Add profile and membership information to OAuth views

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
Add simple view to give OAuth information
2025-02-23 00:21:19 +00:00 · 2021-03-09 10:57:35 +01:00 · 2021-03-09 10:41:43 +01:00 · 2021-03-09 09:44:25 +01:00 · 2021-03-09 09:41:27 +01:00 · 2021-03-09 09:39:57 +01:00
6 changed files with 68 additions and 6 deletions
--- a/apps/api/serializers.py
+++ b/apps/api/serializers.py
@ -4,10 +4,14 @@

 from django.contrib.contenttypes.models import ContentType
 from django.contrib.auth.models import User
-from rest_framework.serializers import ModelSerializer
+from django.utils import timezone
+from rest_framework import serializers
+
+from member.api.serializers import ProfileSerializer, MembershipSerializer
+from note.models import Alias


-class UserSerializer(ModelSerializer):
+class UserSerializer(serializers.ModelSerializer):
    """
    REST API Serializer for Users.
    The djangorestframework plugin will analyse the model `User` and parse all fields in the API.
@ -22,7 +26,7 @@ class UserSerializer(ModelSerializer):
        )


-class ContentTypeSerializer(ModelSerializer):
+class ContentTypeSerializer(serializers.ModelSerializer):
    """
    REST API Serializer for Users.
    The djangorestframework plugin will analyse the model `User` and parse all fields in the API.
@ -31,3 +35,39 @@ class ContentTypeSerializer(ModelSerializer):
    class Meta:
        model = ContentType
        fields = '__all__'
+
+
+class OAuthSerializer(serializers.ModelSerializer):
+    """
+    Informations that are transmitted by OAuth.
+    For now, this includes user, profile and valid memberships.
+    This should be better managed later.
+    """
+    normalized_name = serializers.SerializerMethodField()
+
+    profile = ProfileSerializer()
+
+    memberships = serializers.SerializerMethodField()
+
+    def get_normalized_name(self, obj):
+        return Alias.normalize(obj.username)
+
+    def get_memberships(self, obj):
+        return serializers.ListSerializer(child=MembershipSerializer()).to_representation(
+            obj.memberships.filter(date_start__lte=timezone.now(), date_end__gte=timezone.now()))
+
+    class Meta:
+        model = User
+        fields = (
+            'id',
+            'username',
+            'normalized_name',
+            'first_name',
+            'last_name',
+            'email',
+            'is_superuser',
+            'is_active',
+            'is_staff',
+            'profile',
+            'memberships',
+        )
--- a/apps/api/urls.py
+++ b/apps/api/urls.py
@ -5,6 +5,7 @@ from django.conf import settings
 from django.conf.urls import url, include
 from rest_framework import routers

+from .views import UserInformationView
 from .viewsets import ContentTypeViewSet, UserViewSet

 # Routers provide an easy way of automatically determining the URL conf.
@ -47,5 +48,6 @@ app_name = 'api'
 # Additionally, we include login URLs for the browsable API.
 urlpatterns = [
    url('^', include(router.urls)),
+    url('me', UserInformationView.as_view()),
    url('^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
 ]
--- a/apps/api/views.py
+++ b/apps/api/views.py
@ -0,0 +1,20 @@
+# Copyright (C) 2018-2021 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from django.contrib.auth.models import User
+from rest_framework.generics import RetrieveAPIView
+
+from .serializers import OAuthSerializer
+
+
+class UserInformationView(RetrieveAPIView):
+    """
+    These fields are give to OAuth authenticators.
+    """
+    serializer_class = OAuthSerializer
+
+    def get_queryset(self):
+        return User.objects.filter(pk=self.request.user.pk)
+
+    def get_object(self):
+        return self.request.user
--- a/apps/permission/backends.py
+++ b/apps/permission/backends.py
@ -134,8 +134,6 @@ class PermissionBackend(ModelBackend):
            return False

        sess = get_current_session()
-        if sess is not None and sess.session_key is None:
-            return False

        if user_obj.is_superuser and sess.get("permission_mask", -1) >= 42:
            return True
--- a/note_kfet/settings/init.py
+++ b/note_kfet/settings/init.py
@ -12,7 +12,7 @@ def read_env():
    directory.
    """
    try:
-        with open('.env') as f:
+        with open(os.path.join(BASE_DIR, '.env')) as f:
            content = f.read()
    except IOError:
        content = ''
@ -30,6 +30,7 @@ def read_env():


 # Try to load environment variables from project .env
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
 read_env()

 # Load base settings
--- a/note_kfet/settings/base.py
+++ b/note_kfet/settings/base.py
@ -239,6 +239,7 @@ REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication',
+        'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
    ],
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    'PAGE_SIZE': 20,
Author	SHA1	Message	Date
Yohann D'ANELLO	72806f0ace	Add profile and membership information to OAuth views Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>	2021-03-09 10:57:35 +01:00
Yohann D'ANELLO	b244e01231	Add simple view to give OAuth information Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>	2021-03-09 10:41:43 +01:00
Yohann D'ANELLO	76d1784aea	Add OAuth2 authentication for Django Rest Framework Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>	2021-03-09 09:44:25 +01:00
Yohann D'ANELLO	56c5fa4057	We don't need a session to have permissions Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>	2021-03-09 09:41:27 +01:00
Yohann D'ANELLO	b5ef937a03	Environment file path is absolute Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>	2021-03-09 09:39:57 +01:00