I am generating the token as follows:
class LoginView(APIView):
@swagger_auto_schema(request_body=UserSerializer)
def post(self, request):
username = request.data['email']
password = request.data['password']
user = User.objects.filter(username=username).first()
if user is None:
raise AuthenticationFailed('User not found!')
if not user.check_password(password):
raise AuthenticationFailed('Incorrect password!')
payload = {
'username': user.email,
'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=60),
'iat': datetime.datetime.utcnow()
}
token = jwt.encode(payload, "secret", algorithm="HS256")
response = Response()
response.set_cookie(key='jwt', value=token, httponly=True)
response.data = {
'jwt': token
}
return response
I am writing unittests in django with jwt. I am using the following method to authorize
self.client.credentials(HTTP_AUTHORIZATION = resp_login.data.get("jwt"))
To retrieve the username from the token, I use the following code:
def get_payload(request):
token = request.META.get('HTTP_AUTHORIZATION')
if not token:
raise AuthenticationFailed('Unauthenticated!')
try:
payload = jwt.decode(token, 'secret', options={"verify_signature": False}, algorithms=['HS512'])
except jwt.ExpiredSignatureError:
raise AuthenticationFailed('Unauthenticated!')
return payload
However, I get the payload as follows:
{'username': '', 'exp': 1691987384, 'iat': 1691983784}
The whole code is hosted here
I think you are saving Email as username if so you can get the right value like:
payload = {
'username': user.username,
'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=60),
'iat': datetime.datetime.utcnow()
}