Add wiki login api

Partially implements #101
parent 8cab6ed5
# -*- coding: utf-8 -*-
# Generated by Django 1.10 on 2016-10-19 19:26
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('activemembers', '0011_auto_20161005_2141'),
]
operations = [
migrations.AddField(
model_name='committee',
name='wiki_namespace',
field=models.CharField(blank=True, max_length=50, null=True, verbose_name='Wiki namespace'),
),
]
......@@ -80,6 +80,12 @@ class Committee(models.Model, metaclass=ModelTranslateMeta):
contact_email = models.EmailField(_('contact email address'))
wiki_namespace = models.CharField(
_('Wiki namespace'),
null=True,
blank=True,
max_length=50)
def __str__(self):
return self.name
......
......@@ -56,3 +56,5 @@ PASSWORD_HASHERS = [
'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
'django.contrib.auth.hashers.BCryptPasswordHasher',
]
WIKI_API_KEY = os.environ.get('WIKI_API_KEY', 'changeme')
......@@ -201,3 +201,6 @@ NEWSLETTER_FROM_ADDRESS = 'nieuwsbrief@thalia.nu'
# Photos settings
PHOTO_UPLOAD_SIZE = 1920, 1080
# API key for wiki
WIKI_API_KEY = 'debug'
......@@ -13,6 +13,9 @@ Including another URLconf
1. Import the include() function: from django.conf.urls import url, include
2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls'))
"""
# pragma: noqa
import os.path
from django.conf import settings
......@@ -34,6 +37,8 @@ from documents.sitemaps import sitemap as documents_sitemap
from thabloid.sitemaps import sitemap as thabloid_sitemap
from partners.sitemaps import sitemap as partners_sitemap
from . import views
thalia_sitemap = {
'main-static': StaticViewSitemap,
}
......@@ -77,6 +82,7 @@ urlpatterns = [
url(r'^', include('events.api.urls')),
url(r'^', include('members.api.urls')),
url(r'^', include('partners.api.urls')),
url(r'wikilogin', views.wiki_login),
])),
url(r'^education/', include('education.urls', namespace='education')),
# Default login helpers
......
from django.contrib.auth import authenticate, login
from django.views.decorators.http import require_POST
from django.http import (HttpResponseBadRequest, HttpResponseForbidden,
JsonResponse)
from django.utils import timezone
from django.conf import settings
from django.views.decorators.csrf import csrf_exempt
from members.models import Member
@require_POST
@csrf_exempt
def wiki_login(request):
apikey = request.POST.get('apikey')
user = request.POST.get('user')
password = request.POST.get('password')
if apikey != settings.WIKI_API_KEY:
return HttpResponseForbidden('{"status":"error","msg":"invalid key"}')
if user is None or password is None:
return HttpResponseBadRequest(
'{"status":"error","msg":"Missing username or password"}',
content_type='application/json')
user = authenticate(username=user, password=password)
if user is not None:
login(request, user)
try:
memberships = [cmm.committee.wiki_namespace for cmm in
user.member.committeemembership_set.exclude(
until__lt=timezone.now().date())
.select_related('committee')
if cmm.committee.wiki_namespace is not None]
except Member.DoesNotExist:
memberships = []
return JsonResponse({'status': 'ok',
'admin': user.is_superuser,
'msg': 'Logged in',
'committees': memberships})
return JsonResponse({'status': 'error',
'msg': 'Authentication Failed'},
status_code=403)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment