from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
from rest_framework_simplejwt.views import TokenObtainPairView
from rest_framework_simplejwt.utils import datetime_to_epoch
SUPERUSER_LIFETIME = datetime.timedelta(minutes=1)
class MyTokenObtainPairSerializer(TokenObtainPairSerializer):
@classmethod
def get_token(cls, user):
token = super(MyTokenObtainPairSerializer, cls).get_token(user)
token['name'] = user.username
token['user_id'] = user.id
if user.is_superuser:
#token.set_exp(from_time=starttime,lifetime=SUPERUSER_LIFETIME)
token.payload['exp'] = datetime_to_epoch(token.current_time + SUPERUSER_LIFETIME)
return token
class MyTokenObtainPairView(TokenObtainPairView):
serializer_class = MyTokenObtainPairSerializer
i have tried this code (followed this link: How can we assign different expiry time to different users in jwt tokens in django ). This code updates the expiry time of refresh token but i want to update expiry time of access token in django using simplejwt module. any suggestions please.
I just made a quick look to simplejwt github's page and you can customize some settings in your settings.py
file;
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5),
}
Updated Answer Based On Comment
thanks for response . but i want set globally jwt expiry time and later based on role , i want to override that expiry time . how is it possible??
As you say, you have to override default token generator method. But how?
First, create your own token obtain view that inherited from TokenObtainPairView
and your own token obtain serializer that inherited from TokenObtainPairSerializer
. After that, you can see that validate
method create access
and refresh
tokens, so also you must override that method if you want to create token based on user role etc. After these steps you also have to change your urls.py
.
Example;
import datetime
from django.utils.six import text_type
from rest_framework_simplejwt.views import TokenObtainPairView
from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
SUPERUSER_LIFETIME = datetime.timedelta(minutes=1)
class MyTokenObtainSerializer(TokenObtainPairSerializer):
def validate(self, attrs):
data = super(TokenObtainPairSerializer, self).validate(attrs)
refresh = self.get_token(self.user)
data['refresh'] = text_type(refresh)
if self.user.is_superuser:
new_token = refresh.access_token
new_token.set_exp(lifetime=SUPERUSER_LIFETIME)
data['access'] = text_type(new_token)
else:
data['access'] = text_type(refresh.access_token)
return data
class MyTokenObtainView(TokenObtainPairView):
serializer_class = MyTokenObtainSerializer
urls.py
urlpatterns = [
path('api/token/', MyTokenObtainView.as_view(), name='token_obtain_pair')
]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With