From fedf3dca8062b86a4453ccd768f577391949dbab Mon Sep 17 00:00:00 2001 From: Piotr Dobrowolski Date: Sat, 2 Feb 2019 13:21:15 +0100 Subject: [PATCH] Add apitoken endpoint --- spejstore/settings.py | 14 +++++++++++--- storage/urls.py | 4 +++- storage/views.py | 11 ++++++++++- 3 files changed, 24 insertions(+), 5 deletions(-) diff --git a/spejstore/settings.py b/spejstore/settings.py index fc988ab..c4ca315 100644 --- a/spejstore/settings.py +++ b/spejstore/settings.py @@ -14,7 +14,8 @@ import os # Build paths inside the project like this: os.path.join(BASE_DIR, ...) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) - +STATIC_ROOT = os.path.join(BASE_DIR, 'build_static') +PROD = os.getenv('SPEJSTORE_ENV') == 'prod' # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/ @@ -23,7 +24,7 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) SECRET_KEY = '#hjthi7_udsyt*9eeyb&nwgw5x=%pk_lnz3+u2tg9@=w3p1m*k' # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = not PROD ALLOWED_HOSTS = ['devinventory', 'inventory.waw.hackerspace.pl', 'i', 'inventory'] LOGIN_REDIRECT_URL = '/admin/' @@ -47,6 +48,7 @@ INSTALLED_APPS = [ 'tree', 'django_select2', 'rest_framework', + 'rest_framework.authtoken', 'django_markdown2', 'storage', @@ -174,12 +176,18 @@ REST_FRAMEWORK = { # Use Django's standard `django.contrib.auth` permissions, # or allow read-only access for unauthenticated users. 'DEFAULT_PERMISSION_CLASSES': [ - 'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly' + 'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly', + ], + 'DEFAULT_AUTHENTICATION_CLASSES': [ + 'rest_framework.authentication.BasicAuthentication', + 'rest_framework.authentication.SessionAuthentication', + 'rest_framework.authentication.TokenAuthentication', ] } SOCIAL_AUTH_HSWAW_KEY = os.getenv('SPEJSTORE_CLIENT_ID') SOCIAL_AUTH_HSWAW_SECRET = os.getenv('SPEJSTORE_SECRET') +SOCIAL_AUTH_REDIRECT_IS_HTTPS = PROD SOCIAL_AUTH_POSTGRES_JSONFIELD = True diff --git a/storage/urls.py b/storage/urls.py index 40deeee..1481483 100644 --- a/storage/urls.py +++ b/storage/urls.py @@ -1,11 +1,13 @@ from django.conf.urls import include, url from storage.views import ( - index, search, item_display, label_lookup, ItemSelectView, PropSelectView + index, search, item_display, label_lookup, apitoken, ItemSelectView, + PropSelectView ) urlpatterns = [ url(r'^$', index), url(r'^search$', search), + url(r'^apitoken$', apitoken), url(r'^item/(?P.*)$', item_display, name='item-display'), url(r'^autocomplete.json$', ItemSelectView.as_view(), name='item-complete'), url(r'^autocomplete_prop.json$', PropSelectView.as_view(), name='prop-complete'), diff --git a/storage/views.py b/storage/views.py index fd5a35d..674e2b2 100644 --- a/storage/views.py +++ b/storage/views.py @@ -2,7 +2,7 @@ import shlex from django.shortcuts import render, get_object_or_404, redirect from django.contrib.postgres.search import SearchVector, TrigramSimilarity -from django.http import Http404, JsonResponse +from django.http import Http404, JsonResponse, HttpResponse from django.contrib.admin.models import LogEntry from django_select2.views import AutoResponseView from django.db import connection @@ -10,6 +10,8 @@ from django.db.models import Q from storage.models import Item, Label +from django.contrib.auth.decorators import login_required +from rest_framework.authtoken.models import Token def apply_smart_search(query, objects): general_term = [] @@ -95,6 +97,13 @@ def label_lookup(request, pk): return redirect(label.item) +@login_required +def apitoken(request): + print(Token) + token, created = Token.objects.get_or_create(user=request.user) + return HttpResponse(token.key, content_type='text/plain') + + class ItemSelectView(AutoResponseView): def get(self, request, *args, **kwargs): self.widget = self.get_widget_or_404()