Circular imports

[Ptosiek]

Hello, Thanks you for the app! Have been playing a bit with it and started to tweak it a bit/lot. You might have spotted already but there's a circular import that makes extending the app not so easy. utils.py and authentication.py are importing each other because of get_jwt_value. Not really satisfied by any of those but possible fixes might be: Remove it from util and use JSONWebTokenAuthentication().get_jwt_value() in decorators/rest of the app Keep it in utils, switch the import to 'from rest_framework_jwt.authentication import JSONWebTokenAuthentication', (then do not forget to override get_jwt_value in Auth0JSONWebTokenAuthentication with a call to this). Unrelated question here: Why Auth0JSONWebTokenAuthentication inherits from RemoteBackend ?

[mcueto]

I really don't know whats the best way to do this but i think that we could think about it all this week and get a real fix to this from now to Friday or Saturday if you want to.

Unrelated answer: RemoteUserBackend is used to allow users external to Django to authenticate against a Django app, i think that is a good practice but @Snake575 included that backend recently so probably he can give us a more appropriate answer.

Thanks for contribute and don't forget to star and share this project :)

[Ptosiek]

I'm in. Actually, I made some changes, notably to address #17, so we can talk about it too.

[snake575]

Hi!

Circular imports: I took a look and modified the code a little bit, to eliminate the circular import I deleted get_jwt_value on the utils module, to acomodate this, made HasRoleBasePermission inherit from Auth0JSONWebTokenAuthentication, so now it can use a new method on it called get_payload, which takes advantage JWT's JSONWebTokenAuthentication.authenticate, which in turn manages jwt_decode_handler errors and returns a validated jwt_value to retrive the payload. (decorators is more broken than ever now).

RemoteUserBackend RemoteUserBackend is Django's default interface to use an external authentication source (Docs). When I discovered it, I noticed that the class implements many features that are useful to our problem: authenticate, create_unknown_user, clean_username ... . If you look at RemoteBackend.authenticate, it has much in common whith @mcueto original implementation, so I included it and reimplemented authenticate to resemble the one on RemoteUserBackend.

The code is on #21

[mcueto]

@xnegativx can you give us comments about #21 please!

[mcueto]

Fixed!