mirror of
https://github.com/haiwen/seahub.git
synced 2025-07-17 08:41:40 +00:00
61 lines
1.9 KiB
Python
61 lines
1.9 KiB
Python
# Copyright (c) 2012-2016 Seafile Ltd.
|
|
from rest_framework.authentication import SessionAuthentication
|
|
from rest_framework.permissions import IsAuthenticated
|
|
from rest_framework.response import Response
|
|
from rest_framework.views import APIView
|
|
from rest_framework import status
|
|
|
|
from seahub.api2.throttling import UserRateThrottle
|
|
from seahub.api2.utils import api_error
|
|
from seahub.api2.models import Token
|
|
|
|
from seahub.settings import ENABLE_GET_AUTH_TOKEN_BY_SESSION
|
|
|
|
|
|
class AuthTokenBySession(APIView):
|
|
""" Get user's auth token.
|
|
"""
|
|
|
|
authentication_classes = (SessionAuthentication,)
|
|
permission_classes = (IsAuthenticated,)
|
|
throttle_classes = (UserRateThrottle,)
|
|
|
|
def get(self, request):
|
|
|
|
if not ENABLE_GET_AUTH_TOKEN_BY_SESSION:
|
|
error_msg = 'Feature is not enabled.'
|
|
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
|
|
|
username = request.user.username
|
|
try:
|
|
token_obj = Token.objects.get(user=username)
|
|
token = token_obj.key
|
|
except Token.DoesNotExist:
|
|
token = ''
|
|
|
|
return Response({'token': token})
|
|
|
|
def post(self, request):
|
|
|
|
if not ENABLE_GET_AUTH_TOKEN_BY_SESSION:
|
|
error_msg = 'Feature is not enabled.'
|
|
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
|
|
|
username = request.user.username
|
|
if len(Token.objects.filter(user=username)) > 0:
|
|
return api_error(status.HTTP_409_CONFLICT, 'Token already exists.')
|
|
|
|
token_obj = Token.objects.add_or_update(username)
|
|
return Response({'token': token_obj.key})
|
|
|
|
def delete(self, request):
|
|
|
|
if not ENABLE_GET_AUTH_TOKEN_BY_SESSION:
|
|
error_msg = 'Feature is not enabled.'
|
|
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
|
|
|
username = request.user.username
|
|
Token.objects.filter(user=username).delete()
|
|
|
|
return Response({'success': True})
|