def test_make_token_new(self): """ Test that create_token creates a token for users that don't have one """ user = User.objects.get(pk=2) Token.objects.filter(user=user).delete() self.assertEqual(Token.objects.filter(user=user).count(), 0) create_token(user) self.assertEqual(Token.objects.filter(user=user).count(), 1)
def post(self, request): data = request.data serializer = self.serializer_class(data=data) serializer.is_valid(raise_exception=True) username = serializer.data["username"] password = serializer.data["password"] try: user = User.objects.get(username=username) except User.DoesNotExist: logger.info( f"Tried logging via API with unknown user: '******'") return Response( {'detail': 'Username or password unknown'}, status=status.HTTP_401_UNAUTHORIZED, ) if user.check_password(password): token = create_token(user) return Response({'token': token.key}, status=status.HTTP_200_OK) else: logger.info( f"User '{username}' tried logging via API with a wrong password" ) return Response( {'detail': 'Username or password unknown'}, status=status.HTTP_401_UNAUTHORIZED, )
def post(self, request): data = request.data serializer = self.serializer_class(data=data) serializer.is_valid(raise_exception=True) user = serializer.save() token = create_token(user) return Response( { 'message': 'api user successfully registered', 'token': token.key }, status=status.HTTP_201_CREATED)
def test_make_token_force_new(self): """ Test that create_token returns the user's existing token """ user = User.objects.get(pk=2) self.assertEqual(Token.objects.filter(user=user).count(), 1) token_before = Token.objects.get(user=user).key token = create_token(user, force_new=True).key token_after = Token.objects.get(user=user).key self.assertNotEqual(token_before, token_after) self.assertEqual(token, token_after)
def api_key(request): """ Allows the user to generate an API key for the REST API """ context = {} context.update(csrf(request)) try: token = Token.objects.get(user=request.user) except Token.DoesNotExist: token = None if request.GET.get('new_key'): token = create_token(request.user, request.GET.get('new_key')) # Redirect to get rid of the GET parameter return HttpResponseRedirect(reverse('core:user:api-key')) context['token'] = token return render(request, 'user/api_key.html', context)