updates to JWT auth

everytime a JWT is verified it now stores the users details in Users ORM, if user already exists, details are updated
Taseen18 · Mar 26, 2024 · 910495b · 910495b
1 parent 775868e
commit 910495b
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 5 deletions.
diff --git a/backend/to_do_list/__pycache__/authentication.cpython-311.pyc b/backend/to_do_list/__pycache__/authentication.cpython-311.pyc
diff --git a/backend/to_do_list/authentication.py b/backend/to_do_list/authentication.py
@@ -1,4 +1,3 @@
-# authentication.py in your Django app
 from django.contrib.auth.models import User
 from django.conf import settings
 from rest_framework import authentication, exceptions
@@ -15,11 +14,28 @@ def authenticate(self, request):
         try:
             payload = jwt.decode(token, settings.SUPABASE_SECRET_KEY, algorithms=['HS256'], audience='authenticated')
             user_id = payload['sub']
-            user, created = User.objects.get_or_create(username=user_id, defaults={'first_name': 'SupabaseUser'})
+            email = payload.get('email', '')
+            first_name = payload.get('user_metadata', {}).get('first_name', '')
+            last_name = payload.get('user_metadata', {}).get('last_name', '')
+
+            # Check if the user exists and update/create accordingly
+            user, created = User.objects.get_or_create(username=user_id, defaults={
+                'first_name': first_name,
+                'last_name': last_name,
+                'email': email
+            })
+
+            # If the user was not created (i.e., it already exists), update its details
+            if not created:
+                user.first_name = first_name
+                user.last_name = last_name
+                user.email = email
+                user.save()
+
             if created:
-                print("\nuser created")
+                print("\nNew user authenticated and created")
             else:
-                print("\nuser authenticated")
+                print("User authenticated")
 
             return (user, token)
 
@@ -28,4 +44,4 @@ def authenticate(self, request):
         except jwt.InvalidTokenError:
             raise exceptions.AuthenticationFailed('Invalid token')
         except Exception as e:
-            raise exceptions.AuthenticationFailed('Unexpected error during authentication', e)
+            raise exceptions.AuthenticationFailed(f'Unexpected error during authentication: {e}')