o ǯh@sUddlmZmZddlmZddlmZddlmZ ddl m Z m Z ddl mZddlmZmZmZdd lmZdd lmZdd lmZdd lmZejZeejeefsYefZd deDZe e!e"d<edeeZ#Gddde j$Z%Gddde%Z&e&Z'de#de(fddZ)dS))OptionalTypeVar)get_user_model)AbstractBaseUser) gettext_lazy)HTTP_HEADER_ENCODINGauthentication)Request)AuthenticationFailed InvalidToken TokenError) TokenUser) api_settings)Token)get_md5_hash_passwordcCsh|]}|tqS)encoder).0hrrd/var/www/Befach/backend/venv/lib/python3.10/site-packages/rest_framework_simplejwt/authentication.py s rAUTH_HEADER_TYPE_BYTESAuthUsercseZdZdZdZdZdfdd Zdedee e e ffd d Z dede fd d Zdedefd dZdedeefddZdede fddZde de fddZZS)JWTAuthenticationzy An authentication plugin that authenticates requests through a JSON web token provided in a request header. apizapplication/jsonreturnNcstj|i|t|_dSN)super__init__r user_model)selfargskwargs __class__rrr$s zJWTAuthentication.__init__requestcCsD||}|dur dS||}|durdS||}|||fSr) get_header get_raw_tokenget_validated_tokenget_user)r!r&header raw_tokenvalidated_tokenrrr authenticate(s   zJWTAuthentication.authenticatecCsdtd|jS)Nz {} realm="{}"r)formatAUTH_HEADER_TYPESwww_authenticate_realm)r!r&rrrauthenticate_header5sz%JWTAuthentication.authenticate_headercCs&|jtj}t|tr|t}|S)zc Extracts the header containing the JSON web token from the given request. )METAgetrAUTH_HEADER_NAME isinstancestrrr)r!r&r+rrrr';s  zJWTAuthentication.get_headerr+cCsL|}t|dkr dS|dtvrdSt|dkr"ttddd|dS)zm Extracts an unvalidated JSON web token from the given "Authorization" header value. rNz)r!r,rD AuthTokenerrrr)_s$  z%JWTAuthentication.get_validated_tokenr-cCsz|tj}Wn tyttdwz|jjjd itj|i}Wn|jj y5t tdddwtj rD|j sDt tdddtj rZ|tjt|jkrZt tddd|S) zU Attempts to find and return a user using the given validated token. 3Token contained no recognizable user identificationzUser not founduser_not_foundr:zUser is inactive user_inactivez%The user's password has been changed.password_changedNr)r USER_ID_CLAIMKeyErrorr r>r objectsr4 USER_ID_FIELD DoesNotExistr CHECK_USER_IS_ACTIVE is_activeCHECK_REVOKE_TOKENREVOKE_TOKEN_CLAIMrpassword)r!r-user_iduserrrrr*xs,   zJWTAuthentication.get_user)rN)rG __module__ __qualname____doc__r1 media_typerr rtuplerrr.r7r2bytesr'r(r)r* __classcell__rrr$rrs  rc@s"eZdZdZdedefddZdS)JWTStatelessUserAuthenticationz An authentication plugin that authenticates requests through a JSON web token provided in a request header without performing a database lookup to obtain a user instance. r-rcCs tj|vr ttdt|S)zg Returns a stateless user object which is backed by the given validated token. rJ)rrNr r>TOKEN_USER_CLASS)r!r-rrrr*s   z'JWTStatelessUserAuthentication.get_userN)rGrZr[r\rrr*rrrrrasrarYrcCs|duo tj p |jSr)rrSrT)rYrrr default_user_authentication_rules rcN)*typingrrdjango.contrib.authrdjango.contrib.auth.modelsrdjango.utils.translationrr>rest_frameworkrrrest_framework.requestr exceptionsr r r modelsrsettingsrtokensrutilsrr0r6listr^rsetr___annotations__rBaseAuthenticationrraJWTTokenUserAuthenticationboolrcrrrrs,         y