takahe/api/models/token.py
Cosmin Stejerean efd5f481e9
OAuth2 Fixes (#338)
This implements a few oauth2 fixes:

- passes along the state object
- enforces authorization code expiration (currently set to 1 minute, we could make this configurable)
- enforces redirect_uri
- properly checks for client_secret when granting a token
- handles pulling client authentication for token grant from basic auth
- implement token revocation
2023-01-01 11:46:55 -07:00

38 lines
896 B
Python

from django.db import models
class Token(models.Model):
"""
An (access) token to call the API with.
Can be either tied to a user, or app-level only.
"""
application = models.ForeignKey(
"api.Application",
on_delete=models.CASCADE,
related_name="tokens",
)
user = models.ForeignKey(
"users.User",
blank=True,
null=True,
on_delete=models.CASCADE,
related_name="tokens",
)
identity = models.ForeignKey(
"users.Identity",
blank=True,
null=True,
on_delete=models.CASCADE,
related_name="tokens",
)
token = models.CharField(max_length=500, unique=True)
scopes = models.JSONField()
created = models.DateTimeField(auto_now_add=True)
updated = models.DateTimeField(auto_now=True)
revoked = models.DateTimeField(blank=True, null=True)