search

jpadilla / django-rest-framework-jwt

JSON Web Token Authentication support for Django REST Framework
http://jpadilla.github.io/django-rest-framework-jwt/
MIT License
3.19k stars 650 forks source link

why didn't update last_login? #427

Closed youshutong2080 closed 5 years ago

youshutong2080 commented 6 years ago

in the ObtainJSONWebToken didn't update the field last_login, why?

drakenation commented 6 years ago

I support this issue. Even though #235 was closed, it didn't provide a good solution. Altering the library itself seems a dumb way to do it when it could be easily implemented in 2 lines using a signal or a setting parameter.

meigea commented 5 years ago

you don't make the user.save() so that the last_login is just a temp value here. you can rewrite jwt/serriliazers.py by yourself;

user.last_login = datetime.now()
user.save()

Add-Location

dudanogueira commented 5 years ago

Here it goes:

It would be nice to have a configurable setting to enable/disable this fuctionality, or at least a signal so you can dispatch it from.

from rest_framework_jwt.settings import api_settings
from django.utils import timezone
jwt_response_payload_handler = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER
from rest_framework.response import Response
from datetime import datetime
from rest_framework import status

class MeuObtainJSONWebToken(ObtainJSONWebToken):
    def post(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)

        if serializer.is_valid():
            user = serializer.object.get('user') or request.user
            user.last_login = timezone.now()
            user.save(update_fields=['last_login'])
            token = serializer.object.get('token')
            response_data = jwt_response_payload_handler(token, user, request)
            response = Response(response_data)
            if api_settings.JWT_AUTH_COOKIE:
                expiration = (datetime.utcnow() +
                              api_settings.JWT_EXPIRATION_DELTA)
                response.set_cookie(api_settings.JWT_AUTH_COOKIE,
                                    token,
                                    expires=expiration,
                                    httponly=True)
            return response

        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

obtain_jwt_token = MeuObtainJSONWebToken.as_view()
cburza commented 5 years ago

I agree. I don't like copying an entire class just to add two lines of code. I think this should fire signal, or at least provide an overrideable method where one can easily fire a signal or update a user's last login timestamp.

youshutong2080 commented 5 years ago

em....