Skip to content

Instantly share code, notes, and snippets.

@Pekk4

Pekk4/Django token auth backend

Forked from tetafro/Django token auth backend
Created April 5, 2023 17:25
Show Gist options
  • Save Pekk4/2342c70217848cb84ac548e6cfa02be9 to your computer and use it in GitHub Desktop.
Save Pekk4/2342c70217848cb84ac548e6cfa02be9 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. Denis Ivanov revised this gist Dec 13, 2017. 2 changed files with 5 additions and 1 deletion.
    0 Django token auth backend → Django token auth backend
    View file
    File renamed without changes.
    6 changes: 5 additions & 1 deletion settings.py
    View file
    Original file line number Diff line number Diff line change
    @@ -1 +1,5 @@
    MIDDLEWARE += ['core.middleware.AuthAPI']
    MIDDLEWARE += ['core.middleware.AuthAPI']
    AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'core.backends.TokenBackend',
    ]
  2. Denis Ivanov created this gist Dec 29, 2016.
    1 change: 1 addition & 0 deletions Django token auth backend
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1 @@
    Naming file
    18 changes: 18 additions & 0 deletions backends.py
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,18 @@
    from apps.users.models import User, Token


    class TokenBackend(object):
    """Token authentication for API"""

    def authenticate(self, token=None):
    try:
    token = Token.objects.get(key=token)
    return token.user
    except Token.DoesNotExist:
    return None

    def get_user(self, user_id):
    try:
    return User.objects.get(pk=user_id)
    except User.DoesNotExist:
    return None
    17 changes: 17 additions & 0 deletions decorators.py
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,17 @@
    from django.http import JsonResponse


    def token_required(func):
    """login_requred analog for API"""

    def wrap(request, *args, **kwargs):
    error401 = JsonResponse({'error': 'Authentication error'}, status=401)
    if 'HTTP_AUTHORIZATION' in request.META:
    if request.user is None or not request.user.is_active:
    return error401
    else:
    return func(request, *args, **kwargs)
    else:
    return error401

    return wrap
    41 changes: 41 additions & 0 deletions middleware.py
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,41 @@
    from django.contrib.auth import authenticate


    def get_token(request):
    """Get token from HTTP header"""

    if 'HTTP_AUTHORIZATION' in request.META:
    full_auth = request.META['HTTP_AUTHORIZATION'].split(' ')
    if len(full_auth) < 2 or full_auth[0] != 'Token':
    return None

    auth = full_auth[1].split('=')
    if len(auth) < 2 or auth[0] != 'token':
    return None
    token = auth[1].strip('"')
    return token
    return None


    class AuthAPI(object):
    """
    Add user to request var for API calls
    Header format (RFC2617):
    Authorization: Token token="abcd1234"
    """

    def __init__(self, get_response):
    self.get_response = get_response

    def __call__(self, request):
    if request.get_full_path()[:4] != '/api':
    return self.get_response(request)

    token = get_token(request)
    if token:
    user = authenticate(token=token)
    if user and user.is_active:
    user.backend = 'core.backends.TokenBackend'
    request.user = user

    return self.get_response(request)
    1 change: 1 addition & 0 deletions settings.py
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1 @@
    MIDDLEWARE += ['core.middleware.AuthAPI']