Django simplejwt validate token

I am implementing authentication with Django simpleJwt, and have a question.

I want to create something with Client's jwt token. I use methods provided from simpleJwt to validate and decode jwt token.

class AccountBookAPIView(APIView):
    def post(self, request):
        jwt_authenticator = JWTAuthentication()
        raw_access_token = request.META.get('access_token')
        validated_token = jwt_authenticator.get_validated_token(raw_access_token)
        user = jwt_authenticator.get_user(validated_token)

However, I doubt that some methods really validate token. So I checked the method's implementation. Below is the code for question.

    def get_validated_token(self, raw_token):
        """
        Validates an encoded JSON web token and returns a validated token
        wrapper object.
        """
        messages = []
        for AuthToken in api_settings.AUTH_TOKEN_CLASSES:
            try:
                return AuthToken(raw_token)
            except TokenError as e:
                messages.append(
                    {
                        "token_class": AuthToken.__name__,
                        "token_type": AuthToken.token_type,
                        "message": e.args[0],
                    }
                )

        raise InvalidToken(
            {
                "detail": _("Given token not valid for any token type"),
                "messages": messages,
            }
        )

# this class is AuthToken in my opinion.

class AccessToken(Token):
    token_type = "access"
    lifetime = api_settings.ACCESS_TOKEN_LIFETIME

I can't find the point that validate token from Database. It looks like just construction of token for me. Don't I need to check token in the Database(blacklist and outstanding tokens)?

Plz help me. Any answer is welcome.

Below is my settings.py

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    
    # my apps
    'members',
    'account_books',

    # additional libraries
    'rest_framework',
    'rest_framework_simplejwt',
    'rest_framework_simplejwt.token_blacklist',
]
REST_FRAMEWORK ={
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticated',
    ),
    'DEFAULT_AUTHENTICATION_CLASSES':(
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    )
}
SIMPLE_JWT = {
    'ACCESS_TOKEN_LIFETIME': timedelta(days=1),
    'REFRESH_TOKEN_LIFETIME': timedelta(days=7),
    'ROTATE_REFRESH_TOKENS': True,
    'BLACKLIST_AFTER_ROTATION': True,
    'USER_ID_FIELD' : 'member_id',
}

Recent Questions & Answers

django project - how to combine two different types of databases (sqlite3 to mssql)

Django: Count forloop.first only if a second if condition is met

Как изменить код теста исходя из замечаний ревьюера?

Django queryset to list of ids with integer values

celery 'function' object has no attribute 'delay' how to get return value after delay?

Why my "friends_list" remains empty when my Django signal is triggered?

Django create update form with pre filled data from database

__init__() got multiple values for argument 'user'

django.db.utils.OperationalError: could not connect to server: Connection refused Ubuntu

Django Фильтр по цене

Django simplejwt validate token

Recent Questions & Answers

Recommended entries on the topic