added jwt and CORS support
This commit is contained in:
Sam
@@ -43,6 +43,7 @@ INSTALLED_APPS = [
|
||||
# 3rd party
|
||||
'rest_framework',
|
||||
'django_filters',
|
||||
'corsheaders',
|
||||
|
||||
# local apps
|
||||
'core',
|
||||
@@ -57,6 +58,7 @@ INSTALLED_APPS = [
|
||||
MIDDLEWARE = [
|
||||
'django.middleware.security.SecurityMiddleware',
|
||||
'django.contrib.sessions.middleware.SessionMiddleware',
|
||||
'corsheaders.middleware.CorsMiddleware',
|
||||
'django.middleware.common.CommonMiddleware',
|
||||
'django.middleware.csrf.CsrfViewMiddleware',
|
||||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||
@@ -85,7 +87,7 @@ TEMPLATES = [
|
||||
WSGI_APPLICATION = 'back_latienda.wsgi.application'
|
||||
|
||||
|
||||
|
||||
CORS_ALLOW_ALL_ORIGINS = True
|
||||
|
||||
|
||||
# Password validation
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
from back_latienda.settings.base import *
|
||||
from datetime import timedelta
|
||||
|
||||
# SECURITY WARNING: don't run with debug turned on in production!
|
||||
DEBUG = True
|
||||
@@ -22,3 +23,32 @@ DATABASES = {
|
||||
|
||||
MEDIA_ROOT = BASE_DIR + '/media/'
|
||||
MEDIA_URL = '/media/'
|
||||
|
||||
# JWT SETTINGS
|
||||
SIMPLE_JWT = {
|
||||
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=60),
|
||||
'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
|
||||
'ROTATE_REFRESH_TOKENS': False,
|
||||
'BLACKLIST_AFTER_ROTATION': True,
|
||||
'UPDATE_LAST_LOGIN': False,
|
||||
|
||||
'ALGORITHM': 'HS256',
|
||||
'SIGNING_KEY': SECRET_KEY,
|
||||
'VERIFYING_KEY': None,
|
||||
'AUDIENCE': None,
|
||||
'ISSUER': None,
|
||||
|
||||
'AUTH_HEADER_TYPES': ('Bearer',),
|
||||
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
|
||||
'USER_ID_FIELD': 'id',
|
||||
'USER_ID_CLAIM': 'user_id',
|
||||
|
||||
'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
|
||||
'TOKEN_TYPE_CLAIM': 'token_type',
|
||||
|
||||
'JTI_CLAIM': 'jti',
|
||||
|
||||
'SLIDING_TOKEN_REFRESH_EXP_CLAIM': 'refresh_exp',
|
||||
'SLIDING_TOKEN_LIFETIME': timedelta(minutes=5),
|
||||
'SLIDING_TOKEN_REFRESH_LIFETIME': timedelta(days=1),
|
||||
}
|
||||
|
||||
@@ -18,10 +18,15 @@ from django.urls import path, include
|
||||
from django.conf.urls.static import static
|
||||
from django.conf import settings
|
||||
|
||||
from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView, TokenVerifyView
|
||||
|
||||
from .routers import router
|
||||
|
||||
|
||||
urlpatterns = [
|
||||
path('admin/', admin.site.urls),
|
||||
path('api/v1/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
|
||||
path('api/v1/token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
|
||||
path('api/v1/token/verify/', TokenVerifyView.as_view(), name='token_verify'),
|
||||
path('api/v1/', include(router.urls)),
|
||||
] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
|
||||
|
||||
Reference in New Issue
Block a user