dovodi
/
Dovodi_Backend
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
52 Commits
1 Branch
0 Tags
70 MiB
 
 
Tree: e25fcef5bd
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e25fcef5bd'
${ noResults }
Dovodi_Backend/apps/api/views/swagger_views.py

83 lines
3.1 KiB
Raw Blame History

from django.shortcuts import render, redirect
from django.views import View
from django.contrib import messages
from django.contrib.admin.views.decorators import staff_member_required
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt
from django.urls import reverse
from rest_framework.authtoken.models import Token
@method_decorator([staff_member_required, csrf_exempt], name='dispatch')
class CustomSwaggerView(View):
"""
Custom Swagger UI view with authentication banner
Requires admin login to access
"""
def get(self, request):
# Generate dynamic swagger spec URL based on current language
try:
swagger_spec_url = reverse('schema-json', kwargs={'format': '.json'})
except:
# Fallback to hardcoded URL if reverse fails
swagger_spec_url = '/en/swagger.json'
context = {
'swagger_spec_url': swagger_spec_url,
'request': request,
}
return render(request, 'swagger/ui.html', context)
@method_decorator(staff_member_required, name='dispatch')
class SwaggerTokenAuthView(View):
"""
Token authentication management for Swagger
"""
def get(self, request):
context = {
'current_token': request.session.get('swagger_token'),
'user_info': request.session.get('swagger_user_info'),
}
return render(request, 'swagger/auth.html', context)
def post(self, request):
token = request.POST.get('token', '').strip()
if not token or len(token) != 40:
messages.error(request, 'Token must be exactly 40 characters long')
return redirect('swagger-token-auth')
try:
token_obj = Token.objects.get(key=token)
user = token_obj.user
if not user.is_active:
messages.error(request, 'User account is not active')
return redirect('swagger-token-auth')
request.session['swagger_token'] = token
request.session['swagger_user_info'] = {
'id': user.id,
'email': user.email,
'fullname': getattr(user, 'fullname', user.email),
'is_staff': user.is_staff,
'is_superuser': user.is_superuser,
'user_type': 'User'
}
messages.success(request, f'Successfully authenticated as {user.email}')
return redirect('schema-swagger-ui')
except Token.DoesNotExist:
messages.error(request, 'Invalid token')
return redirect('swagger-token-auth')
@staff_member_required
def clear_swagger_auth(request):
"""Clear swagger authentication from session"""
if 'swagger_token' in request.session:
del request.session['swagger_token']
if 'swagger_user_info' in request.session:
del request.session['swagger_user_info']
messages.success(request, 'Successfully logged out from Swagger')
return redirect('swagger-token-auth')