Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from rest_framework.views import APIView
- from rest_framework.permissions import AllowAny
- from rest_framework import status
- from django.core.exceptions import SuspiciousOperation
- from django.contrib.auth import authenticate
- class LoginView(APIView):
- permission_classes = (AllowAny, )
- def post(self, request):
- username = self.validate_field_value(request.META.get('HTTP_USERNAME'))
- password = self.validate_field_value(request.META.get('HTTP_PASSWORD'))
- user = authenticate(username=username, password=password)
- try:
- if user.is_active:
- try:
- token = user.auth_token.key
- except AttributeError:
- # crear token
- print('usuario no posee token')
- token = None
- data = {
- 'token': token
- }
- return Response(data=data, status=status.HTTP_200_OK)
- except AttributeError:
- '''
- Tota la lógica pasa al middleware
- '''
- return Response(status.HTTP_403_FORBIDDEN)
- def validate_field_value(self, value):
- if not value:
- data = {
- 'message': 'Faltan attributos en la petición'
- }
- raise SuspiciousOperation(data)
- return value
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
