From 1fa7e96969446d2f421fc9c247b2228726d1576d Mon Sep 17 00:00:00 2001
From: Stefan Borer <stefan.borer@adfinis-sygroup.ch>
Date: Fri, 7 Feb 2020 14:48:36 +0100
Subject: [PATCH] chore(deps): switch to djangorestframework-simplejwt

Drop djangorestframework-jwt in favour of -simplejwt as it's no longer maintained.
See: https://github.com/jpadilla/django-rest-framework-jwt/issues/484
---
 requirements.txt      |  2 +-
 timed/settings.py     | 13 ++++++-------
 timed/tests/client.py | 15 +++++----------
 timed/urls.py         |  6 +++---
 4 files changed, 15 insertions(+), 21 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 08092095..220940e4 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,7 +4,7 @@ django-auth-ldap==2.1.0
 django-filter==2.2.0
 django-multiselectfield==0.1.11
 djangorestframework==3.11.0
-djangorestframework-jwt==1.11.0
+djangorestframework-simplejwt==4.4.0
 djangorestframework-jsonapi==3.0.0
 psycopg2-binary==2.8.4
 pytz==2019.3
diff --git a/timed/settings.py b/timed/settings.py
index 3bf154ea..c2af1a5c 100644
--- a/timed/settings.py
+++ b/timed/settings.py
@@ -153,8 +153,7 @@ def default(default_dev=env.NOTSET, default_prod=env.NOTSET):
     "DEFAULT_PARSER_CLASSES": ("rest_framework_json_api.parsers.JSONParser",),
     "DEFAULT_PERMISSION_CLASSES": ("rest_framework.permissions.IsAuthenticated",),
     "DEFAULT_AUTHENTICATION_CLASSES": (
-        "rest_framework_jwt.authentication.JSONWebTokenAuthentication",
-        "rest_framework.authentication.SessionAuthentication",
+        "rest_framework_simplejwt.authentication.JWTAuthentication",
     ),
     "DEFAULT_METADATA_CLASS": "rest_framework_json_api.metadata.JSONAPIMetadata",
     "EXCEPTION_HANDLER": "rest_framework_json_api.exceptions.exception_handler",
@@ -187,11 +186,11 @@ def default(default_dev=env.NOTSET, default_prod=env.NOTSET):
 
 AUTH_USER_MODEL = "employment.User"
 
-JWT_AUTH = {
-    "JWT_EXPIRATION_DELTA": datetime.timedelta(days=2),
-    "JWT_ALLOW_REFRESH": True,
-    "JWT_REFRESH_EXPIRATION_DELTA": datetime.timedelta(days=7),
-    "JWT_AUTH_HEADER_PREFIX": "Bearer",
+SIMPLE_AUTH = {
+    "ACCESS_TOKEN_LIFETIME": datetime.timedelta(days=2),
+    "REFRESH_TOKEN_LIFETIME": datetime.timedelta(days=7),
+    # TODO check if this is ROTATE_REFRESH_TOKENS
+    # "JWT_ALLOW_REFRESH": True,
 }
 
 AUTH_PASSWORD_VALIDATORS = [
diff --git a/timed/tests/client.py b/timed/tests/client.py
index 9c0bcc2a..eedcf483 100644
--- a/timed/tests/client.py
+++ b/timed/tests/client.py
@@ -5,7 +5,6 @@
 from django.urls import reverse
 from rest_framework import exceptions, status
 from rest_framework.test import APIClient
-from rest_framework_jwt.settings import api_settings
 
 
 class JSONAPIClient(APIClient):
@@ -40,7 +39,7 @@ def post(self, path, data=None, **kwargs):
             path=path,
             data=self._parse_data(data),
             content_type=self._content_type,
-            **kwargs
+            **kwargs,
         )
 
     def delete(self, path, data=None, **kwargs):
@@ -53,7 +52,7 @@ def delete(self, path, data=None, **kwargs):
             path=path,
             data=self._parse_data(data),
             content_type=self._content_type,
-            **kwargs
+            **kwargs,
         )
 
     def patch(self, path, data=None, **kwargs):
@@ -66,7 +65,7 @@ def patch(self, path, data=None, **kwargs):
             path=path,
             data=self._parse_data(data),
             content_type=self._content_type,
-            **kwargs
+            **kwargs,
         )
 
     def login(self, username, password):
@@ -79,7 +78,7 @@ def login(self, username, password):
         data = {
             "data": {
                 "attributes": {"username": username, "password": password},
-                "type": "obtain-json-web-tokens",
+                "type": "token-obtain-pair-views",
             }
         }
 
@@ -88,8 +87,4 @@ def login(self, username, password):
         if response.status_code != status.HTTP_200_OK:
             raise exceptions.AuthenticationFailed()
 
-        self.credentials(
-            HTTP_AUTHORIZATION="{0} {1}".format(
-                api_settings.JWT_AUTH_HEADER_PREFIX, response.data["token"]
-            )
-        )
+        self.credentials(HTTP_AUTHORIZATION=f"Bearer {response.data['access']}")
diff --git a/timed/urls.py b/timed/urls.py
index 4277f1b8..bc0f76d9 100644
--- a/timed/urls.py
+++ b/timed/urls.py
@@ -2,12 +2,12 @@
 
 from django.conf.urls import include, url
 from django.contrib import admin
-from rest_framework_jwt.views import obtain_jwt_token, refresh_jwt_token
+from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView
 
 urlpatterns = [
     url(r"^admin/", admin.site.urls),
-    url(r"^api/v1/auth/login", obtain_jwt_token, name="login"),
-    url(r"^api/v1/auth/refresh", refresh_jwt_token, name="refresh"),
+    url(r"^api/v1/auth/login", TokenObtainPairView.as_view(), name="login"),
+    url(r"^api/v1/auth/refresh", TokenRefreshView.as_view(), name="refresh"),
     url(r"^api/v1/", include("timed.employment.urls")),
     url(r"^api/v1/", include("timed.projects.urls")),
     url(r"^api/v1/", include("timed.tracking.urls")),