51 lines
1.7 KiB
Python
51 lines
1.7 KiB
Python
from django.http import HttpResponse
|
|
from .models import Usuario, Persona
|
|
import jwt
|
|
from decouple import config
|
|
|
|
private_key = config('SECRET_JWT')
|
|
|
|
class ApiMiddleware:
|
|
def __init__(self, get_response):
|
|
self.get_response = get_response
|
|
|
|
def __call__(self, request):
|
|
# se omite esta regla si no es api
|
|
if request.path[0:5] != '/api/':
|
|
response = self.get_response(request)
|
|
return response
|
|
|
|
# se omite esta regla en login
|
|
if request.path == '/api/auth/' and request.method == 'POST':
|
|
response = self.get_response(request)
|
|
return response
|
|
|
|
if not request.headers.get('Authorization'):
|
|
return HttpResponse('Debe indicar el token de autorización', status = 400)
|
|
|
|
authorization = request.headers.get('Authorization').split(' ')
|
|
token = authorization[1]
|
|
|
|
try:
|
|
decoded = jwt.decode(token, private_key, algorithms=["HS256"])
|
|
except jwt.ExpiredSignatureError:
|
|
return HttpResponse('token ya no es valido', status = 400)
|
|
except jwt.InvalidTokenError:
|
|
return HttpResponse('token es invalido', status = 400)
|
|
|
|
usuario = Usuario.objects.filter(login = decoded['login'], vigente = True).values().first()
|
|
if not usuario:
|
|
return HttpResponse('Usuario ya no vigente', status = 400)
|
|
|
|
persona = Persona.objects.filter(rut = usuario['rut_id']).values().first()
|
|
if not persona:
|
|
return HttpResponse('No existe información de la persona', status = 500)
|
|
|
|
request.jwt_info = {
|
|
'login': usuario['login'],
|
|
'persona': persona
|
|
}
|
|
|
|
response = self.get_response(request)
|
|
return response
|