From 7abc0262d52773483d0e909e8508e2e59648baa2 Mon Sep 17 00:00:00 2001
From: Sylwester Kardziejonek <sylwester.kardziejonek@gmail.com>
Date: Thu, 25 Jan 2018 19:11:10 +0100
Subject: [PATCH] Optional user based secret key

Use `JWT_GET_USER_SECRET_KEY` only when you actually pass `user_id` in the `payload`.

This way you are able to use user-based secret keys and fallback to a default secret key when user is irrelevant.
---
 rest_framework_jwt/utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rest_framework_jwt/utils.py b/rest_framework_jwt/utils.py
index c72197bc..dfd9ad22 100644
--- a/rest_framework_jwt/utils.py
+++ b/rest_framework_jwt/utils.py
@@ -21,7 +21,7 @@ def jwt_get_secret_key(payload=None):
         - password is changed
         - etc.
     """
-    if api_settings.JWT_GET_USER_SECRET_KEY:
+    if api_settings.JWT_GET_USER_SECRET_KEY and 'user_id' in payload:
         User = get_user_model()  # noqa: N806
         user = User.objects.get(pk=payload.get('user_id'))
         key = str(api_settings.JWT_GET_USER_SECRET_KEY(user))