From 55977bcbe74473a3c7dfdbba0f9b081de6f889a7 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Mon, 17 Feb 2020 19:25:33 +0100 Subject: [PATCH] Token authentication --- apps/api/urls.py | 3 ++- apps/member/urls.py | 1 + apps/member/views.py | 19 ++++++++++++++++++- note_kfet/settings/base.py | 4 ++++ templates/member/generate_auth_token.html | 6 ++++++ 5 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 templates/member/generate_auth_token.html diff --git a/apps/api/urls.py b/apps/api/urls.py index 9c64abed..cb1dfaf3 100644 --- a/apps/api/urls.py +++ b/apps/api/urls.py @@ -5,6 +5,7 @@ from django.conf.urls import url, include from django.contrib.auth.models import User from rest_framework import routers, serializers, viewsets +from rest_framework.authtoken import views as token_views from .activity.urls import register_activity_urls from .members.urls import register_members_urls @@ -49,5 +50,5 @@ register_note_urls(router, 'note') # Additionally, we include login URLs for the browsable API. urlpatterns = [ url('^', include(router.urls)), - url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')) + url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')), ] diff --git a/apps/member/urls.py b/apps/member/urls.py index e534cf47..faadf97d 100644 --- a/apps/member/urls.py +++ b/apps/member/urls.py @@ -18,6 +18,7 @@ urlpatterns = [ path('user/',views.UserListView.as_view(),name="user_list"), path('user/',views.UserDetailView.as_view(),name="user_detail"), path('user//update',views.UserUpdateView.as_view(),name="user_update_profile"), + path('generate-auth-token/', views.GenerateAuthTokenView.as_view(), name='generate_auth_token'), # API for the user autocompleter path('user/user-autocomplete',views.UserAutocomplete.as_view(),name="user_autocomplete"), diff --git a/apps/member/views.py b/apps/member/views.py index 174072ab..8fa071c1 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -5,12 +5,13 @@ from dal import autocomplete from django.contrib.auth.mixins import LoginRequiredMixin from django.utils.translation import gettext_lazy as _ -from django.views.generic import CreateView, ListView, DetailView, UpdateView +from django.views.generic import CreateView, ListView, DetailView, UpdateView, TemplateView from django.contrib.auth.models import User from django.urls import reverse_lazy from django.db.models import Q from django_tables2.views import SingleTableView +from rest_framework.authtoken.models import Token from note.models import Alias, Note, NoteUser from .models import Profile, Club, Membership @@ -139,6 +140,22 @@ class UserListView(LoginRequiredMixin,SingleTableView): return context +class GenerateAuthTokenView(LoginRequiredMixin, TemplateView): + """ + Génère un jeton d'authentification pour un utilisateur + """ + template_name = "member/generate_auth_token.html" + + def get_context_data(self): + context = super().get_context_data() + + if Token.objects.filter(user=self.request.user).exists(): + Token.objects.get(user=self.request.user).delete() + token = Token.objects.create(user=self.request.user) + + context['token'] = token.key + return context + class UserAutocomplete(autocomplete.Select2QuerySetView): """ Auto complete users by usernames diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index d7061efd..8277e71c 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -52,6 +52,7 @@ INSTALLED_APPS = [ 'django.contrib.staticfiles', # API 'rest_framework', + 'rest_framework.authtoken', # Autocomplete 'dal', 'dal_select2', @@ -127,6 +128,9 @@ REST_FRAMEWORK = { # or allow read-only access for unauthenticated users. 'DEFAULT_PERMISSION_CLASSES': [ 'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly' + ], + 'DEFAULT_AUTHENTICATION_CLASSES': [ + 'rest_framework.authentication.TokenAuthentication', ] } diff --git a/templates/member/generate_auth_token.html b/templates/member/generate_auth_token.html new file mode 100644 index 00000000..6c64d972 --- /dev/null +++ b/templates/member/generate_auth_token.html @@ -0,0 +1,6 @@ +{% extends "base.html" %} +{% load i18n static pretty_money django_tables2 %} + +{% block content %} + Jeton : {{ token }} +{% endblock %}