tetafro · April 5, 2023 17:25 · tetafro · Nov 18, 2020
diff --git a/backends.py b/backends.py
 from apps.users.models import User, Token


 class TokenBackend(object):
    """Token authentication for API"""

    def authenticate(self, token=None):
        try:
            token = Token.objects.get(key=token)
            return token.user
        except Token.DoesNotExist:
            return None

    def get_user(self, user_id):
        try:
            return User.objects.get(pk=user_id)
        except User.DoesNotExist:
            return None
diff --git a/decorators.py b/decorators.py
 from django.http import JsonResponse


 def token_required(func):
    """login_requred analog for API"""

    def wrap(request, *args, **kwargs):
        error401 = JsonResponse({'error': 'Authentication error'}, status=401)
        if 'HTTP_AUTHORIZATION' in request.META:
            if request.user is None or not request.user.is_active:
                return error401
            else:
                return func(request, *args, **kwargs)
        else:
            return error401

    return wrap
diff --git a/Django token auth backend b/Django token auth backend
 Naming file
diff --git a/middleware.py b/middleware.py
 from django.contrib.auth import authenticate


 def get_token(request):
    """Get token from HTTP header"""
    
    if 'HTTP_AUTHORIZATION' in request.META:
        full_auth = request.META['HTTP_AUTHORIZATION'].split(' ')
        if len(full_auth) < 2 or full_auth[0] != 'Token':
            return None

        auth = full_auth[1].split('=')
        if len(auth) < 2 or auth[0] != 'token':
            return None
        token = auth[1].strip('"')
        return token
    return None


 class AuthAPI(object):
    """
    Add user to request var for API calls
    Header format (RFC2617):
    Authorization: Token token="abcd1234"
    """

    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        if request.get_full_path()[:4] != '/api':
            return self.get_response(request)

        token = get_token(request)
        if token:
            user = authenticate(token=token)
            if user and user.is_active:
                user.backend = 'core.backends.TokenBackend'
                request.user = user

        return self.get_response(request)
diff --git a/settings.py b/settings.py
 MIDDLEWARE += ['core.middleware.AuthAPI']
 AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'core.backends.TokenBackend',
 ]
	from apps.users.models import User, Token


	class TokenBackend(object):
	"""Token authentication for API"""

	def authenticate(self, token=None):
	try:
	token = Token.objects.get(key=token)
	return token.user
	except Token.DoesNotExist:
	return None

	def get_user(self, user_id):
	try:
	return User.objects.get(pk=user_id)
	except User.DoesNotExist:
	return None
	from django.http import JsonResponse


	def token_required(func):
	"""login_requred analog for API"""

	def wrap(request, args, *kwargs):
	error401 = JsonResponse({'error': 'Authentication error'}, status=401)
	if 'HTTP_AUTHORIZATION' in request.META:
	if request.user is None or not request.user.is_active:
	return error401
	else:
	return func(request, args, *kwargs)
	else:
	return error401

	return wrap
	from django.contrib.auth import authenticate


	def get_token(request):
	"""Get token from HTTP header"""

	if 'HTTP_AUTHORIZATION' in request.META:
	full_auth = request.META['HTTP_AUTHORIZATION'].split(' ')
	if len(full_auth) < 2 or full_auth[0] != 'Token':
	return None

	auth = full_auth[1].split('=')
	if len(auth) < 2 or auth[0] != 'token':
	return None
	token = auth[1].strip('"')
	return token
	return None


	class AuthAPI(object):
	"""
	Add user to request var for API calls
	Header format (RFC2617):
	Authorization: Token token="abcd1234"
	"""

	def __init__(self, get_response):
	self.get_response = get_response

	def __call__(self, request):
	if request.get_full_path()[:4] != '/api':
	return self.get_response(request)

	token = get_token(request)
	if token:
	user = authenticate(token=token)
	if user and user.is_active:
	user.backend = 'core.backends.TokenBackend'
	request.user = user

	return self.get_response(request)
	MIDDLEWARE += ['core.middleware.AuthAPI']
	AUTHENTICATION_BACKENDS = [
	'django.contrib.auth.backends.ModelBackend',
	'core.backends.TokenBackend',
	]