team-3/src/c3nav/api/auth.py

from django.utils.translation import gettext_lazy as _
from rest_framework.authentication import TokenAuthentication
from rest_framework.exceptions import AuthenticationFailed


class APISecretAuthentication(TokenAuthentication):
    def authenticate_credentials(self, key):
        from c3nav.control.models import UserPermissions

        try:
            user_perms = UserPermissions.objects.exclude(api_secret='').exclude(api_secret__isnull=True).filter(
                api_secret=key
            ).get()
        except UserPermissions.DoesNotExist:
            raise AuthenticationFailed(_('Invalid token.'))

        if not user_perms.user.is_active:
            raise AuthenticationFailed(_('User inactive or deleted.'))

        return (user_perms.user, user_perms)
add api_secret auth and (mostly) finalize firmware endpoint 2023-11-05 19:09:36 +01:00			`from django.utils.translation import gettext_lazy as _`
			`from rest_framework.authentication import TokenAuthentication`
			`from rest_framework.exceptions import AuthenticationFailed`


			`class APISecretAuthentication(TokenAuthentication):`
			`def authenticate_credentials(self, key):`
			`from c3nav.control.models import UserPermissions`

			`try:`
			`user_perms = UserPermissions.objects.exclude(api_secret='').exclude(api_secret__isnull=True).filter(`
			`api_secret=key`
			`).get()`
			`except UserPermissions.DoesNotExist:`
			`raise AuthenticationFailed(_('Invalid token.'))`

			`if not user_perms.user.is_active:`
			`raise AuthenticationFailed(_('User inactive or deleted.'))`

			`return (user_perms.user, user_perms)`