diff --git a/canopeum_backend/canopeum_backend/views.py b/canopeum_backend/canopeum_backend/views.py index 0aa73be2..d98ebb19 100644 --- a/canopeum_backend/canopeum_backend/views.py +++ b/canopeum_backend/canopeum_backend/views.py @@ -136,11 +136,11 @@ def post(self, request: Request): user = cast(User, authenticate(email=email, password=password)) if user is not None: - refresh = cast(RefreshToken, RefreshToken.for_user(user)) + refresh = RefreshToken.for_user(user) refresh_serializer = TokenRefreshSerializer({ - "refresh": str(refresh), - "access": str(refresh.access_token), + "refresh": refresh, + "access": refresh.access_token, }) user_serializer = UserSerializer(user) serializer = UserTokenSerializer( @@ -166,11 +166,11 @@ def post(self, request: Request): if register_user_serializer.is_valid(): user = register_user_serializer.create_user() if user is not None: - refresh = cast(RefreshToken, RefreshToken.for_user(user)) + refresh = RefreshToken.for_user(user) token_refresh_serializer = TokenRefreshSerializer({ - "refresh": str(refresh), - "access": str(refresh.access_token), + "refresh": refresh, + "access": refresh.access_token, }) user_serializer = UserSerializer(user) user_token_serializer = UserTokenSerializer( @@ -1170,35 +1170,3 @@ def get(self, request: Request, code: str): serializer = UserInvitationSerializer(user_invitation) return Response(serializer.data) - - -class TokenRefreshAPIView(APIView): - @extend_schema(responses=RefreshToken, operation_id="token_refresh") - def post(self, request: Request): - refresh = RefreshToken(request.data.get("refresh")) - user = User.objects.get(pk=refresh["user_id"]) - refresh["role"] = user.role.name - return Response( - {"refresh": str(refresh), "access": str(refresh.access_token)}, - status=status.HTTP_200_OK, - ) - - -class TokenObtainPairAPIView(APIView): - @extend_schema(responses=UserSerializer, operation_id="token_obtain_pair") - def post(self, request: Request): - user = cast( - User, - authenticate( - username=request.data.get("username"), password=request.data.get("password") - ), - ) - if user is not None: - refresh = cast(RefreshToken, RefreshToken.for_user(user)) - if user.role is not None: - refresh["role"] = user.role.name - return Response( - {"refresh": str(refresh), "access": str(refresh.access_token)}, - status=status.HTTP_200_OK, - ) - return Response({"error": "Invalid credentials"}, status=status.HTTP_401_UNAUTHORIZED) diff --git a/canopeum_backend/pyproject.toml b/canopeum_backend/pyproject.toml index 3da267d9..c11fb94a 100644 --- a/canopeum_backend/pyproject.toml +++ b/canopeum_backend/pyproject.toml @@ -8,7 +8,7 @@ dependencies = [ "dj-database-url", "django-cors-headers", "djangorestframework-camel-case", - "djangorestframework-simplejwt", + "djangorestframework-simplejwt>=5.4.0", # TODO: Bump above 5.3.1 as soon as fixed for https://github.com/BesLogic/releaf-canopeum/security/dependabot/3 "djangorestframework>=3.15.2", # Fix for https://github.com/BesLogic/releaf-canopeum/security/dependabot/15 diff --git a/canopeum_backend/uv.lock b/canopeum_backend/uv.lock index bce74430..4ade96a8 100644 --- a/canopeum_backend/uv.lock +++ b/canopeum_backend/uv.lock @@ -57,7 +57,7 @@ requires-dist = [ { name = "django-cors-headers" }, { name = "djangorestframework", specifier = ">=3.15.2" }, { name = "djangorestframework-camel-case" }, - { name = "djangorestframework-simplejwt" }, + { name = "djangorestframework-simplejwt", specifier = ">=5.4.0" }, { name = "drf-spectacular", specifier = ">=0.27.2" }, { name = "drf-spectacular-sidecar" }, { name = "googlemaps" }, @@ -217,16 +217,16 @@ sdist = { url = "https://files.pythonhosted.org/packages/f4/87/647ce93053cb5e35e [[package]] name = "djangorestframework-simplejwt" -version = "5.3.1" +version = "5.4.0" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "django" }, { name = "djangorestframework" }, { name = "pyjwt" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/ac/f3/f2ce06fcd1c53e12b26cc5a3ec9e0acd47eb4be02e1d24de50edee5c5abf/djangorestframework_simplejwt-5.3.1.tar.gz", hash = "sha256:6c4bd37537440bc439564ebf7d6085e74c5411485197073f508ebdfa34bc9fae", size = 94266 } +sdist = { url = "https://files.pythonhosted.org/packages/8d/5f/1c130e823f734ba776c3925ad8e7c28ca1a59feb22d039b3810d1f8c0b34/djangorestframework_simplejwt-5.4.0.tar.gz", hash = "sha256:cccecce1a0e1a4a240fae80da73e5fc23055bababb8b67de88fa47cd36822320", size = 96648 } wheels = [ - { url = "https://files.pythonhosted.org/packages/f2/ab/88f73cf08d2ad3fb9f71b956dceca5680a57f121e5ce9a604f365877d57e/djangorestframework_simplejwt-5.3.1-py3-none-any.whl", hash = "sha256:381bc966aa46913905629d472cd72ad45faa265509764e20ffd440164c88d220", size = 101339 }, + { url = "https://files.pythonhosted.org/packages/f0/41/d6f67d24f46c7d8ee6dcb85c9abb94bad23140210bfb8c454641d278dfd2/djangorestframework_simplejwt-5.4.0-py3-none-any.whl", hash = "sha256:7aec953db9ed4163430c16d086eecb0f028f814ce6bba62b06c25919261e9077", size = 102316 }, ] [[package]]