mirror
/
OpenDroneMap-WebODM
kopia lustrzana https://github.com/OpenDroneMap/WebODM
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

Added JWT token passing via querystring

pull/142/head
Piero Toffanin 2017-04-10 17:19:04 -04:00
rodzic c403ea7023
commit 3c74bf8bba
5 zmienionych plików z 26 dodań i 1 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

6
app/api/authentication.py 100644
Wyświetl plik

@ -0,0 +1,6 @@
from rest_framework_jwt.authentication import BaseJSONWebTokenAuthentication
class JSONWebTokenAuthenticationQS(BaseJSONWebTokenAuthentication):
def get_jwt_value(self, request):
return request.query_params.get('jwt')

7
app/tests/test_api.py
Wyświetl plik

@ -413,8 +413,13 @@ class TestApi(BootTestCase):
token = res.data['token']
self.assertTrue(len(token) > 0)
# Can access resources by passing token
# Can access resources by passing token via querystring
res = client.get('/api/processingnodes/?jwt={}'.format(token))
self.assertEqual(res.status_code, status.HTTP_200_OK)
# Can access resources by passing token via header
client = APIClient(HTTP_AUTHORIZATION="{0} {1}".format(api_settings.JWT_AUTH_HEADER_PREFIX, token))
res = client.get('/api/processingnodes/')
self.assertEqual(res.status_code, status.HTTP_200_OK)

11
slate/source/includes/reference/_authentication.md
Wyświetl plik

@ -18,6 +18,15 @@ curl -H "Authorization: JWT <your_token>" http://localhost:8000/api/projects/
{"count":13, ...}
```
> Use authentication token via querystring (less secure):
```bash
curl http://localhost:8000/api/projects/?jwt=<your_token>
{"count":13, ...}
```
`POST /api/token-auth/`
Field | Type | Description
@ -34,3 +43,5 @@ Header |
Authorization: JWT `your_token` |
The token expires after a set amount of time. The expiration time is dependent on WebODM's settings. You will need to request another token when a token expires.
Since applications sometimes do not allow headers to be modified, you can also authenticate by appending the `jwt` querystring parameter to a protected URL. This is less secure, so pass the token via header if possible.

2
slate/source/includes/reference/_task.md
Wyświetl plik

@ -184,6 +184,8 @@ If a [Task](#task) has been canceled or has failed processing, or has completed
After a task has been successfully processed, a TMS layer is made available for inclusion in programs such as [Leaflet](http://leafletjs.com/) or [Cesium](http://cesiumjs.org).
<aside class="notice">If you use <a href="http://leafletjs.com/" target="_blank">Leaflet</a>, you'll need to pass the authentication token via querystring: /api/projects/{project_id}/tasks/{task_id}/tiles/{Z}/{X}/{Y}.png?jwt=your_token</aside>
### Pending Actions
In some circumstances, a [Task](#task) can have a pending action that requires some amount of time to be performed.

1
webodm/settings.py
Wyświetl plik

@ -230,6 +230,7 @@ REST_FRAMEWORK = {
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
'app.api.authentication.JSONWebTokenAuthenticationQS',
),
'PAGE_SIZE': 10,
}