X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/ea221b2bc448ce22dfda4f1ead2968fa7de31771..59947fddf28d67c6822267c8a0fc28e13a6e9175:/src/api/drf_auth.py diff --git a/src/api/drf_auth.py b/src/api/drf_auth.py index ca6a49188..813d9298e 100644 --- a/src/api/drf_auth.py +++ b/src/api/drf_auth.py @@ -1,10 +1,11 @@ -# -*- coding: utf-8 -*- -# This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later. -# Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information. +# This file is part of Wolne Lektury, licensed under GNU Affero GPLv3 or later. +# Copyright © Fundacja Wolne Lektury. See NOTICE for more information. # from oauthlib.oauth1 import ResourceEndpoint -from rest_framework.authentication import BaseAuthentication +from rest_framework.authentication import BaseAuthentication, TokenAuthentication from .request_validator import PistonRequestValidator +from .utils import oauthlib_request +from .models import Token class PistonOAuthAuthentication(BaseAuthentication): @@ -17,13 +18,11 @@ class PistonOAuthAuthentication(BaseAuthentication): def authenticate(self, request): v, r = self.provider.validate_protected_resource_request( - request.build_absolute_uri(), - http_method=request.method, - body=request.body, - headers={ - "Authorization": request.META['HTTP_AUTHORIZATION'], - "Content-Type": request.content_type, - } if 'HTTP_AUTHORIZATION' in request.META else None + **oauthlib_request(request) ) if v: return r.token.user, r.token + + +class WLTokenAuthentication(TokenAuthentication): + model = Token