shimatta-kenkyusho/shimatta_kenkyusho/api/ExpiringAuthToken.py

from datetime import timedelta
from django.conf import settings
from django.utils import timezone
from rest_framework.authentication import TokenAuthentication
from rest_framework.authtoken.models import Token
from rest_framework import exceptions
from django.core.exceptions import ObjectDoesNotExist

EXPIRE_HOURS = getattr(settings, 'REST_FRAMEWORK_TOKEN_EXPIRE_HOURS', 24)

class ExpiringTokenAuthentication(TokenAuthentication):
	def authenticate_credentials(self, key):
		print(key)
		try:
			token = Token.objects.get(key=key)
		except Token.DoesNotExist:
			raise exceptions.AuthenticationFailed('Invalid token')

		if not token.user.is_active:
			raise exceptions.AuthenticationFailed('User inactive or deleted')

		if token.created < timezone.now() - timedelta(hours=EXPIRE_HOURS):
			raise exceptions.AuthenticationFailed('Token has expired')

		return (token.user, token)
Start REST API for autocompletion etc. 2021-08-07 19:47:34 +02:00			`from datetime import timedelta`
			`from django.conf import settings`
			`from django.utils import timezone`
			`from rest_framework.authentication import TokenAuthentication`
			`from rest_framework.authtoken.models import Token`
			`from rest_framework import exceptions`
			`from django.core.exceptions import ObjectDoesNotExist`

			`EXPIRE_HOURS = getattr(settings, 'REST_FRAMEWORK_TOKEN_EXPIRE_HOURS', 24)`

			`class ExpiringTokenAuthentication(TokenAuthentication):`
			`def authenticate_credentials(self, key):`
			`print(key)`
			`try:`
			`token = Token.objects.get(key=key)`
			`except Token.DoesNotExist:`
			`raise exceptions.AuthenticationFailed('Invalid token')`

			`if not token.user.is_active:`
			`raise exceptions.AuthenticationFailed('User inactive or deleted')`

			`if token.created < timezone.now() - timedelta(hours=EXPIRE_HOURS):`
			`raise exceptions.AuthenticationFailed('Token has expired')`

			`return (token.user, token)`