#31 API further credential
* adds Kspuser as another expected header data to resolve the api user * adds/updates translations
This commit is contained in:
parent
cbf871f4b4
commit
5b52119e89
@ -25,11 +25,12 @@ class APIUserToken(models.Model):
|
|||||||
return self.token
|
return self.token
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_user_from_token(token: str):
|
def get_user_from_token(token: str, username: str):
|
||||||
""" Getter for the related user object
|
""" Getter for the related user object
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
token (str): The used token
|
token (str): The used token
|
||||||
|
username (str): The username
|
||||||
|
|
||||||
Returns:
|
Returns:
|
||||||
user (User): Otherwise None
|
user (User): Otherwise None
|
||||||
@ -38,11 +39,12 @@ class APIUserToken(models.Model):
|
|||||||
try:
|
try:
|
||||||
token_obj = APIUserToken.objects.get(
|
token_obj = APIUserToken.objects.get(
|
||||||
token=token,
|
token=token,
|
||||||
|
user__username=username
|
||||||
)
|
)
|
||||||
if not token_obj.is_active:
|
if not token_obj.is_active:
|
||||||
raise PermissionError("Token unverified")
|
raise PermissionError("Token unverified")
|
||||||
if token_obj.valid_until is not None and token_obj.valid_until < _today:
|
if token_obj.valid_until is not None and token_obj.valid_until < _today:
|
||||||
raise PermissionError("Token validity expired")
|
raise PermissionError("Token validity expired")
|
||||||
except ObjectDoesNotExist:
|
except ObjectDoesNotExist:
|
||||||
raise PermissionError("Token invalid")
|
raise PermissionError("Credentials invalid")
|
||||||
return token_obj.user
|
return token_obj.user
|
||||||
|
|||||||
@ -5,4 +5,5 @@ Contact: michel.peltriaux@sgdnord.rlp.de
|
|||||||
Created on: 21.01.22
|
Created on: 21.01.22
|
||||||
|
|
||||||
"""
|
"""
|
||||||
KSP_TOKEN_HEADER_IDENTIFIER = "Ksptoken"
|
KSP_TOKEN_HEADER_IDENTIFIER = "Ksptoken"
|
||||||
|
KSP_USER_HEADER_IDENTIFIER = "Kspuser"
|
||||||
@ -20,6 +20,7 @@ class BaseAPIV1TestCase(BaseTestCase):
|
|||||||
|
|
||||||
cls.header_data = {
|
cls.header_data = {
|
||||||
"HTTP_ksptoken": cls.superuser.api_token.token,
|
"HTTP_ksptoken": cls.superuser.api_token.token,
|
||||||
|
"HTTP_kspuser": cls.superuser.username,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -13,7 +13,7 @@ from django.views import View
|
|||||||
from django.views.decorators.csrf import csrf_exempt
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
|
|
||||||
from api.models import APIUserToken
|
from api.models import APIUserToken
|
||||||
from api.settings import KSP_TOKEN_HEADER_IDENTIFIER
|
from api.settings import KSP_TOKEN_HEADER_IDENTIFIER, KSP_USER_HEADER_IDENTIFIER
|
||||||
from compensation.models import EcoAccount
|
from compensation.models import EcoAccount
|
||||||
from ema.models import Ema
|
from ema.models import Ema
|
||||||
from intervention.models import Intervention
|
from intervention.models import Intervention
|
||||||
@ -39,7 +39,9 @@ class AbstractAPIView(View):
|
|||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
try:
|
try:
|
||||||
# Fetch the proper user from the given request header token
|
# Fetch the proper user from the given request header token
|
||||||
self.user = APIUserToken.get_user_from_token(request.headers.get(KSP_TOKEN_HEADER_IDENTIFIER, None))
|
ksp_token = request.headers.get(KSP_TOKEN_HEADER_IDENTIFIER, None)
|
||||||
|
ksp_user = request.headers.get(KSP_USER_HEADER_IDENTIFIER, None)
|
||||||
|
self.user = APIUserToken.get_user_from_token(ksp_token, ksp_user)
|
||||||
if not self.user.is_default_user():
|
if not self.user.is_default_user():
|
||||||
raise PermissionError("Default permissions required")
|
raise PermissionError("Default permissions required")
|
||||||
except PermissionError as e:
|
except PermissionError as e:
|
||||||
|
|||||||
Binary file not shown.
@ -26,7 +26,7 @@ msgid ""
|
|||||||
msgstr ""
|
msgstr ""
|
||||||
"Project-Id-Version: PACKAGE VERSION\n"
|
"Project-Id-Version: PACKAGE VERSION\n"
|
||||||
"Report-Msgid-Bugs-To: \n"
|
"Report-Msgid-Bugs-To: \n"
|
||||||
"POT-Creation-Date: 2022-01-27 11:44+0100\n"
|
"POT-Creation-Date: 2022-01-28 16:27+0100\n"
|
||||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||||
@ -1950,15 +1950,16 @@ msgstr "Hallo Support"
|
|||||||
msgid "you need to verify the API token for user"
|
msgid "you need to verify the API token for user"
|
||||||
msgstr "Sie müssen einen API Token für folgenden Nutzer freischalten"
|
msgstr "Sie müssen einen API Token für folgenden Nutzer freischalten"
|
||||||
|
|
||||||
#: templates/email/api/verify_token.html:13
|
#: templates/email/api/verify_token.html:15
|
||||||
msgid ""
|
msgid ""
|
||||||
"If unsure, please contact the user. The API token can not be used until you "
|
"If unsure, please contact the user. The API token can not be used until you "
|
||||||
"activated it in the admin backend."
|
"activated it in the admin backend."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"Falls Sie sich unsicher sind, kontaktieren Sie den Nutzer vorher. Der API Token kann so lange nicht verwendet werden, "
|
"Falls Sie sich unsicher sind, kontaktieren Sie den Nutzer vorher. Der API "
|
||||||
"wie er noch nicht von Ihnen im Admin Backend aktiviert worden ist."
|
"Token kann so lange nicht verwendet werden, wie er noch nicht von Ihnen im "
|
||||||
|
"Admin Backend aktiviert worden ist."
|
||||||
|
|
||||||
#: templates/email/api/verify_token.html:16
|
#: templates/email/api/verify_token.html:18
|
||||||
#: templates/email/checking/shared_data_checked.html:17
|
#: templates/email/checking/shared_data_checked.html:17
|
||||||
#: templates/email/deleting/shared_data_deleted.html:17
|
#: templates/email/deleting/shared_data_deleted.html:17
|
||||||
#: templates/email/recording/shared_data_recorded.html:17
|
#: templates/email/recording/shared_data_recorded.html:17
|
||||||
@ -2354,15 +2355,15 @@ msgstr "Aktueller Token"
|
|||||||
msgid "Authenticated by admins"
|
msgid "Authenticated by admins"
|
||||||
msgstr "Von Admin freigeschaltet"
|
msgstr "Von Admin freigeschaltet"
|
||||||
|
|
||||||
#: user/templates/user/token.html:16
|
#: user/templates/user/token.html:18
|
||||||
msgid "Token has been verified and can be used"
|
msgid "Token has been verified and can be used"
|
||||||
msgstr "Token wurde freigeschaltet und kann verwendet werden"
|
msgstr "Token wurde freigeschaltet und kann verwendet werden"
|
||||||
|
|
||||||
#: user/templates/user/token.html:18
|
#: user/templates/user/token.html:20
|
||||||
msgid "Token waiting for verification"
|
msgid "Token waiting for verification"
|
||||||
msgstr "Token noch nicht freigeschaltet"
|
msgstr "Token noch nicht freigeschaltet"
|
||||||
|
|
||||||
#: user/templates/user/token.html:22
|
#: user/templates/user/token.html:24
|
||||||
msgid "Valid until"
|
msgid "Valid until"
|
||||||
msgstr "Läuft ab am"
|
msgstr "Läuft ab am"
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user