rest_framework_simplejwt package

Submodules

rest_framework_simplejwt.authentication module

class rest_framework_simplejwt.authentication.JWTAuthentication(*args, **kwargs)

Bases: rest_framework.authentication.BaseAuthentication

An authentication plugin that authenticates requests through a JSON web token provided in a request header.

authenticate(request)

Authenticate the request and return a two-tuple of (user, token).

authenticate_header(request)

Return a string to be used as the value of the WWW-Authenticate header in a 401 Unauthenticated response, or None if the authentication scheme should return 403 Permission Denied responses.

get_header(request)

Extracts the header containing the JSON web token from the given request.

get_raw_token(header)

Extracts an unvalidated JSON web token from the given “Authorization” header value.

get_user(validated_token)

Attempts to find and return a user using the given validated token.

get_validated_token(raw_token)

Validates an encoded JSON web token and returns a validated token wrapper object.

media_type = 'application/json'
www_authenticate_realm = 'api'
class rest_framework_simplejwt.authentication.JWTTokenUserAuthentication(*args, **kwargs)

Bases: rest_framework_simplejwt.authentication.JWTAuthentication

get_user(validated_token)

Returns a stateless user object which is backed by the given validated token.

rest_framework_simplejwt.authentication.default_user_authentication_rule(user)

rest_framework_simplejwt.models module

class rest_framework_simplejwt.models.TokenUser(token)

Bases: object

A dummy user class modeled after django.contrib.auth.models.AnonymousUser. Used in conjunction with the JWTTokenUserAuthentication backend to implement single sign-on functionality across services which share the same secret key. JWTTokenUserAuthentication will return an instance of this class instead of a User model instance. Instances of this class act as stateless user objects which are backed by validated tokens.

check_password(raw_password)
delete()
get_all_permissions(obj=None)
get_group_permissions(obj=None)
get_username()
groups
has_module_perms(module)
has_perm(perm, obj=None)
has_perms(perm_list, obj=None)
id
is_active = True
is_anonymous
is_authenticated
is_staff
is_superuser
pk
save()
set_password(raw_password)
user_permissions
username

rest_framework_simplejwt.serializers module

class rest_framework_simplejwt.serializers.PasswordField(*args, **kwargs)

Bases: rest_framework.fields.CharField

class rest_framework_simplejwt.serializers.TokenObtainPairSerializer(*args, **kwargs)

Bases: rest_framework_simplejwt.serializers.TokenObtainSerializer

classmethod get_token(user)
validate(attrs)
class rest_framework_simplejwt.serializers.TokenObtainSerializer(*args, **kwargs)

Bases: rest_framework.serializers.Serializer

default_error_messages = {'no_active_account': 'No active account found with the given credentials'}
classmethod get_token(user)
username_field = 'username'
validate(attrs)
class rest_framework_simplejwt.serializers.TokenObtainSlidingSerializer(*args, **kwargs)

Bases: rest_framework_simplejwt.serializers.TokenObtainSerializer

classmethod get_token(user)
validate(attrs)
class rest_framework_simplejwt.serializers.TokenRefreshSerializer(instance=None, data=<class 'rest_framework.fields.empty'>, **kwargs)

Bases: rest_framework.serializers.Serializer

validate(attrs)
class rest_framework_simplejwt.serializers.TokenRefreshSlidingSerializer(instance=None, data=<class 'rest_framework.fields.empty'>, **kwargs)

Bases: rest_framework.serializers.Serializer

validate(attrs)
class rest_framework_simplejwt.serializers.TokenVerifySerializer(instance=None, data=<class 'rest_framework.fields.empty'>, **kwargs)

Bases: rest_framework.serializers.Serializer

validate(attrs)

rest_framework_simplejwt.tokens module

class rest_framework_simplejwt.tokens.AccessToken(token=None, verify=True)

Bases: rest_framework_simplejwt.tokens.Token

lifetime = datetime.timedelta(seconds=300)
token_type = 'access'
class rest_framework_simplejwt.tokens.BlacklistMixin

Bases: object

If the rest_framework_simplejwt.token_blacklist app was configured to be used, tokens created from BlacklistMixin subclasses will insert themselves into an outstanding token list and also check for their membership in a token blacklist.

blacklist()

Ensures this token is included in the outstanding token list and adds it to the blacklist.

check_blacklist()

Checks if this token is present in the token blacklist. Raises TokenError if so.

classmethod for_user(user)

Adds this token to the outstanding token list.

verify(*args, **kwargs)
class rest_framework_simplejwt.tokens.RefreshToken(token=None, verify=True)

Bases: rest_framework_simplejwt.tokens.BlacklistMixin, rest_framework_simplejwt.tokens.Token

access_token

Returns an access token created from this refresh token. Copies all claims present in this refresh token to the new access token except those claims listed in the no_copy_claims attribute.

lifetime = datetime.timedelta(days=1)
no_copy_claims = ('token_type', 'exp', 'jti', 'jti')
token_type = 'refresh'
class rest_framework_simplejwt.tokens.SlidingToken(*args, **kwargs)

Bases: rest_framework_simplejwt.tokens.BlacklistMixin, rest_framework_simplejwt.tokens.Token

lifetime = datetime.timedelta(seconds=300)
token_type = 'sliding'
class rest_framework_simplejwt.tokens.Token(token=None, verify=True)

Bases: object

A class which validates and wraps an existing JWT or can be used to build a new JWT.

check_exp(claim='exp', current_time=None)

Checks whether a timestamp value in the given claim has passed (since the given datetime value in current_time). Raises a TokenError with a user-facing error message if so.

classmethod for_user(user)

Returns an authorization token for the given user that will be provided after authenticating the user’s credentials.

get(key, default=None)
get_token_backend()
lifetime = None
set_exp(claim='exp', from_time=None, lifetime=None)

Updates the expiration time of a token.

set_jti()

Populates the configured jti claim of a token with a string where there is a negligible probability that the same string will be chosen at a later time.

See here: https://tools.ietf.org/html/rfc7519#section-4.1.7

token_type = None
verify()

Performs additional validation steps which were not performed when this token was decoded. This method is part of the “public” API to indicate the intention that it may be overridden in subclasses.

verify_token_type()

Ensures that the token type claim is present and has the correct value.

class rest_framework_simplejwt.tokens.UntypedToken(token=None, verify=True)

Bases: rest_framework_simplejwt.tokens.Token

lifetime = datetime.timedelta(0)
token_type = 'untyped'
verify_token_type()

Untyped tokens do not verify the “token_type” claim. This is useful when performing general validation of a token’s signature and other properties which do not relate to the token’s intended use.

rest_framework_simplejwt.utils module

rest_framework_simplejwt.utils.aware_utcnow()
rest_framework_simplejwt.utils.datetime_from_epoch(ts)
rest_framework_simplejwt.utils.datetime_to_epoch(dt)
rest_framework_simplejwt.utils.format_lazy(s, *args, **kwargs)
rest_framework_simplejwt.utils.make_utc(dt)

rest_framework_simplejwt.views module

class rest_framework_simplejwt.views.TokenObtainPairView(**kwargs)

Bases: rest_framework_simplejwt.views.TokenViewBase

Takes a set of user credentials and returns an access and refresh JSON web token pair to prove the authentication of those credentials.

serializer_class

alias of rest_framework_simplejwt.serializers.TokenObtainPairSerializer

class rest_framework_simplejwt.views.TokenObtainSlidingView(**kwargs)

Bases: rest_framework_simplejwt.views.TokenViewBase

Takes a set of user credentials and returns a sliding JSON web token to prove the authentication of those credentials.

serializer_class

alias of rest_framework_simplejwt.serializers.TokenObtainSlidingSerializer

class rest_framework_simplejwt.views.TokenRefreshSlidingView(**kwargs)

Bases: rest_framework_simplejwt.views.TokenViewBase

Takes a sliding JSON web token and returns a new, refreshed version if the token’s refresh period has not expired.

serializer_class

alias of rest_framework_simplejwt.serializers.TokenRefreshSlidingSerializer

class rest_framework_simplejwt.views.TokenRefreshView(**kwargs)

Bases: rest_framework_simplejwt.views.TokenViewBase

Takes a refresh type JSON web token and returns an access type JSON web token if the refresh token is valid.

serializer_class

alias of rest_framework_simplejwt.serializers.TokenRefreshSerializer

class rest_framework_simplejwt.views.TokenVerifyView(**kwargs)

Bases: rest_framework_simplejwt.views.TokenViewBase

Takes a token and indicates if it is valid. This view provides no information about a token’s fitness for a particular use.

serializer_class

alias of rest_framework_simplejwt.serializers.TokenVerifySerializer

class rest_framework_simplejwt.views.TokenViewBase(**kwargs)

Bases: rest_framework.generics.GenericAPIView

authentication_classes = ()
get_authenticate_header(request)

If a request is unauthenticated, determine the WWW-Authenticate header to use for 401 responses, if any.

permission_classes = ()
post(request, *args, **kwargs)
serializer_class = None
www_authenticate_realm = 'api'
rest_framework_simplejwt.views.token_obtain_pair(self, request, *args, **kwargs)

Takes a set of user credentials and returns an access and refresh JSON web token pair to prove the authentication of those credentials.

rest_framework_simplejwt.views.token_obtain_sliding(self, request, *args, **kwargs)

Takes a set of user credentials and returns a sliding JSON web token to prove the authentication of those credentials.

rest_framework_simplejwt.views.token_refresh(self, request, *args, **kwargs)

Takes a refresh type JSON web token and returns an access type JSON web token if the refresh token is valid.

rest_framework_simplejwt.views.token_refresh_sliding(self, request, *args, **kwargs)

Takes a sliding JSON web token and returns a new, refreshed version if the token’s refresh period has not expired.

rest_framework_simplejwt.views.token_verify(self, request, *args, **kwargs)

Takes a token and indicates if it is valid. This view provides no information about a token’s fitness for a particular use.

Module contents