register logic

2025-05-18 13:37:27 +03:00
parent be46e09aeb
commit 695c29ab62
19 changed files with 498 additions and 36 deletions
--- a/backend/api/utils/cookiesSet.py
+++ b/backend/api/utils/cookiesSet.py
@@ -0,0 +1,65 @@
+from rest_framework.viewsets import ViewSet
+from rest_framework.decorators import action
+from rest_framework.response import Response
+from rest_framework import status
+from datetime import datetime
+from django.conf import settings
+from rest_framework_simplejwt.tokens import RefreshToken
+
+class AuthBaseViewSet(ViewSet):
+    """Базовый класс для аутентификации с общими методами"""
+    
+    def _set_auth_cookies(self, response, refresh):
+        """Устанавливает куки для токенов аутентификации"""
+        response.set_cookie(
+            'access_token',
+            str(refresh.access_token),
+            httponly=True,
+            secure=True,
+            samesite='Lax',
+            max_age=300
+        )
+        response.set_cookie(
+            'refresh_token',
+            str(refresh),
+            httponly=True,
+            secure=True,
+            samesite='Lax',
+            max_age=86400
+        )
+        return response
+
+    @action(detail=False, methods=['post'], url_path="refresh")
+    def refresh_token(self, request):
+        try:
+            refresh_token = request.data.get('refresh')
+            
+            if not refresh_token:
+                return Response(
+                    {'error': 'Refresh token is required'}, 
+                    status=status.HTTP_400_BAD_REQUEST
+                )
+
+            try:
+                token = RefreshToken(refresh_token)
+                response_data = {
+                    'access': str(token.access_token),
+                    'refresh': str(token),
+                    'expires_at': datetime.timestamp(
+                        datetime.now() + settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME']
+                    )
+                }
+                
+                return Response(response_data)
+                
+            except Exception as e:      
+                return Response(
+                    {'error': f'Invalid refresh token: {str(e)}'}, 
+                    status=status.HTTP_400_BAD_REQUEST
+                )
+
+        except Exception as e:
+            return Response(
+                {'error': f'Token refresh failed: {str(e)}'}, 
+                status=status.HTTP_400_BAD_REQUEST
+            )