Merge branch 'api-token-auth' into 'development'

feat: API token auth

See merge request nofusscomputing/projects/django_template!3

app/api/tests/test_api_access.py

@@ -0,0 +1,217 @@
+from django.shortcuts import reverse
+from django.test import TestCase, Client
+
+import pytest
+import unittest
+
+
+
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_auth_required(user):
+    """Ensure that no api access has been granted
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_home(user):
+    """Ensure api home view visible once logged in
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_view_organization(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_view_team(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_add_organization(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_add_team(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_change_organization(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_change_team(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_delete_organization(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_delete_team(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_view_device(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_add_device(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_change_device(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_delete_device(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_view_software(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_add_software(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_change_software(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+@pytest.mark.skip(reason="to be written")
+def test_api_access_model_delete_software(user):
+    """Ensure api model access
+
+        test_api_access_model_view_organization = test_api_access_model_<action>_<model name>
+
+        Test to ensure that action can only occur when authenticated and against the model
+    """
+    pass
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

app/api/views/access.py

@@ -1,4 +1,4 @@
-from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
+# from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
 
 from rest_framework import generics
 
@@ -7,7 +7,7 @@ from api.serializers.access import OrganizationSerializer, TeamSerializer
 
 
 
-class OrganizationList(PermissionRequiredMixin, LoginRequiredMixin, generics.ListCreateAPIView):
+class OrganizationList(generics.ListCreateAPIView):
     permission_required = 'access.view_organization'
     queryset = Organization.objects.all()
     serializer_class = OrganizationSerializer
@@ -18,7 +18,7 @@ class OrganizationList(PermissionRequiredMixin, LoginRequiredMixin, generics.Lis
 
 
 
-class OrganizationDetail(PermissionRequiredMixin, LoginRequiredMixin, generics.RetrieveUpdateDestroyAPIView):
+class OrganizationDetail(generics.RetrieveUpdateDestroyAPIView):
     permission_required = 'access.view_organization'
     queryset = Organization.objects.all()
     serializer_class = OrganizationSerializer

app/api/views/index.py

@@ -1,4 +1,4 @@
-from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
+# from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
 from django.contrib.auth.models import User
 from django.utils.safestring import mark_safe
 
@@ -9,7 +9,7 @@ from rest_framework.reverse import reverse
 
 
 
-class IndexView(PermissionRequiredMixin, LoginRequiredMixin, routers.APIRootView):
+class IndexView(routers.APIRootView):
 
     permission_required = 'access.view_organization'
 

app/api/views/itam/device.py

@@ -1,4 +1,4 @@
-from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
+# from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
 
 from rest_framework import generics
 
@@ -6,7 +6,7 @@ from itam.models.device import Device
 from api.serializers.itam.device import DeviceSerializer
 
 
-class List(PermissionRequiredMixin, LoginRequiredMixin, generics.ListCreateAPIView):
+class List(generics.ListCreateAPIView):
     permission_required = 'itam.view_device'
     queryset = Device.objects.all()
     serializer_class = DeviceSerializer
@@ -15,7 +15,7 @@ class List(PermissionRequiredMixin, LoginRequiredMixin, generics.ListCreateAPIVi
         return "Devices"
 
 
-class Detail(PermissionRequiredMixin, LoginRequiredMixin, generics.RetrieveUpdateDestroyAPIView):
+class Detail(generics.RetrieveUpdateDestroyAPIView):
     permission_required = 'itam.view_device'
     queryset = Device.objects.all()
     serializer_class = DeviceSerializer

app/api/views/itam/software.py

@@ -1,4 +1,4 @@
-from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
+# from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
 
 from rest_framework import generics
 
@@ -6,7 +6,7 @@ from itam.models.software import Software
 from api.serializers.itam.software import SoftwareSerializer
 
 
-class List(PermissionRequiredMixin, LoginRequiredMixin, generics.ListCreateAPIView):
+class List(generics.ListCreateAPIView):
     permission_required = 'itam.view_software'
     queryset = Software.objects.all()
     serializer_class = SoftwareSerializer
@@ -15,7 +15,7 @@ class List(PermissionRequiredMixin, LoginRequiredMixin, generics.ListCreateAPIVi
         return "Softwares"
 
 
-class Detail(PermissionRequiredMixin, LoginRequiredMixin, generics.RetrieveUpdateDestroyAPIView):
+class Detail(generics.RetrieveUpdateDestroyAPIView):
     permission_required = 'itam.view_software'
     queryset = Software.objects.all()
     serializer_class = SoftwareSerializer

app/app/settings.py

@@ -41,6 +41,7 @@ INSTALLED_APPS = [
     'django.contrib.staticfiles',
     'rest_framework',
     'rest_framework_json_api',
+    'rest_framework.authtoken',
     'social_django',
     'core.apps.CoreConfig',
     'access.apps.AccessConfig',
@@ -158,7 +159,11 @@ if API_ENABLED:
     REST_FRAMEWORK = {
         'PAGE_SIZE': 10,
         'EXCEPTION_HANDLER': 'rest_framework_json_api.exceptions.exception_handler',
+        'DEFAULT_PERMISSION_CLASSES': (
+            'rest_framework.permissions.IsAuthenticated',
+        ),
         'DEFAULT_AUTHENTICATION_CLASSES': [
+            'rest_framework.authentication.TokenAuthentication',
             'rest_framework.authentication.SessionAuthentication',
         ],
         'DEFAULT_PAGINATION_CLASS':

docs/projects/django-template/api.md

@@ -6,3 +6,18 @@ template: project.html
 about: https://gitlab.com/nofusscomputing/infrastructure/configuration-management/django_app
 ---
 
+
+## Access
+
+to access the api, it can be done with the following command:
+
+``` bash
+
+curl -X GET http://127.0.0.1:8000/api/ -H 'Authorization: Token <token>'
+
+```
+
+
+## User Token
+
+To generate a user token to access the api, use command `python3 manage.py drf_create_token <username>`