Add JWT AUTH settings - EDUCATOR-1510

9d308ff8 · Mushtaq Ali · f8612e82 · 9d308ff8 · 9d308ff8 · 9d308ff8
Commit 9d308ff8 authored Sep 27, 2017 by Mushtaq Ali
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 4 deletions

VEDA/settings/base.py
+10 -0

VEDA/settings/local.py
+7 -0

VEDA/settings/production.py
+1 -1

instance_config.yaml
+8 -0

requirements.txt
+4 -3

No files found.
--- a/VEDA/settings/base.py
+++ b/VEDA/settings/base.py
@@ -110,6 +110,15 @@ DATABASES = {
    }
 }
+# NOTE: JWT_SECRET_KEY is intentionally not set here to avoid production releases with a public value.
+# Set a value in a downstream settings file.
+JWT_AUTH = {
+    'JWT_AUDIENCE': 'video-pipeline',
+    'JWT_ISSUER': 'video-pipeline',
+    'JWT_DECODE_HANDLER': 'edx_rest_framework_extensions.utils.jwt_decode_handler',
+    'JWT_VERIFY_AUDIENCE': False,
+}
 REST_FRAMEWORK = {
    'PAGE_SIZE': 10,
    'DEFAULT_PARSER_CLASSES': (
@@ -119,6 +128,7 @@ REST_FRAMEWORK = {
        'rest_framework.permissions.IsAuthenticated',
    ),
    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'edx_rest_framework_extensions.authentication.JwtAuthentication',
        'oauth2_provider.ext.rest_framework.OAuth2Authentication',
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',

--- a/VEDA/settings/local.py
+++ b/VEDA/settings/local.py
@@ -17,6 +17,13 @@ DATABASES = {
 }
 # END DATABASE CONFIGURATION
+JWT_AUTH.update({
+    'JWT_SECRET_KEY': 'lms-secret',
+    'JWT_ISSUER': 'http://127.0.0.1:8000/oauth2',
+    'JWT_AUDIENCE': 'lms-key',
+    'JWT_VERIFY_AUDIENCE': False
+})
 # See if the developer has any local overrides.
 if os.path.isfile(os.path.join(os.path.dirname(os.path.abspath(__file__)), 'private.py')):
    from .private import *  # pylint: disable=import-error, wildcard-import
--- a/VEDA/settings/production.py
+++ b/VEDA/settings/production.py
@@ -10,7 +10,7 @@ ALLOWED_HOSTS = ['*']
 # Keep track of the names of settings that represent dicts. Instead of overriding the values in base.py,
 # the values read from disk should UPDATE the pre-configured dicts.
-DICT_UPDATE_KEYS = ('DATABASES', 'SECRET_KEY', 'STATIC_ROOT_PATH')
+DICT_UPDATE_KEYS = ('DATABASES', 'SECRET_KEY', 'STATIC_ROOT_PATH', 'JWT_AUTH')
 CONFIG_DATA = get_config()
 # Remove the items that should be used to update dicts, and apply them separately rather

--- a/instance_config.yaml
+++ b/instance_config.yaml
@@ -25,6 +25,14 @@ SECRET_KEY: ""
 # (set to false in prod)
 debug: false
+# JWT AUTH settings
+JWT_AUTH:
+    JWT_SECRET_KEY':
+    JWT_ISSUER':
+    JWT_AUDIENCE':
+    JWT_VERIFY_AUDIENCE':
 # ---
 # AWS Buckets, Prefixes
 # ---

--- a/requirements.txt
+++ b/requirements.txt
 django==1.9
 djangorestframework==3.6.4
 django-cors-headers
-django-oauth-toolkit==0.11.0
-django-model-utils==3.0.0
 django-filter==1.0.4
+django-model-utils==3.0.0
+django-oauth-toolkit==0.11.0
+edx-drf-extensions==1.2.3
+edx-opaque-keys==0.4
 newrelic
 uwsgi
 pysftp
@@ -12,7 +14,6 @@ pyyaml
 requests==2.18.1
 celery==3.1.18
 pysrt==1.1.1
-edx-opaque-keys==0.4
 MySQL-python==1.2.5
 gunicorn==0.17.4
 gevent==1.2.2