-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
use redis to store scopes of an issued transaction token
- Loading branch information
Showing
8 changed files
with
77 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,5 @@ | ||
| from .user import AbstractUserTokenMixin, AbstractUserRefreshTokenMixin, AbstractUserTransactionTokenMixin | ||
| from .user import ( | ||
| AbstractUserTokenMixin, | ||
| AbstractUserRefreshTokenMixin, | ||
| AbstractUserTransactionTokenMixin, | ||
| ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| from . import security, utils, models |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| from .utils import get_connection | ||
|
|
||
|
|
||
| class AbstractUserTransactionTokenDjangoPermissions2RedisMixin: | ||
| redis_url = None | ||
| redis = None | ||
|
|
||
| def _save_transaction_token(self, token_id: str): | ||
| if not self.redis: | ||
| self.redis = get_connection(self.redis_url) | ||
|
|
||
| key = f'access:token:{token_id}:scopes' | ||
| self.redis.sadd(key, *self.get_all_permissions()) | ||
| self.redis.expire(key, int(timedelta(minutes=5).total_seconds())) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| from . import jwt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| from typing import Optional | ||
| from djfapi.security.jwt import JWTToken | ||
| from ..utils import get_connection | ||
|
|
||
|
|
||
| class JWTTokenRedis(JWTToken): | ||
| def __init__(self, *args, redis_url: Optional[str] = None, **kwargs): | ||
| super().__init__(*args, **kwargs) | ||
| self.redis = get_connection(redis_url, use_async=True) | ||
|
|
||
| async def _create_access(self, token): | ||
| access = await super()._create_access(token) | ||
| scopes = await self.redis.smembers(f'access:token:{access.jti}:scopes') | ||
| access.token.aud = [str(scope, 'utf-8') for scope in scopes] | ||
| return access |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| from typing import Optional | ||
| from django.conf import settings | ||
| from redis.asyncio import Redis as RedisAsync, RedisCluster as RedisAsyncCluster | ||
| from redis import Redis, RedisCluster | ||
|
|
||
|
|
||
| CONNECTIONS = {} | ||
|
|
||
|
|
||
| def get_connection( | ||
| redis_url: Optional[str] = None, use_async: bool = False, is_cluster: Optional[bool] = None | ||
| ) -> 'Redis': | ||
| if is_cluster is None: | ||
| is_cluster = getattr(settings, 'REDIS_IS_CLUSTER', False) | ||
|
|
||
| if use_async: | ||
| R = RedisAsyncCluster if is_cluster else RedisAsync | ||
|
|
||
| else: | ||
| R = RedisCluster if is_cluster else Redis | ||
|
|
||
| redis_url = redis_url or getattr(settings, 'REDIS_URL', None) or 'redis://localhost:6379/0' | ||
|
|
||
| try: | ||
| return CONNECTIONS[(redis_url, use_async)] | ||
|
|
||
| except KeyError: | ||
| CONNECTIONS[(redis_url, use_async)] = R.from_url(redis_url) | ||
| return CONNECTIONS[(redis_url, use_async)] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters