From 363c60c382d0f0e345934d8aa2f79287d7e2afb7 Mon Sep 17 00:00:00 2001 From: Jakub K Date: Fri, 12 Jan 2024 17:12:20 +0100 Subject: [PATCH] oauth2 ustawienia + uprawnienia --- jobposting/auth.py | 23 +++++++++++++++++++++++ jobposting/views.py | 2 +- 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 jobposting/auth.py diff --git a/jobposting/auth.py b/jobposting/auth.py new file mode 100644 index 0000000..dba54ec --- /dev/null +++ b/jobposting/auth.py @@ -0,0 +1,23 @@ +from oauth2_provider.contrib.rest_framework import OAuth2Authentication +from oauth2_provider.models import Application +from oauth2_provider.oauth2_backends import get_oauthlib_core + + +class OAuth2ClientCredentialAuthentication(OAuth2Authentication): + + def authenticate(self, request): + authentication = super().authenticate(request) + + if authentication is not None and not self.is_client_credential_request(authentication): + return authentication + + if self.is_client_credential_request(authentication): + access_token = authentication[1] + user = access_token.application.user + return user, access_token + + return None + + def is_client_credential_request(self, authentication): + access_token = authentication[1] + return access_token.application.authorization_grant_type == Application.GRANT_CLIENT_CREDENTIALS \ No newline at end of file diff --git a/jobposting/views.py b/jobposting/views.py index 44de7de..e32b78e 100644 --- a/jobposting/views.py +++ b/jobposting/views.py @@ -5,7 +5,7 @@ from core.models import MyUser, AnonymousUserData from rest_framework import status from jobposting.permissions import ClientCredentialPermission from oauth2_provider.contrib.rest_framework import TokenHasReadWriteScope, OAuth2Authentication -from jobposting.auth import OAuth2ClientCredentialAuthentication +from .auth import OAuth2ClientCredentialAuthentication from jobposting.serializers import (