Merge pull request #2 from chessbr/sample

Add sample project link
chessbr · Oct 29, 2017 · b6a66d4 · b6a66d4
2 parents 322872e + 87597ea
commit b6a66d4
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -37,6 +37,10 @@ REST_JWT_PERMISSION = {
 
 Now you can use `JWTAPIPermission` class in your API Views through `permission_classes` property or even setting it as the default permission class in your [settings](http://www.django-rest-framework.org/api-guide/permissions/#setting-the-permission-policy)
 
+### Example
+
+For a more pratical example, check **[rest-jwt-permission-example](https://github.com/chessbr/rest-jwt-permission-example)**.
+
 ## Motivation
 
 Inspired by GitHub [Personal access token](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/) and by [Auth0 API Keys blog post](https://auth0.com/blog/using-json-web-tokens-as-api-keys/), this package provides a Django Rest Framework Permission object to check permissions from JWT payloads.
@@ -117,6 +121,11 @@ Defaults to:
 "GET_PAYLOAD_FROM_REQUEST_HANDLER": "rest_jwt_permission.handlers.get_jwt_payload_from_request"
 ```
 
+**`JWT_PAYLOAD_SCOPES_KEY`**: Payload key that will contain the scopes. Defaults to:
+```
+"JWT_PAYLOAD_SCOPES_KEY": "scopes"
+```
+
 
 ### Showing all available roles
 

diff --git a/rest_jwt_permission/handlers.py b/rest_jwt_permission/handlers.py
@@ -5,6 +5,8 @@
 from rest_framework import exceptions
 from rest_framework.authentication import get_authorization_header
 
+from .settings import get_setting
+
 
 def get_payload_from_scopes(scopes):
     """
@@ -16,7 +18,7 @@ def get_payload_from_scopes(scopes):
     :rtype dict
     """
     return {
-        "scopes": [scope.identifier for scope in scopes]
+        get_setting("JWT_PAYLOAD_SCOPES_KEY"): [scope.identifier for scope in scopes]
     }
 
 
@@ -27,7 +29,7 @@ def get_scopes_from_payload(payload):
     :type payload dict
     :rtype list[rest_jwt_permission.scopes.Scope]
     """
-    return payload.get("scopes", [])
+    return payload.get(get_setting("JWT_PAYLOAD_SCOPES_KEY"), [])
 
 
 def get_jwt_payload_from_request(request):

diff --git a/rest_jwt_permission/settings.py b/rest_jwt_permission/settings.py
@@ -21,7 +21,10 @@
     # Handler function to get JWT payload from Request
     "GET_PAYLOAD_FROM_REQUEST_HANDLER": (
         "rest_jwt_permission.handlers.get_jwt_payload_from_request"
-    )
+    ),
+
+    # Payload key that will contain the scopes
+    "JWT_PAYLOAD_SCOPES_KEY": "scopes"
 }