feat: ✨ token validation for user_token
This commit is contained in:
Ahmet Kaan GÜMÜŞ
parent
f9683d202f
commit
8232355ff3
6 changed files with 15 additions and 14 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -125,6 +125,7 @@ celerybeat.pid
|
|||
# Environments
|
||||
.env
|
||||
.venv
|
||||
.ruff_cache/
|
||||
env/
|
||||
venv/
|
||||
ENV/
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
from rest_framework import permissions
|
||||
from user_token.views import TokenValidation
|
||||
from user_token import validations
|
||||
|
||||
|
||||
class IsOwnerOrIsAdminOrHasToken(permissions.BasePermission):
|
||||
def has_permission(self, request, view):
|
||||
token = request.META.get("HTTP_DETECTIVE_TOKEN")
|
||||
is_token_valid = bool(TokenValidation.check_token(token))
|
||||
is_token_valid = validations.TokenValidation.check_token(token)
|
||||
return (
|
||||
is_token_valid | request.user.is_superuser | request.user.is_authenticated
|
||||
)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
from rest_framework.viewsets import ModelViewSet
|
||||
|
||||
# from rest_framework.permissions import IsAuthenticatedOrReadOnly
|
||||
from tJango import permissions
|
||||
from tJango import permissions as tJango_permissions
|
||||
from .models import User
|
||||
from .serializers import UserSerializer
|
||||
|
||||
|
|
@ -9,4 +9,4 @@ from .serializers import UserSerializer
|
|||
class UserViewSet(ModelViewSet):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = UserSerializer
|
||||
permission_classes = [permissions.IsOwnerOrIsAdminOrHasToken]
|
||||
permission_classes = [tJango_permissions.IsOwnerOrIsAdminOrHasToken]
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ from rest_framework.routers import DefaultRouter
|
|||
from user_token import views as user_token_views
|
||||
|
||||
router = DefaultRouter()
|
||||
router.register(r"", user_token_views.UserViewSet)
|
||||
router.register(r"", user_token_views.UserTokenViewSet)
|
||||
|
||||
urlpatterns = [
|
||||
path("", include(router.urls)),
|
||||
|
|
|
|||
6
user_token/validations.py
Normal file
6
user_token/validations.py
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
from user_token import models
|
||||
|
||||
|
||||
class TokenValidation:
|
||||
def check_token(value):
|
||||
return bool(models.UserToken.objects.filter(token=value))
|
||||
|
|
@ -1,16 +1,10 @@
|
|||
from rest_framework.viewsets import ReadOnlyModelViewSet
|
||||
|
||||
# from rest_framework.permissions import IsAuthenticatedOrReadOnly
|
||||
from tJango import permissions as tJango_permissions
|
||||
from .models import UserToken
|
||||
from .serializers import UserTokenSerializer
|
||||
|
||||
|
||||
class UserViewSet(ReadOnlyModelViewSet):
|
||||
class UserTokenViewSet(ReadOnlyModelViewSet):
|
||||
queryset = UserToken.objects.all()
|
||||
serializer_class = UserTokenSerializer
|
||||
# permission_classes = [IsAuthenticatedOrReadOnly]
|
||||
|
||||
|
||||
class TokenValidation:
|
||||
def check_token(value):
|
||||
return UserToken.objects.filter(token=value)
|
||||
permission_classes = [tJango_permissions.IsOwnerOrIsAdminOrHasToken]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue