views.py 2.61 KB
Newer Older
1 2 3
"""
go/views.py

David Haynes's avatar
David Haynes committed
4 5 6
The functions that handle a request to a given URL. Get some data, manipulate
it, and return a rendered template.
"""
David Haynes's avatar
David Haynes committed
7
from django.shortcuts import get_object_or_404, redirect
8
from rest_framework import viewsets, permissions
David Haynes's avatar
David Haynes committed
9 10 11 12
from rest_framework.authentication import TokenAuthentication, SessionAuthentication
from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework.authtoken.models import Token
13
from rest_framework.permissions import IsAuthenticated, AllowAny
14 15 16 17
from rest_framework.authtoken.views import ObtainAuthToken

from .serializers import URLSerializer
from .models import URL
David Haynes's avatar
David Haynes committed
18

19

David Haynes's avatar
David Haynes committed
20
class URLPermission(permissions.BasePermission):
David Haynes's avatar
David Haynes committed
21 22
    """Custom permission check on URL model operations."""

23
    message = "You do not have the necessary permission to perform that action on that URL object."
David Haynes's avatar
David Haynes committed
24

David Haynes's avatar
David Haynes committed
25
    def has_permission(self, request, view):
26
        """Has permission to interact with URL"""
27
        return True
28

David Haynes's avatar
David Haynes committed
29
    def has_object_permission(self, request, view, obj):
30
        """Has permission to interact with a specific URL object"""
31
        return obj.owner == request.user.registereduser
32

David Haynes's avatar
David Haynes committed
33

David Haynes's avatar
David Haynes committed
34
class URLViewSet(viewsets.ModelViewSet):
35
    """
David Haynes's avatar
David Haynes committed
36
    API endpoint that handles creation/read/update/deletion of URL objects.
37
    """
David Haynes's avatar
David Haynes committed
38

39
    authentication_classes = (TokenAuthentication, SessionAuthentication)
David Haynes's avatar
David Haynes committed
40
    serializer_class = URLSerializer
David Haynes's avatar
David Haynes committed
41 42
    permission_classes = (URLPermission, IsAuthenticated)
    lookup_field = "short"
David Haynes's avatar
David Haynes committed
43 44

    def get_queryset(self):
45
        return URL.objects.filter(owner=self.request.user.registereduser)
David Haynes's avatar
David Haynes committed
46 47 48

    def perform_create(self, serializer):
        serializer.save(owner=self.request.user.registereduser)
David Haynes's avatar
David Haynes committed
49 50 51 52 53 54 55 56 57 58


class CustomAuthToken(ObtainAuthToken):
    authentication_classes = (SessionAuthentication,)
    permission_classes = (IsAuthenticated,)

    def get(self, request, *args, **kwargs):
        token, created = Token.objects.get_or_create(user=request.user)
        return Response({"token": token.key})

59 60 61 62

class GetSessionInfo(APIView):
    """Handy endpoint to return current user session status & information to the frontend."""

63
    permission_classes = (AllowAny,)
64 65 66 67 68 69 70

    def get(self, request, *args, **kwargs):
        session_info = {
            "username": request.user.username,
            "is_authenticated": request.user.is_authenticated,
        }
        return Response(session_info)
David Haynes's avatar
David Haynes committed
71 72 73 74 75 76 77 78 79 80


def redirection(request, short):
    """
    This view redirects a user based on the short URL they requested.
    """
    # Get the URL object that relates to the requested Go link
    url = get_object_or_404(URL, short__iexact=short)

    return redirect(url.destination)