Token authentication

This commit is contained in:
Yohann D'ANELLO 2020-02-17 19:25:33 +01:00
parent f3f13c5153
commit 55977bcbe7
5 changed files with 31 additions and 2 deletions

View File

@ -5,6 +5,7 @@
from django.conf.urls import url, include
from django.contrib.auth.models import User
from rest_framework import routers, serializers, viewsets
from rest_framework.authtoken import views as token_views
from .activity.urls import register_activity_urls
from .members.urls import register_members_urls
@ -49,5 +50,5 @@ register_note_urls(router, 'note')
# Additionally, we include login URLs for the browsable API.
urlpatterns = [
url('^', include(router.urls)),
url('^api-auth/', include('rest_framework.urls', namespace='rest_framework'))
url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
]

View File

@ -18,6 +18,7 @@ urlpatterns = [
path('user/',views.UserListView.as_view(),name="user_list"),
path('user/<int:pk>',views.UserDetailView.as_view(),name="user_detail"),
path('user/<int:pk>/update',views.UserUpdateView.as_view(),name="user_update_profile"),
path('generate-auth-token/', views.GenerateAuthTokenView.as_view(), name='generate_auth_token'),
# API for the user autocompleter
path('user/user-autocomplete',views.UserAutocomplete.as_view(),name="user_autocomplete"),

View File

@ -5,12 +5,13 @@
from dal import autocomplete
from django.contrib.auth.mixins import LoginRequiredMixin
from django.utils.translation import gettext_lazy as _
from django.views.generic import CreateView, ListView, DetailView, UpdateView
from django.views.generic import CreateView, ListView, DetailView, UpdateView, TemplateView
from django.contrib.auth.models import User
from django.urls import reverse_lazy
from django.db.models import Q
from django_tables2.views import SingleTableView
from rest_framework.authtoken.models import Token
from note.models import Alias, Note, NoteUser
from .models import Profile, Club, Membership
@ -139,6 +140,22 @@ class UserListView(LoginRequiredMixin,SingleTableView):
return context
class GenerateAuthTokenView(LoginRequiredMixin, TemplateView):
"""
Génère un jeton d'authentification pour un utilisateur
"""
template_name = "member/generate_auth_token.html"
def get_context_data(self):
context = super().get_context_data()
if Token.objects.filter(user=self.request.user).exists():
Token.objects.get(user=self.request.user).delete()
token = Token.objects.create(user=self.request.user)
context['token'] = token.key
return context
class UserAutocomplete(autocomplete.Select2QuerySetView):
"""
Auto complete users by usernames

View File

@ -52,6 +52,7 @@ INSTALLED_APPS = [
'django.contrib.staticfiles',
# API
'rest_framework',
'rest_framework.authtoken',
# Autocomplete
'dal',
'dal_select2',
@ -127,6 +128,9 @@ REST_FRAMEWORK = {
# or allow read-only access for unauthenticated users.
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
],
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.TokenAuthentication',
]
}

View File

@ -0,0 +1,6 @@
{% extends "base.html" %}
{% load i18n static pretty_money django_tables2 %}
{% block content %}
Jeton : <strong>{{ token }}</strong>
{% endblock %}