def auth(body):
""" Login/password based auth
if success, generates HMAC512 based token
"""
username = body['name']
password = body['password']
user = authenticate(username=username, password=password)
if user is not None and user.is_active:
user = User.objects.get_or_create(username=username)[0]
user.last_login = datetime.now()
user.save()
data = {
'id': user.id,
'rand': b64encode(os.urandom(64)).decode('utf-8')
}
token = jwt.encode(
{
'data': CRYPTO.encrypt(json.dumps(data)),
'exp': datetime.utcnow() + timedelta(days=1),
},
settings.SECRET_KEY,
algorithm='HS512'
)
return True, {'token': token}
return False, 'Invalid username or password'
评论列表
文章目录
