def create(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): serializer.save() return responses.data_response(serializer.data, status.HTTP_201_CREATED) return responses.error_response(serializer.errors)
def retrieve(self, request, *args, **kwargs): token = self.get_object() try: self._replace_expired_token(token) serializer = self.get_serializer(token) return responses.data_response(serializer.data) except ValueError as e: token.delete() return responses.error_response(str(e))
def create(self, request, *args, **kwargs): """ Create a token using the given code and associates it with the given oauth_client and user :param request: :param args: :param kwargs: :return: """ user = request.user try: code = request.data.get('code') oauth_client = request.data.get('oauth_client') # actually get the oauth_client object # Can take either name or id try: oauth_client = OauthClient.objects.get(id=int(oauth_client)) except ValueError: oauth_client = OauthClient.objects.get(name=oauth_client) if None in (code, oauth_client): raise ValueError(request.data) payload = { 'grant_type': 'authorization_code', # OAuth 2.0 specification 'code': code, 'redirect_uri': oauth_client.redirect_uri } auth = None if oauth_client.authorize_using_header: auth = (oauth_client.client_id, oauth_client.client_secret) else: payload['client_id'] = oauth_client.client_id payload['client_secret'] = oauth_client.client_secret r = requests.post(oauth_client.token_url, payload, auth=auth, headers=self.HEADERS) if r.status_code == 200: # Painful debugging note: Yea... it returns a tuple. token, created = Token.objects.update_or_create(user=user, oauth_client=oauth_client, defaults=r.json()) serializer = TokenSerializer(token) return responses.data_response(serializer.data) else: raise ValueError('failed get token request') except OauthClient.DoesNotExist: return responses.error_response('Invalid oauth_client_id.') except ValueError: return responses.INVALID_DATA_RESPONSE
def post(request, *args, **kwargs): username = request.data.get('username') password = request.data.get('password') user = authenticate(username=username, password=password) if user is not None: login(request, user) serializer = UserSerializer(user) return responses.data_response(serializer.data) else: return responses.error_response('Invalid credentials.')
def destroy(self, request, *args, **kwargs): token = self.get_object() oauth_client = token.oauth_client access_token = token.access_token token.delete() # Process is not uniform across different companies if oauth_client.name == 'reddit': auth = (oauth_client.client_id, oauth_client.client_secret) data = {'token': access_token} r = requests.post(oauth_client.revoke_url, data, auth=auth, headers=self.HEADERS) if r.status_code < 300: return responses.success_response('Token deleted.') else: return responses.error_response('Revoke token error.')