66 lines
2.2 KiB
Python
66 lines
2.2 KiB
Python
from rest_framework.viewsets import ViewSet
|
||
from rest_framework.decorators import action
|
||
from rest_framework.response import Response
|
||
from rest_framework import status
|
||
from datetime import datetime
|
||
from django.conf import settings
|
||
from rest_framework_simplejwt.tokens import RefreshToken
|
||
|
||
class AuthBaseViewSet(ViewSet):
|
||
"""Базовый класс для аутентификации с общими методами"""
|
||
|
||
def _set_auth_cookies(self, response, refresh):
|
||
"""Устанавливает куки для токенов аутентификации"""
|
||
response.set_cookie(
|
||
'access_token',
|
||
str(refresh.access_token),
|
||
httponly=True,
|
||
secure=True,
|
||
samesite='Lax',
|
||
max_age=300
|
||
)
|
||
response.set_cookie(
|
||
'refresh_token',
|
||
str(refresh),
|
||
httponly=True,
|
||
secure=True,
|
||
samesite='Lax',
|
||
max_age=86400
|
||
)
|
||
return response
|
||
|
||
@action(detail=False, methods=['post'], url_path="refresh")
|
||
def refresh_token(self, request):
|
||
try:
|
||
refresh_token = request.data.get('refresh')
|
||
|
||
if not refresh_token:
|
||
return Response(
|
||
{'error': 'Refresh token is required'},
|
||
status=status.HTTP_400_BAD_REQUEST
|
||
)
|
||
|
||
try:
|
||
token = RefreshToken(refresh_token)
|
||
response_data = {
|
||
'access': str(token.access_token),
|
||
'refresh': str(token),
|
||
'expires_at': datetime.timestamp(
|
||
datetime.now() + settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME']
|
||
)
|
||
}
|
||
|
||
return Response(response_data)
|
||
|
||
except Exception as e:
|
||
return Response(
|
||
{'error': f'Invalid refresh token: {str(e)}'},
|
||
status=status.HTTP_400_BAD_REQUEST
|
||
)
|
||
|
||
except Exception as e:
|
||
return Response(
|
||
{'error': f'Token refresh failed: {str(e)}'},
|
||
status=status.HTTP_400_BAD_REQUEST
|
||
)
|