Added authtoken login/logout urlpatterns and views to support scripted logins and logouts using TokenAuthentication. Added unittests.

2025-02-16 19:41:06 +03:00 · 2012-11-10 16:09:14 -08:00 · 2012-11-10 16:09:14 -08:00 · 4a2526bd1e
commit 4a2526bd1e
parent 647abcdb16
2 changed files with 58 additions and 0 deletions
--- a/rest_framework/authtoken/serializers.py
+++ b/rest_framework/authtoken/serializers.py
@ -0,0 +1,37 @@
+from django.contrib.auth import authenticate
+
+from rest_framework import serializers
+from rest_framework.authtoken.models import Token
+
+
+class AuthTokenSerializer(serializers.Serializer):
+    token = serializers.Field(source="key")
+    username = serializers.CharField(max_length=30)
+    password = serializers.CharField()
+
+    def validate(self, attrs):
+        username = attrs.get('username')
+        password = attrs.get('password')
+
+        if username and password:
+            user = authenticate(username=username, password=password)
+
+            if user:
+                if not user.is_active:
+                    raise serializers.ValidationError('User account is disabled.')
+                attrs['user'] = user
+                return attrs
+            else:
+                raise serializers.ValidationError('Unable to login with provided credentials.')
+        else:
+            raise serializers.ValidationError('Must include "username" and "password"')
+
+    def convert_object(self, obj):
+        ret = self._dict_class()
+        ret['token'] = obj.key
+        ret['user'] = obj.user.id
+        return ret
+
+    def restore_object(self, attrs, instance=None):
+        token, created = Token.objects.get_or_create(user=attrs['user'])
+        return token
--- a/rest_framework/authtoken/urls.py
+++ b/rest_framework/authtoken/urls.py
@ -0,0 +1,21 @@
+"""
+Login and logout views for token authentication.
+
+Add these to your root URLconf if you're using token authentication
+your API requires authentication.
+
+The urls must be namespaced as 'rest_framework', and you should make sure
+your authentication settings include `TokenAuthentication`.
+
+    urlpatterns = patterns('',
+        ...
+        url(r'^auth-token', include('rest_framework.authtoken.urls', namespace='rest_framework'))
+    )
+"""
+from django.conf.urls.defaults import patterns, url
+from rest_framework.authtoken.views import AuthTokenView
+
+urlpatterns = patterns('rest_framework.authtoken.views',
+    url(r'^login/$', AuthTokenView.as_view(), name='token_login'),
+#    url(r'^logout/$', 'token_logout', name='token_logout'),
+)