rest_framework_simplejwt_mongoengine package

Submodules

rest_framework_simplejwt_mongoengine.authentication module

class rest_framework_simplejwt_mongoengine.authentication.JWTAuthentication(*args, **kwargs)

Bases: BaseAuthentication

An authentication plugin that authenticates requests through a JSON web token provided in a request header.

authenticate(request: Request) → Tuple[AuthUser, Token] | None

Authenticate the request and return a two-tuple of (user, token).

authenticate_header(request: Request) → str

Return a string to be used as the value of the WWW-Authenticate header in a 401 Unauthenticated response, or None if the authentication scheme should return 403 Permission Denied responses.

get_header(request: Request) → bytes

Extracts the header containing the JSON web token from the given request.

get_raw_token(header: bytes) → bytes | None

Extracts an unvalidated JSON web token from the given “Authorization” header value.

get_user(validated_token: Token) → AuthUser

Attempts to find and return a user using the given validated token.

get_validated_token(raw_token: bytes) → Token

Validates an encoded JSON web token and returns a validated token wrapper object.

media_type = 'application/json'

www_authenticate_realm = 'api'

class rest_framework_simplejwt_mongoengine.authentication.JWTStatelessUserAuthentication(*args, **kwargs)

Bases: JWTAuthentication

An authentication plugin that authenticates requests through a JSON web token provided in a request header without performing a database lookup to obtain a user instance.

get_user(validated_token: Token) → AuthUser

Returns a stateless user object which is backed by the given validated token.

rest_framework_simplejwt_mongoengine.authentication.JWTTokenUserAuthentication

alias of JWTStatelessUserAuthentication

rest_framework_simplejwt_mongoengine.authentication.default_user_authentication_rule(user: AuthUser) → bool

rest_framework_simplejwt_mongoengine.models module

class rest_framework_simplejwt_mongoengine.models.TokenUser(token: Token)

Bases: object

A dummy user class modeled after django.contrib.auth.models.AnonymousUser. Used in conjunction with the JWTStatelessUserAuthentication backend to implement single sign-on functionality across services which share the same secret key. JWTStatelessUserAuthentication will return an instance of this class instead of a User model instance. Instances of this class act as stateless user objects which are backed by validated tokens.

check_password(raw_password: str) → None

delete() → None

get_all_permissions(obj: object | None = None) → set

get_group_permissions(obj: object | None = None) → set

get_username() → str

property groups: Group

has_module_perms(module: str) → bool

has_perm(perm: str, obj: object | None = None) → bool

has_perms(perm_list: List[str], obj: object | None = None) → bool

id

is_active = True

property is_anonymous: bool

property is_authenticated: bool

is_staff

is_superuser

pk

save() → None

set_password(raw_password: str) → None

property user_permissions: Permission

username

rest_framework_simplejwt_mongoengine.serializers module

class rest_framework_simplejwt_mongoengine.serializers.PasswordField(*args, **kwargs)

Bases: CharField

class rest_framework_simplejwt_mongoengine.serializers.TokenBlacklistSerializer(*args, **kwargs)

Bases: Serializer

token_class

alias of RefreshToken

validate(attrs: Dict[str, Any]) → Dict[Any, Any]

class rest_framework_simplejwt_mongoengine.serializers.TokenObtainPairSerializer(*args, **kwargs)

Bases: TokenObtainSerializer

token_class

alias of RefreshToken

validate(attrs: Dict[str, Any]) → Dict[str, str]

class rest_framework_simplejwt_mongoengine.serializers.TokenObtainSerializer(*args, **kwargs)

Bases: Serializer

default_error_messages = {'no_active_account': 'No active account found with the given credentials'}

classmethod get_token(user: AuthUser) → Token

token_class: Type[Token] | None = None

username_field = 'username'

validate(attrs: Dict[str, Any]) → Dict[Any, Any]

class rest_framework_simplejwt_mongoengine.serializers.TokenObtainSlidingSerializer(*args, **kwargs)

Bases: TokenObtainSerializer

token_class

alias of SlidingToken

validate(attrs: Dict[str, Any]) → Dict[str, str]

class rest_framework_simplejwt_mongoengine.serializers.TokenRefreshSerializer(*args, **kwargs)

Bases: Serializer

token_class

alias of RefreshToken

validate(attrs: Dict[str, Any]) → Dict[str, str]

class rest_framework_simplejwt_mongoengine.serializers.TokenRefreshSlidingSerializer(*args, **kwargs)

Bases: Serializer

token_class

alias of SlidingToken

validate(attrs: Dict[str, Any]) → Dict[str, str]

class rest_framework_simplejwt_mongoengine.serializers.TokenVerifySerializer(*args, **kwargs)

Bases: Serializer

validate(attrs: Dict[str, None]) → Dict[Any, Any]

rest_framework_simplejwt_mongoengine.tokens module

class rest_framework_simplejwt_mongoengine.tokens.AccessToken(token: Token | None = None, verify: bool = True)

Bases: Token

lifetime: timedelta | None = datetime.timedelta(seconds=300)

token_type: str | None = 'access'

class rest_framework_simplejwt_mongoengine.tokens.BlacklistMixin

Bases: Generic[T]

If the rest_framework_simplejwt_mongoengine.token_blacklist app was configured to be used, tokens created from BlacklistMixin subclasses will insert themselves into an outstanding token list and also check for their membership in a token blacklist.

blacklist() → BlacklistedToken

Ensures this token is included in the outstanding token list and adds it to the blacklist.

check_blacklist() → None

Checks if this token is present in the token blacklist. Raises TokenError if so.

classmethod for_user(user: AuthUser) → T

Adds this token to the outstanding token list.

payload: Dict[str, Any]

verify(*args, **kwargs) → None

class rest_framework_simplejwt_mongoengine.tokens.RefreshToken(token: Token | None = None, verify: bool = True)

Bases: BlacklistMixin[RefreshToken], Token

property access_token: AccessToken

Returns an access token created from this refresh token. Copies all claims present in this refresh token to the new access token except those claims listed in the no_copy_claims attribute.

access_token_class

alias of AccessToken

lifetime: timedelta | None = datetime.timedelta(days=1)

no_copy_claims = ('token_type', 'exp', 'jti', 'jti')

token_type: str | None = 'refresh'

class rest_framework_simplejwt_mongoengine.tokens.SlidingToken(*args, **kwargs)

Bases: BlacklistMixin[SlidingToken], Token

lifetime: timedelta | None = datetime.timedelta(seconds=300)

token_type: str | None = 'sliding'

class rest_framework_simplejwt_mongoengine.tokens.Token(token: Token | None = None, verify: bool = True)

Bases: object

A class which validates and wraps an existing JWT or can be used to build a new JWT.

check_exp(claim: str = 'exp', current_time: datetime | None = None) → None

Checks whether a timestamp value in the given claim has passed (since the given datetime value in current_time). Raises a TokenError with a user-facing error message if so.

classmethod for_user(user: AuthUser) → T

Returns an authorization token for the given user that will be provided after authenticating the user’s credentials.

get(key: str, default: Any | None = None) → Any

get_token_backend() → TokenBackend

lifetime: timedelta | None = None

set_exp(claim: str = 'exp', from_time: datetime | None = None, lifetime: timedelta | None = None) → None

Updates the expiration time of a token.

See here: https://tools.ietf.org/html/rfc7519#section-4.1.4

set_iat(claim: str = 'iat', at_time: datetime | None = None) → None

Updates the time at which the token was issued.

See here: https://tools.ietf.org/html/rfc7519#section-4.1.6

set_jti() → None

Populates the configured jti claim of a token with a string where there is a negligible probability that the same string will be chosen at a later time.

See here: https://tools.ietf.org/html/rfc7519#section-4.1.7

property token_backend: TokenBackend

token_type: str | None = None

verify() → None

Performs additional validation steps which were not performed when this token was decoded. This method is part of the “public” API to indicate the intention that it may be overridden in subclasses.

verify_token_type() → None

Ensures that the token type claim is present and has the correct value.

class rest_framework_simplejwt_mongoengine.tokens.UntypedToken(token: Token | None = None, verify: bool = True)

Bases: Token

lifetime: timedelta | None = datetime.timedelta(0)

token_type: str | None = 'untyped'

verify_token_type() → None

Untyped tokens do not verify the “token_type” claim. This is useful when performing general validation of a token’s signature and other properties which do not relate to the token’s intended use.

rest_framework_simplejwt_mongoengine.utils module

rest_framework_simplejwt_mongoengine.utils.aware_utcnow() → datetime

rest_framework_simplejwt_mongoengine.utils.datetime_from_epoch(ts: float) → datetime

rest_framework_simplejwt_mongoengine.utils.datetime_to_epoch(dt: datetime) → int

rest_framework_simplejwt_mongoengine.utils.format_lazy(s: str, *args, **kwargs) → str

rest_framework_simplejwt_mongoengine.utils.get_md5_hash_password(password: str) → str

Returns MD5 hash of the given password

rest_framework_simplejwt_mongoengine.utils.make_utc(dt: datetime) → datetime

rest_framework_simplejwt_mongoengine.utils.microseconds_to_milliseconds(date_time)

Because Mongodb only stores Date data type to milliseconds while Python stores data type datetime to microseconds. So this function converts data to be compatible with MongoDB

Reference: https://docs.mongodb.com/manual/reference/method/Date/#behavior

Parameters:

date_time – instance of datetime class

Returns:

instance of datetime class with milliseconds

rest_framework_simplejwt_mongoengine.views module

class rest_framework_simplejwt_mongoengine.views.TokenBlacklistView(**kwargs)

Bases: TokenViewBase

Takes a token and blacklists it. Must be used with the rest_framework_simplejwt_mongoengine.token_blacklist app installed.

class rest_framework_simplejwt_mongoengine.views.TokenObtainPairView(**kwargs)

Bases: TokenViewBase

Takes a set of user credentials and returns an access and refresh JSON web token pair to prove the authentication of those credentials.

class rest_framework_simplejwt_mongoengine.views.TokenObtainSlidingView(**kwargs)

Bases: TokenViewBase

Takes a set of user credentials and returns a sliding JSON web token to prove the authentication of those credentials.

class rest_framework_simplejwt_mongoengine.views.TokenRefreshSlidingView(**kwargs)

Bases: TokenViewBase

Takes a sliding JSON web token and returns a new, refreshed version if the token’s refresh period has not expired.

class rest_framework_simplejwt_mongoengine.views.TokenRefreshView(**kwargs)

Bases: TokenViewBase

Takes a refresh type JSON web token and returns an access type JSON web token if the refresh token is valid.

class rest_framework_simplejwt_mongoengine.views.TokenVerifyView(**kwargs)

Bases: TokenViewBase

Takes a token and indicates if it is valid. This view provides no information about a token’s fitness for a particular use.

class rest_framework_simplejwt_mongoengine.views.TokenViewBase(**kwargs)

Bases: GenericAPIView

authentication_classes = ()

get_authenticate_header(request: Request) → str

If a request is unauthenticated, determine the WWW-Authenticate header to use for 401 responses, if any.

get_serializer_class() → Serializer

If serializer_class is set, use it directly. Otherwise get the class from settings.

permission_classes = ()

post(request: Request, *args, **kwargs) → Response

serializer_class = None

www_authenticate_realm = 'api'

rest_framework_simplejwt_mongoengine.views.token_blacklist(request, *args, **kwargs)

Takes a token and blacklists it. Must be used with the rest_framework_simplejwt_mongoengine.token_blacklist app installed.

rest_framework_simplejwt_mongoengine.views.token_obtain_pair(request, *args, **kwargs)

Takes a set of user credentials and returns an access and refresh JSON web token pair to prove the authentication of those credentials.

rest_framework_simplejwt_mongoengine.views.token_obtain_sliding(request, *args, **kwargs)

Takes a set of user credentials and returns a sliding JSON web token to prove the authentication of those credentials.

rest_framework_simplejwt_mongoengine.views.token_refresh(request, *args, **kwargs)

Takes a refresh type JSON web token and returns an access type JSON web token if the refresh token is valid.

rest_framework_simplejwt_mongoengine.views.token_refresh_sliding(request, *args, **kwargs)

Takes a sliding JSON web token and returns a new, refreshed version if the token’s refresh period has not expired.

rest_framework_simplejwt_mongoengine.views.token_verify(request, *args, **kwargs)

Takes a token and indicates if it is valid. This view provides no information about a token’s fitness for a particular use.

Module contents