Added authentication decorator & reset key functionality

RIGS/urls.py

@@ -4,6 +4,7 @@ from RIGS import views, rigboard, finance, ical
 from django.views.generic import RedirectView
 
 from PyRIGS.decorators import permission_required_with_403
+from PyRIGS.decorators import api_key_required
 
 urlpatterns = patterns('',
                        # Examples:
@@ -113,9 +114,10 @@ urlpatterns = patterns('',
                         name='profile_detail'),
                        url(r'^user/edit/$', login_required(views.ProfileUpdateSelf.as_view()),
                         name='profile_update_self'),
+                       url(r'^user/reset_api_key$', login_required(views.ResetApiKey.as_view(permanent=False)), name='reset_api_key'),
 
-                       # ICS Calendar - no authentication!
-                       url(r'^ical/rigs.ics$', (ical.CalendarICS()), name="ics_calendar"),
+                       # ICS Calendar - API key authentication
+                       url(r'^ical/(?P<api_pk>\d+)/(?P<api_key>\w+)/rigs.ics$', api_key_required(ical.CalendarICS()), name="ics_calendar"),
 
                        # API
                        url(r'^api/(?P<model>\w+)/$', (views.SecureAPIRequest.as_view()), name="api_secure"),

RIGS/views.py

@@ -287,4 +287,12 @@ class ProfileUpdateSelf(generic.UpdateView):
 
     def get_success_url(self):
         url =  reverse_lazy('profile_detail')
-        return url
+        return url
+
+class ResetApiKey(generic.RedirectView):
+    def get_redirect_url(self, *args, **kwargs):
+        self.request.user.api_key = self.request.user.make_api_key()
+        
+        self.request.user.save()
+
+        return reverse_lazy('profile_detail')