fnp / wolnelektury.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Start replacing Piston in OAuth flow with OAuthLib.
[wolnelektury.git] / src / api / views.py
diff --git a/src/api/views.py b/src/api/views.py
index 812be83..6d462fa 100644 (file)
--- a/src/api/views.py
+++ b/src/api/views.py
@@ -1,11 +1,55 @@
-from django.http import Http404
+# -*- coding: utf-8 -*-
+# This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
+# Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
+#
+from django.http import Http404, HttpResponse
+from oauthlib.common import urlencode
+from oauthlib.oauth1 import RequestTokenEndpoint
+from piston.models import KEY_SIZE, SECRET_SIZE
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from rest_framework.generics import RetrieveAPIView, get_object_or_404
+from rest_framework.generics import ListAPIView, RetrieveAPIView, get_object_or_404
+from migdal.models import Entry
 from catalogue.models import Book
 from .models import BookUserData
 from . import serializers
+from .request_validator import PistonRequestValidator
+
+
+class OAuth1RequestTokenEndpoint(RequestTokenEndpoint):
+    def _create_request(self, *args, **kwargs):
+        r = super(OAuth1RequestTokenEndpoint, self)._create_request(*args, **kwargs)
+        r.redirect_uri = 'oob'
+        return r
+
+    def create_request_token(self, request, credentials):
+        token = {
+            'oauth_token': self.token_generator()[:KEY_SIZE],
+            'oauth_token_secret': self.token_generator()[:SECRET_SIZE],
+        }
+        token.update(credentials)
+        self.request_validator.save_request_token(token, request)
+        return urlencode(token.items())
+
+
+class OAuth1RequestTokenView(APIView):
+    def __init__(self):
+        self.endpoint = OAuth1RequestTokenEndpoint(PistonRequestValidator())
+    def dispatch(self, request):
+        headers, body, status = self.endpoint.create_request_token_response(
+            request.build_absolute_uri(),
+            request.method,
+            request.body,
+            {
+                "Authorization": request.META['HTTP_AUTHORIZATION']
+            } if 'HTTP_AUTHORIZATION' in request.META else None
+        )
+
+        response = HttpResponse(body, status=status)
+        for k, v in headers.items():
+            response[k] = v
+        return response
 
 
 class UserView(RetrieveAPIView):
@@ -39,3 +83,17 @@ class BookUserDataView(RetrieveAPIView):
         instance = BookUserData.update(book, request.user, state)
         serializer = self.get_serializer(instance)
         return Response(serializer.data)
+
+
+class BlogView(ListAPIView):
+    serializer_class = serializers.BlogSerializer
+
+    def get_queryset(self):
+        after = self.request.query_params.get('after')
+        count = int(self.request.query_params.get('count', 20))
+        entries = Entry.published_objects.filter(in_stream=True).order_by('-first_published_at')
+        if after:
+            entries = entries.filter(first_published_at__lt=after)
+        if count:
+            entries = entries[:count]
+        return entries