Source code for djcrud_api.views
import djcrud
from django.contrib import messages
from django.http import HttpResponseRedirect, JsonResponse
from django.utils.decorators import method_decorator
from django.utils.translation import gettext as _
from django.views.decorators.csrf import csrf_exempt
from djcrud.view import View
from .login import login_with_credentials
from .models import Token
[docs]
@method_decorator(csrf_exempt, name="dispatch")
class ApiLoginView(View):
"""Exchange username/password for a short-lived Bearer token."""
urlpath = "login/"
[docs]
def has_permission(self):
return True
def post(self, request, *args, **kwargs):
body, status = login_with_credentials(request)
return JsonResponse(body, status=status)
[docs]
class TokenCreateView(djcrud.views.CreateView):
"""Create a named API token via HTML form (raw key shown once)."""
fields = ["name", "expires"]
[docs]
def get_success_url(self):
return self.router.find_route("list").reverse()
[docs]
class TokenRouter(djcrud.ModelRouter):
model = Token
icon = "key"
routes = [
djcrud.views.ListView,
djcrud.views.DetailView,
TokenCreateView,
djcrud.views.DeleteView,
]
[docs]
def get_queryset(self, *, user, model, action, perm, obj=None):
qs = super().get_queryset(
user=user, model=model, action=action, perm=perm, obj=obj
)
if user.is_superuser:
return qs
return qs.filter(user=user)
def _api_router_routes():
from .login import uses_drf_login
routes = [TokenRouter]
if not uses_drf_login():
routes.insert(0, ApiLoginView.clone(urlname="login", urlpath="login/"))
return routes
[docs]
class ApiRouter(djcrud.Router):
pass
ApiRouter._declaration = _api_router_routes()