuthenticationa Simple token based authentication. Clients should authenticate by passing the token key in the "Authorization" HTTP header, prepended with the string "Token ". For example: Authorization: Token 401f7ac837da42b97f613d789819ff93537bee6a TokenN)__name__ __module__ __qualname____doc__keywordr Zmodelrr>G:\easytimepro\master/mysite/staff\api\staff_authentication.pyr sr c@seZdZddZdS)StaffJSONWebTokenAuthenticationcCstt|}|std}t|ytjj|d}Wn&tk rVtd}t|YnX|jsptd}t||S)zV Returns an active user that matches the payload's user id and email. zInvalid payload.)Zemp_codezInvalid signature.zUser account is disabled.) jwt_get_username_from_payload_rZAuthenticationFailedr Zobjectsget Exception is_active)selfZpayloadZusernamemsguserrrrauthenticate_credentials!s  z8StaffJSONWebTokenAuthentication.authenticate_credentialsN)rrrrrrrrrsrc@seZdZddZdS)StaffSessionAuthenticationcCsht|jdd}|r|jsdS|jdkrVy|jdd|jtj<Wnt k rTYnX| ||dfS)z{ Returns a `User` if the request session currently has a logged in user. Otherwise returns `None`. rN)ZPUTZPATCHZDELETEZcsrfmiddlewaretoken) getattrZ_requestrmethodZPOSTrZMETArZCSRF_HEADER_NAMErZ enforce_csrf)rZrequestrrrr authenticate:s   z'StaffSessionAuthentication.authenticateN)rrrr#rrrrr8srN)Z __future__rZdjango.utils.translationrrZ django.confrZrest_framework.authenticationrrZ!rest_framework_jwt.authenticationrZrest_frameworkrZrest_framework_jwt.settingsr Zmysite.staff.models.staff_tokenr Z&mysite.personnel.models.model_employeer Z JWT_PAYLOAD_GET_USERNAME_HANDLERrr rrrrrrs