Add API endpoint for user to request auth token

This commit is contained in:
Oliver Walters 2019-06-23 23:47:06 +10:00
parent e91eac0c66
commit 881adb9487
4 changed files with 42 additions and 11 deletions

View File

@ -20,10 +20,9 @@ class AuthRequiredMiddleware(object):
response = self.get_response(request) response = self.get_response(request)
# Redirect any unauthorized HTTP requests to the login page
if not request.user.is_authenticated: if not request.user.is_authenticated:
print(request.path_info) if not request.path_info == reverse_lazy('login') and not request.path_info.startswith('/api/'):
if not request.path_info == reverse_lazy('login'):
return HttpResponseRedirect(reverse_lazy('login')) return HttpResponseRedirect(reverse_lazy('login'))
# Code to be executed for each request/response after # Code to be executed for each request/response after

View File

@ -68,6 +68,7 @@ INSTALLED_APPS = [
'django_filters', # Extended filter functionality 'django_filters', # Extended filter functionality
'dbbackup', # Database backup / restore 'dbbackup', # Database backup / restore
'rest_framework', # DRF (Django Rest Framework) 'rest_framework', # DRF (Django Rest Framework)
'rest_framework.authtoken', # Token authentication for API
'corsheaders', # Cross-origin Resource Sharing for DRF 'corsheaders', # Cross-origin Resource Sharing for DRF
'crispy_forms', # Improved form rendering 'crispy_forms', # Improved form rendering
'import_export', # Import / export tables to file 'import_export', # Import / export tables to file
@ -131,6 +132,11 @@ TEMPLATES = [
REST_FRAMEWORK = { REST_FRAMEWORK = {
'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler', 'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler',
'DATETIME_FORMAT': '%Y-%m-%d %H:%M', 'DATETIME_FORMAT': '%Y-%m-%d %H:%M',
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication',
)
# 'EXCEPTION_HANDLER': 'InvenTree.utils.api_exception_handler', # 'EXCEPTION_HANDLER': 'InvenTree.utils.api_exception_handler',
# 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination', # 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
# 'PAGE_SIZE': 50, # 'PAGE_SIZE': 50,

View File

@ -5,5 +5,7 @@ from . import views
user_urls = [ user_urls = [
url(r'^(?P<pk>[0-9]+)/?$', views.UserDetail.as_view(), name='user-detail'), url(r'^(?P<pk>[0-9]+)/?$', views.UserDetail.as_view(), name='user-detail'),
url(r'token', views.GetAuthToken.as_view()),
url(r'^$', views.UserList.as_view()), url(r'^$', views.UserList.as_view()),
] ]

View File

@ -2,8 +2,13 @@ from rest_framework import generics, permissions
from django.contrib.auth.models import User from django.contrib.auth.models import User
from .serializers import UserSerializer from .serializers import UserSerializer
from rest_framework.authtoken.views import ObtainAuthToken
from rest_framework.authtoken.models import Token
from rest_framework.response import Response
class UserDetail(generics.RetrieveAPIView): class UserDetail(generics.RetrieveAPIView):
""" Detail endpoint for a single user """
queryset = User.objects.all() queryset = User.objects.all()
serializer_class = UserSerializer serializer_class = UserSerializer
@ -11,7 +16,26 @@ class UserDetail(generics.RetrieveAPIView):
class UserList(generics.ListAPIView): class UserList(generics.ListAPIView):
""" List endpoint for detail on all users """
queryset = User.objects.all() queryset = User.objects.all()
serializer_class = UserSerializer serializer_class = UserSerializer
permission_classes = (permissions.IsAuthenticatedOrReadOnly,) permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
class GetAuthToken(ObtainAuthToken):
""" Return authentication token for an authenticated user. """
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, created = Token.objects.get_or_create(user=user)
print("YAAAAAAAAH")
return Response({
'token': token.key,
'pk': user.pk,
'username': user.username,
'email': user.email
})