8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-12-04 18:42:25 +00:00
re2o/api/views.py

69 lines
2.6 KiB
Python
Raw Permalink Normal View History

2018-06-30 01:25:46 +00:00
# -*- mode: python; coding: utf-8 -*-
2020-11-23 16:06:37 +00:00
# Re2o est un logiciel d'administration développé initiallement au Rézo Metz. Il
2018-03-17 17:20:31 +00:00
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2018 Maël Kervella
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
2018-06-17 01:06:58 +00:00
"""Defines the views of the API
2018-03-17 17:20:31 +00:00
2018-06-17 01:06:58 +00:00
All views inherits the `rest_framework.views.APIview` to respect the
REST API requirements such as dealing with HTTP status code, format of
the response (JSON or other), the CSRF exempting, ...
2018-03-17 17:20:31 +00:00
"""
2018-03-17 17:50:03 +00:00
import datetime
2018-03-17 17:50:03 +00:00
from django.conf import settings
2020-01-25 22:37:17 +00:00
from django.contrib.auth.models import Group
2021-02-10 10:06:09 +00:00
from django.db.models import Q
from rest_framework import generics, views, viewsets
from rest_framework.authtoken.models import Token
from rest_framework.authtoken.views import ObtainAuthToken
2018-04-19 22:00:49 +00:00
from rest_framework.response import Response
2018-04-24 15:57:55 +00:00
from . import serializers
2018-06-10 15:12:42 +00:00
from .pagination import PageSizedPagination
2018-06-13 22:39:37 +00:00
from .permissions import ACLPermission
2018-03-17 17:57:11 +00:00
2018-04-13 19:35:52 +00:00
class ObtainExpiringAuthToken(ObtainAuthToken):
2018-06-17 01:06:58 +00:00
"""Exposes a view to obtain a authentication token.
This view as the same behavior as the
`rest_framework.auth_token.views.ObtainAuthToken` view except that the
expiration time is send along with the token as an addtional information.
"""
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data["user"]
token, created = Token.objects.get_or_create(user=user)
token_duration = datetime.timedelta(seconds=settings.API_TOKEN_DURATION)
utc_now = datetime.datetime.now(datetime.timezone.utc)
if not created and token.created < utc_now - token_duration:
token.delete()
token = Token.objects.create(user=user)
token.created = datetime.datetime.utcnow()
token.save()
return Response(
{"token": token.key, "expiration": token.created + token_duration}
)