From 255b94f41f5567b9fd1425efc067eff900e823fe Mon Sep 17 00:00:00 2001
From: Binh Nguyen <sometimesocrazy@gmail.com>
Date: Mon, 18 Mar 2024 03:48:52 +0700
Subject: [PATCH] - Pupmp versio to 1.2.0. Adapt with `clock_skew_seconds`

---
 abstract_auth/abstract_auth.py                   | 16 +++++++++-------
 django_firebase_auth/__init__.py                 |  2 +-
 django_firebase_auth/firebase_auth.py            | 11 +++++++----
 .../firebase_authentication_serializer.py        |  3 +--
 django_firebase_auth/urls.py                     |  4 ++--
 .../viewsets/firebase_auth_logout_viewset.py     |  2 +-
 requirements.txt                                 |  2 +-
 setup.py                                         |  2 +-
 8 files changed, 23 insertions(+), 19 deletions(-)

diff --git a/abstract_auth/abstract_auth.py b/abstract_auth/abstract_auth.py
index 8d38e17..3248791 100644
--- a/abstract_auth/abstract_auth.py
+++ b/abstract_auth/abstract_auth.py
@@ -3,6 +3,7 @@
 Using google authentication (with application)
 Using firebase authentication (with web)
 """
+
 import abc
 import datetime
 
@@ -79,10 +80,13 @@ def djb2(seed):
 
 
 class AbstractAuthentication(authentication.BaseAuthentication):
-    token_post_index_name= "id_token"
+    token_post_index_name = "id_token"
+
     def authenticate(self, request):
         auth_header = request.META.get("HTTP_AUTHORIZATION") or ""
-        id_token = request.data.get(self.token_post_index_name) or auth_header.split(" ").pop()
+        id_token = (
+            request.data.get(self.token_post_index_name) or auth_header.split(" ").pop()
+        )
         if not auth_header and not id_token:
             # return AnonymousUser, None
             return None
@@ -112,7 +116,7 @@ def authenticate(self, request):
         if not id_token or not decoded_token:
             return None
 
-        striped_user_name = authenticated_user['email'].split("@")[0]
+        striped_user_name = authenticated_user["email"].split("@")[0]
         # Let's add random chars after the stiped username
         # There may be the case where some@email1.com and some@email2.com users register
         # We will generate random string using the email as seed
@@ -130,15 +134,13 @@ def authenticate(self, request):
             defaults=defaults,
         )[0]
         avatar_url = authenticated_user.get("picture")
-        uid =authenticated_user.get("uid")
+        uid = authenticated_user.get("uid")
         full_name = authenticated_user.get("name")
         first_name = full_name.split(" ")[0]
         last_name = (
             " ".join(full_name.split(" ")[1:]) if len(full_name.split(" ")) > 1 else ""
         )
-        profile = self._get_or_create_profile(
-           user=user, uid=uid, avatar=avatar_url
-        )
+        profile = self._get_or_create_profile(user=user, uid=uid, avatar=avatar_url)
 
         if user.first_name != first_name or user.last_name != last_name:
             user.first_name = first_name
diff --git a/django_firebase_auth/__init__.py b/django_firebase_auth/__init__.py
index c70020d..7d7765a 100644
--- a/django_firebase_auth/__init__.py
+++ b/django_firebase_auth/__init__.py
@@ -1 +1 @@
-from .settings import *
\ No newline at end of file
+from .settings import *
diff --git a/django_firebase_auth/firebase_auth.py b/django_firebase_auth/firebase_auth.py
index fa98252..0bee1cd 100644
--- a/django_firebase_auth/firebase_auth.py
+++ b/django_firebase_auth/firebase_auth.py
@@ -11,15 +11,18 @@
 
 
 class FirebaseAuthentication(AbstractAuthentication):
-    token_post_index_name = 'firebase_auth_token'
-    def _get_or_create_profile(self, user, uid,avatar:str):
+    token_post_index_name = "firebase_auth_token"
+
+    def _get_or_create_profile(self, user, uid, avatar: str):
         return UserFirebaseProfile.objects.update_or_create(
             user=user,
             defaults={
                 "uid": uid,
                 "photo_url": avatar,
-            }
+            },
         )[0]
 
     def _verify_token(self, id_token):
-        return firebase_admin.auth.verify_id_token(id_token, check_revoked=False)
+        return firebase_admin.auth.verify_id_token(
+            id_token, check_revoked=True, clock_skew_seconds=5
+        )
diff --git a/django_firebase_auth/serializers/firebase_authentication_serializer.py b/django_firebase_auth/serializers/firebase_authentication_serializer.py
index cec69c3..f50b844 100644
--- a/django_firebase_auth/serializers/firebase_authentication_serializer.py
+++ b/django_firebase_auth/serializers/firebase_authentication_serializer.py
@@ -2,7 +2,6 @@
 from rest_framework import serializers
 
 
-
 class FirebaseAuthTokenSerializer(serializers.Serializer):
     firebase_auth_token = serializers.CharField()
 
@@ -12,4 +11,4 @@ def validate(self, attrs):
             msg = _('Must include "firebase_auth_token".')
             raise serializers.ValidationError(msg, code="authorization")
         attrs["user"] = self.context["user"]
-        return attrs
\ No newline at end of file
+        return attrs
diff --git a/django_firebase_auth/urls.py b/django_firebase_auth/urls.py
index 0f0a757..425dbc3 100644
--- a/django_firebase_auth/urls.py
+++ b/django_firebase_auth/urls.py
@@ -1,8 +1,8 @@
 from django.urls import path
 from django_firebase_auth.viewsets.firebase_auth_viewset import FirebaseAuthViewSet
 
-app_name = 'firebase_auth'
+app_name = "firebase_auth"
 urlpatterns = [
-    path('login/', FirebaseAuthViewSet.as_view(), name='login'),
+    path("login/", FirebaseAuthViewSet.as_view(), name="login"),
     # path('logout/', FirebaseAuthLogoutViewSet.as_view(), name='logout'),
 ]
diff --git a/django_firebase_auth/viewsets/firebase_auth_logout_viewset.py b/django_firebase_auth/viewsets/firebase_auth_logout_viewset.py
index 0996b97..7b3f726 100644
--- a/django_firebase_auth/viewsets/firebase_auth_logout_viewset.py
+++ b/django_firebase_auth/viewsets/firebase_auth_logout_viewset.py
@@ -10,4 +10,4 @@ def create(self, request):
         """
         This method is used to logout the user from the firebase.
         """
-        pass
\ No newline at end of file
+        pass
diff --git a/requirements.txt b/requirements.txt
index 0f4824a..07d354a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,5 @@
 setuptools
 django
 djangorestframework
-firebase-admin
+firebase-admin>=6.5.0
 supabase
\ No newline at end of file
diff --git a/setup.py b/setup.py
index d249716..121dd35 100644
--- a/setup.py
+++ b/setup.py
@@ -10,7 +10,7 @@
 
 setup(
     name="django-firebase-auth",
-    version="1.1.1",
+    version="1.1.2",
     packages=find_packages(),
     install_requires=["firebase-admin", "djangorestframework"],
     url="https://github.com/maycuatroi/django-firebase-auth",