From 9affc583a3ecc15102fc8e55e28cb756e3d2b967 Mon Sep 17 00:00:00 2001 From: vabene1111 Date: Tue, 31 May 2022 15:43:04 +0200 Subject: [PATCH] add token endpoint --- cookbook/urls.py | 2 ++ cookbook/views/api.py | 22 ++++++++++++++++++++++ recipes/settings.py | 2 +- 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/cookbook/urls.py b/cookbook/urls.py index 32cfc7b5..b82737a6 100644 --- a/cookbook/urls.py +++ b/cookbook/urls.py @@ -14,6 +14,7 @@ from .models import (Automation, Comment, CustomFilter, Food, InviteLink, Keywor Supermarket, SupermarketCategory, Sync, SyncLog, Unit, UserFile, get_model_name) from .views import api, data, delete, edit, import_export, lists, new, telegram, views +from .views.api import CustomAuthToken router = routers.DefaultRouter() router.register(r'automation', api.AutomationViewSet) @@ -132,6 +133,7 @@ urlpatterns = [ path('api/', include((router.urls, 'api'))), path('api-auth/', include('rest_framework.urls', namespace='rest_framework')), + path('api-token-auth/', CustomAuthToken.as_view()), path('offline/', views.offline, name='view_offline'), diff --git a/cookbook/views/api.py b/cookbook/views/api.py index beb1a537..7f8640af 100644 --- a/cookbook/views/api.py +++ b/cookbook/views/api.py @@ -27,6 +27,8 @@ from django_scopes import scopes_disabled from icalendar import Calendar, Event from requests.exceptions import MissingSchema from rest_framework import decorators, status, viewsets +from rest_framework.authtoken.models import Token +from rest_framework.authtoken.views import ObtainAuthToken from rest_framework.decorators import api_view, permission_classes, schema from rest_framework.exceptions import APIException, PermissionDenied from rest_framework.generics import CreateAPIView @@ -35,6 +37,7 @@ from rest_framework.parsers import MultiPartParser from rest_framework.renderers import JSONRenderer, TemplateHTMLRenderer from rest_framework.response import Response from rest_framework.schemas import AutoSchema +from rest_framework.throttling import AnonRateThrottle from rest_framework.views import APIView from rest_framework.viewsets import ViewSetMixin from treebeard.exceptions import InvalidMoveToDescendant, InvalidPosition, PathOverflow @@ -1031,6 +1034,25 @@ class CustomFilterViewSet(viewsets.ModelViewSet, StandardFilterMixin): # -------------- DRF custom views -------------------- +class AuthTokenThrottle(AnonRateThrottle): + rate = '10/day' + + +class CustomAuthToken(ObtainAuthToken): + throttle_classes = [AuthTokenThrottle] + + def post(self, request, *args, **kwargs): + serializer = self.serializer_class(data=request.data, + context={'request': request}) + serializer.is_valid(raise_exception=True) + user = serializer.validated_data['user'] + token, created = Token.objects.get_or_create(user=user) + return Response({ + 'token': token.key, + 'user_id': user.pk, + }) + + @api_view(['POST']) # @schema(AutoSchema()) #TODO add proper schema @permission_classes([CustomIsUser]) diff --git a/recipes/settings.py b/recipes/settings.py index 16d9b80d..19e1c4e5 100644 --- a/recipes/settings.py +++ b/recipes/settings.py @@ -241,7 +241,7 @@ REST_FRAMEWORK = { ), 'DEFAULT_PERMISSION_CLASSES': [ 'rest_framework.permissions.IsAuthenticated', - ] + ], } ROOT_URLCONF = 'recipes.urls'