[JWT] Map database access control to django auth system

f1fc7a62 · sim · 0ef8069e · f1fc7a62 · f1fc7a62
Commit f1fc7a62 authored Oct 12, 2017 by sim
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 3 deletions

settings.py gargantext/settings.py +2 -1

jwt.py gargantext/util/jwt.py +3 -2

No files found.
--- a/gargantext/settings.py
+++ b/gargantext/settings.py
@@ -126,7 +126,8 @@ JWT_AUTH = {
    'JWT_AUTH_HEADER_PREFIX': 'Bearer',
 }

-ROLE_ADMIN = 'gargantua'
+ROLE_SUPERUSER = 'gargantua'
+ROLE_STAFF = 'gargandmin'
 ROLE_USER = 'gargantext'

 # Static files (CSS, JavaScript, Images)

--- a/gargantext/util/jwt.py
+++ b/gargantext/util/jwt.py
@@ -7,9 +7,10 @@ from .dates import datetime
 def jwt_payload_handler(user):
    username = user.username
    payload = {
-        'user_id': user.pk,
-        'role': settings.ROLE_ADMIN if username == settings.ROLE_ADMIN else \
+        'role': settings.ROLE_SUPERUSER if user.is_superuser else \
+                settings.ROLE_STAFF if user.is_staff else \
                settings.ROLE_USER,
+        'user_id': user.pk,
        'username': username,
        'exp': datetime.now() + api_settings.JWT_EXPIRATION_DELTA
    }