106 lines
3.3 KiB
Python
106 lines
3.3 KiB
Python
# models
|
|
from django.contrib.auth.models import User
|
|
from .models import Project, Agency, Route
|
|
# serializers
|
|
from .serializers import ProjectSerializer, AgencySerializer, RouteSerializer
|
|
from .serializers import UserSerializer, AuthSerializer
|
|
# others
|
|
import jwt
|
|
import datetime
|
|
from decouple import config
|
|
from rest_framework.response import Response
|
|
from rest_framework import viewsets
|
|
from rest_framework.decorators import action
|
|
from django.core.exceptions import PermissionDenied
|
|
|
|
# Create your views here.
|
|
class ProjectViewSet(viewsets.ModelViewSet):
|
|
queryset = Project.objects.all()
|
|
serializer_class = ProjectSerializer
|
|
|
|
class AgencyViewSet(viewsets.ModelViewSet):
|
|
queryset = Agency.objects.all()
|
|
serializer_class = AgencySerializer
|
|
|
|
class RouteViewSet(viewsets.ModelViewSet):
|
|
queryset = Route.objects.all()
|
|
serializer_class = RouteSerializer
|
|
|
|
class UserViewSet(viewsets.ModelViewSet):
|
|
queryset = User.objects.all()
|
|
serializer_class = UserSerializer
|
|
|
|
"""
|
|
Metodos de generacion de jwt en forma manual
|
|
"""
|
|
private_key = config('SECRET_JWT','palabrasecreta')
|
|
|
|
class AuthViewSet(viewsets.ViewSet):
|
|
serializer_class = AuthSerializer
|
|
|
|
def list(self, request):
|
|
return Response()
|
|
|
|
def create(self, request):
|
|
username = request.data.get('username')
|
|
password = request.data.get('password')
|
|
|
|
user = User.objects.filter(username = username).first()
|
|
is_correct = user.check_password(password)
|
|
if not is_correct:
|
|
raise PermissionDenied
|
|
|
|
now = datetime.datetime.utcnow()
|
|
payload = {
|
|
'exp': now + datetime.timedelta(hours=1),
|
|
'user_id': user.id
|
|
}
|
|
token = jwt.encode(payload, private_key, algorithm="HS256")
|
|
response = Response({ 'token': token })
|
|
response.set_cookie('token', token)
|
|
return response
|
|
|
|
@action(detail=False, methods=['get'])
|
|
def info(self, request, pk=None):
|
|
token = request.COOKIES.get('token')
|
|
if not token:
|
|
raise PermissionDenied
|
|
decode = jwt.decode(token, private_key, algorithms= ["HS256"])
|
|
|
|
user = User.objects.filter(id = decode.get('user_id')).values().first()
|
|
if (user == None):
|
|
raise PermissionDenied
|
|
|
|
return Response({
|
|
'id': user.get('id'),
|
|
'username': user.get('username'),
|
|
'first_name': user.get('first_name'),
|
|
'last_name': user.get('last_name'),
|
|
'email': user.get('email'),
|
|
'token': token,
|
|
})
|
|
|
|
@action(detail=False, methods=['post'])
|
|
def set_token(self, request, pk=None):
|
|
token = request.data.get('token')
|
|
decode = jwt.decode(token, private_key, algorithms= ["HS256"])
|
|
|
|
user = User.objects.filter(id = decode.get('user_id')).values().first()
|
|
if (user == None):
|
|
raise PermissionDenied
|
|
|
|
return Response({
|
|
'id': user.get('id'),
|
|
'username': user.get('username'),
|
|
'first_name': user.get('first_name'),
|
|
'last_name': user.get('last_name'),
|
|
'email': user.get('email'),
|
|
'token': token,
|
|
})
|
|
|
|
@action(detail=False, methods=['post'])
|
|
def logout(self, request, pk=None):
|
|
response = Response()
|
|
response.delete_cookie('token')
|
|
return response
|