[A] add token authentication

[U] update OfficeHoursAPI, use CreateAPIView
2019-06-19 18:56:00 +08:00 · 2019-06-19 18:56:00 +08:00 · 97054f38fb
commit 97054f38fb
parent 25572c23c2
5 changed files with 71 additions and 22 deletions
--- a/dsite/settings.py
+++ b/dsite/settings.py
@ -1 +1,8 @@
 from .settings_default import *
+REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework.authentication.BasicAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+    ),
+    'PAGE_SIZE': 10
+}
--- a/dsite/settings_default.py
+++ b/dsite/settings_default.py
@ -38,8 +38,10 @@ INSTALLED_APPS = [
    'django.contrib.messages',
    'django.contrib.staticfiles',

+
    # third party
    'rest_framework',
+    'rest_framework.authtoken',

    # user apps
    'timer',
--- a/dsite/urls.py
+++ b/dsite/urls.py
@ -19,12 +19,15 @@ from django.urls import include, path
 from django.conf.urls import url

 from rest_framework import routers
+from rest_framework.authtoken import views

 router = routers.DefaultRouter()
 # Wire up our API using automatic URL routing.
 # Additionally, we include login URLs for the browsable API.
+
 urlpatterns = [
    path('', include(router.urls)),
    path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
+    path('api-auth-token/', views.obtain_auth_token, name='api-auth-token'),
    url('timer/', include('timer.urls')),
 ]
--- a/timer/urls.py
+++ b/timer/urls.py
@ -7,5 +7,5 @@ from timer import views
 # Wire up our API using automatic URL routing.
 # Additionally, we include login URLs for the browsable API.
 urlpatterns = [
-    url('office-hours', views.OfficeHoursViewSet.as_view({'get': 'list'}))
+    url('office-hours', views.OfficeHoursAPI.as_view())
 ]
--- a/timer/views.py
+++ b/timer/views.py
@ -1,31 +1,68 @@
 from django.contrib.auth.models import User, Group
 from django.shortcuts import render
-from rest_framework import viewsets
+from rest_framework import authentication, permissions, status, viewsets
+from rest_framework.generics import CreateAPIView
+from rest_framework.response import Response
+from rest_framework.views import APIView

 import timer.serializers
 import timer.models

-
-class OfficeHoursViewSet(viewsets.ModelViewSet):
-  """
-  API endpoint that allows office hours to be viewed or edited.
-  """
-
-  queryset = timer.models.OfficeHours.objects.order_by('-id')
-  serializer_class = timer.serializers.OfficeHoursSerializer
+import datetime


-class UserViewSet(viewsets.ModelViewSet):
-  """
-  API endpoint that allows users to be viewed or edited.
-  """
-  queryset = User.objects.all().order_by('-date_joined')
-  serializer_class = timer.serializers.UserSerializer
+# class OfficeHoursViewSet(viewsets.ModelViewSet):
+#   """
+#   API endpoint that allows office hours to be viewed or edited.
+#   """
+
+#   queryset = timer.models.OfficeHours.objects.order_by('-id')
+#   serializer_class = timer.serializers.OfficeHoursSerializer


-class GroupViewSet(viewsets.ModelViewSet):
-  """
-  API endpoint that allows groups to be viewed or edited.
-  """
-  queryset = Group.objects.all()
-  serializer_class = timer.serializers.GroupSerializer
+# class UserViewSet(viewsets.ModelViewSet):
+#   """
+#   API endpoint that allows users to be viewed or edited.
+#   """
+#   queryset = User.objects.all().order_by('-date_joined')
+#   serializer_class = timer.serializers.UserSerializer
+
+
+# class GroupViewSet(viewsets.ModelViewSet):
+#   """
+#   API endpoint that allows groups to be viewed or edited.
+#   """
+#   queryset = Group.objects.all()
+#   serializer_class = timer.serializers.GroupSerializer
+
+
+class OfficeHoursAPI(CreateAPIView):
+
+  authentication_classes = (authentication.TokenAuthentication,
+                            authentication.SessionAuthentication,
+                            authentication.BasicAuthentication)
+  permission_classes = (permissions.IsAuthenticated,)
+
+  queryset = timer.models.OfficeHours.objects.all()
+
+  def create(self, request, *args, **kwargs):
+    begins_at = request.data.get('begins_at')
+    if not begins_at:
+      raise
+    try:
+      begins_at = datetime.datetime.strptime(begins_at, '%Y-%m-%d %H:%M')
+      ends_at = begins_at + datetime.timedelta(hours=9.5)
+      oh, __ = timer.models.OfficeHours.objects.get_or_create(
+        begins_at=begins_at,
+        ends_at=ends_at,
+        user=request.user)
+    except ValueError:
+      raise
+
+    resp_data = {
+      'begins_at': begins_at.strftime('%Y-%m-%d %H:%M'),
+      'ends_at': ends_at.strftime('%Y-%m-%d %H:%M'),
+    }
+
+    return Response(resp_data, status=status.HTTP_201_CREATED)
+