Merge remote-tracking branch 'inventree/master'

This commit is contained in:
Oliver Walters 2019-06-24 08:27:58 +10:00
commit 5d0369958f
7 changed files with 47 additions and 15 deletions

View File

@ -20,10 +20,9 @@ class AuthRequiredMiddleware(object):
response = self.get_response(request) response = self.get_response(request)
# Redirect any unauthorized HTTP requests to the login page
if not request.user.is_authenticated: if not request.user.is_authenticated:
print(request.path_info) if not request.path_info == reverse_lazy('login') and not request.path_info.startswith('/api/'):
if not request.path_info == reverse_lazy('login'):
return HttpResponseRedirect(reverse_lazy('login')) return HttpResponseRedirect(reverse_lazy('login'))
# Code to be executed for each request/response after # Code to be executed for each request/response after

View File

@ -65,14 +65,15 @@ INSTALLED_APPS = [
'order.apps.OrderConfig', 'order.apps.OrderConfig',
# Third part add-ons # Third part add-ons
'django_filters', # Extended filter functionality 'django_filters', # Extended filter functionality
'dbbackup', # Database backup / restore 'dbbackup', # Database backup / restore
'rest_framework', # DRF (Django Rest Framework) 'rest_framework', # DRF (Django Rest Framework)
'corsheaders', # Cross-origin Resource Sharing for DRF 'rest_framework.authtoken', # Token authentication for API
'crispy_forms', # Improved form rendering 'corsheaders', # Cross-origin Resource Sharing for DRF
'import_export', # Import / export tables to file 'crispy_forms', # Improved form rendering
'django_cleanup', # Automatically delete orphaned MEDIA files 'import_export', # Import / export tables to file
'qr_code', # Generate QR codes 'django_cleanup', # Automatically delete orphaned MEDIA files
'qr_code', # Generate QR codes
] ]
LOGGING = { LOGGING = {
@ -131,6 +132,11 @@ TEMPLATES = [
REST_FRAMEWORK = { REST_FRAMEWORK = {
'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler', 'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler',
'DATETIME_FORMAT': '%Y-%m-%d %H:%M', 'DATETIME_FORMAT': '%Y-%m-%d %H:%M',
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication',
)
# 'EXCEPTION_HANDLER': 'InvenTree.utils.api_exception_handler', # 'EXCEPTION_HANDLER': 'InvenTree.utils.api_exception_handler',
# 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination', # 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
# 'PAGE_SIZE': 50, # 'PAGE_SIZE': 50,

View File

@ -336,7 +336,7 @@ part_api_urls = [
url(r'^category/', include(cat_api_urls)), url(r'^category/', include(cat_api_urls)),
url(r'^star/', include(part_star_api_urls)), url(r'^star/', include(part_star_api_urls)),
url(r'^(?P<pk>\d+)/', PartDetail.as_view(), name='api-part-detail'), url(r'^(?P<pk>\d+)/?', PartDetail.as_view(), name='api-part-detail'),
url(r'^.*$', PartList.as_view(), name='api-part-list'), url(r'^.*$', PartList.as_view(), name='api-part-list'),
] ]
@ -344,7 +344,7 @@ part_api_urls = [
bom_api_urls = [ bom_api_urls = [
# BOM Item Detail # BOM Item Detail
url('^(?P<pk>\d+)/', BomDetail.as_view(), name='api-bom-detail'), url(r'^(?P<pk>\d+)/?', BomDetail.as_view(), name='api-bom-detail'),
# Catch-all # Catch-all
url(r'^.*$', BomList.as_view(), name='api-bom-list'), url(r'^.*$', BomList.as_view(), name='api-bom-list'),

View File

@ -8,7 +8,8 @@ class UserSerializer(serializers.HyperlinkedModelSerializer):
class Meta: class Meta:
model = User model = User
fields = ('username', fields = ('pk',
'username',
'first_name', 'first_name',
'last_name', 'last_name',
'email',) 'email',)

View File

@ -5,5 +5,7 @@ from . import views
user_urls = [ user_urls = [
url(r'^(?P<pk>[0-9]+)/?$', views.UserDetail.as_view(), name='user-detail'), url(r'^(?P<pk>[0-9]+)/?$', views.UserDetail.as_view(), name='user-detail'),
url(r'token', views.GetAuthToken.as_view()),
url(r'^$', views.UserList.as_view()), url(r'^$', views.UserList.as_view()),
] ]

View File

@ -2,8 +2,13 @@ from rest_framework import generics, permissions
from django.contrib.auth.models import User from django.contrib.auth.models import User
from .serializers import UserSerializer from .serializers import UserSerializer
from rest_framework.authtoken.views import ObtainAuthToken
from rest_framework.authtoken.models import Token
from rest_framework.response import Response
class UserDetail(generics.RetrieveAPIView): class UserDetail(generics.RetrieveAPIView):
""" Detail endpoint for a single user """
queryset = User.objects.all() queryset = User.objects.all()
serializer_class = UserSerializer serializer_class = UserSerializer
@ -11,7 +16,26 @@ class UserDetail(generics.RetrieveAPIView):
class UserList(generics.ListAPIView): class UserList(generics.ListAPIView):
""" List endpoint for detail on all users """
queryset = User.objects.all() queryset = User.objects.all()
serializer_class = UserSerializer serializer_class = UserSerializer
permission_classes = (permissions.IsAuthenticatedOrReadOnly,) permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
class GetAuthToken(ObtainAuthToken):
""" Return authentication token for an authenticated user. """
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, created = Token.objects.get_or_create(user=user)
return Response({
'token': token.key,
'pk': user.pk,
'username': user.username,
'email': user.email
})

View File

@ -3,7 +3,7 @@ ignore =
# - W293 - blank lines contain whitespace # - W293 - blank lines contain whitespace
W293, W293,
# - E501 - line too long (82 characters) # - E501 - line too long (82 characters)
E501, E501, E722,
# - C901 - function is too complex # - C901 - function is too complex
C901, C901,
exclude = .git,__pycache__,*/migrations/* exclude = .git,__pycache__,*/migrations/*