Merge branch 'master' into master

Author: auvipy

CHANGELOG.md

@@ -1,3 +1,42 @@
+## Version 4.7
+
+* Added Italian translations ([#342](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/342))
+* Fixed DRF app registry bug, specifically `django.core.exceptions.AppRegistryNotReady`
+  ([#331](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/331))
+* Fixed support for PyJWT>=2.0.0 ([#376](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/376))
+
+## Version 4.6
+
+* Added support for PyJWT>=2.0.0 ([#329](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/329))
+* Restored Python 3.7 support ([#332](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/332))
+* Added Indonesian translations ([#316](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/316))
+* Fixed Django 4.0 re_path deprecation ([#280](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/280))
+
+## Version 4.5
+
+* Added `AUTH_HEADER_NAME` to settings ([#309](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/309))
+* Added `USER_AUTHENTICATION_RULE` to settings ([#279](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/279))
+* Added `UPDATE_LAST_LOGIN` to settings ([#238](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/238))
+* Fixed packaging of locale folder for installation ([#117](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/117))
+* Allowed TokenUser to be configurable ([#172](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/172))
+* Dropped Python 3.7 and below (restored Python 3.7 but not 3.6 in next version) 
+* Improved error message if cryptography isn't installed
+  when developer tries to use a certain algorithm that needs the package
+  ([#285](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/285))
+* Fixed Django 4.0 ugettext_lazy deprecation warnings ([#186](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/186))
+* Remove upper bound of Python version ([#225](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/225))
+* Added DRF 3.11 support ([#230](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/230))
+
+Translations:
+* Added French translations ([#314](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/314))
+* Added Spanish translations ([#294](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/294))
+* Added Argentinian Spanish translations ([#244](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/244))
+* Added Persian translations ([#220](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/220))
+* Added German translations ([#198](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/198))
+* Added Czech translations ([#188](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/188))
+* Added Polish translations ([#166](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/166))
+* Fixed incorrect language encoding from de_CH to es_CL ([#299](https://github.com/SimpleJWT/django-rest-framework-simplejwt/pull/299))
+
 ## Version 4.4
 
 * Added official support for Python 3.8 and Django 3.0.

docs/development_and_contributing.rst

@@ -12,6 +12,12 @@ directory:
   pip install --upgrade pip setuptools
   pip install -e .[dev]
 
+If you're running a Mac and/or with zsh, you need to escape the brackets:
+
+.. code-block:: bash
+
+  pip install -e .\[dev\]
+
 To run the tests:
 
 .. code-block:: bash

docs/settings.rst

@@ -31,6 +31,7 @@ Some of Simple JWT's behavior can be customized through settings variables in
       'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
       'USER_ID_FIELD': 'id',
       'USER_ID_CLAIM': 'user_id',
+      'USER_AUTHENTICATION_RULE': 'rest_framework_simplejwt.authentication.default_user_authentication_rule',
 
       'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
       'TOKEN_TYPE_CLAIM': 'token_type',
@@ -77,7 +78,7 @@ When set to ``True``, causes refresh tokens submitted to the
 ``TokenRefreshView`` to be added to the blacklist if the blacklist app is in
 use and the ``ROTATE_REFRESH_TOKENS`` setting is set to ``True``.
 You need to add ``'rest_framework_simplejwt.token_blacklist',`` to your 
-``INSTALLED_APPS`` in the settings file to use this settings.
+``INSTALLED_APPS`` in the settings file to use this setting.
 
 Learn more about :doc:`/blacklist_app`.
 
@@ -159,7 +160,12 @@ collection will be used to build the "WWW-Authenticate" header in the response.
 ``AUTH_HEADER_NAME``
 ----------------------------
 
-The authorization header name to be used for authentication. The default is ``HTTP_AUTHORIZATION`` which will accept the ``Authorization`` header in the request. For example if you'd like to use ``X_Access_Token`` in the header of your requests please specify the ``AUTH_HEADER_NAME`` to be ``HTTP_X_ACCESS_TOKEN`` in your settings.
+The authorization header name to be used for authentication.
+The default is ``HTTP_AUTHORIZATION`` which will accept the
+``Authorization`` header in the request. For example if you'd
+like to use ``X_Access_Token`` in the header of your requests
+please specify the ``AUTH_HEADER_NAME`` to be
+``HTTP_X_ACCESS_TOKEN`` in your settings.
 
 ``USER_ID_FIELD``
 -----------------
@@ -180,6 +186,15 @@ The claim in generated tokens which will be used to store user identifiers.
 For example, a setting value of ``'user_id'`` would mean generated tokens
 include a "user_id" claim that contains the user's identifier.
 
+``USER_AUTHENTICATION_RULE``
+----------------------------
+
+Callable to determine if the user is permitted to authenticate. This rule
+is applied after a valid token is processed. The user object is passed
+to the callable as an argument. The default rule is to check that the ``is_active``
+flag is still ``True``. The callable must return a boolean, ``True`` if authorized,
+``False`` otherwise resulting in a 401 status code.
+
 ``AUTH_TOKEN_CLASSES``
 ----------------------
 

rest_framework_simplejwt/__init__.py

@@ -1 +1 @@
-__version__ = '3.3'
+__version__ = '4.7.0'

rest_framework_simplejwt/backends.py

@@ -65,9 +65,11 @@ def decode(self, token, verify=True):
         signature check fails, or if its 'exp' claim indicates it has expired.
         """
         try:
-            return jwt.decode(token, self.verifying_key, algorithms=[self.algorithm], verify=verify,
-                              audience=self.audience, issuer=self.issuer,
-                              options={'verify_aud': self.audience is not None})
+            return jwt.decode(
+                token, self.verifying_key, algorithms=[self.algorithm], verify=verify,
+                audience=self.audience, issuer=self.issuer,
+                options={'verify_aud': self.audience is not None, "verify_signature": verify}
+            )
         except InvalidAlgorithmError as ex:
             raise TokenBackendError(_('Invalid algorithm specified')) from ex
         except InvalidTokenError:

rest_framework_simplejwt/locale/cs/LC_MESSAGES/django.po

@@ -4,54 +4,58 @@ msgid ""
 msgstr ""
 "Project-Id-Version: djangorestframework_simplejwt\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2019-12-11 15:44+0200\n"
+"POT-Creation-Date: 2021-02-22 17:30+0100\n"
 "Last-Translator: Lukáš Rod <info@lukasrod.cz>\n"
 "Language: cs\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: authentication.py:76
+#: authentication.py:79
 msgid "Authorization header must contain two space-delimited values"
-msgstr ""
-"Autorizační hlavička musí obsahovat dvě hodnoty oddělené mezerou"
+msgstr "Autorizační hlavička musí obsahovat dvě hodnoty oddělené mezerou"
 
-#: authentication.py:97
+#: authentication.py:100
 msgid "Given token not valid for any token type"
 msgstr "Daný token není validní pro žádný typ tokenu"
 
-#: authentication.py:108 authentication.py:130
+#: authentication.py:111 authentication.py:133
 msgid "Token contained no recognizable user identification"
 msgstr "Token neobsahoval žádnou rozpoznatelnou identifikaci uživatele"
 
-#: authentication.py:113
+#: authentication.py:116
 msgid "User not found"
 msgstr "Uživatel nenalezen"
 
-#: authentication.py:116
+#: authentication.py:119
 msgid "User is inactive"
 msgstr "Uživatel není aktivní"
 
-#: backends.py:21
+#: backends.py:37
 msgid "Unrecognized algorithm type '{}'"
 msgstr "Nerozpoznaný typ algoritmu '{}'"
 
-#: backends.py:58 exceptions.py:38 tokens.py:44
+#: backends.py:40
+msgid "You must have cryptography installed to use {}."
+msgstr ""
+
+#: backends.py:74
+msgid "Invalid algorithm specified"
+msgstr ""
+
+#: backends.py:76 exceptions.py:38 tokens.py:44
 msgid "Token is invalid or expired"
 msgstr "Token není validní nebo vypršela jeho platnost"
 
 #: serializers.py:24
 msgid "No active account found with the given credentials"
-msgstr ""
-"Žádný aktivní účet s danými údaji nebyl nalezen"
+msgstr "Žádný aktivní účet s danými údaji nebyl nalezen"
 
-#: settings.py:57
+#: settings.py:63
 msgid ""
 "The '{}' setting has been removed. Please refer to '{}' for available "
 "settings."
-msgstr ""
-"Nastavení '{}' bylo odstraněno. "
-"Dostupná nastavení jsou v '{}'"
+msgstr "Nastavení '{}' bylo odstraněno. Dostupná nastavení jsou v '{}'"
 
 #: token_blacklist/admin.py:72
 msgid "jti"

rest_framework_simplejwt/locale/de_CH/LC_MESSAGES/django.po

@@ -4,32 +4,32 @@ msgid ""
 msgstr ""
 "Project-Id-Version: djangorestframework_simplejwt\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-09-04 15:19-0600\n"
+"POT-Creation-Date: 2021-02-22 17:30+0100\n"
 "Last-Translator: rene <rene@matraxi.ch>\n"
 "Language: de_CH\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=(n > 1);\n"
 
-#: authentication.py:75
+#: authentication.py:79
 msgid "Authorization header must contain two space-delimited values"
 msgstr ""
 "Der Authorizationheader muss zwei leerzeichen-getrennte Werte enthalten"
 
-#: authentication.py:96
+#: authentication.py:100
 msgid "Given token not valid for any token type"
 msgstr "Der Token ist für keinen Tokentyp gültig"
 
-#: authentication.py:107 authentication.py:129
+#: authentication.py:111 authentication.py:133
 msgid "Token contained no recognizable user identification"
 msgstr "Token enthält keine erkennbare Benutzeridentifikation"
 
-#: authentication.py:112
+#: authentication.py:116
 msgid "User not found"
 msgstr "Benutzer nicht gefunden"
 
-#: authentication.py:115
+#: authentication.py:119
 msgid "User is inactive"
 msgstr "Inaktiver Benutzer"
 
@@ -41,19 +41,19 @@ msgstr "Unerkannter Algorithmustyp '{}'"
 msgid "You must have cryptography installed to use {}."
 msgstr ""
 
-#: backends.py:68
+#: backends.py:74
 msgid "Invalid algorithm specified"
 msgstr ""
 
-#: backends.py:70 exceptions.py:38 tokens.py:44
+#: backends.py:76 exceptions.py:38 tokens.py:44
 msgid "Token is invalid or expired"
 msgstr "Ungültiger oder abgelaufener Token"
 
-#: serializers.py:29
+#: serializers.py:24
 msgid "No active account found with the given credentials"
 msgstr "Kein aktiver Account mit diesen Zugangsdaten gefunden"
 
-#: settings.py:60
+#: settings.py:63
 msgid ""
 "The '{}' setting has been removed. Please refer to '{}' for available "
 "settings."

rest_framework_simplejwt/locale/es/LC_MESSAGES/django.po

@@ -4,32 +4,32 @@ msgid ""
 msgstr ""
 "Project-Id-Version: djangorestframework_simplejwt\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-08-24 15:35-0500\n"
+"POT-Creation-Date: 2021-02-22 17:30+0100\n"
 "Last-Translator: zeack <zeack@protonmail.com>\n"
 "Language: es\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
 
-#: authentication.py:75
+#: authentication.py:79
 msgid "Authorization header must contain two space-delimited values"
 msgstr ""
 "El encabezado 'Authorization' debe contener valores delimitados por espacios"
 
-#: authentication.py:96
+#: authentication.py:100
 msgid "Given token not valid for any token type"
 msgstr "El token dado no es valido para ningun tipo de token"
 
-#: authentication.py:107 authentication.py:129
+#: authentication.py:111 authentication.py:133
 msgid "Token contained no recognizable user identification"
 msgstr "El token no contenía identificación de usuario reconocible"
 
-#: authentication.py:112
+#: authentication.py:116
 msgid "User not found"
 msgstr "Usuario no encontrado"
 
-#: authentication.py:115
+#: authentication.py:119
 msgid "User is inactive"
 msgstr "El usuario está inactivo"
 
@@ -41,19 +41,19 @@ msgstr "Tipo de algoritmo no reconocido '{}'"
 msgid "You must have cryptography installed to use {}."
 msgstr "Debe tener criptografía instalada para usar {}."
 
-#: backends.py:68
+#: backends.py:74
 msgid "Invalid algorithm specified"
 msgstr "Algoritmo especificado no válido"
 
-#: backends.py:70 exceptions.py:38 tokens.py:44
+#: backends.py:76 exceptions.py:38 tokens.py:44
 msgid "Token is invalid or expired"
 msgstr "El token es inválido o ha expirado"
 
-#: serializers.py:29
+#: serializers.py:24
 msgid "No active account found with the given credentials"
 msgstr "La combination de credenciales no tiene una cuenta activa"
 
-#: settings.py:60
+#: settings.py:63
 msgid ""
 "The '{}' setting has been removed. Please refer to '{}' for available "
 "settings."