kopia lustrzana https://github.com/OpenDroneMap/WebODM
Added JWT token passing via querystring
rodzic
c403ea7023
commit
3c74bf8bba
|
@ -0,0 +1,6 @@
|
||||||
|
from rest_framework_jwt.authentication import BaseJSONWebTokenAuthentication
|
||||||
|
|
||||||
|
|
||||||
|
class JSONWebTokenAuthenticationQS(BaseJSONWebTokenAuthentication):
|
||||||
|
def get_jwt_value(self, request):
|
||||||
|
return request.query_params.get('jwt')
|
|
@ -413,8 +413,13 @@ class TestApi(BootTestCase):
|
||||||
token = res.data['token']
|
token = res.data['token']
|
||||||
self.assertTrue(len(token) > 0)
|
self.assertTrue(len(token) > 0)
|
||||||
|
|
||||||
# Can access resources by passing token
|
# Can access resources by passing token via querystring
|
||||||
|
res = client.get('/api/processingnodes/?jwt={}'.format(token))
|
||||||
|
self.assertEqual(res.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
|
# Can access resources by passing token via header
|
||||||
client = APIClient(HTTP_AUTHORIZATION="{0} {1}".format(api_settings.JWT_AUTH_HEADER_PREFIX, token))
|
client = APIClient(HTTP_AUTHORIZATION="{0} {1}".format(api_settings.JWT_AUTH_HEADER_PREFIX, token))
|
||||||
res = client.get('/api/processingnodes/')
|
res = client.get('/api/processingnodes/')
|
||||||
self.assertEqual(res.status_code, status.HTTP_200_OK)
|
self.assertEqual(res.status_code, status.HTTP_200_OK)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -18,6 +18,15 @@ curl -H "Authorization: JWT <your_token>" http://localhost:8000/api/projects/
|
||||||
{"count":13, ...}
|
{"count":13, ...}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
> Use authentication token via querystring (less secure):
|
||||||
|
|
||||||
|
```bash
|
||||||
|
curl http://localhost:8000/api/projects/?jwt=<your_token>
|
||||||
|
|
||||||
|
{"count":13, ...}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
`POST /api/token-auth/`
|
`POST /api/token-auth/`
|
||||||
|
|
||||||
Field | Type | Description
|
Field | Type | Description
|
||||||
|
@ -34,3 +43,5 @@ Header |
|
||||||
Authorization: JWT `your_token` |
|
Authorization: JWT `your_token` |
|
||||||
|
|
||||||
The token expires after a set amount of time. The expiration time is dependent on WebODM's settings. You will need to request another token when a token expires.
|
The token expires after a set amount of time. The expiration time is dependent on WebODM's settings. You will need to request another token when a token expires.
|
||||||
|
|
||||||
|
Since applications sometimes do not allow headers to be modified, you can also authenticate by appending the `jwt` querystring parameter to a protected URL. This is less secure, so pass the token via header if possible.
|
||||||
|
|
|
@ -184,6 +184,8 @@ If a [Task](#task) has been canceled or has failed processing, or has completed
|
||||||
|
|
||||||
After a task has been successfully processed, a TMS layer is made available for inclusion in programs such as [Leaflet](http://leafletjs.com/) or [Cesium](http://cesiumjs.org).
|
After a task has been successfully processed, a TMS layer is made available for inclusion in programs such as [Leaflet](http://leafletjs.com/) or [Cesium](http://cesiumjs.org).
|
||||||
|
|
||||||
|
<aside class="notice">If you use <a href="http://leafletjs.com/" target="_blank">Leaflet</a>, you'll need to pass the authentication token via querystring: /api/projects/{project_id}/tasks/{task_id}/tiles/{Z}/{X}/{Y}.png?jwt=your_token</aside>
|
||||||
|
|
||||||
### Pending Actions
|
### Pending Actions
|
||||||
|
|
||||||
In some circumstances, a [Task](#task) can have a pending action that requires some amount of time to be performed.
|
In some circumstances, a [Task](#task) can have a pending action that requires some amount of time to be performed.
|
||||||
|
|
|
@ -230,6 +230,7 @@ REST_FRAMEWORK = {
|
||||||
'rest_framework.authentication.SessionAuthentication',
|
'rest_framework.authentication.SessionAuthentication',
|
||||||
'rest_framework.authentication.BasicAuthentication',
|
'rest_framework.authentication.BasicAuthentication',
|
||||||
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
|
'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
|
||||||
|
'app.api.authentication.JSONWebTokenAuthenticationQS',
|
||||||
),
|
),
|
||||||
'PAGE_SIZE': 10,
|
'PAGE_SIZE': 10,
|
||||||
}
|
}
|
||||||
|
|
Ładowanie…
Reference in New Issue