mirror of
https://github.com/inventree/InvenTree
synced 2024-08-30 18:33:04 +00:00
Add API endpoint for user to request auth token
This commit is contained in:
parent
e91eac0c66
commit
881adb9487
@ -20,10 +20,9 @@ class AuthRequiredMiddleware(object):
|
|||||||
|
|
||||||
response = self.get_response(request)
|
response = self.get_response(request)
|
||||||
|
|
||||||
|
# Redirect any unauthorized HTTP requests to the login page
|
||||||
if not request.user.is_authenticated:
|
if not request.user.is_authenticated:
|
||||||
print(request.path_info)
|
if not request.path_info == reverse_lazy('login') and not request.path_info.startswith('/api/'):
|
||||||
|
|
||||||
if not request.path_info == reverse_lazy('login'):
|
|
||||||
return HttpResponseRedirect(reverse_lazy('login'))
|
return HttpResponseRedirect(reverse_lazy('login'))
|
||||||
|
|
||||||
# Code to be executed for each request/response after
|
# Code to be executed for each request/response after
|
||||||
|
@ -68,6 +68,7 @@ INSTALLED_APPS = [
|
|||||||
'django_filters', # Extended filter functionality
|
'django_filters', # Extended filter functionality
|
||||||
'dbbackup', # Database backup / restore
|
'dbbackup', # Database backup / restore
|
||||||
'rest_framework', # DRF (Django Rest Framework)
|
'rest_framework', # DRF (Django Rest Framework)
|
||||||
|
'rest_framework.authtoken', # Token authentication for API
|
||||||
'corsheaders', # Cross-origin Resource Sharing for DRF
|
'corsheaders', # Cross-origin Resource Sharing for DRF
|
||||||
'crispy_forms', # Improved form rendering
|
'crispy_forms', # Improved form rendering
|
||||||
'import_export', # Import / export tables to file
|
'import_export', # Import / export tables to file
|
||||||
@ -131,6 +132,11 @@ TEMPLATES = [
|
|||||||
REST_FRAMEWORK = {
|
REST_FRAMEWORK = {
|
||||||
'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler',
|
'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler',
|
||||||
'DATETIME_FORMAT': '%Y-%m-%d %H:%M',
|
'DATETIME_FORMAT': '%Y-%m-%d %H:%M',
|
||||||
|
'DEFAULT_AUTHENTICATION_CLASSES': (
|
||||||
|
'rest_framework.authentication.BasicAuthentication',
|
||||||
|
'rest_framework.authentication.SessionAuthentication',
|
||||||
|
'rest_framework.authentication.TokenAuthentication',
|
||||||
|
)
|
||||||
# 'EXCEPTION_HANDLER': 'InvenTree.utils.api_exception_handler',
|
# 'EXCEPTION_HANDLER': 'InvenTree.utils.api_exception_handler',
|
||||||
# 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
|
# 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
|
||||||
# 'PAGE_SIZE': 50,
|
# 'PAGE_SIZE': 50,
|
||||||
|
@ -5,5 +5,7 @@ from . import views
|
|||||||
user_urls = [
|
user_urls = [
|
||||||
url(r'^(?P<pk>[0-9]+)/?$', views.UserDetail.as_view(), name='user-detail'),
|
url(r'^(?P<pk>[0-9]+)/?$', views.UserDetail.as_view(), name='user-detail'),
|
||||||
|
|
||||||
|
url(r'token', views.GetAuthToken.as_view()),
|
||||||
|
|
||||||
url(r'^$', views.UserList.as_view()),
|
url(r'^$', views.UserList.as_view()),
|
||||||
]
|
]
|
||||||
|
@ -2,8 +2,13 @@ from rest_framework import generics, permissions
|
|||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User
|
||||||
from .serializers import UserSerializer
|
from .serializers import UserSerializer
|
||||||
|
|
||||||
|
from rest_framework.authtoken.views import ObtainAuthToken
|
||||||
|
from rest_framework.authtoken.models import Token
|
||||||
|
from rest_framework.response import Response
|
||||||
|
|
||||||
|
|
||||||
class UserDetail(generics.RetrieveAPIView):
|
class UserDetail(generics.RetrieveAPIView):
|
||||||
|
""" Detail endpoint for a single user """
|
||||||
|
|
||||||
queryset = User.objects.all()
|
queryset = User.objects.all()
|
||||||
serializer_class = UserSerializer
|
serializer_class = UserSerializer
|
||||||
@ -11,7 +16,26 @@ class UserDetail(generics.RetrieveAPIView):
|
|||||||
|
|
||||||
|
|
||||||
class UserList(generics.ListAPIView):
|
class UserList(generics.ListAPIView):
|
||||||
|
""" List endpoint for detail on all users """
|
||||||
|
|
||||||
queryset = User.objects.all()
|
queryset = User.objects.all()
|
||||||
serializer_class = UserSerializer
|
serializer_class = UserSerializer
|
||||||
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
|
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
|
||||||
|
|
||||||
|
|
||||||
|
class GetAuthToken(ObtainAuthToken):
|
||||||
|
""" Return authentication token for an authenticated user. """
|
||||||
|
|
||||||
|
def post(self, request, *args, **kwargs):
|
||||||
|
serializer = self.serializer_class(data=request.data,
|
||||||
|
context={'request': request})
|
||||||
|
serializer.is_valid(raise_exception=True)
|
||||||
|
user = serializer.validated_data['user']
|
||||||
|
token, created = Token.objects.get_or_create(user=user)
|
||||||
|
print("YAAAAAAAAH")
|
||||||
|
return Response({
|
||||||
|
'token': token.key,
|
||||||
|
'pk': user.pk,
|
||||||
|
'username': user.username,
|
||||||
|
'email': user.email
|
||||||
|
})
|
||||||
|
Loading…
Reference in New Issue
Block a user