def authenticate(self, request):
"""Check authentication of each request
"""
token = get_token(request)
if token == None:
return None
user = None
try:
session = Session.objects.get(token=token)
except ObjectDoesNotExist:
return None
if not session.is_valid:
session.delete()
return None
#update data
session.save()
user = session.user
ret = self.security_check_then_return(user, request)
check_expired_plan(user)
return ret
def list(self, request):
try:
session = Session.objects.get(token=get_token(request))
except ObjectDoesNotExist:
return Response(status=status.HTTP_403_FORBIDDEN)
if session.is_valid:
return Response(status=status.HTTP_200_OK)
session.delete()
return Response(status=status.HTTP_403_FORBIDDEN)
def destroy(self, request, pk=None):
Session.objects.get(token=get_token(request)).delete()
return Response(status=status.HTTP_200_OK)
