Skip to content
This repository has been archived by the owner on Sep 14, 2023. It is now read-only.

Commit

Permalink
chg: [API] Improved proxy API.
Browse files Browse the repository at this point in the history
  • Loading branch information
@cedricbonhomme
cedricbonhomme committed Aug 29, 2023
1 parent 1b29179 commit 1de9dd4
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 1 deletion.
2 changes: 1 addition & 1 deletion proxy/api/serializers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ class Meta:
class ModuleSerializer(serializers.ModelSerializer):
class Meta:
model = Module
fields = ["name", "path", "upstream", "authentication_required"]
fields = ["id", "name", "path", "upstream", "authentication_required"]


class ModuleInputSerializer(serializers.ModelSerializer):
Expand Down
2 changes: 2 additions & 0 deletions proxy/api/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
from .views import (
ExternalTokenApiElemView,
ExternalTokenApiView,
ModuleApiElemView,
ModuleApiView,
UserApiView,
)
Expand All @@ -24,4 +25,5 @@
path("externaltoken/", ExternalTokenApiView.as_view()),
path("externaltoken/<int:id>", ExternalTokenApiElemView.as_view()),
path("module/", ModuleApiView.as_view()),
path("module/<int:id>", ModuleApiElemView.as_view()),
]
15 changes: 15 additions & 0 deletions proxy/api/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,3 +158,18 @@ def post(self, request, *args, **kwargs):
)
serializer = ModuleSerializer(new_module)
return Response(serializer.data, status=status.HTTP_200_OK)


class ModuleApiElemView(GenericAPIView):
# add permission to check if user is authenticated
authentication_classes = [SessionAuthentication, BasicAuthentication]
permission_classes = [IsAuthenticated, IsAdminUser]
serializer_class = ModuleSerializer

def delete(self, request, id=None):
"""
Delete a module.
"""
module = Module.objects.filter(id=id)
module.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
4 changes: 4 additions & 0 deletions proxy/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ def get_proxy_request_headers(self, request):
external_token = ExternalToken.objects.get(
user=request.user, module__path=module_path
)
print(external_token.token)
except ExternalToken.DoesNotExist:
# return the headers without the authentication token
# users should be blocked by the proxified module
Expand All @@ -25,4 +26,7 @@ def get_proxy_request_headers(self, request):
return headers

headers["Proxy-Token"] = external_token.token
headers["X-Forwarded-Prefix"] = module_path
headers["X-Script-Name"] = module_path
print(headers)
return headers

0 comments on commit 1de9dd4

Please sign in to comment.