more API docs
This commit is contained in:
Laura Klünder
parent
d6149ba9f1
commit
64088759f5
2 changed files with 14 additions and 9 deletions
|
|
@ -1,8 +1,8 @@
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from ninja import Router as APIRouter
|
from ninja import Router as APIRouter, Field as APIField
|
||||||
from ninja import Schema
|
from ninja import Schema
|
||||||
|
|
||||||
from c3nav.api.auth import APIAuthMethod, auth_responses
|
from c3nav.api.auth import APIKeyType, auth_responses
|
||||||
from c3nav.api.utils import NonEmptyStr
|
from c3nav.api.utils import NonEmptyStr
|
||||||
from c3nav.control.models import UserPermissions
|
from c3nav.control.models import UserPermissions
|
||||||
|
|
||||||
|
|
@ -13,8 +13,13 @@ class AuthStatusSchema(Schema):
|
||||||
"""
|
"""
|
||||||
Current auth state and permissions
|
Current auth state and permissions
|
||||||
"""
|
"""
|
||||||
method: APIAuthMethod
|
key_type: APIKeyType = APIField(
|
||||||
readonly: bool
|
title="api key type",
|
||||||
|
)
|
||||||
|
readonly: bool = APIField(
|
||||||
|
title="read only",
|
||||||
|
description="if true, no API operations that modify data can be called"
|
||||||
|
)
|
||||||
scopes: list[str]
|
scopes: list[str]
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,7 @@ from c3nav.control.models import UserPermissions
|
||||||
FakeRequest = namedtuple('FakeRequest', ('session', ))
|
FakeRequest = namedtuple('FakeRequest', ('session', ))
|
||||||
|
|
||||||
|
|
||||||
class APIAuthMethod(StrEnum):
|
class APIKeyType(StrEnum):
|
||||||
ANONYMOUS = 'anonymous'
|
ANONYMOUS = 'anonymous'
|
||||||
SESSION = 'session'
|
SESSION = 'session'
|
||||||
SECRET = 'secret'
|
SECRET = 'secret'
|
||||||
|
|
@ -26,7 +26,7 @@ class APIAuthMethod(StrEnum):
|
||||||
|
|
||||||
@dataclass
|
@dataclass
|
||||||
class APIAuthDetails:
|
class APIAuthDetails:
|
||||||
method: APIAuthMethod
|
key_type: APIKeyType
|
||||||
readonly: bool
|
readonly: bool
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -59,7 +59,7 @@ class APITokenAuth(HttpBearer):
|
||||||
|
|
||||||
if token == "anonymous":
|
if token == "anonymous":
|
||||||
return APIAuthDetails(
|
return APIAuthDetails(
|
||||||
method=APIAuthMethod.ANONYMOUS,
|
key_type=APIKeyType.ANONYMOUS,
|
||||||
readonly=True,
|
readonly=True,
|
||||||
)
|
)
|
||||||
elif token.startswith("session:"):
|
elif token.startswith("session:"):
|
||||||
|
|
@ -70,7 +70,7 @@ class APITokenAuth(HttpBearer):
|
||||||
raise APITokenInvalid
|
raise APITokenInvalid
|
||||||
request.user = user
|
request.user = user
|
||||||
return APIAuthDetails(
|
return APIAuthDetails(
|
||||||
method=APIAuthMethod.SESSION,
|
key_type=APIKeyType.SESSION,
|
||||||
readonly=False,
|
readonly=False,
|
||||||
)
|
)
|
||||||
elif token.startswith("secret:"):
|
elif token.startswith("secret:"):
|
||||||
|
|
@ -92,7 +92,7 @@ class APITokenAuth(HttpBearer):
|
||||||
request.user_permissions = user_permissions
|
request.user_permissions = user_permissions
|
||||||
|
|
||||||
return APIAuthDetails(
|
return APIAuthDetails(
|
||||||
method=APIAuthMethod.SESSION,
|
key_type=APIKeyType.SESSION,
|
||||||
readonly=secret.readonly
|
readonly=secret.readonly
|
||||||
)
|
)
|
||||||
raise APITokenInvalid
|
raise APITokenInvalid
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue