cleanup as suggested - removed api_settings.JWT_AUTH_USER_MODEL

Author: jacoor

rest_framework_jwt/settings.py

@@ -45,7 +45,6 @@
     'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=7),
 
     'JWT_AUTH_HEADER_PREFIX': 'JWT',
-    'JWT_AUTH_USER_MODEL': settings.AUTH_USER_MODEL,
     'JWT_AUTH_COOKIE': None,
 }
 

rest_framework_jwt/utils.py

@@ -2,13 +2,7 @@
 import uuid
 import warnings
 
-from six import string_types
-
-try:
-    from django.db.models.loading import get_model
-except ImportError:
-    from django.apps import apps
-    get_model = apps.get_model
+from django.contrib.auth import get_user_model
 
 from calendar import timegm
 from datetime import datetime
@@ -20,19 +14,16 @@
 
 def jwt_get_secret_key(user_id=None):
     """
-        For enchanced security you may use secret key on user itself.
-        This way you have an option to logout only this user if:
-            - token is compromised
-            - password is changed
-            - etc.
+    For enchanced security you may use secret key on user itself.
+
+    This way you have an option to logout only this user if:
+        - token is compromised
+        - password is changed
+        - etc.
     """
     if api_settings.JWT_GET_USER_SECRET_KEY:
-        if isinstance(api_settings.JWT_AUTH_USER_MODEL, string_types):
-            parts = api_settings.JWT_AUTH_USER_MODEL.rsplit('.', 1)
-            Account = get_model(parts[0], parts[1])
-        else:
-            Account = api_settings.JWT_AUTH_USER_MODEL
-        user = Account.objects.get(pk=user_id)
+        User = get_user_model()  # noqa: N806
+        user = User.objects.get(pk=user_id)
         key = str(api_settings.JWT_GET_USER_SECRET_KEY(user))
         return key
     return api_settings.JWT_SECRET_KEY

tests/test_authentication.py

@@ -151,7 +151,6 @@ def test_post_form_failing_jwt_auth_changed_user_secret_key(self):
         Ensure changin secret key on USER level makes tokens invalid
         """
         # fine tune settings
-        api_settings.JWT_AUTH_USER_MODEL = CustomUser
         api_settings.JWT_GET_USER_SECRET_KEY = get_jwt_secret
 
         tmp_user = CustomUser.objects.create(email='[email protected]')
@@ -174,7 +173,6 @@ def test_post_form_failing_jwt_auth_changed_user_secret_key(self):
         self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
 
         # revert api settings
-        api_settings.JWT_AUTH_USER_MODEL = DEFAULTS['JWT_AUTH_USER_MODEL']
         api_settings.JWT_GET_USER_SECRET_KEY = DEFAULTS['JWT_GET_USER_SECRET_KEY']
 
     def test_post_invalid_token_failing_jwt_auth(self):