class CustomAuthToken(ObtainAuthToken): """View for custom auth token""" serializer_class = CustomAuthTokenSerializer if coreapi_schema.is_enabled(): schema = ManualSchema( fields=[ coreapi.Field( name="email", required=True, location='form', schema=coreschema.String( title="Email", description="Valid email for authentication", ), ), coreapi.Field( name="password", required=True, location='form', schema=coreschema.String( title="Password", description="Valid password for authentication", ), ), ], encoding="application/json", ) def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) user = serializer.validated_data['user'] token, created = Token.objects.get_or_create(user=user) return Response({'token': token.key, 'user_id': user.id})
class CustomAuthToken(ObtainAuthToken): serializer_class = CustomAuthTokenSerializer if coreapi_schema.is_enabled(): schema = ManualSchema( fields=[ coreapi.Field( name="email", required=True, location='form', schema=coreschema.String( title="Email", description="Valid email for authentication", ), ), coreapi.Field( name="password", required=True, location='form', schema=coreschema.String( title="Password", description="Valid password for authentication", ), ), ], encoding="application/json", )
class AddGroupUsersAPIView(views.APIView): permission_classes = (permissions.AllowAny, ) if coreapi_schema.is_enabled(): schema = ManualSchema( fields=[ coreapi.Field( name="users", required=False, location='form', schema=coreschema.Array( items={"email": "string"}, title="Email", description="an array with users of a group", ), ), ], encoding="application/json", ) def patch(self, request, **kwargs): group_name = kwargs.get('group_name', 'default') try: group = models.Group.objects.get(name=group_name) except models.Group.DoesNotExist: logger.info(f"group={group_name} - group not found") return response.Response(status=status.HTTP_404_NOT_FOUND) users_emails = json.loads(request.data) for user_data in users_emails: if "email" not in user_data: return response.Response(status=status.HTTP_400_BAD_REQUEST) user = models.User.objects.get(email=user_data['email']) group.user_set.add(user) return response.Response({"group": group, status: status.HTTP_200_OK})
class GroupAPIView(generics.RetrieveUpdateDestroyAPIView): if coreapi_schema.is_enabled(): schema = ManualSchema( fields=[ coreapi.Field( name="users", required=False, location='form', schema=coreschema.Array( items={"email": "string"}, title="Email", description="an array with users of a group", ), ), coreapi.Field( name="group", required=True, location='form', schema=coreschema.String( title="Group name", description="a string with a group name", ), ), ], encoding="application/json", ) # Allow any user (authenticated or not) to access this url permission_classes = (permissions.AllowAny, ) queryset = models.Group.objects.all() serializer_class = serializers.GroupSerializer lookup_field = 'name'
class ObtainAuthToken(APIView): throttle_classes = () authentication_classes = [] permission_classes = [] parser_classes = ( parsers.FormParser, parsers.MultiPartParser, parsers.JSONParser, ) renderer_classes = (renderers.JSONRenderer, ) serializer_class = AuthTokenSerializer if coreapi_schema.is_enabled(): schema = ManualSchema( fields=[ coreapi.Field( name="username", required=True, location='form', schema=coreschema.String( title="Username", description="Valid username for authentication", ), ), coreapi.Field( name="password", required=True, location='form', schema=coreschema.String( title="Password", description="Valid password for authentication", ), ), ], encoding="application/json", ) def get_serializer_context(self): return { 'request': self.request, 'format': self.format_kwarg, 'view': self } def get_serializer(self, *args, **kwargs): kwargs['context'] = self.get_serializer_context() return self.serializer_class(*args, **kwargs) def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) user = serializer.validated_data['user'] token, created = Token.objects.get_or_create(user=user) return Response({'token': token.key})
def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) if self.renderer_classes is None: if coreapi.is_enabled(): self.renderer_classes = [ renderers.CoreAPIOpenAPIRenderer, renderers.CoreJSONRenderer ] else: self.renderer_classes = [ renderers.OpenAPIRenderer, renderers.JSONOpenAPIRenderer, ] if renderers.BrowsableAPIRenderer in api_settings.DEFAULT_RENDERER_CLASSES: self.renderer_classes += [renderers.BrowsableAPIRenderer]
def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) if self.renderer_classes is None: if coreapi.is_enabled(): self.renderer_classes = [ renderers.CoreAPIOpenAPIRenderer, renderers.CoreJSONRenderer ] else: self.renderer_classes = [ renderers.OpenAPIRenderer, renderers.JSONOpenAPIRenderer, ] if renderers.BrowsableAPIRenderer in api_settings.DEFAULT_RENDERER_CLASSES: self.renderer_classes += [renderers.BrowsableAPIRenderer]
def get_mode(self): return COREAPI_MODE if coreapi.is_enabled() else OPENAPI_MODE
class CreateQuizAPIView(generics.CreateAPIView): if coreapi_schema.is_enabled(): schema = ManualSchema( fields=[ coreapi.Field( name="title", required=True, location='form', schema=coreschema.String( title="Title", description="name of a quiz", ), ), coreapi.Field( name="quiz_type", required=True, location='form', schema=coreschema.String( title="Type of a quiz", description="Type of a quiz", ), ), coreapi.Field( name="timestamp", required=True, location='form', schema=coreschema.Integer( title="Timestamp", description="timestamp", ), ), coreapi.Field( name="goal", required=True, location='form', schema=coreschema.Integer( title="Goal", description="goal for the users", ), ), coreapi.Field( name="indicator_value", required=True, location='form', schema=coreschema.Number( title="Indicator value", description="indicator value", ), ), coreapi.Field( name="author", required=True, location='form', schema=coreschema.String( title="Author username", description="author username", ), ), coreapi.Field( name="description", required=True, location='form', schema=coreschema.String( title="question description", description="description", ), ), coreapi.Field( name="vote_detail", required=True, location='form', schema=coreschema.Object( title="Vote detail", description="vote details in json format", ), ), ], encoding="application/json", ) permission_classes = (permissions.AllowAny, ) serializer_class = serializers.QuizSerializer queryset = models.Vote.objects.all()
class TokenLogin(APIView): throttle_classes = () permission_classes = () parser_classes = ( parsers.FormParser, parsers.MultiPartParser, parsers.JSONParser, ) renderer_classes = (renderers.JSONRenderer, ) serializer_class = AuthTokenSerializer if coreapi_schema.is_enabled(): schema = ManualSchema( fields=[ coreapi.Field( name="username", required=True, location='form', schema=coreschema.String( title="Username", description="Valid username for authentication", ), ), coreapi.Field( name="password", required=True, location='form', schema=coreschema.String( title="Password", description="Valid password for authentication", ), ), ], encoding="application/json", ) def get_serializer_context(self): return { 'request': self.request, 'format': self.format_kwarg, 'view': self } def get_serializer(self, *args, **kwargs): kwargs['context'] = self.get_serializer_context() return self.serializer_class(*args, **kwargs) def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) user = serializer.validated_data['user'] user.last_login = timezone.now() if Token.objects.filter(user=user).exists(): Token.objects.get(user=user).delete() token = Token.objects.create(user=user) token, created = Token.objects.get_or_create(user=user) response = Response(status=status.HTTP_200_OK) response.set_cookie(settings.AUTH_HTTP_COOKIE, token.key, expires=timezone.now() + datetime.timedelta(days=1), secure=settings.SESSION_COOKIE_SECURE, httponly=True, samesite="Strict") # response.cookies[settings.AUTH_HTTP_COOKIE]['httponly'] = True return response
class CreateUserAPIView(generics.CreateAPIView): # Allow any user (authenticated or not) to access this url permission_classes = (permissions.AllowAny, ) queryset = models.User.objects.all() serializer_class = serializers.UserSerializer if coreapi_schema.is_enabled(): schema = ManualSchema( fields=[ coreapi.Field( name="email", required=True, location='form', schema=coreschema.String( title="Email", description="Valid email for authentication", ), ), coreapi.Field( name="username", required=True, location='form', schema=coreschema.String( title="Username", description="user login", ), ), coreapi.Field( name="password", required=True, location='form', schema=coreschema.String( title="Password", description="Valid password for authentication", ), ), coreapi.Field( name="first_name", required=True, location='form', schema=coreschema.String( title="First name", description="user first name", ), ), coreapi.Field( name="last_name", required=True, location='form', schema=coreschema.String( title="Last name", description="user last name", ), ), coreapi.Field( name="is_staff", required=True, location='form', schema=coreschema.Boolean( title="User status", description="is user staff", ), ), ], encoding="application/json", )