team-3/src/c3nav/api/api.py

from django.conf import settings
from ninja import Field as APIField
from ninja import Router as APIRouter
from ninja import Schema

from c3nav.api.auth import APIKeyType, auth_responses
from c3nav.api.utils import NonEmptyStr
from c3nav.control.models import UserPermissions

auth_api_router = APIRouter(tags=["auth"])


class AuthStatusSchema(Schema):
    """
    Current auth state and permissions
    """
    key_type: APIKeyType = APIField(
        title="api key type",
        description="the type of api key that is being used"
    )
    readonly: bool = APIField(
        title="read only",
        description="if true, no API operations that modify data can be called"
    )
    scopes: list[str] = APIField(
        title="authorized scopes",
        description="scopes available with the current authorization",
    )


@auth_api_router.get('/status/', summary="get status",
                     description="Returns details about the current authentication",
                     response={200: AuthStatusSchema, **auth_responses})
def get_status(request):
    permissions = UserPermissions.get_for_user(request.user)
    scopes = [
        *(p for p in ("editor_access", "grant_permissions", "mesh_control") if getattr(permissions, p)),
        *([] if request.auth.readonly else ["write"]),
    ]
    return AuthStatusSchema(
        method=request.auth.method,
        readonly=request.auth.readonly,
        scopes=scopes,
    )


class APITokenSchema(Schema):
    token: NonEmptyStr = APIField(
        title="API token",
        description="API token to be directly used with `Authorization: Bearer <token>` HTTP header."
    )


@auth_api_router.get('/session/', response=APITokenSchema, auth=None,
                     summary="get session-bound token")
def session_token(request):
    """
    Get an API token that is bound to the transmitted session cookie.

    Keep in mind that this API token will be invalid if the session gets signed out or similar.
    """
    session_id = request.COOKIES.get(settings.SESSION_COOKIE_NAME, None)
    return {"token": "anonymous" if session_id is None else f"session:{session_id}"}
add v2 session auth api 2023-11-14 17:54:56 +01:00			`from django.conf import settings`
update BoundsSchema docs 2023-12-04 13:55:24 +01:00			`from ninja import Field as APIField`
			`from ninja import Router as APIRouter`
add v2 session auth api 2023-11-14 17:54:56 +01:00			`from ninja import Schema`

more API docs 2023-12-04 13:04:35 +01:00			`from c3nav.api.auth import APIKeyType, auth_responses`
some more documentation in the API and in the API code 2023-11-19 00:12:10 +01:00			`from c3nav.api.utils import NonEmptyStr`
add auth status api endpoint 2023-12-02 01:31:58 +01:00			`from c3nav.control.models import UserPermissions`
some more documentation in the API and in the API code 2023-11-19 00:12:10 +01:00
add v2 session auth api 2023-11-14 17:54:56 +01:00			`auth_api_router = APIRouter(tags=["auth"])`


add auth status api endpoint 2023-12-02 01:31:58 +01:00			`class AuthStatusSchema(Schema):`
			`"""`
			`Current auth state and permissions`
			`"""`
more API docs 2023-12-04 13:04:35 +01:00			`key_type: APIKeyType = APIField(`
			`title="api key type",`
don't scream at API docs readers 2023-12-04 19:32:11 +01:00			`description="the type of api key that is being used"`
more API docs 2023-12-04 13:04:35 +01:00			`)`
			`readonly: bool = APIField(`
			`title="read only",`
			`description="if true, no API operations that modify data can be called"`
			`)`
more api docs and tweaks for auth and updates API 2023-12-04 13:46:32 +01:00			`scopes: list[str] = APIField(`
			`title="authorized scopes",`
			`description="scopes available with the current authorization",`
			`)`
add auth status api endpoint 2023-12-02 01:31:58 +01:00

improve api documentation for redoc 2023-12-03 19:04:23 +01:00			`@auth_api_router.get('/status/', summary="get status",`
			`description="Returns details about the current authentication",`
add auth status api endpoint 2023-12-02 01:31:58 +01:00			`response={200: AuthStatusSchema, **auth_responses})`
			`def get_status(request):`
			`permissions = UserPermissions.get_for_user(request.user)`
			`scopes = [`
			`*(p for p in ("editor_access", "grant_permissions", "mesh_control") if getattr(permissions, p)),`
			`*([] if request.auth.readonly else ["write"]),`
			`]`
			`return AuthStatusSchema(`
			`method=request.auth.method,`
			`readonly=request.auth.readonly,`
			`scopes=scopes,`
			`)`


add v2 session auth api 2023-11-14 17:54:56 +01:00			`class APITokenSchema(Schema):`
more api docs and tweaks for auth and updates API 2023-12-04 13:46:32 +01:00			`token: NonEmptyStr = APIField(`
			`title="API token",`
			description="API token to be directly used with `Authorization: Bearer <token>` HTTP header."
			`)`
add v2 session auth api 2023-11-14 17:54:56 +01:00

update api endpoints to use new auth 2023-11-14 18:29:21 +01:00			`@auth_api_router.get('/session/', response=APITokenSchema, auth=None,`
improve api documentation for redoc 2023-12-03 19:04:23 +01:00			`summary="get session-bound token")`
add v2 session auth api 2023-11-14 17:54:56 +01:00			`def session_token(request):`
more api docs and tweaks for auth and updates API 2023-12-04 13:46:32 +01:00			`"""`
			`Get an API token that is bound to the transmitted session cookie.`

			`Keep in mind that this API token will be invalid if the session gets signed out or similar.`
			`"""`
update api endpoints to use new auth 2023-11-14 18:29:21 +01:00			`session_id = request.COOKIES.get(settings.SESSION_COOKIE_NAME, None)`
			`return {"token": "anonymous" if session_id is None else f"session:{session_id}"}`