n3wt-school/Back-End/Auth/backends.py

from django.contrib.auth import get_user_model
from django.contrib.auth.backends import ModelBackend
from Auth.models import Profile
from N3wtSchool import bdd
from rest_framework_simplejwt.authentication import JWTAuthentication
from rest_framework_simplejwt.exceptions import TokenError, InvalidToken
import logging

logger = logging.getLogger("Auth")


class EmailBackend(ModelBackend):
    def authenticate(self, request, username=None, password=None, **kwargs):

        if username is None:
            username = kwargs.get(Profile.USERNAME_FIELD)

        try:
            user = Profile.objects.get(email=username)

            # Vérifie le mot de passe de l'utilisateur
            if user.check_password(password):
                return user
        except Profile.DoesNotExist:
            return None


class LoggingJWTAuthentication(JWTAuthentication):
    """
    Surclasse JWTAuthentication pour loguer pourquoi un token Bearer est rejeté.
    Cela aide à diagnostiquer les 401 sans avoir à ajouter des prints partout.
    """

    def authenticate(self, request):
        header = self.get_header(request)
        if header is None:
            logger.debug("JWT: pas de header Authorization dans la requête %s %s",
                         request.method, request.path)
            return None

        raw_token = self.get_raw_token(header)
        if raw_token is None:
            logger.debug("JWT: header Authorization présent mais token vide pour %s %s",
                         request.method, request.path)
            return None

        try:
            validated_token = self.get_validated_token(raw_token)
        except InvalidToken as e:
            logger.warning(
                "JWT: token invalide pour %s %s — %s",
                request.method, request.path, str(e)
            )
            raise

        try:
            user = self.get_user(validated_token)
        except Exception as e:
            logger.warning(
                "JWT: utilisateur introuvable pour %s %s — %s",
                request.method, request.path, str(e)
            )
            raise

        logger.debug("JWT: authentification réussie user_id=%s pour %s %s",
                     user.pk, request.method, request.path)
        return user, validated_token