U ÔÉ>i‰ã@sxddlZddlmZddlmZddlmZddlmZddl m Z ddl m Z Gdd „d ej ƒZGd d „d ejƒZdS) éN)Ú HttpRequest)Úauthentication)ÚAuthenticationFailed)Ú app_settings)Úauthenticate_by_x_session_token)Úvalidate_access_tokenc@s4eZdZdZedœdd„Zeejedœdd„Z dS) ÚXSessionTokenAuthenticationzz This authentication class uses the X-Session-Token that django-allauth is using for authentication purposes. )ÚrequestcCs| |¡}|rt|ƒSdS)N)Úget_session_tokenr)Úselfr Útoken©r úZ/tmp/pip-unpacked-wheel-upujnpc2/allauth/headless/contrib/rest_framework/authentication.pyÚ authenticates z(XSessionTokenAuthentication.authenticate)r ÚreturncCs |j d¡S)z× Returns the session token for the given request, by looking up the ``X-Session-Token`` header. Override this if you want to extract the token from e.g. the ``Authorization`` header. zX-Session-Token)ÚheadersÚget)r r r r rr sz-XSessionTokenAuthentication.get_session_tokenN) Ú__name__Ú __module__Ú __qualname__Ú__doc__rrÚtypingÚOptionalÚstrr r r r rr src@s,eZdZeedœdd„ƒZedœdd„ZdS)ÚJWTTokenAuthentication)rcCstjS)zM See: ``settings.HEADLESS_JWT_AUTHORIZATION_HEADER_SCHEME``. )rZJWT_AUTHORIZATION_HEADER_SCHEME)r r r rÚkeyword$szJWTTokenAuthentication.keyword)ÚkeycCst|ƒ}|dkrtdƒ‚|S)z3 Validates the given access token. NzInvalid token.)rr)r rZ user_payloadr r rÚauthenticate_credentials+sz/JWTTokenAuthentication.authenticate_credentialsN)rrrÚpropertyrrrr r r rr"sr)rZ django.httprZrest_frameworkrZrest_framework.exceptionsrZallauth.headlessrZ$allauth.headless.internal.sessionkitrZ/allauth.headless.tokens.strategies.jwt.internalrZBaseAuthenticationrZTokenAuthenticationrr r r rÚs