From a7f392f0bcdde9cc3685849f3ffc08dd700d5cd1 Mon Sep 17 00:00:00 2001 From: David Taylor Date: Sun, 19 Apr 2015 17:07:28 +0100 Subject: [PATCH] Added authentication decorator & reset key functionality --- RIGS/urls.py | 6 ++++-- RIGS/views.py | 10 +++++++++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/RIGS/urls.py b/RIGS/urls.py index 12cc015d..3b3937b4 100644 --- a/RIGS/urls.py +++ b/RIGS/urls.py @@ -4,6 +4,7 @@ from RIGS import views, rigboard, finance, ical from django.views.generic import RedirectView from PyRIGS.decorators import permission_required_with_403 +from PyRIGS.decorators import api_key_required urlpatterns = patterns('', # Examples: @@ -113,9 +114,10 @@ urlpatterns = patterns('', name='profile_detail'), url(r'^user/edit/$', login_required(views.ProfileUpdateSelf.as_view()), name='profile_update_self'), + url(r'^user/reset_api_key$', login_required(views.ResetApiKey.as_view(permanent=False)), name='reset_api_key'), - # ICS Calendar - no authentication! - url(r'^ical/rigs.ics$', (ical.CalendarICS()), name="ics_calendar"), + # ICS Calendar - API key authentication + url(r'^ical/(?P\d+)/(?P\w+)/rigs.ics$', api_key_required(ical.CalendarICS()), name="ics_calendar"), # API url(r'^api/(?P\w+)/$', (views.SecureAPIRequest.as_view()), name="api_secure"), diff --git a/RIGS/views.py b/RIGS/views.py index 57feffaa..dd4176a2 100644 --- a/RIGS/views.py +++ b/RIGS/views.py @@ -287,4 +287,12 @@ class ProfileUpdateSelf(generic.UpdateView): def get_success_url(self): url = reverse_lazy('profile_detail') - return url \ No newline at end of file + return url + +class ResetApiKey(generic.RedirectView): + def get_redirect_url(self, *args, **kwargs): + self.request.user.api_key = self.request.user.make_api_key() + + self.request.user.save() + + return reverse_lazy('profile_detail') \ No newline at end of file