med/users/views.py

60 lines
1.9 KiB
Python
Raw Normal View History

2019-08-02 12:57:53 +00:00
# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
2021-11-04 10:29:03 +00:00
from datetime import datetime
2019-08-02 12:57:53 +00:00
2021-11-04 10:29:03 +00:00
from authlib.integrations.django_client import OAuth
from django.contrib.auth import login
2019-08-19 10:17:49 +00:00
from django.contrib.auth.models import Group
2021-11-04 10:29:03 +00:00
from django.urls import reverse
from django.utils import timezone
from django.views.generic import RedirectView
2019-08-17 10:12:10 +00:00
from rest_framework import viewsets
2021-11-04 10:29:03 +00:00
from users.models import User, AccessToken
2020-09-25 08:27:43 +00:00
2019-08-19 10:17:49 +00:00
from .serializers import GroupSerializer, UserSerializer
2021-11-04 10:29:03 +00:00
class LoginView(RedirectView):
def get_redirect_url(self, *args, **kwargs):
oauth = OAuth()
oauth.register('notekfet')
redirect_url = self.request.build_absolute_uri(reverse('users:auth'))
return oauth.notekfet.authorize_redirect(self.request, redirect_url).url
class AuthorizeView(RedirectView):
def get_redirect_url(self, *args, **kwargs):
oauth = OAuth()
oauth.register('notekfet')
token = oauth.notekfet.authorize_access_token(self.request)
token_obj = AccessToken.objects.create(
access_token=token['access_token'],
expires_in=token['expires_in'],
scopes=token['scope'],
refresh_token=token['refresh_token'],
expires_at=timezone.utc.fromutc(
datetime.fromtimestamp(token['expires_at'])),
)
user = token_obj.fetch_user(True)
2021-11-04 13:25:35 +00:00
self.request.session['access_token_id'] = token_obj.id
self.request.session.save()
login(self.request, user)
return reverse('index')
2019-08-02 12:57:53 +00:00
2019-08-17 10:12:10 +00:00
class UserViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows users to be viewed or edited.
"""
queryset = User.objects.all()
serializer_class = UserSerializer
class GroupViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows groups to be viewed or edited.
"""
queryset = Group.objects.all()
serializer_class = GroupSerializer