Auth+cache fixess
authorRadek Czajka <rczajka@rczajka.pl>
Thu, 21 Feb 2019 15:30:44 +0000 (16:30 +0100)
committerRadek Czajka <rczajka@rczajka.pl>
Thu, 21 Feb 2019 15:30:44 +0000 (16:30 +0100)
src/api/utils.py
src/api/views.py
src/catalogue/api/views.py
src/search/fields.py
src/social/api/views.py

index 6dc7e45..045ce90 100644 (file)
@@ -3,7 +3,9 @@
 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
 #
 from django.http import HttpResponse
 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
 #
 from django.http import HttpResponse
+from django.utils.decorators import method_decorator
 from django.utils.encoding import iri_to_uri
 from django.utils.encoding import iri_to_uri
+from django.views.decorators.vary import vary_on_headers
 
 
 def oauthlib_request(request):
 
 
 def oauthlib_request(request):
@@ -31,3 +33,6 @@ def oauthlib_response((headers, body, status)):
             v = iri_to_uri(v)
         response[k] = v
     return response
             v = iri_to_uri(v)
         response[k] = v
     return response
+
+
+vary_on_auth = method_decorator(vary_on_headers('Authorization'), 'dispatch')
index 66c9258..f28a4e4 100644 (file)
@@ -16,7 +16,7 @@ from catalogue.models import Book
 from .models import BookUserData
 from . import serializers
 from .request_validator import PistonRequestValidator
 from .models import BookUserData
 from . import serializers
 from .request_validator import PistonRequestValidator
-from .utils import oauthlib_request, oauthlib_response
+from .utils import oauthlib_request, oauthlib_response, vary_on_auth
 
 
 class OAuth1RequestTokenEndpoint(RequestTokenEndpoint):
 
 
 class OAuth1RequestTokenEndpoint(RequestTokenEndpoint):
@@ -35,6 +35,7 @@ class OAuth1RequestTokenEndpoint(RequestTokenEndpoint):
         return urlencode(token.items())
 
 
         return urlencode(token.items())
 
 
+# Never Cache
 class OAuth1RequestTokenView(View):
     def __init__(self):
         self.endpoint = OAuth1RequestTokenEndpoint(PistonRequestValidator())
 class OAuth1RequestTokenView(View):
     def __init__(self):
         self.endpoint = OAuth1RequestTokenEndpoint(PistonRequestValidator())
@@ -66,6 +67,7 @@ class OAuth1AccessTokenEndpoint(AccessTokenEndpoint):
         return urlencode(token.items())
 
 
         return urlencode(token.items())
 
 
+# Never cache
 class OAuth1AccessTokenView(View):
     def __init__(self):
         self.endpoint = OAuth1AccessTokenEndpoint(PistonRequestValidator())
 class OAuth1AccessTokenView(View):
     def __init__(self):
         self.endpoint = OAuth1AccessTokenEndpoint(PistonRequestValidator())
@@ -78,6 +80,7 @@ class OAuth1AccessTokenView(View):
         )
 
 
         )
 
 
+@vary_on_auth
 class UserView(RetrieveAPIView):
     permission_classes = [IsAuthenticated]
     serializer_class = serializers.UserSerializer
 class UserView(RetrieveAPIView):
     permission_classes = [IsAuthenticated]
     serializer_class = serializers.UserSerializer
@@ -86,6 +89,7 @@ class UserView(RetrieveAPIView):
         return self.request.user
 
 
         return self.request.user
 
 
+@vary_on_auth
 class BookUserDataView(RetrieveAPIView):
     permission_classes = [IsAuthenticated]
     serializer_class = serializers.BookUserDataSerializer
 class BookUserDataView(RetrieveAPIView):
     permission_classes = [IsAuthenticated]
     serializer_class = serializers.BookUserDataSerializer
index ee345ba..4e2d4f9 100644 (file)
@@ -10,6 +10,7 @@ from rest_framework.response import Response
 from rest_framework import status
 from paypal.permissions import IsSubscribed
 from api.handlers import read_tags
 from rest_framework import status
 from paypal.permissions import IsSubscribed
 from api.handlers import read_tags
+from api.utils import vary_on_auth
 from .helpers import books_after, order_books
 from . import serializers
 from catalogue.forms import BookImportForm
 from .helpers import books_after, order_books
 from . import serializers
 from catalogue.forms import BookImportForm
@@ -26,12 +27,14 @@ class CollectionList(ListAPIView):
     serializer_class = serializers.CollectionListSerializer
 
 
     serializer_class = serializers.CollectionListSerializer
 
 
+@vary_on_auth  # Because of 'liked'.
 class CollectionDetail(RetrieveAPIView):
     queryset = Collection.objects.all()
     lookup_field = 'slug'
     serializer_class = serializers.CollectionSerializer
 
 
 class CollectionDetail(RetrieveAPIView):
     queryset = Collection.objects.all()
     lookup_field = 'slug'
     serializer_class = serializers.CollectionSerializer
 
 
+@vary_on_auth  # Because of 'liked'.
 class BookList(ListAPIView):
     permission_classes = [DjangoModelPermissionsOrAnonReadOnly]
     queryset = Book.objects.none()  # Required for DjangoModelPermissions
 class BookList(ListAPIView):
     permission_classes = [DjangoModelPermissionsOrAnonReadOnly]
     queryset = Book.objects.none()  # Required for DjangoModelPermissions
@@ -97,6 +100,7 @@ class BookList(ListAPIView):
             raise Http404
 
 
             raise Http404
 
 
+@vary_on_auth  # Because of 'liked'.
 class BookDetail(RetrieveAPIView):
     queryset = Book.objects.all()
     lookup_field = 'slug'
 class BookDetail(RetrieveAPIView):
     queryset = Book.objects.all()
     lookup_field = 'slug'
@@ -107,11 +111,13 @@ class EbookList(BookList):
     serializer_class = serializers.EbookSerializer
 
 
     serializer_class = serializers.EbookSerializer
 
 
+@vary_on_auth  # Because of 'liked'.
 class Preview(ListAPIView):
     queryset = Book.objects.filter(preview=True)
     serializer_class = serializers.BookPreviewSerializer
 
 
 class Preview(ListAPIView):
     queryset = Book.objects.filter(preview=True)
     serializer_class = serializers.BookPreviewSerializer
 
 
+@vary_on_auth  # Because of 'liked'.
 class FilterBookList(ListAPIView):
     serializer_class = serializers.FilterBookListSerializer
 
 class FilterBookList(ListAPIView):
     serializer_class = serializers.FilterBookListSerializer
 
@@ -224,6 +230,7 @@ class TagView(RetrieveAPIView):
         )
 
 
         )
 
 
+@vary_on_auth  # Because of 'liked'.
 class FragmentList(ListAPIView):
     serializer_class = serializers.FragmentSerializer
 
 class FragmentList(ListAPIView):
     serializer_class = serializers.FragmentSerializer
 
@@ -239,6 +246,7 @@ class FragmentList(ListAPIView):
         return Fragment.tagged.with_all(tags).select_related('book')
 
 
         return Fragment.tagged.with_all(tags).select_related('book')
 
 
+@vary_on_auth  # Because of 'liked'.
 class FragmentView(RetrieveAPIView):
     serializer_class = serializers.FragmentDetailSerializer
 
 class FragmentView(RetrieveAPIView):
     serializer_class = serializers.FragmentDetailSerializer
 
index 9572fa3..e2cfb54 100755 (executable)
@@ -19,6 +19,7 @@ class JQueryAutoCompleteWidget(forms.TextInput):
 
     def render(self, name, value=None, attrs=None):
         final_attrs = self.build_attrs(self.attrs, attrs)
 
     def render(self, name, value=None, attrs=None):
         final_attrs = self.build_attrs(self.attrs, attrs)
+        final_attrs["name"] = name
         if value:
             final_attrs['value'] = smart_unicode(value)
 
         if value:
             final_attrs['value'] = smart_unicode(value)
 
index 555fd84..1be5210 100644 (file)
@@ -8,12 +8,14 @@ from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from api.models import BookUserData
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from api.models import BookUserData
+from api.utils import vary_on_auth
 from catalogue.api.helpers import order_books, books_after
 from catalogue.api.serializers import BookSerializer
 from catalogue.models import Book
 from social.utils import likes
 
 
 from catalogue.api.helpers import order_books, books_after
 from catalogue.api.serializers import BookSerializer
 from catalogue.models import Book
 from social.utils import likes
 
 
+@vary_on_auth
 class LikeView(APIView):
     permission_classes = [IsAuthenticated]
 
 class LikeView(APIView):
     permission_classes = [IsAuthenticated]
 
@@ -31,6 +33,7 @@ class LikeView(APIView):
         return Response({})
 
 
         return Response({})
 
 
+@vary_on_auth
 class ShelfView(ListAPIView):
     permission_classes = [IsAuthenticated]
     serializer_class = BookSerializer
 class ShelfView(ListAPIView):
     permission_classes = [IsAuthenticated]
     serializer_class = BookSerializer