From 8232355ff30122e1d2ac6c9545d7f66e9be2154f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ahmet=20Kaan=20G=C3=9CM=C3=9C=C5=9E?= <96421894+Tahinli@users.noreply.github.com> Date: Thu, 4 Jul 2024 20:49:00 +0300 Subject: [PATCH] feat: :sparkles: token validation for user_token --- .gitignore | 1 + tJango/permissions.py | 4 ++-- user/views.py | 4 ++-- user_token/urls.py | 2 +- user_token/validations.py | 6 ++++++ user_token/views.py | 12 +++--------- 6 files changed, 15 insertions(+), 14 deletions(-) create mode 100644 user_token/validations.py diff --git a/.gitignore b/.gitignore index 52a670b..2f9b66d 100644 --- a/.gitignore +++ b/.gitignore @@ -125,6 +125,7 @@ celerybeat.pid # Environments .env .venv +.ruff_cache/ env/ venv/ ENV/ diff --git a/tJango/permissions.py b/tJango/permissions.py index 37e9db4..b98abff 100644 --- a/tJango/permissions.py +++ b/tJango/permissions.py @@ -1,11 +1,11 @@ from rest_framework import permissions -from user_token.views import TokenValidation +from user_token import validations class IsOwnerOrIsAdminOrHasToken(permissions.BasePermission): def has_permission(self, request, view): token = request.META.get("HTTP_DETECTIVE_TOKEN") - is_token_valid = bool(TokenValidation.check_token(token)) + is_token_valid = validations.TokenValidation.check_token(token) return ( is_token_valid | request.user.is_superuser | request.user.is_authenticated ) diff --git a/user/views.py b/user/views.py index c06946b..7460032 100644 --- a/user/views.py +++ b/user/views.py @@ -1,7 +1,7 @@ from rest_framework.viewsets import ModelViewSet # from rest_framework.permissions import IsAuthenticatedOrReadOnly -from tJango import permissions +from tJango import permissions as tJango_permissions from .models import User from .serializers import UserSerializer @@ -9,4 +9,4 @@ from .serializers import UserSerializer class UserViewSet(ModelViewSet): queryset = User.objects.all() serializer_class = UserSerializer - permission_classes = [permissions.IsOwnerOrIsAdminOrHasToken] + permission_classes = [tJango_permissions.IsOwnerOrIsAdminOrHasToken] diff --git a/user_token/urls.py b/user_token/urls.py index 85ca14f..9aa3d08 100644 --- a/user_token/urls.py +++ b/user_token/urls.py @@ -3,7 +3,7 @@ from rest_framework.routers import DefaultRouter from user_token import views as user_token_views router = DefaultRouter() -router.register(r"", user_token_views.UserViewSet) +router.register(r"", user_token_views.UserTokenViewSet) urlpatterns = [ path("", include(router.urls)), diff --git a/user_token/validations.py b/user_token/validations.py new file mode 100644 index 0000000..5d11da6 --- /dev/null +++ b/user_token/validations.py @@ -0,0 +1,6 @@ +from user_token import models + + +class TokenValidation: + def check_token(value): + return bool(models.UserToken.objects.filter(token=value)) diff --git a/user_token/views.py b/user_token/views.py index 2e41c15..d428a00 100644 --- a/user_token/views.py +++ b/user_token/views.py @@ -1,16 +1,10 @@ from rest_framework.viewsets import ReadOnlyModelViewSet - -# from rest_framework.permissions import IsAuthenticatedOrReadOnly +from tJango import permissions as tJango_permissions from .models import UserToken from .serializers import UserTokenSerializer -class UserViewSet(ReadOnlyModelViewSet): +class UserTokenViewSet(ReadOnlyModelViewSet): queryset = UserToken.objects.all() serializer_class = UserTokenSerializer - # permission_classes = [IsAuthenticatedOrReadOnly] - - -class TokenValidation: - def check_token(value): - return UserToken.objects.filter(token=value) + permission_classes = [tJango_permissions.IsOwnerOrIsAdminOrHasToken]