Commit ef85b948c469a34731ceeef29f7ad1d7a55a88ec
1 parent
dba43d19
Exists in
master
and in
2 other branches
Adjusts in api login process
Showing
1 changed file
with
24 additions
and
17 deletions
Show diff stats
api/views.py
| 1 | -import requests | 1 | +import requests, json |
| 2 | from django.shortcuts import get_object_or_404, reverse | 2 | from django.shortcuts import get_object_or_404, reverse |
| 3 | from django.contrib.auth import authenticate | 3 | from django.contrib.auth import authenticate |
| 4 | +from django.views.decorators.csrf import csrf_exempt | ||
| 4 | from rest_framework import viewsets | 5 | from rest_framework import viewsets |
| 5 | from rest_framework.response import Response | 6 | from rest_framework.response import Response |
| 6 | from rest_framework.decorators import detail_route | 7 | from rest_framework.decorators import detail_route |
| @@ -17,7 +18,6 @@ from django.http import HttpResponse | @@ -17,7 +18,6 @@ from django.http import HttpResponse | ||
| 17 | 18 | ||
| 18 | class LoginViewset(viewsets.ReadOnlyModelViewSet): | 19 | class LoginViewset(viewsets.ReadOnlyModelViewSet): |
| 19 | queryset = User.objects.all() | 20 | queryset = User.objects.all() |
| 20 | - security = Security.objects.get(id = 1) | ||
| 21 | permissions_classes = (IsAuthenticatedOrReadOnly,) | 21 | permissions_classes = (IsAuthenticatedOrReadOnly,) |
| 22 | 22 | ||
| 23 | @detail_route(methods = ['post']) | 23 | @detail_route(methods = ['post']) |
| @@ -30,30 +30,37 @@ class LoginViewset(viewsets.ReadOnlyModelViewSet): | @@ -30,30 +30,37 @@ class LoginViewset(viewsets.ReadOnlyModelViewSet): | ||
| 30 | 30 | ||
| 31 | return Response(serializer.data) | 31 | return Response(serializer.data) |
| 32 | 32 | ||
| 33 | +@csrf_exempt | ||
| 33 | def getToken(request): | 34 | def getToken(request): |
| 34 | oauth = Application.objects.filter(name = "amadeus-droid") | 35 | oauth = Application.objects.filter(name = "amadeus-droid") |
| 36 | + security = Security.objects.get(id = 1) | ||
| 35 | 37 | ||
| 36 | response = "" | 38 | response = "" |
| 37 | 39 | ||
| 38 | - if request.POST: | ||
| 39 | - username = request.POST['email'] | ||
| 40 | - password = request.POST['password'] | 40 | + if request.method == "POST": |
| 41 | + json_data = json.loads(request.body.decode('utf-8')) | ||
| 42 | + | ||
| 43 | + try: | ||
| 44 | + username = json_data['email'] | ||
| 45 | + password = json_data['password'] | ||
| 41 | 46 | ||
| 42 | - user = authenticate(username = username, password = password) | 47 | + user = authenticate(username = username, password = password) |
| 43 | 48 | ||
| 44 | - if user is not None: | ||
| 45 | - if not security.maintence or user.is_staff: | ||
| 46 | - if oauth.count() > 0: | ||
| 47 | - oauth = oauth[0] | 49 | + if user is not None: |
| 50 | + if not security.maintence or user.is_staff: | ||
| 51 | + if oauth.count() > 0: | ||
| 52 | + oauth = oauth[0] | ||
| 48 | 53 | ||
| 49 | - data = { | ||
| 50 | - "grant_type": "password", | ||
| 51 | - "username": username, | ||
| 52 | - "password": password | ||
| 53 | - } | 54 | + data = { |
| 55 | + "grant_type": "password", | ||
| 56 | + "username": username, | ||
| 57 | + "password": password | ||
| 58 | + } | ||
| 54 | 59 | ||
| 55 | - auth = (oauth.client_id, oauth.client_secret) | 60 | + auth = (oauth.client_id, oauth.client_secret) |
| 56 | 61 | ||
| 57 | - response = requests.post(request.build_absolute_uri(reverse('oauth2_provider:token')), data = data, auth = auth) | 62 | + response = requests.post(request.build_absolute_uri(reverse('oauth2_provider:token')), data = data, auth = auth) |
| 63 | + except KeyError: | ||
| 64 | + response = "Error" | ||
| 58 | 65 | ||
| 59 | return HttpResponse(response) | 66 | return HttpResponse(response) |
| 60 | \ No newline at end of file | 67 | \ No newline at end of file |