sanspie/akarpov
1
1
Fork 0
mirror of https://github.com/Alexander-D-Karpov/akarpov synced 2024-11-10 21:56:34 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: sanspie:5088ab308adf28e6de013b7c7f01097ec23700ee
Branches Tags
sanspie:main
sanspie:dependabot/pip/pytest-asyncio-0.23.6
sanspie:dependabot/pip/crispy-bootstrap5-2024.2
sanspie:dependabot/docker/compose/production/traefik/traefik-2.11.0
sanspie:dependabot/github_actions/pre-commit/action-3.0.1
sanspie:dependabot/pip/drf-spectacular-0.27.1
sanspie:dependabot/github_actions/actions/cache-4
sanspie:dependabot/pip/fastapi-0.108.0
sanspie:dependabot/pip/werkzeug-3.0.1
..
compare: sanspie:2b2c16db2d88989f24ddd1b479f3aeb9d5ca02f6
Branches Tags
sanspie:main
sanspie:dependabot/pip/pytest-asyncio-0.23.6
sanspie:dependabot/pip/crispy-bootstrap5-2024.2
sanspie:dependabot/docker/compose/production/traefik/traefik-2.11.0
sanspie:dependabot/github_actions/pre-commit/action-3.0.1
sanspie:dependabot/pip/drf-spectacular-0.27.1
sanspie:dependabot/github_actions/actions/cache-4
sanspie:dependabot/pip/fastapi-0.108.0
sanspie:dependabot/pip/werkzeug-3.0.1

3 Commits
5088ab308a ... 2b2c16db2d

Author SHA1 Message Date
Alexander-D-Karpov
2b2c16db2d updated base template 2024-03-30 01:19:38 +03:00
Alexander-D-Karpov
ca199383d4 bug fixes 2024-03-30 01:03:46 +03:00
Alexander-D-Karpov
4794664e6a added User API Integration token, major updates 2024-03-30 01:02:07 +03:00
27 changed files with 692 additions and 411 deletions
Show Stats Expand all files Collapse all files

11
akarpov/blog/forms.py
View File

@ -1,11 +1,12 @@
from ckeditor.fields import RichTextFormField
from django import forms
from django_ckeditor_5.fields import CKEditor5Field
from django_ckeditor_5.widgets import CKEditor5Widget
from akarpov.blog.models import Post, Tag
class PostForm(forms.ModelForm):
body = RichTextFormField(label="")
body = CKEditor5Field(config_name="extends")
image = forms.ImageField(help_text="better use horizontal images", required=False)
tags = forms.ModelMultipleChoiceField(
queryset=Tag.objects.all(), widget=forms.CheckboxSelectMultiple, required=True
@ -14,3 +15,9 @@ class PostForm(forms.ModelForm):
class Meta:
model = Post
fields = ["title", "body", "image", "tags"]
widgets = {
"body": CKEditor5Widget(
attrs={"class": "django_ckeditor_5"},
config_name="extends",
)
}

3
akarpov/blog/migrations/0001_initial.py
View File

@ -1,6 +1,5 @@
# Generated by Django 4.0.8 on 2022-11-23 08:30
import ckeditor_uploader.fields
import colorfield.fields
from django.conf import settings
from django.db import migrations, models
@ -56,7 +55,7 @@ class Migration(migrations.Migration):
),
),
("title", models.CharField(max_length=100)),
("body", ckeditor_uploader.fields.RichTextUploadingField()),
("body", models.TextField()),
("slug", models.SlugField(blank=True, max_length=20)),
("post_views", models.IntegerField(default=0)),
("rating", models.IntegerField(default=0)),

18
akarpov/blog/migrations/0011_alter_post_body.py Normal file
View File

@ -0,0 +1,18 @@
# Generated by Django 4.2.10 on 2024-03-29 15:35
from django.db import migrations
import django_ckeditor_5.fields
class Migration(migrations.Migration):
dependencies = [
("blog", "0010_alter_tag_color"),
]
operations = [
migrations.AlterField(
model_name="post",
name="body",
field=django_ckeditor_5.fields.CKEditor5Field(),
),
]

4
akarpov/blog/models.py
View File

@ -1,8 +1,8 @@
from ckeditor_uploader.fields import RichTextUploadingField
from colorfield.fields import ColorField
from django.db import models
from django.db.models import Count
from django.urls import reverse
from django_ckeditor_5.fields import CKEditor5Field
from drf_spectacular.utils import extend_schema_field
from rest_framework import serializers
@ -16,7 +16,7 @@
class Post(BaseImageModel, ShortLinkModel, UserHistoryModel):
title = models.CharField(max_length=100, blank=False)
body = RichTextUploadingField(blank=False)
body = CKEditor5Field(blank=False, config_name="extends")
creator = models.ForeignKey(User, on_delete=models.CASCADE, related_name="posts")

56
akarpov/music/api/permissions.py Normal file
View File

@ -0,0 +1,56 @@
from rest_framework import permissions
from akarpov.users.models import User, UserAPIToken
class GetBaseMusicPermission(permissions.BasePermission):
def get_token_data(self, request) -> (dict, User | None):
try:
token = request.headers["Authorization"]
if " " in token:
token = token.split(" ")[1]
except (KeyError, IndexError):
return {
"listen": False,
"upload": False,
"playlist": False,
}, None
try:
token = UserAPIToken.objects.cache().get(token=token)
except UserAPIToken.DoesNotExist:
return {
"listen": False,
"upload": False,
"playlist": False,
}, None
if "music" not in token.permissions:
return {
"listen": False,
"upload": False,
"playlist": False,
}, token.user
return token.permissions["music"], token.user
class CanListenToMusic(GetBaseMusicPermission):
def has_permission(self, request, view):
token_data = self.get_token_data(request)
if "listen" in token_data:
return token_data["listen"]
return False
class CanUploadMusic(GetBaseMusicPermission):
def has_permission(self, request, view):
token_data = self.get_token_data(request)
if "upload" in token_data:
return token_data["upload"]
return False
class CanManagePlaylists(GetBaseMusicPermission):
def has_permission(self, request, view):
token_data = self.get_token_data(request)
if "playlist" in token_data:
return token_data["playlist"]
return False

3
akarpov/templates/base.html
View File

@ -100,6 +100,7 @@
<li><a class="dropdown-item {% active_link 'tools:promocodes:activate' %}" href="{% url 'tools:promocodes:activate' %}">Activate promocode</a></li>
<li><a class="dropdown-item {% active_link 'users:history' %}" href="{% url 'users:history' %}">History</a></li>
<li><a class="dropdown-item {% active_link 'users:enable_2fa' %}" href="{% url 'users:enable_2fa' %}">2FA</a></li>
<li><a class="dropdown-item {% active_link 'users:enable_2fa' %}" href="{% url 'users:list_tokens' %}">API Tokens</a></li>
<li>
<hr class="dropdown-divider">
</li>
@ -139,7 +140,7 @@
</div>
</main>
<footer class="row bg-light py-1 mt-auto text-center">
<div class="col"> Writen by <a href="https://akarpov.ru/about">sanspie</a>, find source code <a href="https://github.com/Alexander-D-Karpov/akarpov">here</a>. Copyleft akarpov 2023</div>
<div class="col"> Writen by <a href="https://akarpov.ru/about">sanspie</a>, find source code <a href="https://github.com/Alexander-D-Karpov/akarpov">here</a>. Copyleft akarpov 2022</div>
</footer>
<div id="toastContainer" class="toast-container position-fixed bottom-0 end-0 p-3">

8
akarpov/templates/blog/form.html
View File

@ -8,13 +8,9 @@
<form class="pt-2" enctype="multipart/form-data" method="POST" id="designer-form">
{% csrf_token %}
{{ form.media }}
{% for field in form %}
{{ field|as_crispy_field }}
{% endfor %}
{{ form|crispy }}
<div class="mt-4 flex justify-end space-x-4">
<button class="btn btn-secondary" type="submit" id="submit">
Save Changes
</button>
<input class="btn btn-secondary" type="submit" id="submit" value="Save Changes" />
</div>
</form>
{% endblock %}

12
akarpov/templates/users/confirm_delete_token.html Normal file
View File

@ -0,0 +1,12 @@
{% extends "base.html" %}
{% block content %}
<div class="container mt-4">
<h2>Confirm Deletion</h2>
<p>Are you sure you want to delete this token?</p>
<form method="post">
{% csrf_token %}
<button type="submit" class="btn btn-danger">Yes, delete it</button>
<a href="{% url 'users:list_tokens' %}" class="btn btn-secondary">Cancel</a>
</form>
</div>
{% endblock %}

21
akarpov/templates/users/create_token.html Normal file
View File

@ -0,0 +1,21 @@
{% extends "base.html" %}
{% load crispy_forms_tags %}
{% block content %}
<div class="container mt-4">
<h2>Create API Token</h2>
<form method="post">
{% csrf_token %}
{% for field in form %}
{% if field.name|slice:":12" == 'permissions_' %}
<fieldset>
{{ field|as_crispy_field }}
</fieldset>
{% else %}
{{ field|as_crispy_field }}
{% endif %}
{% endfor %}
<button type="submit" class="btn btn-primary mt-2">Create Token</button>
</form>
</div>
{% endblock %}

27
akarpov/templates/users/list_tokens.html Normal file
View File

@ -0,0 +1,27 @@
{% extends "base.html" %}
{% load humanize %}
{% block content %}
<div class="container mt-4">
<h2>My API Tokens</h2>
<div class="mb-3">
<a href="{% url 'users:create_token' %}" class="btn btn-primary">Create New Token</a>
</div>
<ul class="list-group">
{% for token in tokens %}
<li class="list-group-item d-flex justify-content-between align-items-center">
<div>
{% if token.name %}{{ token.name }}{% else %}<em>Unnamed Token</em>{% endif %}
<br>
<small>{{ token.token|slice:":5" }}***{{ token.token|slice:"-5:" }}</small>
</div>
<div>
<a href="{% url 'users:view_token' token.id %}" class="btn btn-sm btn-outline-primary">Details</a>
<a href="{% url 'users:delete_token' token.id %}" class="btn btn-sm btn-outline-danger">Delete</a>
</div>
</li>
{% empty %}
<li class="list-group-item">No tokens found.</li>
{% endfor %}
</ul>
</div>
{% endblock %}

17
akarpov/templates/users/token_created.html Normal file
View File

@ -0,0 +1,17 @@
{% extends "base.html" %}
{% load static %}
{% block content %}
<div class="container mt-4">
<h2>Token Created Successfully</h2>
<p>Your new API token is:</p>
<p><code>{{ new_token }}</code><button class="btn" data-clipboard-text="{{ new_token }}">
<i style="font-size: 0.8em" class="bi bi-clipboard ml-2"></i>
</button></p>
<p>Please note it down. You won't be able to see it again.</p>
<a href="{% url 'users:list_tokens' %}" class="btn btn-primary mt-4">Back to Tokens</a>
</div>
<script src="{% static 'js/clipboard.min.js' %}"></script>
<script>
new ClipboardJS('.btn');
</script>
{% endblock %}

26
akarpov/templates/users/view_token.html Normal file
View File

@ -0,0 +1,26 @@
{% extends "base.html" %}
{% block content %}
<div class="container mt-4">
<h2>Token Details</h2>
{% if token.name %}
<p><strong>Name:</strong> {{ token.name }}</p>
{% endif %}
<p><strong>Token:</strong> {{ token.token|slice:":5" }}***{{ token.token|slice:"-5:" }}</p>
<p><strong>Last Used:</strong> {{ token.last_used|date:"Y-m-d H:i:s" }} ({{ token.last_used|timesince }} ago)</p>
<p><strong>Active Until:</strong> {{ token.active_until|date:"Y-m-d" }}</p>
<p><strong>Permissions:</strong></p>
<ul>
{% for app, actions in token.permissions.items %}
<li><strong>{{ app|title }}:</strong>
<ul>
{% for action, value in actions.items %}
<li>{{ action|title }}: {{ value|yesno:"✅,❌" }}</li>
{% endfor %}
</ul>
</li>
{% endfor %}
</ul>
{# <a href="{% url 'edit_token' token.id %}" class="btn btn-primary">Edit</a> TODO #}
<a href="{% url 'users:delete_token' token.id %}" class="btn btn-danger">Delete</a>
</div>
{% endblock %}

17
akarpov/users/admin.py
View File

@ -4,6 +4,7 @@
from django.utils.translation import gettext_lazy as _
from .forms import UserAdminChangeForm, UserAdminCreationForm
from .models import UserAPIToken
User = get_user_model()
@ -33,3 +34,19 @@ class UserAdmin(auth_admin.UserAdmin):
)
list_display = ["username", "is_superuser"]
search_fields = ["username", "email"]
@admin.register(UserAPIToken)
class UserAPITokenAdmin(admin.ModelAdmin):
list_display = ["user", "active_until", "last_used"]
search_fields = ["user__username", "token"]
list_filter = ["active_until", "last_used"]
date_hierarchy = "active_until"
raw_id_fields = ["user"]
actions = ["deactivate_tokens"]
def deactivate_tokens(self, request, queryset):
queryset.update(active_until=None)
self.message_user(request, _("Tokens deactivated"))
deactivate_tokens.short_description = _("Deactivate selected tokens")

22
akarpov/users/api/authentification.py Normal file
View File

@ -0,0 +1,22 @@
from rest_framework.authentication import BaseAuthentication
from akarpov.users.models import UserAPIToken
from akarpov.users.tasks import set_last_active_token
class UserTokenAuthentication(BaseAuthentication):
def authenticate(self, request):
if "Authorization" not in request.headers:
return None
token = request.headers["Authorization"]
if " " in token:
token = token.split(" ")[1]
try:
token = UserAPIToken.objects.cache().get(token=token)
except UserAPIToken.DoesNotExist:
return None
if not token.is_active:
return None
set_last_active_token.delay(token.token)
return token.user, token

82
akarpov/users/forms.py
View File

@ -1,10 +1,15 @@
import json
from allauth.account.forms import SignupForm
from allauth.socialaccount.forms import SignupForm as SocialSignupForm
from django import forms
from django.contrib.auth import forms as admin_forms
from django.contrib.auth import get_user_model
from django.forms import DateInput, TextInput
from django.utils.translation import gettext_lazy as _
from akarpov.users.models import UserAPIToken
User = get_user_model()
@ -45,3 +50,80 @@ class UserSocialSignupForm(SocialSignupForm):
class OTPForm(forms.Form):
otp_token = forms.CharField()
class TokenCreationForm(forms.ModelForm):
permissions = forms.MultipleChoiceField(
choices=[], # To be set in __init__
widget=forms.CheckboxSelectMultiple,
required=False,
)
class Meta:
model = UserAPIToken
fields = ["name", "active_until", "permissions"]
widgets = {
"name": TextInput(attrs={"placeholder": "Token Name (Optional)"}),
"active_until": DateInput(attrs={"type": "date"}, format="%d.%m.%Y"),
}
# Make active_until not required
required = {
"active_until": False,
}
def __init__(self, *args, **kwargs):
permissions_context = kwargs.pop("permissions_context", None)
super().__init__(*args, **kwargs)
if permissions_context:
for app, actions in permissions_context.items():
field_name = f"permissions_{app}"
self.fields[field_name] = forms.MultipleChoiceField(
choices=[(action, action) for action in actions.keys()],
widget=forms.CheckboxSelectMultiple,
required=False,
label=app.capitalize(),
initial=[
item
for sublist in kwargs.get("initial", {}).get(field_name, [])
for item in sublist
],
)
self.fields["active_until"].required = False
def get_permissions_choices(self):
permissions_choices = [
(f"{app}.{action}", description)
for app, actions in UserAPIToken.permission_template.items()
for action, description in actions.items()
]
return permissions_choices
def clean(self):
cleaned_data = super().clean()
structured_permissions = {
category: {perm: False for perm in permissions.keys()}
for category, permissions in UserAPIToken.permission_template.items()
}
for category in structured_permissions.keys():
input_field_name = f"permissions_{category}"
if input_field_name in self.data:
selected_perms = self.data.getlist(input_field_name)
for perm in selected_perms:
if perm in structured_permissions[category]:
structured_permissions[category][perm] = True
cleaned_data["permissions"] = json.dumps(structured_permissions)
return cleaned_data
def save(self, commit=True):
instance = super().save(commit=False)
permissions_json = self.cleaned_data.get("permissions", "{}")
instance.permissions = json.loads(permissions_json)
if commit:
instance.save()
return instance

18
akarpov/users/middleware.py
View File

@ -6,6 +6,8 @@
from django_otp.plugins.otp_totp.models import TOTPDevice
from rest_framework.exceptions import AuthenticationFailed
from akarpov.users.models import UserAPIToken
class EmailVerificationMiddleware(MiddlewareMixin):
def process_request(self, request):
@ -21,12 +23,20 @@ def __init__(self, get_response):
def __call__(self, request):
response = self.get_response(request)
if (
request.path_info.startswith("/api/v1/music/")
or request.path_info == "/api/v1/auth/token/"
):
if request.path_info == "/api/v1/auth/token/":
return response
if "Authorization" in request.headers:
try:
token = request.headers["Authorization"]
if " " in token:
token = token.split(" ")[1]
token = UserAPIToken.objects.cache().get(token=token)
request.token_permissions = token.permissions
return response
except (KeyError, AttributeError, UserAPIToken.DoesNotExist):
...
# Check user is authenticated and OTP token input is not completed
is_authenticated = request.user.is_authenticated
otp_not_verified = not request.session.get("otp_verified", False)

40
akarpov/users/migrations/0015_userapitoken.py Normal file
View File

@ -0,0 +1,40 @@
# Generated by Django 4.2.10 on 2024-03-29 15:18
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
("users", "0014_alter_user_agree_data_to_be_sold"),
]
operations = [
migrations.CreateModel(
name="UserAPIToken",
fields=[
(
"id",
models.BigAutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
("token", models.CharField(db_index=True, max_length=255, unique=True)),
("created", models.DateTimeField(auto_now_add=True)),
("active_until", models.DateTimeField(null=True)),
("permissions", models.JSONField(default=dict)),
(
"user",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
related_name="api_tokens",
to=settings.AUTH_USER_MODEL,
),
),
],
),
]

17
akarpov/users/migrations/0016_userapitoken_last_used.py Normal file
View File

@ -0,0 +1,17 @@
# Generated by Django 4.2.10 on 2024-03-29 18:47
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("users", "0015_userapitoken"),
]
operations = [
migrations.AddField(
model_name="userapitoken",
name="last_used",
field=models.DateTimeField(blank=True, null=True),
),
]

17
akarpov/users/migrations/0017_userapitoken_name.py Normal file
View File

@ -0,0 +1,17 @@
# Generated by Django 4.2.10 on 2024-03-29 19:31
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("users", "0016_userapitoken_last_used"),
]
operations = [
migrations.AddField(
model_name="userapitoken",
name="name",
field=models.CharField(blank=True, max_length=255, null=True),
),
]

49
akarpov/users/models.py
View File

@ -1,9 +1,12 @@
import secrets
from django.contrib.auth.models import AbstractUser
from django.contrib.contenttypes.fields import GenericForeignKey
from django.contrib.contenttypes.models import ContentType
from django.core.validators import MinValueValidator
from django.db import models
from django.urls import reverse
from django.utils import timezone
from django.utils.translation import gettext_lazy as _
from akarpov.common.models import BaseImageModel
@ -78,6 +81,46 @@ def __str__(self):
return self
class UserNotification:
# TODO: add notification system
...
class UserAPIToken(models.Model):
name = models.CharField(max_length=255, blank=True, null=True)
user = models.ForeignKey(
"User", related_name="api_tokens", on_delete=models.CASCADE
)
token = models.CharField(max_length=255, unique=True, db_index=True)
created = models.DateTimeField(auto_now_add=True)
active_until = models.DateTimeField(null=True)
permissions = models.JSONField(default=dict)
last_used = models.DateTimeField(null=True, blank=True)
permission_template = {
"music": {
"listen": "Listen to music",
"upload": "Upload music",
"playlist": "Manage playlists",
},
"users": {
"edit": "Edit user profile",
"delete": "Delete user profile",
},
"tools": {
"shorten": "Shorten links",
},
"files": {
"upload": "Upload files",
"download": "Download files",
},
}
def __str__(self):
return self.token
@property
def is_active(self) -> bool:
return self.active_until is None or self.active_until > timezone.now()
@staticmethod
def generate_token():
token = secrets.token_urlsafe(32)
while UserAPIToken.objects.filter(token=token).exists():
token = secrets.token_urlsafe(32)
return token

11
akarpov/users/tasks.py Normal file
View File

@ -0,0 +1,11 @@
from celery import shared_task
from django.utils import timezone
from akarpov.users.models import UserAPIToken
@shared_task
def set_last_active_token(token: str):
token = UserAPIToken.objects.get(token=token)
token.last_used = timezone.now()
token.save()

10
akarpov/users/urls.py
View File

@ -1,13 +1,17 @@
from django.urls import include, path
from akarpov.users.views import (
create_token,
delete_token,
enable_2fa_view,
enforce_otp_login,
list_tokens,
user_detail_view,
user_history_delete_view,
user_history_view,
user_redirect_view,
user_update_view,
view_token,
)
app_name = "users"
@ -17,7 +21,11 @@
path("update/", view=user_update_view, name="update"),
path("history/", view=user_history_view, name="history"),
path("history/delete", view=user_history_delete_view, name="history_delete"),
path("<str:username>/", view=user_detail_view, name="detail"),
path("<str:username>", view=user_detail_view, name="detail"),
path("2fa/login", enforce_otp_login, name="enforce_otp_login"),
path("2fa/enable", enable_2fa_view, name="enable_2fa"),
path("tokens/", list_tokens, name="list_tokens"),
path("tokens/create/", create_token, name="create_token"),
path("tokens/<int:token_id>/", view_token, name="view_token"),
path("tokens/<int:token_id>/delete/", delete_token, name="delete_token"),
]

75
akarpov/users/views.py
View File

@ -5,16 +5,16 @@
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.messages.views import SuccessMessageMixin
from django.contrib.sites.shortcuts import get_current_site
from django.http import HttpResponseRedirect
from django.shortcuts import redirect, render
from django.http import HttpResponseRedirect, QueryDict
from django.shortcuts import get_object_or_404, redirect, render
from django.urls import reverse, reverse_lazy
from django.utils.translation import gettext_lazy as _
from django.views.generic import DetailView, ListView, RedirectView, UpdateView
from django_otp import user_has_device
from django_otp.plugins.otp_totp.models import TOTPDevice
from akarpov.users.forms import OTPForm
from akarpov.users.models import UserHistory
from akarpov.users.forms import OTPForm, TokenCreationForm
from akarpov.users.models import UserAPIToken, UserHistory
from akarpov.users.services.history import create_history_warning_note
from akarpov.users.services.two_factor import generate_qr_code
from akarpov.users.themes.models import Theme
@ -203,3 +203,70 @@ def enforce_otp_login(request):
else:
form = OTPForm()
return render(request, "users/otp_verify.html", {"form": form})
@login_required
def list_tokens(request):
tokens = UserAPIToken.objects.filter(user=request.user).order_by("last_used")
return render(request, "users/list_tokens.html", {"tokens": tokens})
@login_required
def create_token(request):
initial_data = {}
# Обработка параметров 'name' и 'active_until'
if "name" in request.GET:
initial_data["name"] = request.GET["name"]
if "active_until" in request.GET:
initial_data["active_until"] = request.GET["active_until"]
# Создаем QueryDict для разрешений, чтобы правильно обработать повторяющиеся ключи
permissions_query_dict = QueryDict("", mutable=True)
# Разбор параметров разрешений
permissions = request.GET.getlist("permissions")
for perm in permissions:
category, permission = perm.split(".")
permissions_query_dict.update({f"permissions_{category}": [permission]})
# Переводим QueryDict в обычный словарь для использования в initial
permissions_data = {key: value for key, value in permissions_query_dict.lists()}
initial_data.update(permissions_data)
for key, value_list in permissions_data.items():
initial_data[key] = [item for sublist in value_list for item in sublist]
form = TokenCreationForm(
initial=initial_data, permissions_context=UserAPIToken.permission_template
)
if request.method == "POST":
print(request.POST)
form = TokenCreationForm(request.POST)
if form.is_valid():
new_token = form.save(commit=False)
new_token.user = request.user
new_token.token = UserAPIToken.generate_token()
new_token.save()
token_created = new_token.token
return render(
request, "users/token_created.html", {"new_token": token_created}
)
return render(request, "users/create_token.html", {"form": form})
@login_required
def view_token(request, token_id):
token = get_object_or_404(UserAPIToken, id=token_id, user=request.user)
return render(request, "users/view_token.html", {"token": token})
@login_required
def delete_token(request, token_id):
token = get_object_or_404(UserAPIToken, id=token_id, user=request.user)
if request.method == "POST":
token.delete()
return redirect("users:list_tokens")
return render(request, "users/confirm_delete_token.html", {"token": token})

140
config/settings/base.py
View File

@ -1,6 +1,7 @@
"""
Base settings to build other settings files upon.
"""
from pathlib import Path
import environ
@ -78,6 +79,7 @@
"auth.permission": {"ops": "all", "timeout": 60 * 15},
"music.*": {"ops": ("fetch", "get", "list"), "timeout": 60 * 15},
"otp_totp.totpdevice": {"ops": "all", "timeout": 15 * 60},
"users.userapitoken": {"ops": "all", "timeout": 20 * 60},
}
CACHEOPS_REDIS = env.str("REDIS_URL")
@ -131,8 +133,7 @@
"rest_framework.authtoken",
"corsheaders",
"drf_spectacular",
"ckeditor",
"ckeditor_uploader",
"django_ckeditor_5",
"colorfield",
"polymorphic",
"cacheops",
@ -510,6 +511,7 @@
"DEFAULT_AUTHENTICATION_CLASSES": (
"rest_framework.authentication.SessionAuthentication",
"rest_framework.authentication.TokenAuthentication",
"akarpov.users.api.authentification.UserTokenAuthentication",
),
"DEFAULT_PERMISSION_CLASSES": ("rest_framework.permissions.IsAuthenticated",),
"DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
@ -530,24 +532,128 @@
# CKEDITOR
# ------------------------------------------------------------------------------
CKEDITOR_UPLOAD_PATH = "uploads/"
CKEDITOR_CONFIGS = {
CKEDITOR_5_UPLOAD_PATH = "uploads/"
CKEDITOR_5_CONFIGS = {
"default": {
"width": "full",
"extra_plugins": [
"autosave",
"autogrow",
"autolink",
"autoembed",
"clipboard",
"dialog",
"dialogui",
"toolbar": [
"heading",
"|",
"bold",
"italic",
"link",
"bulletedList",
"numberedList",
"blockQuote",
"imageUpload",
],
"autosave": {
"autoLoad": True,
"delay": 60,
"NotOlderThen": 20,
},
"extends": {
"blockToolbar": [
"paragraph",
"heading1",
"heading2",
"heading3",
"|",
"bulletedList",
"numberedList",
"|",
"blockQuote",
],
"toolbar": [
"heading",
"|",
"outdent",
"indent",
"|",
"bold",
"italic",
"link",
"underline",
"strikethrough",
"code",
"subscript",
"superscript",
"highlight",
"|",
"codeBlock",
"sourceEditing",
"insertImage",
"bulletedList",
"numberedList",
"todoList",
"|",
"blockQuote",
"imageUpload",
"|",
"fontSize",
"fontFamily",
"fontColor",
"fontBackgroundColor",
"mediaEmbed",
"removeFormat",
"insertTable",
],
"image": {
"toolbar": [
"imageTextAlternative",
"|",
"imageStyle:alignLeft",
"imageStyle:alignRight",
"imageStyle:alignCenter",
"imageStyle:side",
"|",
],
"styles": [
"full",
"side",
"alignLeft",
"alignRight",
"alignCenter",
],
},
"table": {
"contentToolbar": [
"tableColumn",
"tableRow",
"mergeTableCells",
"tableProperties",
"tableCellProperties",
],
},
"heading": {
"options": [
{
"model": "paragraph",
"title": "Paragraph",
"class": "ck-heading_paragraph",
},
{
"model": "heading1",
"view": "h1",
"title": "Heading 1",
"class": "ck-heading_heading1",
},
{
"model": "heading2",
"view": "h2",
"title": "Heading 2",
"class": "ck-heading_heading2",
},
{
"model": "heading3",
"view": "h3",
"title": "Heading 3",
"class": "ck-heading_heading3",
},
]
},
},
"list": {
"properties": {
"styles": "true",
"startIndex": "true",
"reversed": "true",
}
},
}

4
config/urls.py
View File

@ -43,7 +43,9 @@
path("forms/", include("akarpov.test_platform.urls", namespace="forms")),
path("tools/", include("akarpov.tools.urls", namespace="tools")),
path("gallery/", include("akarpov.gallery.urls", namespace="gallery")),
path("ckeditor/", include("ckeditor_uploader.urls")),
path(
"ckeditor5/", include("django_ckeditor_5.urls"), name="ck_editor_5_upload_file"
),
path("accounts/", include("allauth.urls")),
path("accounts/login/", OTPLoginView.as_view(), name="account_login"),
path("", include("akarpov.blog.urls", namespace="blog")),

393
poetry.lock generated
View File

File diff suppressed because it is too large Load Diff

2
pyproject.toml
View File

@ -27,7 +27,6 @@ django-allauth = "^0.54.0"
django-crispy-forms = "^2.1"
crispy-bootstrap5 = "^0.7"
django-redis = "^5.2.0"
django-ckeditor = "^6.5.1"
django-colorfield = "^0.11.0"
djangorestframework = "^3.14.0"
django-rest-auth = "^0.9.5"
@ -121,6 +120,7 @@ python-levenshtein = "^0.23.0"
pylast = "^5.2.0"
textract = {git = "https://github.com/Alexander-D-Karpov/textract.git", branch = "master"}
librosa = "^0.10.1"
django-ckeditor-5 = "^0.2.12"
[build-system]