tanner/pslockout
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add card numbers and updating to auth server

Browse Source
This commit is contained in:
Tanner Collin 2018-11-10 19:33:41 -07:00
parent 6ec97db073
commit 790725c29e
6 changed files with 81 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
authserver/README.md
View File

@ -54,6 +54,13 @@ In subsequent requests, the token key should be included in the `Authorization`
Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b
``` ```
Example authenticated request:
```
curl -H "Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b" http://tools-auth.protospace.ca/user/
```
### For anonymous users ### For anonymous users
#### GET `/tooldata/` #### GET `/tooldata/`
@ -128,10 +135,11 @@ Example response:
``` ```
[ [
{ {
"username": "admin", "username": "tanner.collin",
"profile": { "profile": {
"url": "http://tools-auth.protospace.ca/profile/1/", "url": "http://tools-auth.protospace.ca/profile/2/",
"user": "admin", "user": "tanner.collin",
"card": "00000A4123",
"authorized_tools": [ "authorized_tools": [
"table-saw", "table-saw",
"jointer" "jointer"
@ -173,3 +181,33 @@ Get a list of all profiles.
Get a specific profile, or modify an existing one. Get a specific profile, or modify an existing one.
Here you can authorize users on tools or make them another lockout admin. Here you can authorize users on tools or make them another lockout admin.
#### PUT `/update-cards/`
Send a dictionary of username=card_number pairs to update any profiles already in the system. Users not already registered will be ignored.
Responds with the number of profiles updated.
Operation is idempotent.
Example PUT data:
```
{
"tanner.collin": "00000A4123",
"matthew.mulrooney": "00000B8567",
"not-a-member": "539830843A"
}
```
Example response:
```
{"updated":2}
```
Example request:
```
curl -X PUT -H "Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b" -d tanner.collin=00000A4123 -d matthew.mulrooney=00000B8567 http://tools-auth.protospace.ca/update-cards/
```

1
authserver/authserver/api/admin.py
View File

@ -5,3 +5,4 @@ from . import models
admin.site.register(models.Category) admin.site.register(models.Category)
admin.site.register(models.Tool) admin.site.register(models.Tool)
admin.site.register(models.Profile) admin.site.register(models.Profile)
admin.site.register(models.Card)

7
authserver/authserver/api/models.py
View File

@ -29,3 +29,10 @@ class Profile(models.Model):
def __str__(self): def __str__(self):
return self.user.username return self.user.username
class Card(models.Model):
profile = models.OneToOneField(Profile, on_delete=models.CASCADE, editable=False)
number = models.CharField(max_length=10)
def __str__(self):
return self.number

5
authserver/authserver/api/serializers.py
View File

@ -32,6 +32,11 @@ class ToolDataSerializer(serializers.HyperlinkedModelSerializer):
class ProfileSerializer(serializers.HyperlinkedModelSerializer): class ProfileSerializer(serializers.HyperlinkedModelSerializer):
user = serializers.StringRelatedField() user = serializers.StringRelatedField()
card = serializers.SlugRelatedField(
allow_null=True,
slug_field='number',
queryset=models.Card.objects.all()
)
authorized_tools = serializers.SlugRelatedField( authorized_tools = serializers.SlugRelatedField(
many=True, many=True,
slug_field='slug', slug_field='slug',

26
authserver/authserver/api/views.py
View File

@ -1,10 +1,11 @@
import requests import requests
import json
from django.contrib.auth.models import User from django.contrib.auth.models import User
from rest_framework import mixins, permissions, status, viewsets from rest_framework import mixins, permissions, status, viewsets
from rest_framework.authtoken.models import Token from rest_framework.authtoken.models import Token
from rest_framework.decorators import api_view from rest_framework.decorators import api_view, permission_classes
from rest_framework.response import Response from rest_framework.response import Response
from . import models, serializers from . import models, serializers
@ -74,3 +75,26 @@ def login(request):
token, _ = Token.objects.get_or_create(user=user) token, _ = Token.objects.get_or_create(user=user)
return Response({'token': token.key}, status=status.HTTP_200_OK) return Response({'token': token.key}, status=status.HTTP_200_OK)
@api_view(["PUT"])
@permission_classes((IsLockoutAdmin,))
def update_cards(request):
data = request.data
updated_count = 0
if not data:
return Response({'error': 'Please provide card data in the form username=cardnumber'},
status=status.HTTP_400_BAD_REQUEST)
for username, card_number in data.items():
try:
profile = models.Profile.objects.get(user__username=username)
card, _ = models.Card.objects.update_or_create(
profile=profile,
defaults={'number': card_number}
)
if card: updated_count += 1
except:
continue
return Response({'updated': updated_count}, status=status.HTTP_200_OK)

3
authserver/authserver/urls.py
View File

@ -33,7 +33,8 @@ urlpatterns = [
url(r'^', include(router.urls)), url(r'^', include(router.urls)),
url(r'^admin/', admin.site.urls), url(r'^admin/', admin.site.urls),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')), url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
url(r'^login/', views.login) url(r'^login/', views.login),
url(r'^update-cards/', views.update_cards)
] ]
if settings.DEBUG is True: if settings.DEBUG is True: