U ÔÉ>iàã@s€ddlZddlmZddlmZddlmZddlmZddl m Z ddl m Z Gdd „d eƒZ e ƒZGd d „d eƒZeƒZdS) éN)Ú HttpRequest)ÚAuthBase)Úget_authorization_credential)Ú app_settings)Úauthenticate_by_x_session_token)Úvalidate_access_tokenc@sBeZdZUdZdZeed<edœdd„Zee j edœdd „Z d S) ÚXSessionTokenAuthzt This security class uses the X-Session-Token that django-allauth is using for authentication purposes. ÚapiKeyÚ openapi_type©ÚrequestcCs&| |¡}|r"t|ƒ}|r"|dSdS)Nr)Úget_session_tokenr)Úselfr ÚtokenZ user_session©rúK/tmp/pip-unpacked-wheel-upujnpc2/allauth/headless/contrib/ninja/security.pyÚ__call__s  zXSessionTokenAuth.__call__)r ÚreturncCs |j d¡S)z× Returns the session token for the given request, by looking up the ``X-Session-Token`` header. Override this if you want to extract the token from e.g. the ``Authorization`` header. zX-Session-Token)ÚheadersÚget)rr rrrr sz#XSessionTokenAuth.get_session_tokenN) Ú__name__Ú __module__Ú __qualname__Ú__doc__r ÚstrÚ__annotations__rrÚtypingÚOptionalr rrrrr s  rc@s(eZdZUdZeed<edœdd„ZdS)Ú JWTTokenAuthr r r cCs>t|tjƒ}|dkrdSt|ƒ}|dkr,dS|\}}||_|S)N)rrZJWT_AUTHORIZATION_HEADER_SCHEMErÚuser)rr rZ user_payloadrÚpayloadrrrr-sÿzJWTTokenAuth.__call__N)rrrr rrrrrrrrr)s  r)rZ django.httprZninja.security.baserZallauth.core.internal.httpkitrZallauth.headlessrZ$allauth.headless.internal.sessionkitrZ/allauth.headless.tokens.strategies.jwt.internalrrZx_session_token_authrZjwt_token_authrrrrÚs