forked from enviPath/enviPy
Tobias O
5789f20e7f
Add API key authentication to v1 API Also includes: - management command to create keys for users - Improvements to API tests Minor: - more robust way to start docker dev container. Reviewed-on: enviPath/enviPy#327 Co-authored-by: Tobias O <tobias.olenyi@envipath.com> Co-committed-by: Tobias O <tobias.olenyi@envipath.com>
35 lines
901 B
Python
35 lines
901 B
Python
import hashlib
|
|
|
|
from ninja.security import HttpBearer
|
|
from ninja.errors import HttpError
|
|
|
|
from epdb.models import APIToken
|
|
|
|
|
|
class BearerTokenAuth(HttpBearer):
|
|
def authenticate(self, request, token):
|
|
if token is None:
|
|
return None
|
|
|
|
hashed_token = hashlib.sha256(token.encode()).hexdigest()
|
|
user = APIToken.authenticate(hashed_token, hashed=True)
|
|
if not user:
|
|
raise HttpError(401, "Invalid or expired token")
|
|
|
|
request.user = user
|
|
return user
|
|
|
|
|
|
class OptionalBearerTokenAuth:
|
|
"""Bearer auth that allows unauthenticated access.
|
|
|
|
Validates the Bearer token if present (401 on invalid token),
|
|
otherwise lets the request through for anonymous/session access.
|
|
"""
|
|
|
|
def __init__(self):
|
|
self._bearer = BearerTokenAuth()
|
|
|
|
def __call__(self, request):
|
|
return self._bearer(request) or request.user
|