feat: jwt authentication

authentications/context_processors.py

+import jwt
+from django.shortcuts import get_object_or_404
+from librarians.models import Librarians
+
+
+def get_auth_session(request):
+    auth_session = request.session.get("auth_session", None)
+
+    if auth_session:
+        decoded = jwt.decode(auth_session, "secret", algorithms=["HS256"])
+
+        user_id = decoded["librarian_id"]
+        user_verified = get_object_or_404(Librarians, id=user_id)
+
+        return {"user": user_verified}
+
+    return {"user": None}

authentications/middleware.py

+import jwt
+
+from datetime import datetime
+from django.utils.deprecation import MiddlewareMixin
+from django.shortcuts import get_object_or_404
+from django.http import HttpResponseRedirect
+from librarians.models import Librarians
+
+
+class AuthMiddleware(MiddlewareMixin):
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        response = self.get_response(request)
+
+        auth_session = request.session.get("auth_session", None)
+
+        if request.path.startswith("/dashboard/"):
+            if auth_session is not None:
+                decoded = jwt.decode(auth_session, "secret", algorithms=["HS256"])
+                user_verified = get_object_or_404(
+                    Librarians, id=decoded["librarian_id"]
+                )
+
+                user_obj = {
+                    "id": user_verified.id,
+                    "name": user_verified.name,
+                    "time": str(datetime.now()),
+                }
+                message = "login request success, user: " + f"{user_obj}"
+                print(message)
+                return response
+            else:
+                return HttpResponseRedirect("/auth/login")
+
+        return response

authentications/urls.py

 from django.urls import path
-from authentications.views import login, sign_up
+from authentications.views import login, sign_up, logout
 
 urlpatterns = [
     path("login/", login, name="login"),
     path("sign-up/", sign_up, name="sign_up"),
+    path("logout/", logout, name="logout"),
 ]

authentications/views.py

@@ -71,3 +71,8 @@ def sign_up(request):
         form = SignUpForm()
 
     return render(request, "sign_up.html", context)
+
+
+def logout(request):
+    del request.session["auth_session"]
+    return HttpResponseRedirect("/auth/login")

config/settings.py

@@ -53,6 +53,7 @@ MIDDLEWARE = [
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "authentications.middleware.AuthMiddleware",
 ]
 
 ROOT_URLCONF = "config.urls"
@@ -68,6 +69,7 @@ TEMPLATES = [
                 "django.template.context_processors.request",
                 "django.contrib.auth.context_processors.auth",
                 "django.contrib.messages.context_processors.messages",
+                "authentications.context_processors.get_auth_session",
             ],
         },
     },

dashboards/templates/layout.html

@@ -7,7 +7,7 @@
     class="w-100 p-4 d-flex flex-column gap-4 bg-body"
     style="max-width: 20vw"
   >
-    <h5 class="h4">{{ user_session.name }}</h5>
+    {% include "profile.html" %}
     <div class="d-flex flex-column gap-2">
       <a href="/dashboard" class="btn btn-outline-primary text-start w-100"
         ><i class="bi bi-house-fill"></i> Home</a

dashboards/templates/profile.html

+<div class="dropdown">
+  <button class="w-100 btn btn-primary" type="button" data-bs-toggle="dropdown">
+    <i class="bi bi-person-circle"></i>
+    {% if user %} {{ user.name }} {% endif %}
+  </button>
+  <ul class="w-100 dropdown-menu shadow">
+    <li>
+      <a class="dropdown-item" href="#"
+        ><i class="bi bi-person-fill-gear"></i> settings</a
+      >
+    </li>
+    <li>
+      <a class="dropdown-item" href="/auth/logout/"
+        ><i class="bi bi-box-arrow-left"></i> logout</a
+      >
+    </li>
+  </ul>
+</div>

dashboards/views.py

-import jwt
 from django.shortcuts import render
 
 
@@ -7,9 +6,4 @@ def home(request):
 
 
 def index(request):
-    auth_session = request.session["auth_session"]
-    decoded = jwt.decode(auth_session, "secret", algorithms=["HS256"])
-    print(decoded)
-    context = {"user_session": decoded}
-
-    return render(request, "dashboard/index.html", context)
+    return render(request, "dashboard/index.html")