def get_cache_key(self, request, view):
if is_authenticated(request.user):
return None # Only throttle unauthenticated requests.
return self.cache_format % {
'scope': self.scope,
'ident': self.get_ident(request)
}
def get_cache_key(self, request, view):
if is_authenticated(request.user):
ident = request.user.pk
else:
ident = self.get_ident(request)
return self.cache_format % {
'scope': self.scope,
'ident': ident
}
def get_cache_key(self, request, view):
"""
If `view.throttle_scope` is not set, don't apply this throttle.
Otherwise generate the unique cache key by concatenating the user id
with the '.throttle_scope` property of the view.
"""
if is_authenticated(request.user):
ident = request.user.pk
else:
ident = self.get_ident(request)
return self.cache_format % {
'scope': self.scope,
'ident': ident
}
def has_permission(self, request, view):
model = view.model
method = view.method
assert model is not None, (
'Cannot apply DjangoModelPermissions on a view that '
'does not set `model`.')
assert method is not None, (
'Cannot apply DjangoModelPermissions on a view that '
'does not set `method`.')
perms = self.get_required_permissions(method, model)
return (request.user and (is_authenticated(request.user)
or not self.authenticated_users_only)
and request.user.has_perms(perms))
def resolve(self, next, root, args, context, info):
if not (context.user and is_authenticated(context.user)):
context.user = SimpleLazyObject(lambda: get_user_jwt(context))
return next(root, args, context, info)
def __call__(self, request):
if not (request.user and is_authenticated(request.user)):
request.user = SimpleLazyObject(lambda: get_user_jwt(request))
return self.get_response(request)
def permission_denied(cls, context):
if not (context.user and is_authenticated(context.user)):
raise NotAuthenticated()
raise PermissionDenied()
def has_permission(self, request, view):
return request.user and is_authenticated(
request.user) and request.user.is_superuser