views.py 1.66 KB
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59


import requests
from django.shortcuts import get_object_or_404, reverse
from django.contrib.auth import authenticate
from rest_framework import viewsets
from rest_framework.response import Response
from rest_framework.decorators import detail_route
from rest_framework.permissions import IsAuthenticated, IsAuthenticatedOrReadOnly

from security.models import Security

from users.serializers import UserSerializer
from users.models import User

from oauth2_provider.views.generic import ProtectedResourceView
from oauth2_provider.models import Application
from django.http import HttpResponse

class LoginViewset(viewsets.ReadOnlyModelViewSet):
	queryset = User.objects.all()
	security = Security.objects.get(id = 1)
	permissions_classes = (IsAuthenticatedOrReadOnly,)

	@detail_route(methods = ['post'])
	def login(self, request):
		username = request.DATA['email']
		
		user = get_object_or_404(self.queryset, email = username)

		serializer = UserSerializer(user)
					
		return Response(serializer.data)

def getToken(request):
	oauth = Application.objects.filter(name = "amadeus-droid")

	response = ""

	if request.POST:
		username = request.POST['email']
		password = request.POST['password']

		user = authenticate(username = username, password = password)

		if user is not None:
			if not security.maintence or user.is_staff:
				if oauth.count() > 0:
					oauth = oauth[0]

					data = {
						"grant_type": "password",
						"username": username,
						"password": password
					}

					auth = (oauth.client_id, oauth.client_secret)

					response = requests.post(request.build_absolute_uri(reverse('oauth2_provider:token')), data = data, auth = auth)
		
	return HttpResponse(response)