add token endpoint

2022-05-31 15:43:04 +02:00 · 2022-05-31 15:43:04 +02:00 · 9affc583a3
commit 9affc583a3
parent cac72df7ba
3 changed files with 25 additions and 1 deletions
--- a/cookbook/urls.py
+++ b/cookbook/urls.py
@ -14,6 +14,7 @@ from .models import (Automation, Comment, CustomFilter, Food, InviteLink, Keywor
                     Supermarket, SupermarketCategory, Sync, SyncLog, Unit, UserFile,
                     get_model_name)
 from .views import api, data, delete, edit, import_export, lists, new, telegram, views
+from .views.api import CustomAuthToken

 router = routers.DefaultRouter()
 router.register(r'automation', api.AutomationViewSet)
@ -132,6 +133,7 @@ urlpatterns = [

    path('api/', include((router.urls, 'api'))),
    path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
+    path('api-token-auth/', CustomAuthToken.as_view()),

    path('offline/', views.offline, name='view_offline'),

--- a/cookbook/views/api.py
+++ b/cookbook/views/api.py
@ -27,6 +27,8 @@ from django_scopes import scopes_disabled
 from icalendar import Calendar, Event
 from requests.exceptions import MissingSchema
 from rest_framework import decorators, status, viewsets
+from rest_framework.authtoken.models import Token
+from rest_framework.authtoken.views import ObtainAuthToken
 from rest_framework.decorators import api_view, permission_classes, schema
 from rest_framework.exceptions import APIException, PermissionDenied
 from rest_framework.generics import CreateAPIView
@ -35,6 +37,7 @@ from rest_framework.parsers import MultiPartParser
 from rest_framework.renderers import JSONRenderer, TemplateHTMLRenderer
 from rest_framework.response import Response
 from rest_framework.schemas import AutoSchema
+from rest_framework.throttling import AnonRateThrottle
 from rest_framework.views import APIView
 from rest_framework.viewsets import ViewSetMixin
 from treebeard.exceptions import InvalidMoveToDescendant, InvalidPosition, PathOverflow
@ -1031,6 +1034,25 @@ class CustomFilterViewSet(viewsets.ModelViewSet, StandardFilterMixin):

 # -------------- DRF custom views --------------------

+class AuthTokenThrottle(AnonRateThrottle):
+    rate = '10/day'
+
+
+class CustomAuthToken(ObtainAuthToken):
+    throttle_classes = [AuthTokenThrottle]
+
+    def post(self, request, *args, **kwargs):
+        serializer = self.serializer_class(data=request.data,
+                                           context={'request': request})
+        serializer.is_valid(raise_exception=True)
+        user = serializer.validated_data['user']
+        token, created = Token.objects.get_or_create(user=user)
+        return Response({
+            'token': token.key,
+            'user_id': user.pk,
+        })
+
+
@api_view(['POST'])
 # @schema(AutoSchema()) #TODO add proper schema
@permission_classes([CustomIsUser])
--- a/recipes/settings.py
+++ b/recipes/settings.py
@ -241,7 +241,7 @@ REST_FRAMEWORK = {
    ),
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
-    ]
+    ],
 }

 ROOT_URLCONF = 'recipes.urls'