api: require proper authentication to use API (#11375)
This commit is contained in:
parent
e785755eea
commit
2cc63f1481
|
@ -18,7 +18,7 @@ from django.db.models import F
|
|||
from django.utils.formats import date_format
|
||||
from django.utils.timezone import localtime, now
|
||||
|
||||
from rest_framework import serializers, status
|
||||
from rest_framework import permissions, serializers, status
|
||||
from rest_framework.generics import GenericAPIView
|
||||
from rest_framework.response import Response
|
||||
from rest_framework.views import APIView
|
||||
|
@ -47,6 +47,7 @@ class SlotSerializer(serializers.Serializer):
|
|||
|
||||
class Fillslot(GenericAPIView):
|
||||
serializer_class = SlotSerializer
|
||||
permission_classes = (permissions.IsAuthenticated,)
|
||||
|
||||
def post(self, request, agenda_pk=None, event_pk=None, format=None):
|
||||
event = Event.objects.filter(id=event_pk)[0]
|
||||
|
@ -61,6 +62,8 @@ fillslot = Fillslot.as_view()
|
|||
|
||||
|
||||
class BookingAPI(APIView):
|
||||
permission_classes = (permissions.IsAuthenticated,)
|
||||
|
||||
def initial(self, request, *args, **kwargs):
|
||||
super(BookingAPI, self).initial(request, *args, **kwargs)
|
||||
self.booking = Booking.objects.get(id=kwargs.get('booking_pk'),
|
||||
|
|
|
@ -53,3 +53,8 @@ TIME_ZONE = 'Europe/Paris'
|
|||
# HTTPS Security
|
||||
# CSRF_COOKIE_SECURE = True
|
||||
# SESSION_COOKIE_SECURE = True
|
||||
|
||||
REST_FRAMEWORK = {
|
||||
'DEFAULT_AUTHENTICATION_CLASSES': ('hobo.rest_authentication.PublikAuthentication',)
|
||||
}
|
||||
HOBO_ANONYMOUS_SERVICE_USER_CLASS = 'hobo.rest_authentication.AnonymousAdminServiceUser'
|
||||
|
|
Loading…
Reference in New Issue