mirror of
https://github.com/Alexander-D-Karpov/akarpov
synced 2024-11-10 21:56:34 +03:00
updated caching, api docs
This commit is contained in:
parent
c772c1a97b
commit
6bce18344f
|
@ -401,9 +401,15 @@ def post(self, request, *args, **kwargs):
|
||||||
try:
|
try:
|
||||||
user_id = self.request.data.get("user_id", None)
|
user_id = self.request.data.get("user_id", None)
|
||||||
if user_id:
|
if user_id:
|
||||||
user = User.objects.cache().get(id=user_id)
|
user_id_int = None
|
||||||
if user != self.request.user:
|
try:
|
||||||
return Response(status=403)
|
user_id_int = int(user_id)
|
||||||
|
except ValueError:
|
||||||
|
...
|
||||||
|
if user_id_int:
|
||||||
|
user = User.objects.cache().get(id=user_id_int)
|
||||||
|
if user != self.request.user:
|
||||||
|
return Response(status=403)
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
...
|
...
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
|
from drf_spectacular.extensions import OpenApiAuthenticationExtension
|
||||||
|
from drf_spectacular.plumbing import build_bearer_security_scheme_object
|
||||||
from rest_framework.authentication import BaseAuthentication
|
from rest_framework.authentication import BaseAuthentication
|
||||||
|
|
||||||
from akarpov.users.models import UserAPIToken
|
from akarpov.users.models import User, UserAPIToken
|
||||||
from akarpov.users.tasks import set_last_active_token
|
from akarpov.users.tasks import set_last_active_token
|
||||||
|
|
||||||
|
|
||||||
|
@ -19,4 +21,14 @@ def authenticate(self, request):
|
||||||
return None
|
return None
|
||||||
set_last_active_token.delay(token.token)
|
set_last_active_token.delay(token.token)
|
||||||
|
|
||||||
return token.user, token
|
return User.objects.cache().get(id=token.user_id), token
|
||||||
|
|
||||||
|
|
||||||
|
class UserTokenAuthenticationExtension(OpenApiAuthenticationExtension):
|
||||||
|
target_class = "akarpov.users.api.authentification.UserTokenAuthentication"
|
||||||
|
name = "UserTokenAuthentication"
|
||||||
|
|
||||||
|
def get_security_definition(self, auto_schema):
|
||||||
|
return build_bearer_security_scheme_object(
|
||||||
|
header_name="Authorization", token_prefix="Bearer"
|
||||||
|
)
|
||||||
|
|
|
@ -18,6 +18,8 @@
|
||||||
)
|
)
|
||||||
from akarpov.users.models import User
|
from akarpov.users.models import User
|
||||||
|
|
||||||
|
from .authentification import UserTokenAuthentication # noqa: F401
|
||||||
|
|
||||||
|
|
||||||
class UserRegisterAPIViewSet(generics.CreateAPIView):
|
class UserRegisterAPIViewSet(generics.CreateAPIView):
|
||||||
"""Creates new user and sends verification email"""
|
"""Creates new user and sends verification email"""
|
||||||
|
|
|
@ -529,6 +529,11 @@
|
||||||
{"url": "http://127.0.0.1:8000", "description": "Local Development server"},
|
{"url": "http://127.0.0.1:8000", "description": "Local Development server"},
|
||||||
{"url": "https://new.akarpov.ru", "description": "Production server"},
|
{"url": "https://new.akarpov.ru", "description": "Production server"},
|
||||||
],
|
],
|
||||||
|
"EXTENSIONS": {
|
||||||
|
"authentication": [
|
||||||
|
"akarpov.users.api.authentification.UserTokenAuthenticationExtension"
|
||||||
|
],
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
# CKEDITOR
|
# CKEDITOR
|
||||||
|
|
Loading…
Reference in New Issue
Block a user