Skip to content

Commit

Permalink
Merge pull request #147 from James1345/develop
Browse files Browse the repository at this point in the history
Develop
  • Loading branch information
belugame authored Dec 21, 2018
2 parents 517b6aa + 5dce590 commit f77752b
Show file tree
Hide file tree
Showing 6 changed files with 34 additions and 7 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
3.5.0
=====

- The context, token TTL and tokens per user settings in `LoginView` are now dynamic


3.4.0
=====

Expand Down
4 changes: 4 additions & 0 deletions docs/changes.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# Changelog

## 3.5.0

- The context, token TTL and tokens per user settings in `LoginView` are now dynamic

## 3.4.0
Our release cycle was broken since 3.1.5, hence you can not find the previous releases on pypi. We now fixed the problem.

Expand Down
8 changes: 7 additions & 1 deletion docs/views.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,12 @@ schemes. If you would like to use a different authentication scheme to the
default, you can extend this class to provide your own value for
`authentication_classes`

It is possible to customize LoginView behaviour by overriding the following
helper methods:
- `get_context`, to change the context passed to the `UserSerializer`
- `get_token_ttl`, to change the token ttl
- `get_token_limit_per_user`, to change the number of tokens available for a user

---
When the endpoint authenticates a request, a json object will be returned
containing the `token` key along with the actual value for the key by default.
Expand All @@ -22,8 +28,8 @@ containing the `token` key along with the actual value for the key by default.
If you wish to return custom data upon successful authentication
like `first_name`, `last_name`, and `username` then the included `UserSerializer`
class can be used inside `REST_KNOX` settings by adding `knox.serializers.UserSerializer`
---

---

Obviously, if your app uses a custom user model that does not have these fields,
a custom serializer must be used.
Expand Down
2 changes: 1 addition & 1 deletion knox/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ def authenticate_credentials(self, token):
except (TypeError, binascii.Error):
raise exceptions.AuthenticationFailed(msg)
if compare_digest(digest, auth_token.digest):
if knox_settings.AUTO_REFRESH:
if knox_settings.AUTO_REFRESH and auth_token.expires:
self.renew_token(auth_token)
return self.validate_user(auth_token)
raise exceptions.AuthenticationFailed(msg)
Expand Down
19 changes: 15 additions & 4 deletions knox/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,24 +16,35 @@ class LoginView(APIView):
authentication_classes = api_settings.DEFAULT_AUTHENTICATION_CLASSES
permission_classes = (IsAuthenticated,)

def get_context(self):
return {'request': self.request, 'format': self.format_kwarg, 'view': self}

def get_token_ttl(self):
return knox_settings.TOKEN_TTL

def get_token_limit_per_user(self):
return knox_settings.TOKEN_LIMIT_PER_USER

def post(self, request, format=None):
if knox_settings.TOKEN_LIMIT_PER_USER is not None:
token_limit_per_user = self.get_token_limit_per_user()
if token_limit_per_user is not None:
now = timezone.now()
token = request.user.auth_token_set.filter(expires__gt=now)
if token.count() >= knox_settings.TOKEN_LIMIT_PER_USER:
if token.count() >= token_limit_per_user:
return Response(
{"error": "Maximum amount of tokens allowed per user exceeded."},
status=status.HTTP_403_FORBIDDEN
)
token = AuthToken.objects.create(request.user)
token_ttl = self.get_token_ttl()
token = AuthToken.objects.create(request.user, token_ttl)
user_logged_in.send(sender=request.user.__class__,
request=request, user=request.user)
UserSerializer = knox_settings.USER_SERIALIZER
context = {'request': self.request, 'format': self.format_kwarg, 'view': self}
if UserSerializer is None:
return Response(
{'token': token}
)
context = self.get_context()
return Response({
'user': UserSerializer(request.user, context=context).data,
'token': token,
Expand Down
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
# Versions should comply with PEP440. For a discussion on single-sourcing
# the version across setup.py and the project code, see
# https://packaging.python.org/en/latest/single_source_version.html
version='3.4.0',
version='3.5.0',
description='Authentication for django rest framework',
long_description=long_description,
long_description_content_type='text/markdown',
Expand Down

0 comments on commit f77752b

Please sign in to comment.