Merge pull request #2 from anish5256/master

Add AuthToken Support and Device ID/Type to DRFPasswordless

Author: anish5256

drfpasswordless/authtoken/management/commands/drf_create_token.py

@@ -1,7 +1,7 @@
 from django.contrib.auth import get_user_model
 from django.core.management.base import BaseCommand, CommandError
 
-from rest_framework.authtoken.models import Token
+from drfpasswordless.authtoken.models import Token
 
 UserModel = get_user_model()
 

drfpasswordless/authtoken/migrations/0004_auto_20240927_1224.py

@@ -1,4 +1,4 @@
-# Generated by Django 3.2.18 on 2024-09-27 06:54
+# Generated by Django 3.2.18 on 2024-10-04 06:21
 
 from django.conf import settings
 from django.db import migrations, models
@@ -28,4 +28,8 @@ class Migration(migrations.Migration):
             name='user',
             field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='auth_token', to=settings.AUTH_USER_MODEL, verbose_name='User'),
         ),
+        migrations.AlterUniqueTogether(
+            name='token',
+            unique_together={('key', 'device_id')},
+        ),
     ]

drfpasswordless/authtoken/models.py

@@ -42,6 +42,7 @@ class Meta:
         abstract = 'drfpasswordless.authtoken' not in settings.INSTALLED_APPS
         verbose_name = _("Token")
         verbose_name_plural = _("Tokens")
+        unique_together = (('key', 'device_id'),)
 
     def save(self, *args, **kwargs):
         if not self.key:

drfpasswordless/authtoken/views.py

@@ -1,5 +1,5 @@
 from rest_framework import parsers, renderers
-from rest_framework.authtoken.models import Token
+from drfpasswordless.authtoken.models import Token
 from rest_framework.authtoken.serializers import AuthTokenSerializer
 from rest_framework.compat import coreapi, coreschema
 from rest_framework.response import Response

drfpasswordless/serializers.py

@@ -8,7 +8,7 @@
 from drfpasswordless.models import CallbackToken
 from drfpasswordless.settings import api_settings
 from drfpasswordless.utils import verify_user_alias, validate_token_age
-
+from drfpasswordless.authtoken.models import Token
 logger = logging.getLogger(__name__)
 User = get_user_model()
 
@@ -200,6 +200,8 @@ def validate_alias(self, attrs):
 
 
 class CallbackTokenAuthSerializer(AbstractBaseCallbackTokenSerializer):
+    device_id = serializers.CharField(required=False, max_length=64)
+    device_type = serializers.ChoiceField(choices=Token.DEVICE_TYPES, required=False)
 
     def validate(self, attrs):
         # Check Aliases

drfpasswordless/utils.py

@@ -5,7 +5,7 @@
 from django.core.mail import send_mail
 from django.template import loader
 from django.utils import timezone
-from rest_framework.authtoken.models import Token
+from drfpasswordless.authtoken.models import Token
 from drfpasswordless.models import CallbackToken
 from drfpasswordless.settings import api_settings
 
@@ -208,6 +208,7 @@ def send_sms_with_callback_token(user, mobile_token, **kwargs):
         return False
 
 
-def create_authentication_token(user):
-    """ Default way to create an authentication token"""
-    return Token.objects.get_or_create(user=user)
+def create_authentication_token(user, device_id="", device_type=""):
+    return Token.objects.get_or_create(
+        user=user, device_id=device_id, device_type=device_type
+    )

drfpasswordless/views.py

@@ -134,14 +134,19 @@ class AbstractBaseObtainAuthToken(APIView):
     This is a duplicate of rest_framework's own ObtainAuthToken method.
     Instead, this returns an Auth Token based on our 6 digit callback token and source.
     """
+
     serializer_class = None
 
     def post(self, request, *args, **kwargs):
         serializer = self.serializer_class(data=request.data)
         if serializer.is_valid(raise_exception=True):
-            user = serializer.validated_data['user']
+            user = serializer.validated_data["user"]
             token_creator = import_string(api_settings.PASSWORDLESS_AUTH_TOKEN_CREATOR)
-            (token, _) = token_creator(user)
+            (token, _) = token_creator(
+                user=user,
+                device_id=serializer.validated_data.get("device_id", ""),
+                device_type=serializer.validated_data.get("device_type", ""),
+            )
 
             if token:
                 TokenSerializer = import_string(api_settings.PASSWORDLESS_AUTH_TOKEN_SERIALIZER)
@@ -150,8 +155,15 @@ def post(self, request, *args, **kwargs):
                     # Return our key for consumption.
                     return Response(token_serializer.data, status=status.HTTP_200_OK)
         else:
-            logger.error("Couldn't log in unknown user. Errors on serializer: {}".format(serializer.error_messages))
-        return Response({'detail': 'Couldn\'t log you in. Try again later.'}, status=status.HTTP_400_BAD_REQUEST)
+            logger.error(
+                "Couldn't log in unknown user. Errors on serializer: {}".format(
+                    serializer.error_messages
+                )
+            )
+        return Response(
+            {"detail": "Couldn't log you in. Try again later."},
+            status=status.HTTP_400_BAD_REQUEST,
+        )
 
 
 class ObtainAuthTokenFromCallbackToken(AbstractBaseObtainAuthToken):

tests/test_settings.py

@@ -1,5 +1,5 @@
 from rest_framework import status
-from rest_framework.authtoken.models import Token
+from drfpasswordless.authtoken.models import Token
 from rest_framework.test import APITestCase
 
 from django.contrib.auth import get_user_model

tests/test_verification.py

@@ -1,5 +1,5 @@
 from rest_framework import status
-from rest_framework.authtoken.models import Token
+from drfpasswordless.authtoken.models import Token
 from django.utils.translation import gettext_lazy as _
 from rest_framework.test import APITestCase
 from django.contrib.auth import get_user_model