def test_settings_consistently_coerced_to_list(self): settings = APISettings({ 'DEFAULT_THROTTLE_CLASSES': ('rest_framework.throttling.BaseThrottle', ) }) self.assertTrue(isinstance(settings.DEFAULT_THROTTLE_CLASSES, list)) settings = APISettings({'DEFAULT_THROTTLE_CLASSES': ()}) self.assertTrue(isinstance(settings.DEFAULT_THROTTLE_CLASSES, list))
class ViewHandleError(APIView): settings = APISettings(api_settings.user_settings, api_settings.defaults, api_settings.import_strings) def get(self, request, status, global_exc): self.status = int(status) self.global_exc = global_exc == 'True' raise Error('omg cats') def _exception_handler(self, exc, context=None): if context: status = int(context['kwargs']['status']) else: status = self.status return Response([{'response': 'exception was handled global'}], status=status) def get_exception_handler(self): return self.settings.EXCEPTION_HANDLER def handle_exception(self, exc): self.settings.EXCEPTION_HANDLER = self._exception_handler if self.global_exc: return super(ViewHandleError, self).handle_exception(exc) else: return Response([{'response': 'exception was handled not global'}], status=self.status)
def reload_api_settings(*args, **kwargs): global api_settings setting, value = kwargs['setting'], kwargs['value'] if setting == 'SIMPLE_JWT': api_settings = APISettings(value, DEFAULTS)
def test_warning_raised_on_removed_setting(self): """ Make sure user is alerted with an error when a removed setting is set. """ with self.assertRaises(RuntimeError): APISettings({'MAX_PAGINATE_BY': 100})
def reload_api_settings(*args, **kwargs): global api_settings setting, value = kwargs['setting'], kwargs['value'] if setting == 'JWT': api_settings = APISettings(value, DEFAULTS, IMPORT_STRINGS)
def test_non_import_errors(self): """Make sure other errors aren't suppressed.""" settings = APISettings( { 'DEFAULT_MODEL_SERIALIZER_CLASS': 'tests.extras.bad_import.ModelSerializer' }, DEFAULTS, IMPORT_STRINGS) with self.assertRaises(ValueError): settings.DEFAULT_MODEL_SERIALIZER_CLASS
def test_warning_raised_on_removed_setting(self): """ Make sure user is alerted with an error when a removed setting is set. """ with warnings.catch_warnings(record=True) as w: warnings.simplefilter("always") APISettings({'MAX_PAGINATE_BY': 100}) self.assertEqual(len(w), 1) self.assertTrue(issubclass(w[-1].category, DeprecationWarning))
def test_import_error_message_maintained(self): """Make sure real import errors are captured and raised sensibly.""" settings = APISettings( { 'DEFAULT_MODEL_SERIALIZER_CLASS': 'tests.extras.not_here.ModelSerializer' }, DEFAULTS, IMPORT_STRINGS) with self.assertRaises(ImportError) as cm: settings.DEFAULT_MODEL_SERIALIZER_CLASS self.assertTrue('ImportError' in str(cm.exception))
def test_import_error_message_maintained(self): """ Make sure import errors are captured and raised sensibly. """ settings = APISettings({ 'DEFAULT_RENDERER_CLASSES': ['tests.invalid_module.InvalidClassName'] }) with self.assertRaises(ImportError): settings.DEFAULT_RENDERER_CLASSES
def get_swagger_settings(): from django.test.signals import setting_changed from rest_framework.settings import APISettings DEFAULTS = { 'USE_SESSION_AUTH': True, 'SECURITY_DEFINITIONS': { 'basic': { 'type': 'basic' } }, 'LOGIN_URL': 'rest_framework:login', 'LOGOUT_URL': 'rest_framework:logout', 'DOC_EXPANSION': None, 'APIS_SORTER': None, 'OPERATIONS_SORTER': None, 'JSON_EDITOR': False, 'SHOW_REQUEST_HEADERS': False, 'SUPPORTED_SUBMIT_METHODS': ['get', 'post', 'put', 'delete', 'patch'], 'VALIDATOR_URL': '', 'ACCEPT_HEADER_VERSION': None, # e.g. '1.0' 'CUSTOM_HEADERS': {} # A dictionary of key/vals to override headers } IMPORT_STRINGS = [] swagger_settings = APISettings(user_settings=getattr( settings, 'SWAGGER_SETTINGS', {}), defaults=DEFAULTS, import_strings=IMPORT_STRINGS) def reload_settings(*args, **kwargs): # pragma: no cover """ Reloads settings during unit tests if override_settings decorator is used. (Taken from DRF) """ # pylint: disable=W0603 global swagger_settings if kwargs['setting'] == 'LOGIN_URL': swagger_settings.LOGIN_URL = kwargs['value'] if kwargs['setting'] == 'LOGOUT_URL': swagger_settings.LOGOUT_URL = kwargs['value'] if kwargs['setting'] != 'SWAGGER_SETTINGS': return swagger_settings = APISettings(kwargs['value'], DEFAULTS, IMPORT_STRINGS) setting_changed.connect(reload_settings) return swagger_settings
def __init__(self, user_settings=None, defaults=None, import_strings=None, namespace=None): """ Initialize the settings. :param user_settings: The pre-set user settings. :type user_settings: dict | None :param defaults: The default settings to use :type defaults: dict | None :param import_strings: The names of the importable settings :type import_strings: iterable of str | None :param namespace: The namespace of the settings or "CUSTOM" :type namespace: str | None """ APISettings.__init__(self, user_settings, defaults, import_strings) self.namespace = namespace or "CUSTOM" setting_changed.connect(self.reload_settings)
def reload_settings(*args, **kwargs): # pragma: no cover """ Reloads settings during unit tests if override_settings decorator is used. (Taken from DRF) """ # pylint: disable=W0603 global swagger_settings if kwargs['setting'] == 'LOGIN_URL': swagger_settings.LOGIN_URL = kwargs['value'] if kwargs['setting'] == 'LOGOUT_URL': swagger_settings.LOGOUT_URL = kwargs['value'] if kwargs['setting'] != 'SWAGGER_SETTINGS': return swagger_settings = APISettings(kwargs['value'], DEFAULTS, IMPORT_STRINGS)
def reload_api_settings(*args, **kwargs): global api_settings setting, value = kwargs["setting"], kwargs["value"] if setting == "REST_FRAMEWORK_SSO": api_settings = APISettings(value, DEFAULTS, IMPORT_STRINGS)
'get', 'post', 'put', 'delete', 'patch' ], 'VALIDATOR_URL': '', 'ACCEPT_HEADER_VERSION': None, # e.g. '1.0' 'CUSTOM_HEADERS': {} # A dictionary of key/vals to override headers } IMPORT_STRINGS = [] swagger_settings = APISettings( user_settings=getattr(settings, 'SWAGGER_SETTINGS', {}), defaults=DEFAULTS, import_strings=IMPORT_STRINGS ) def reload_settings(*args, **kwargs): # pragma: no cover """ Reloads settings during unit tests if override_settings decorator is used. (Taken from DRF) """ # pylint: disable=W0603 global swagger_settings if kwargs['setting'] == 'LOGIN_URL': swagger_settings.LOGIN_URL = kwargs['value'] if kwargs['setting'] == 'LOGOUT_URL':
def reload_api_settings(*args, **kwargs): global knox_settings setting, value = kwargs['setting'], kwargs['value'] if setting == 'REST_KNOX': knox_settings = APISettings(value, DEFAULTS, IMPORT_STRINGS)
from django.conf import settings from rest_framework.settings import APISettings FIREBASE_AUTH_SETTINGS = "FIREBASE_AUTH" USER_SETTINGS = getattr(settings, FIREBASE_AUTH_SETTINGS) DEFAULTS = {"SERVICE_ACCOUNT_KEY_FILE": "", "EMAIL_VERIFICATION": False} IMPORT_STRINGS = () firebase_auth_settings = APISettings(USER_SETTINGS, DEFAULTS, IMPORT_STRINGS)
from datetime import datetime, timedelta from calendar import timegm # 第三方库 from rest_framework import exceptions from rest_framework.authentication import BaseAuthentication from rest_framework.settings import APISettings import jwt # 项目库 from trade import settings from framework.exception import GlobalException jwt_settings = APISettings(user_settings=settings.JWT_AUTH, defaults=settings.JWT_AUTH) # 收到请求时, 先验证 Token, 再验证 Users class JWTAuthentication(BaseAuthentication): def authenticate(self, request): authorization = request.META.get('HTTP_AUTHORIZATION') if not authorization: raise exceptions.NotAuthenticated() user = self.authenticate_credentials(authorization) return user, authorization @staticmethod def authenticate_credentials(jwt_token, verify_exp=True): """ :param jwt_token: 解密后的字典 :param verify_exp: 是否校验失效时间 :return: user_dict: Users Model Serializer's data.
from django.conf import settings from rest_framework.settings import APISettings FOREIGN_USER_SETTINGS = getattr(settings, 'FOREIGN_USER_SETTINGS', {}) DEFAULTS = { 'USER_SERIALIZER': 'foreign_user.serializers.DefaultSerializer' } IMPORT_STRINGS = { 'USER_SERIALIZER' } foreign_user_settings = APISettings(FOREIGN_USER_SETTINGS, DEFAULTS, IMPORT_STRINGS)
# -*- coding: utf-8 -*- from django.conf import settings from rest_framework.settings import APISettings _rest_framework_settings = getattr(settings, 'REST_FRAMEWORK', None) # List of settings that may be in string import notation. IMPORT_STRINGS = ('RENDERER_CLASS', 'PARSER_CLASS') DEFAULTS = { 'RENDERER_CLASS': 'rest_framework.renderers.JSONRenderer', 'PARSER_CLASS': 'rest_framework.parsers.JSONParser' } VALID_SETTINGS = { 'RENDERER_CLASS': ('rest_framework.renderers.JSONRenderer', ), 'PARSER_CLASS': ('rest_framework.parsers.JSONParser', ) } rest_framework_settings = APISettings(_rest_framework_settings, DEFAULTS, IMPORT_STRINGS)
from django.utils.translation import ugettext_lazy as _ from rest_framework import status from rest_framework.exceptions import ParseError from rest_framework.permissions import IsAuthenticated from rest_framework.request import Request from rest_framework.response import Response from rest_framework.settings import APISettings from rest_framework.viewsets import GenericViewSet, ViewSet from rest_framework.views import APIView from .models import AuthToken from .serializers import UserRegistrationSerializer authtoken_settings = APISettings( { 'USER_SERIALIZER': getattr(settings, 'USER_SERIALIZER', None), }, { 'USER_SERIALIZER': None, }, {'USER_SERIALIZER'}) class LoginViewSet(ViewSet): def create(self, request: Request) -> Response: user = authenticate(username=request.data.get('username'), password=request.data.get('password')) if not user: return Response(_('invalid credentials.'), status=status.HTTP_401_UNAUTHORIZED) token = AuthToken.create_token_for_user(user) data = {
from django.conf import settings from rest_framework.settings import APISettings DEFAULTS = { 'DEFAULT_PAGE_SIZE': 25, 'DEFAULT_PERMISSION_CLASSES': ('channels_api.permissions.AllowAny', ) } IMPORT_STRINGS = ('DEFAULT_PERMISSION_CLASSES', ) api_settings = APISettings(getattr(settings, 'CHANNELS_API', None), DEFAULTS, IMPORT_STRINGS)
'SECURITY': None, # Tags defined in the global scope 'TAGS': [], # Optional: MUST contain 'url', may contain "description" 'EXTERNAL_DOCS': {}, # Oauth2 related settings. used for example by django-oauth2-toolkit. # https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.3.md#oauth-flows-object 'OAUTH2_FLOWS': [], 'OAUTH2_AUTHORIZATION_URL': None, 'OAUTH2_TOKEN_URL': None, 'OAUTH2_REFRESH_URL': None, 'OAUTH2_SCOPES': None, } IMPORT_STRINGS = [ 'SCHEMA_AUTHENTICATION_CLASSES', 'DEFAULT_GENERATOR_CLASS', 'SERVE_PERMISSIONS', 'POSTPROCESSING_HOOKS', 'PREPROCESSING_HOOKS', 'GET_LIB_DOC_EXCLUDES', 'GET_MOCK_REQUEST', ] spectacular_settings = APISettings( user_settings=getattr(settings, 'SPECTACULAR_SETTINGS', {}), defaults=SPECTACULAR_DEFAULTS, import_strings=IMPORT_STRINGS, )
#!/usr/bin/env python # coding: utf-8 from __future__ import unicode_literals from django.conf import settings from rest_framework.settings import APISettings USER_SETTINGS = getattr(settings, 'URL_PERMISSION', []) DEFAULTS = { 'ALL_ALLOW_URL': ['docs', 'admin', 'api-auth'] # 不用检查url权限认证的url开头命名 } url_permisson_settings = APISettings(USER_SETTINGS, DEFAULTS, None)
'JWT_AUTH_HEADER_PREFIX': 'JWT', 'JWT_AUTH_COOKIE': None, } # List of settings that may be in string import notation. IMPORT_STRINGS = ( 'JWT_ENCODE_HANDLER', 'JWT_DECODE_HANDLER', 'JWT_PAYLOAD_HANDLER', 'JWT_PAYLOAD_GET_USER_ID_HANDLER', 'JWT_PAYLOAD_GET_USERNAME_HANDLER', 'JWT_RESPONSE_PAYLOAD_HANDLER', 'JWT_GET_USER_SECRET_KEY', ) api_settings = APISettings(DEFAULTS, IMPORT_STRINGS) # Internationalization # https://docs.djangoproject.com/en/1.11/topics/i18n/ LANGUAGE_CODE = 'en-us' TIME_ZONE = 'UTC' USE_I18N = True USE_L10N = True USE_TZ = True MEDIA_URL = '/media/'
"RENDERER_CLASS": "rest_framework.renderers.JSONRenderer", "PARSER_CLASS": "rest_framework.parsers.JSONParser", "JSON_UNDERSCOREIZE": { "no_underscore_before_number": False, "ignore_fields": None }, } # List of settings that may be in string import notation. IMPORT_STRINGS = ("RENDERER_CLASS", "PARSER_CLASS") VALID_SETTINGS = { "RENDERER_CLASS": ( "rest_framework.renderers.JSONRenderer", "rest_framework.renderers.UnicodeJSONRenderer", ), "PARSER_CLASS": ("rest_framework.parsers.JSONParser", ), } def validate_settings(input_settings, valid_settings): for setting_name, valid_values in valid_settings.items(): input_setting = input_settings.get(setting_name) if input_setting and input_setting not in valid_values: raise ImproperlyConfigured(setting_name) validate_settings(USER_SETTINGS, VALID_SETTINGS) api_settings = APISettings(USER_SETTINGS, DEFAULTS, IMPORT_STRINGS)
class OverridenSettingsView(APIView): settings = APISettings({'EXCEPTION_HANDLER': custom_handler}) def get(self, request, *args, **kwargs): raise SyntaxError('request is invalid syntax')
from django.conf import settings from rest_framework.settings import APISettings DEFAULTS = { 'DEFAULT_PAGE_SIZE': 25, 'DEFAULT_PERMISSION_CLASSES': ( 'djangochannelsrestframework.permissions.AllowAny', ) } IMPORT_STRINGS = ( 'DEFAULT_PERMISSION_CLASSES', ) api_settings = APISettings(getattr(settings, 'DJANGO_CHANNELS_REST_API', None), DEFAULTS, IMPORT_STRINGS)
_default = copy.deepcopy(DEFAULTS) _default.update( **{ 'PAY_CALLBACK_AUTHENTICATION_CLASSES': ( 'rest_framework.authentication.BasicAuthentication', 'rest_framework.authentication.SessionAuthentication', ), 'PAY_CALLBACK_PERMISSION_CLASSES': ( 'rest_framework.permissions.AllowAny', ) }) _import_strings = list(copy.deepcopy(IMPORT_STRINGS)) _import_strings.extend( ['PAY_CALLBACK_AUTHENTICATION_CLASSES', 'PAY_CALLBACK_PERMISSION_CLASSES']) api_settings = APISettings(None, _default, _import_strings) WXPAY_REQUEST_DATA = ('appid', 'mch_id', 'nonce_str', 'sign', 'result_code', 'openid', 'trade_type', 'bank_type', 'total_fee', 'cash_fee', 'transaction_id', 'out_trade_no', 'time_end') class JsApiCallback(APIView): """ 微信支付JSAPI模式回调 """ authentication_classes = api_settings.PAY_CALLBACK_AUTHENTICATION_CLASSES permission_classes = api_settings.PAY_CALLBACK_PERMISSION_CLASSES def __init__(self, **kwargs): self._orders_id = None
USER_SETTINGS = getattr(settings, 'JWT_AUTH', None) DEFAULTS = { 'JWT_PRIVATE_KEY': None, 'JWT_PUBLIC_KEY': None, 'JWT_SECRET_KEY': settings.SECRET_KEY, 'JWT_ALGORITHM': 'HS256', 'JWT_VERIFY': True, 'JWT_VERIFY_EXPIRATION': True, 'JWT_LEEWAY': 0, 'JWT_EXPIRATION_DELTA': datetime.timedelta(days=14), 'JWT_AUDIENCE': None, 'JWT_ISSUER': None, 'JWT_ALLOW_REFRESH': False, 'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=14), 'JWT_AUTH_HEADER_PREFIX': 'Bearer', 'PAGE_SIZE': 20, # 'ORDER_PAGE_SIZE':5, # 'MAX_FILE_UPLOAD_SIZE': 12 * 1000 * 1000, # 'GOOGLE_AUTH_ADMIN': "ME4WGNBWGI4GMNLC", # 'ZOOM_API_KEY': 'rhfF2x-qRj2QbWNWC5s75w', # 'ZOOM_API_SECRET': 'SA7qSdBAwu4MgxEKcYxDrPtdBeoQMtNwWTwN', # 'YP_APIKEY': '7be50ac81074413e4d7f6b08fd19eb7e', # 'GOOGLE_AUTH_MEMBER': "ME4WGNBWGI4GMNLC", # 'GOOGLE_AUTH_MERCHANT': "HAZTMZJRHFSDKODE", # 'GOOGLE_AUTH_DAIMAI':"XSBB2PZPRUXINTVA", # 'GOOGLE_AUTH_RIDER': "HE2DMNJZMNTDINZX", } api_settings = APISettings(USER_SETTINGS, DEFAULTS)
# scopes field doesn't contain the API_SCOPE_PREFIX or any value that # starts with API_SCOPE_PREFIX and a dot. # # E.g. if API_SCOPE_PREFIX='xyz' and this is set to true, then the # authentication will fail if the API scopes doesn't contain either # 'xyz' or an item that starts with 'xyz.' (like 'xyz.readonly' or # 'xyz.view'). REQUIRE_API_SCOPE_FOR_AUTHENTICATION=False, # Field name containing the API scopes authorized by the user API_AUTHORIZATION_FIELD='https://api.hel.fi/auth', # URL of the OpenID Provider ISSUER='https://tunnistamo.hel.fi', # Auth scheme used in the Authorization header AUTH_SCHEME='Bearer', # Function for resolving users USER_RESOLVER='helusers.oidc.resolve_user', # OIDC config expiration time OIDC_CONFIG_EXPIRATION_TIME=24 * 60 * 60) _import_strings = [ 'USER_RESOLVER', ] api_token_auth_settings = APISettings(_user_settings, _defaults, _import_strings)