se agrega pagination, ordering

2023-06-26 16:52:08 -04:00 · 2023-06-26 16:52:08 -04:00 · afcd290000
parent de4e1c88e6
commit afcd290000
5 changed files with 44 additions and 10 deletions
--- a/project/api/middlewares.py
+++ b/project/api/middlewares.py
@ -10,11 +10,19 @@ class ApiMiddleware:
        self.get_response = get_response

    def __call__(self, request):
-        if not request.headers.get('Authorization') and request.path == '/api/auth/' and request.method == 'POST':
-            # cuando se quiere obtener el token, se omite esta regla
+        # se omite esta regla en documentacion
+        if not request.headers.get('Authorization') and request.path[0:6] == '/docs/':
            response = self.get_response(request)
            return response
        
+        # se omite esta regla en login
+        if request.path == '/api/auth/' and request.method == 'POST':
+            response = self.get_response(request)
+            return response
+        
+        if not request.headers.get('Authorization'):
+            return HttpResponse('Debe indicar el token de autorización', status = 400)
+        
        authorization = request.headers.get('Authorization').split(' ')
        token = authorization[1]

--- a/project/api/serializers.py
+++ b/project/api/serializers.py
@ -13,11 +13,10 @@ class PersonaSerializer(serializers.ModelSerializer):
        fields = '__all__'

 class UsuarioSerializer(serializers.ModelSerializer):
-    # persona = serializers.PrimaryKeyRelatedField(queryset=Persona.objects.all(), source='rut')
-
    class Meta:
        model = Usuario
        fields = ('login','vigente','rut')

-    # def get_persona(self, usuario):
-    #     return usuario.persona
+class AuthSerializer(serializers.Serializer):
+    username = serializers.CharField(required=True)
+    password = serializers.CharField(required=True, style={'input_type':'password'})
--- a/project/api/views.py
+++ b/project/api/views.py
@ -1,15 +1,17 @@
 from rest_framework import viewsets
-from rest_framework.decorators import action
+from rest_framework.decorators import action, api_view, schema
+from rest_framework.schemas import AutoSchema
 from django.views.decorators.csrf import csrf_exempt
 from django.http import HttpResponse
 from django.http import JsonResponse
 from .models import Usuario, Persona
 from .models import Aplicacion
 from .serializers import UsuarioSerializer, PersonaSerializer
-from .serializers import AplicacionSerializer
+from .serializers import AplicacionSerializer, AuthSerializer
 import json
 import jwt
 import datetime
+import coreapi
 from decouple import config

 private_key = config('SECRET_JWT')
@ -18,6 +20,7 @@ private_key = config('SECRET_JWT')
 class AplicacionViewSet(viewsets.ModelViewSet):
    queryset = Aplicacion.objects.all()
    serializer_class = AplicacionSerializer
+    ordering_fields = '__all__'

 class PersonaViewSet(viewsets.ModelViewSet):
    queryset = Persona.objects.all()
@ -27,9 +30,24 @@ class UsuarioViewSet(viewsets.ModelViewSet):
    queryset = Usuario.objects.all()
    serializer_class = UsuarioSerializer

+
+class CustomAuthSchema(AutoSchema):
+    manual_fields = []
+
+    def get_manual_fields(self, path, method):
+        custom_fields = []
+        if method.lower() == 'post':
+            custom_fields = [
+                coreapi.Field('username', required=True, location='form', description='Usuario'),
+                coreapi.Field('password', required=True, location='form', description='Contraseña'),
+            ]
+        return self._manual_fields + custom_fields
+
 # Views jwt
@csrf_exempt
@action(detail=False, methods=['post','get'])
+@api_view(['GET','POST'])
+@schema(CustomAuthSchema())
 def jwt_login(request):
    if request.method == 'POST':
        # validar username y password
--- a/project/project/settings.py
+++ b/project/project/settings.py
@ -136,7 +136,12 @@ STATIC_URL = 'static/'

 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'

-REST_FRAMEWORK = { 'DEFAULT_SCHEMA_CLASS': 'rest_framework.schemas.coreapi.AutoSchema' }
+REST_FRAMEWORK = {
+    'DEFAULT_SCHEMA_CLASS': 'rest_framework.schemas.coreapi.AutoSchema',
+    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
+    'DEFAULT_FILTER_BACKENDS': ['rest_framework.filters.OrderingFilter'],
+    # 'PAGE_SIZE': 15,
+}
 CORS_ORIGIN_ALLOW_ALL = False
 CORS_ORIGIN_WHITELIST = [
    "http://localhost:3000",
--- a/rest/login.rest
+++ b/rest/login.rest
@ -14,4 +14,8 @@ Content-Type: application/json

 ###
 GET {{server}}/auth/
-Authorization: Bearer {{token}}
+Authorization: Bearer {{token}}
+
+###
+GET {{server}}/aplicaciones/?ordering=-id_aplicacion
+Authorization: Bearer {{token}}