Search code examples
djangodjango-rest-frameworkjwtdjango-rest-framework-jwt

Modifying jwt access token expiry time in django using simplejwt module

from rest_framework_simplejwt.serializers import TokenObtainPairSerializer

from rest_framework_simplejwt.views import TokenObtainPairView

from rest_framework_simplejwt.utils import datetime_to_epoch

SUPERUSER_LIFETIME = datetime.timedelta(minutes=1)

class MyTokenObtainPairSerializer(TokenObtainPairSerializer):

@classmethod
def get_token(cls, user):        
    token = super(MyTokenObtainPairSerializer, cls).get_token(user)
    token['name']       = user.username
    token['user_id']    = user.id

    if user.is_superuser:
        #token.set_exp(from_time=starttime,lifetime=SUPERUSER_LIFETIME)
        token.payload['exp'] = datetime_to_epoch(token.current_time + SUPERUSER_LIFETIME)

    return token

class MyTokenObtainPairView(TokenObtainPairView):
     serializer_class = MyTokenObtainPairSerializer

i have tried this code (followed this link: How can we assign different expiry time to different users in jwt tokens in django ). This code updates the expiry time of refresh token but i want to update expiry time of access token in django using simplejwt module. any suggestions please.

Solution

  • I just made a quick look to simplejwt github's page and you can customize some settings in your settings.py file;

    SIMPLE_JWT = {
    'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5),
}

    Updated Answer Based On Comment

    thanks for response . but i want set globally jwt expiry time and later based on role , i want to override that expiry time . how is it possible??

    As you say, you have to override default token generator method. But how?

    First, create your own token obtain view that inherited from TokenObtainPairView and your own token obtain serializer that inherited from TokenObtainPairSerializer. After that, you can see that validate method create access and refresh tokens, so also you must override that method if you want to create token based on user role etc. After these steps you also have to change your urls.py.

    Example;

    import datetime

from django.utils.six import text_type

from rest_framework_simplejwt.views import TokenObtainPairView
from rest_framework_simplejwt.serializers import TokenObtainPairSerializer

SUPERUSER_LIFETIME = datetime.timedelta(minutes=1)


class MyTokenObtainSerializer(TokenObtainPairSerializer):
    def validate(self, attrs):
        data = super(TokenObtainPairSerializer, self).validate(attrs)
        refresh = self.get_token(self.user)
        data['refresh'] = text_type(refresh)
        if self.user.is_superuser:
            new_token = refresh.access_token
            new_token.set_exp(lifetime=SUPERUSER_LIFETIME)
            data['access'] = text_type(new_token)
        else:
            data['access'] = text_type(refresh.access_token)
        return data


class MyTokenObtainView(TokenObtainPairView):
    serializer_class = MyTokenObtainSerializer

    urls.py

    urlpatterns = [
    path('api/token/', MyTokenObtainView.as_view(), name='token_obtain_pair')
]