- Pupmp versio to 1.2.0. Adapt with clock_skew_seconds

maycuatroi · Mar 17, 2024 · 255b94f · 255b94f
1 parent a186412
commit 255b94f
Show file tree

Hide file tree

Showing 8 changed files with 23 additions and 19 deletions.
diff --git a/abstract_auth/abstract_auth.py b/abstract_auth/abstract_auth.py
@@ -3,6 +3,7 @@
 Using google authentication (with application)
 Using firebase authentication (with web)
 """
+
 import abc
 import datetime
 
@@ -79,10 +80,13 @@ def djb2(seed):
 
 
 class AbstractAuthentication(authentication.BaseAuthentication):
-    token_post_index_name= "id_token"
+    token_post_index_name = "id_token"
+
     def authenticate(self, request):
         auth_header = request.META.get("HTTP_AUTHORIZATION") or ""
-        id_token = request.data.get(self.token_post_index_name) or auth_header.split(" ").pop()
+        id_token = (
+            request.data.get(self.token_post_index_name) or auth_header.split(" ").pop()
+        )
         if not auth_header and not id_token:
             # return AnonymousUser, None
             return None
@@ -112,7 +116,7 @@ def authenticate(self, request):
         if not id_token or not decoded_token:
             return None
 
-        striped_user_name = authenticated_user['email'].split("@")[0]
+        striped_user_name = authenticated_user["email"].split("@")[0]
         # Let's add random chars after the stiped username
         # There may be the case where [email protected] and [email protected] users register
         # We will generate random string using the email as seed
@@ -130,15 +134,13 @@ def authenticate(self, request):
             defaults=defaults,
         )[0]
         avatar_url = authenticated_user.get("picture")
-        uid =authenticated_user.get("uid")
+        uid = authenticated_user.get("uid")
         full_name = authenticated_user.get("name")
         first_name = full_name.split(" ")[0]
         last_name = (
             " ".join(full_name.split(" ")[1:]) if len(full_name.split(" ")) > 1 else ""
         )
-        profile = self._get_or_create_profile(
-           user=user, uid=uid, avatar=avatar_url
-        )
+        profile = self._get_or_create_profile(user=user, uid=uid, avatar=avatar_url)
 
         if user.first_name != first_name or user.last_name != last_name:
             user.first_name = first_name

diff --git a/django_firebase_auth/__init__.py b/django_firebase_auth/__init__.py
@@ -1 +1 @@
-from .settings import *
+from .settings import *
diff --git a/django_firebase_auth/firebase_auth.py b/django_firebase_auth/firebase_auth.py
@@ -11,15 +11,18 @@
 
 
 class FirebaseAuthentication(AbstractAuthentication):
-    token_post_index_name = 'firebase_auth_token'
-    def _get_or_create_profile(self, user, uid,avatar:str):
+    token_post_index_name = "firebase_auth_token"
+
+    def _get_or_create_profile(self, user, uid, avatar: str):
         return UserFirebaseProfile.objects.update_or_create(
             user=user,
             defaults={
                 "uid": uid,
                 "photo_url": avatar,
-            }
+            },
         )[0]
 
     def _verify_token(self, id_token):
-        return firebase_admin.auth.verify_id_token(id_token, check_revoked=False)
+        return firebase_admin.auth.verify_id_token(
+            id_token, check_revoked=True, clock_skew_seconds=5
+        )
diff --git a/django_firebase_auth/serializers/firebase_authentication_serializer.py b/django_firebase_auth/serializers/firebase_authentication_serializer.py
@@ -2,7 +2,6 @@
 from rest_framework import serializers
 
 
-
 class FirebaseAuthTokenSerializer(serializers.Serializer):
     firebase_auth_token = serializers.CharField()
 
@@ -12,4 +11,4 @@ def validate(self, attrs):
             msg = _('Must include "firebase_auth_token".')
             raise serializers.ValidationError(msg, code="authorization")
         attrs["user"] = self.context["user"]
-        return attrs
+        return attrs
diff --git a/django_firebase_auth/urls.py b/django_firebase_auth/urls.py
@@ -1,8 +1,8 @@
 from django.urls import path
 from django_firebase_auth.viewsets.firebase_auth_viewset import FirebaseAuthViewSet
 
-app_name = 'firebase_auth'
+app_name = "firebase_auth"
 urlpatterns = [
-    path('login/', FirebaseAuthViewSet.as_view(), name='login'),
+    path("login/", FirebaseAuthViewSet.as_view(), name="login"),
     # path('logout/', FirebaseAuthLogoutViewSet.as_view(), name='logout'),
 ]
diff --git a/django_firebase_auth/viewsets/firebase_auth_logout_viewset.py b/django_firebase_auth/viewsets/firebase_auth_logout_viewset.py
@@ -10,4 +10,4 @@ def create(self, request):
         """
         This method is used to logout the user from the firebase.
         """
-        pass
+        pass
diff --git a/requirements.txt b/requirements.txt
@@ -1,5 +1,5 @@
 setuptools
 django
 djangorestframework
-firebase-admin
+firebase-admin>=6.5.0
 supabase
diff --git a/setup.py b/setup.py
@@ -10,7 +10,7 @@
 
 setup(
     name="django-firebase-auth",
-    version="1.1.1",
+    version="1.1.2",
     packages=find_packages(),
     install_requires=["firebase-admin", "djangorestframework"],
     url="https://github.com/maycuatroi/django-firebase-auth",
-Original file line number
+Diff line change
@@ Expand Up / @@ -10,4 +10,4 @@ def create(self, request): @@
             """
             This method is used to logout the user from the firebase.
             """
-            pass
+            pass