Skip to content
This repository was archived by the owner on May 26, 2020. It is now read-only.

Optimize jwt_decode_handler #344

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Optimize jwt_decode_handler #344

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 10 additions & 4 deletions rest_framework_jwt/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,15 +97,21 @@ def jwt_encode_handler(payload):


def jwt_decode_handler(token):
key = api_settings.JWT_PUBLIC_KEY
if not key:
if api_settings.JWT_GET_USER_SECRET_KEY:
# get user from token, BEFORE verification, to get user secret key
unverified_payload = jwt.decode(token, None, False)
key = jwt_get_secret_key(unverified_payload)
else:
key = api_settings.JWT_SECRET_KEY

options = {
'verify_exp': api_settings.JWT_VERIFY_EXPIRATION,
}
# get user from token, BEFORE verification, to get user secret key
unverified_payload = jwt.decode(token, None, False)
secret_key = jwt_get_secret_key(unverified_payload)
return jwt.decode(
token,
api_settings.JWT_PUBLIC_KEY or secret_key,
key,
api_settings.JWT_VERIFY,
options=options,
leeway=api_settings.JWT_LEEWAY,
Expand Down