Merge pull request #6 from eadwinCode/feat/Async

Async support

Author: eadwinCode

.github/workflows/test_full.yml

@@ -23,7 +23,7 @@ jobs:
       - name: Install core
         run: pip install "Django${{ matrix.django-version }}"
       - name: Install tests
-        run: pip install pytest ninja-schema pytest-django django-ninja-extra python-jose==3.0.0 pyjwt[crypto]
+        run: pip install pytest pytest-asyncio ninja-schema pytest-django django-ninja-extra python-jose==3.0.0 pyjwt[crypto]
       - name: Test
         run: pytest
   codestyle:

README.md

@@ -18,8 +18,8 @@ For full documentation, [visit](https://eadwincode.github.io/django-ninja-jwt/).
 - Python >= 3.6
 - Django >= 2.1
 - Django-Ninja >= 0.16.1
-- Ninja-Schema >= 0.12.2
-- Django-Ninja-Extra >= 0.11.0
+- Ninja-Schema >= 0.12.8
+- Django-Ninja-Extra >= 0.14.2
 
 
 Installation

docs/docs/auth_integration.md

@@ -53,4 +53,22 @@ router = router('')
 def apikey(request):
     return f"Token = {request.auth}"
 
-```
+```
+
+### Asynchronous Route Authentication
+If you are interested in the Asynchronous Route Authentication, there is `AsyncJWTAuth` class
+
+```python
+from ninja_extra import api_controller, route
+from ninja_jwt.authentication import AsyncJWTAuth
+
+@api_controller
+class MyController:
+    @route.get('/some-endpoint', auth=AsyncJWTAuth())
+    async def some_endpoint(self):
+        ...
+```
+N:B `some_endpoint` must be asynchronous. Any endpoint function marked with `AsyncJWTAuth` must be asynchronous. 
+
+!!! warning
+    Asynchronous feature is only available for django version > 3.0

docs/docs/customizing_token_claims.md

@@ -4,6 +4,9 @@ generated by the `NinjaJWTDefaultController` and `NinjaJWTSlidingController`
 views, create a subclass for the desired controller as well as a subclass for
 its corresponding serializer. Here\'s an example :
 
+!!! info
+    if you are interested in Asynchronous version of the class, checkout  `AsyncNinjaJWTDefaultController` and `AsyncNinjaJWTSlidingController`
+
 ```python
 from ninja_jwt.schema import TokenObtainPairSerializer
 from ninja_jwt.controller import TokenObtainPairController
@@ -63,4 +66,4 @@ from ninja import NinjaAPI
 
 api = NinjaAPI()
 api.add_router('', tags=['Auth'], router=router)
-```
+```

ninja_jwt/authentication.py

@@ -1,10 +1,11 @@
 from typing import Any, Type
 
+import django
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import AbstractUser, AnonymousUser
 from django.http import HttpRequest
 from django.utils.translation import gettext_lazy as _
-from ninja.security import HttpBearer
+from ninja_extra.security import AsyncHttpBearer, HttpBearer
 
 from .exceptions import AuthenticationFailed, InvalidToken, TokenError
 from .settings import api_settings
@@ -105,3 +106,29 @@ def default_user_authentication_rule(user) -> bool:
     # users from authenticating to enforce a reasonable policy and provide
     # sensible backwards compatibility with older Django versions.
     return user is not None and user.is_active
+
+
+if not django.VERSION < (3, 1):
+    from asgiref.sync import sync_to_async
+
+    class AsyncJWTBaseAuthentication(JWTBaseAuthentication):
+        async def async_jwt_authenticate(
+            self, request: HttpRequest, token: str
+        ) -> Type[AbstractUser]:
+            request.user = AnonymousUser()
+            get_validated_token = sync_to_async(self.get_validated_token)
+            validated_token = await get_validated_token(token)
+            get_user = sync_to_async(self.get_user)
+            user = await get_user(validated_token)
+            request.user = user
+            return user
+
+    class AsyncJWTAuth(AsyncJWTBaseAuthentication, JWTAuth, AsyncHttpBearer):
+        async def authenticate(self, request: HttpRequest, token: str) -> Any:
+            return await self.async_jwt_authenticate(request, token)
+
+    class AsyncJWTTokenUserAuth(
+        AsyncJWTBaseAuthentication, JWTTokenUserAuth, AsyncHttpBearer
+    ):
+        async def authenticate(self, request: HttpRequest, token: str) -> Any:
+            return await self.async_jwt_authenticate(request, token)

ninja_jwt/controller.py

@@ -1,27 +1,51 @@
-from ninja_extra import api_controller, http_post
+import django
+from ninja_extra import ControllerBase, api_controller, http_post
 from ninja_extra.permissions import AllowAny
 from ninja_schema import Schema
 
 from ninja_jwt import schema
 
-
-class TokenVerificationController:
+exports = [
+    "TokenVerificationController",
+    "TokenBlackListController",
+    "TokenObtainPairController",
+    "TokenObtainSlidingController",
+    "TokenObtainSlidingController",
+    "NinjaJWTDefaultController",
+    "NinjaJWTSlidingController",
+]
+
+if not django.VERSION < (3, 1):
+    exports += [
+        "AsyncTokenVerificationController",
+        "AsyncTokenBlackListController",
+        "AsyncTokenObtainPairController",
+        "AsyncTokenObtainSlidingController",
+        "AsyncTokenObtainSlidingController",
+        "AsyncNinjaJWTDefaultController",
+        "AsyncNinjaJWTSlidingController",
+    ]
+
+__all__ = exports
+
+
+class TokenVerificationController(ControllerBase):
     auto_import = False
 
     @http_post("/verify", response={200: Schema}, url_name="token_verify")
     def verify_token(self, token: schema.TokenVerifySerializer):
         return {}
 
 
-class TokenBlackListController:
+class TokenBlackListController(ControllerBase):
     auto_import = False
 
     @http_post("/blacklist", response={200: Schema}, url_name="token_blacklist")
     def blacklist_token(self, refresh: schema.TokenBlacklistSerializer):
         return {}
 
 
-class TokenObtainPairController:
+class TokenObtainPairController(ControllerBase):
     auto_import = False
 
     @http_post(
@@ -76,3 +100,69 @@ class NinjaJWTSlidingController(
     """
 
     auto_import = False
+
+
+if not django.VERSION < (3, 1):
+
+    class AsyncTokenVerificationController(TokenVerificationController):
+        @http_post("/verify", response={200: Schema}, url_name="token_verify")
+        async def verify_token(self, token: schema.TokenVerifySerializer):
+            return {}
+
+    class AsyncTokenBlackListController(TokenBlackListController):
+        auto_import = False
+
+        @http_post("/blacklist", response={200: Schema}, url_name="token_blacklist")
+        async def blacklist_token(self, refresh: schema.TokenBlacklistSerializer):
+            return {}
+
+    class AsyncTokenObtainPairController(TokenObtainPairController):
+        @http_post(
+            "/pair", response=schema.TokenObtainPairOutput, url_name="token_obtain_pair"
+        )
+        async def obtain_token(self, user_token: schema.TokenObtainPairSerializer):
+            return user_token.output_schema()
+
+        @http_post(
+            "/refresh", response=schema.TokenRefreshSerializer, url_name="token_refresh"
+        )
+        async def refresh_token(self, refresh_token: schema.TokenRefreshSchema):
+            refresh = schema.TokenRefreshSerializer(**refresh_token.dict())
+            return refresh
+
+    class AsyncTokenObtainSlidingController(TokenObtainSlidingController):
+        @http_post(
+            "/sliding",
+            response=schema.TokenObtainSlidingOutput,
+            url_name="token_obtain_sliding",
+        )
+        async def obtain_token(self, user_token: schema.TokenObtainSlidingSerializer):
+            return user_token.output_schema()
+
+        @http_post(
+            "/sliding/refresh",
+            response=schema.TokenRefreshSlidingSerializer,
+            url_name="token_refresh_sliding",
+        )
+        async def refresh_token(self, refresh_token: schema.TokenRefreshSlidingSchema):
+            refresh = schema.TokenRefreshSlidingSerializer(**refresh_token.dict())
+            return refresh
+
+    @api_controller("/token", permissions=[AllowAny], tags=["token"])
+    class AsyncNinjaJWTDefaultController(
+        AsyncTokenVerificationController, AsyncTokenObtainPairController
+    ):
+        """NinjaJWT Async Default controller for obtaining and refreshing tokens"""
+
+        auto_import = False
+
+    @api_controller("/token", permissions=[AllowAny], tags=["token"])
+    class AsyncNinjaJWTSlidingController(
+        AsyncTokenVerificationController, AsyncTokenObtainSlidingController
+    ):
+        """
+        NinjaJWT Async Sliding controller for obtaining and refreshing tokens
+        Add 'ninja_jwt.tokens.SlidingToken' in AUTH_TOKEN_CLASSES in Settings
+        """
+
+        auto_import = False

pyproject.toml

@@ -50,8 +50,8 @@ dependencies = [
     "Django >= 2.1",
     "pyjwt>=2,<3",
     "pyjwt[crypto]",
-    "ninja-schema",
-    "django-ninja-extra",
+    "ninja-schema >= 0.12.8",
+    "django-ninja-extra >= 0.14.2",
 ]
 
 

tests/test_authentication.py

@@ -1,5 +1,6 @@
 from datetime import timedelta
 
+import django
 import pytest
 from django.contrib.auth import get_user_model
 
@@ -16,6 +17,9 @@
 class TestJWTAuth:
     @pytest.fixture(autouse=True)
     def setUp(self):
+        self.init_backend()
+
+    def init_backend(self):
         self.backend = authentication.JWTAuth()
 
     @pytest.mark.django_db
@@ -96,6 +100,9 @@ def test_get_user(self):
 class TestJWTTokenUserAuth:
     @pytest.fixture(autouse=True)
     def setUp(self):
+        self.init_backend()
+
+    def init_backend(self):
         self.backend = authentication.JWTTokenUserAuth()
 
     @pytest.mark.django_db
@@ -133,3 +140,41 @@ def username(self):
             assert isinstance(user, api_settings.TOKEN_USER_CLASS)
             assert user.id == 42
             assert user.username == "bsaget"
+
+
+if not django.VERSION < (3, 1):
+    from asgiref.sync import sync_to_async
+
+    class TestAsyncJWTAuth(TestJWTAuth):
+        def init_backend(self):
+            self.backend = authentication.AsyncJWTAuth()
+
+        @pytest.mark.asyncio
+        @pytest.mark.django_db
+        async def test_get_validated_token(self, monkeypatch):
+            _test_get_validated_token = sync_to_async(
+                super(TestAsyncJWTAuth, self).test_get_validated_token
+            )
+            await _test_get_validated_token(monkeypatch=monkeypatch)
+
+        @pytest.mark.asyncio
+        @pytest.mark.django_db
+        async def test_get_user(self):
+            _test_get_user = sync_to_async(super(TestAsyncJWTAuth, self).test_get_user)
+            await _test_get_user()
+
+    class TestAsyncJWTTokenUserAuth(TestJWTTokenUserAuth):
+        def init_backend(self):
+            self.backend = authentication.AsyncJWTTokenUserAuth()
+
+        @pytest.mark.asyncio
+        @pytest.mark.django_db
+        async def test_get_user(self):
+            _test_get_user = sync_to_async(super().test_get_user)
+            await _test_get_user()
+
+        @pytest.mark.asyncio
+        @pytest.mark.django_db
+        async def test_custom_tokenuser(self, monkeypatch):
+            _test_custom_tokenuser = sync_to_async(super().test_custom_tokenuser)
+            await _test_custom_tokenuser(monkeypatch=monkeypatch)