Optional user based secret key

[slykar]

Use JWT_GET_USER_SECRET_KEY only when you actually pass user_id in the payload.

This way you are able to use user-based secret keys and fallback to a default secret key when user is irrelevant.

Also, without this check, you will be getting DoesNotExist error when trying to generate a token for payload without user_id.

[slykar]

This could be also achieved with #416 from what I can see

[codecov]

Codecov Report

Merging #419 into master will decrease coverage by 0.33%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master     #419      +/-   ##
==========================================
- Coverage   90.67%   90.34%   -0.34%     
==========================================
  Files          14       12       -2     
  Lines         847      818      -29     
  Branches       29       29              
==========================================
- Hits          768      739      -29     
  Misses         66       66              
  Partials       13       13

Flag	Coverage Δ
#codecov	90.34% <ø> (-0.34%)	⬇️
#dj110	87.04% <ø> (-0.45%)	⬇️
#dj111	87.04% <ø> (-0.45%)	⬇️
#dj18	89.48% <ø> (-0.36%)	⬇️
#dj19	89.48% <ø> (-0.36%)	⬇️
#drf31	89.48% <ø> (-0.36%)	⬇️
#drf32	89.48% <ø> (-0.36%)	⬇️
#drf33	89.48% <ø> (-0.36%)	⬇️
#drf34	90.34% <ø> (-0.34%)	⬇️
#drf35	89.97% <ø> (-0.35%)	⬇️
#drf36	89.97% <ø> (-0.35%)	⬇️
#py27	90.34% <ø> (-0.34%)	⬇️
#py33	89.11% <ø> (-0.38%)	⬇️
#py34	89.97% <ø> (+0.48%)	⬆️
#py35	87.04% <ø> (?)
#py36	87.04% <ø> (?)

Impacted Files	Coverage Δ
rest_framework_jwt/models.py

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0a0bd40...7abc026. Read the comment docs.

[snkfrv]

@slykar Hey, what about wrapping the call to User.objects.get(...) in try...except catching DoesNotExist errors and re-raising them as jwt.InvalidTokenError or smth?

[slykar]

@sergeynikiforov I'm not sure. What I would like to achieve is to use the default key if user_id is not passed. I wan't to control whether to use user based secret or not when calling jwt_encode_handler.