auth.py 文件源码

def authenticate_credentials(self, key) -> Tuple[User, Token]:
        try:
            session = CashdeskSession.objects.get(api_token=key)
        except CashdeskSession.DoesNotExist:
            raise exceptions.AuthenticationFailed('Invalid token.')

        if not session.is_active():
            raise exceptions.AuthenticationFailed('Your session has ended.')

        if session.cashdesk != detect_cashdesk(self.request):
            raise exceptions.AuthenticationFailed(
                _('Your token is valid for a different cashdesk. Your IP is: {}').format(get_ip_address(self.request)))

        return session.user, session.api_token