Open pwistbac opened 6 years ago
Do you see any potential problems with implementing a view such as the one below, which lets consumers of the API refresh their jwt token with a GET call?
class RefreshJSONWebTokenGet(RefreshJSONWebToken): def get(self, request, *args, **kwargs): token_from_header = request.META['HTTP_AUTHORIZATION'].split(' ')[-1] request_token = {'token': token_from_header} serializer = self.get_serializer(data=request_token) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = api_settings.JWT_RESPONSE_PAYLOAD_HANDLER(token, user, request) response = Response(response_data) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
Do you see any potential problems with implementing a view such as the one below, which lets consumers of the API refresh their jwt token with a GET call?