diff --git a/sapl/api/migrations/0001_initial.py b/sapl/api/migrations/0001_initial.py index df1495a66..9ab35362d 100644 --- a/sapl/api/migrations/0001_initial.py +++ b/sapl/api/migrations/0001_initial.py @@ -4,12 +4,12 @@ from __future__ import unicode_literals from django.db import migrations from django.conf import settings -from django.contrib.auth.models import User +from django.contrib.auth import get_user_model from rest_framework.authtoken.models import Token -def adiciona_token_nos_usuarios(apps, schema_editor): - for user in User.objects.all(): +def adiciona_token_de_usuarios(apps, schema_editor): + for user in get_user_model().objects.all(): Token.objects.get_or_create(user=user) @@ -22,5 +22,5 @@ class Migration(migrations.Migration): ] operations = [ - migrations.RunPython(adiciona_token_nos_usuarios) + migrations.RunPython(adiciona_token_de_usuarios) ] diff --git a/sapl/api/urls.py b/sapl/api/urls.py index cf07cb4ed..a473f2980 100644 --- a/sapl/api/urls.py +++ b/sapl/api/urls.py @@ -6,7 +6,7 @@ from rest_framework.routers import DefaultRouter from sapl.api.deprecated import MateriaLegislativaViewSet, SessaoPlenariaViewSet,\ AutoresProvaveisListView, AutoresPossiveisListView, AutorListView,\ ModelChoiceView -from sapl.api.views import SaplApiViewSetConstrutor, AppVersionView, renova_token +from sapl.api.views import SaplApiViewSetConstrutor, AppVersionView, recria_token from .apps import AppConfig @@ -71,7 +71,7 @@ urlpatterns = [ url(r'^api/', include(urlpatterns_api_doc)), url(r'^api/', include(urlpatterns_router)), url(r'^api/version', AppVersionView.as_view()), - url(r'^api/renovar-token/$', renova_token, name="renova_token"), + url(r'^api/recriar-token/$', recria_token, name="recria_token"), # implementar caminho para autenticação # https://www.django-rest-framework.org/tutorial/4-authentication-and-permissions/ diff --git a/sapl/api/views.py b/sapl/api/views.py index 6b48f40f2..0c7a74b08 100644 --- a/sapl/api/views.py +++ b/sapl/api/views.py @@ -8,7 +8,6 @@ from django.db.models import Q from django.db.models.fields.files import FileField from django.db.models.signals import post_save from django.dispatch import receiver -from django.http import HttpResponse, JsonResponse from django.utils.decorators import classonlymethod from django.utils.text import capfirst from django.utils.translation import ugettext_lazy as _ @@ -21,11 +20,11 @@ from django.utils import timezone from django.core.exceptions import ObjectDoesNotExist from rest_framework import serializers as rest_serializers from rest_framework.authtoken.models import Token -from rest_framework.decorators import action +from rest_framework.decorators import action, api_view, permission_classes from rest_framework.fields import SerializerMethodField from rest_framework.response import Response from rest_framework.viewsets import ModelViewSet -from rest_framework.permissions import IsAuthenticated +from rest_framework.permissions import IsAuthenticated, IsAdminUser from rest_framework.views import APIView @@ -50,14 +49,13 @@ def create_auth_token(sender, instance=None, created=False, **kwargs): Token.objects.create(user=instance) -def renova_token(request): - if request.user.is_authenticated: - Token.objects.filter(user_id=request.user.id).delete() - token = str(Token.objects.create(user_id=request.user.id)) +@api_view(['GET']) +@permission_classes([IsAdminUser]) +def recria_token(request): + Token.objects.filter(user=request.user).delete() + token = Token.objects.create(user=request.user) - return JsonResponse({"message": "Token atualizado com sucesso!", "token": token}) - else: - return HttpResponse('Usuário não autenticado!', status=401) + return Response({"message": "Token recriado com sucesso!", "token": token.key}) class BusinessRulesNotImplementedMixin: diff --git a/sapl/templates/crud/edit_usuario_form.html b/sapl/templates/crud/edit_usuario_form.html index 25a321e60..8ea5cff17 100644 --- a/sapl/templates/crud/edit_usuario_form.html +++ b/sapl/templates/crud/edit_usuario_form.html @@ -6,7 +6,7 @@