Merge pull request #342 from brunoamaral/authentication

add missing files
brunoamaral · Jul 7, 2023 · 7a3e841 · 7a3e841
2 parents fa84fcd + 2d354da
commit 7a3e841
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 9 deletions.
diff --git a/django/admin/urls.py b/django/admin/urls.py
@@ -22,7 +22,7 @@
 from rss.views import *
 from subscriptions.views import subscribe_view
 from django.urls import path
-from api.views import LoginView
+from api.views import LoginView,ProtectedEndpointView
 from rest_framework.authtoken import views
 
 
@@ -69,6 +69,7 @@
 	re_path('^trials/source/(?P<source>.+)/$', TrialsBySourceList.as_view()),
 	path('api/token/', LoginView.as_view(), name='token_obtain_pair'),
 	path('api/token/get/', views.obtain_auth_token),
+	path('protected_endpoint/', ProtectedEndpointView.as_view(), name='protected_endpoint'),
 	path('', include(router.urls)),
 
 ] + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
diff --git a/django/api/views.py b/django/api/views.py
@@ -1,15 +1,18 @@
 from api.serializers import ArticleSerializer, TrialSerializer, SourceSerializer, CountArticlesSerializer, AuthorSerializer, CategorySerializer
+from datetime import datetime, timedelta
+from django.db.models import Count
+from django.db.models import Q
 from django.db.models.functions import Length, TruncMonth
+from django.shortcuts import get_object_or_404
+from gregory.classes import SciencePaper
 from gregory.models import Articles, Trials, Sources, Authors, Categories
+from rest_framework import permissions
 from rest_framework import viewsets, permissions, generics, filters
-from django.db.models import Q
+from rest_framework_simplejwt.views import TokenObtainPairView
 from rest_framework.decorators import api_view
-from datetime import datetime, timedelta
-from django.shortcuts import get_object_or_404
 from rest_framework.response import Response
-from django.db.models import Count
+from rest_framework.views import APIView
 import json
-from gregory.classes import SciencePaper
 
 # Stuff needed for the API with authorization
 import traceback
@@ -537,8 +540,12 @@ class AuthorsViewSet(viewsets.ModelViewSet):
 # The class below generates a new token at every successful call.
 # But that token is not saved in the database and associated with the user.
 # is that a problem?
-from rest_framework_simplejwt.views import TokenObtainPairView
-from rest_framework import permissions
 
 class LoginView(TokenObtainPairView):
-	permission_classes = (permissions.AllowAny,)
+	permission_classes = (permissions.AllowAny,)
+
+class ProtectedEndpointView(APIView):
+	permission_classes = [permissions.IsAuthenticated]
+
+	def get(self, request):
+		return Response({"message": "You have accessed the protected endpoint!"})