def authenticate_payload(payload):
from rest_framework_sso.models import SessionToken
user_model = get_user_model()
if api_settings.VERIFY_SESSION_TOKEN:
try:
session_token = SessionToken.objects.\
active().\
select_related('user').\
get(pk=payload.get(claims.SESSION_ID), user_id=payload.get(claims.USER_ID))
user = session_token.user
except SessionToken.DoesNotExist:
raise exceptions.AuthenticationFailed(_('Invalid token.'))
else:
try:
user = user_model.objects.get(pk=payload.get(claims.USER_ID))
except user_model.DoesNotExist:
raise exceptions.AuthenticationFailed(_('Invalid token.'))
if not user.is_active:
raise exceptions.AuthenticationFailed(_('User inactive or deleted.'))
return user
评论列表
文章目录
