870c4403e4
* dev: initiate external apis * dev: external api * dev: external public api implementation * dev: add prefix to all api tokens * dev: flag to enable disable api token api access * dev: webhook model create and apis * dev: webhook settings * fix: webhook logs * chore: removed drf spectacular * dev: remove retry_count and fix api logging for get requests * dev: refactor webhook logic * fix: celery retry mechanism * chore: event and action change * chore: migrations changes * dev: proxy setup for apis * chore: changed retry time and cleanup * chore: added issue comment and inbox issue api endpoints * fix: migration files * fix: added env variables * fix: removed issue attachment from proxy * fix: added new migration file * fix: restricted wehbook access * chore: changed urls * chore: fixed porject serializer * fix: set expire for api token * fix: retrive endpoint for api token * feat: Api Token screens & api integration * dev: webhook endpoint changes * dev: add fields for webhook updates * feat: Download Api secret key * chore: removed BASE API URL * feat: revoke token access * dev: migration fixes * feat: workspace webhooks (#2748) * feat: workspace webhook store, services integeration and rendered webhook list and create * chore: handled webhook update and rengenerate token in workspace webhooks * feat: regenerate key and delete functionality --------- Co-authored-by: Ramesh Kumar <rameshkumar@rameshs-MacBook-Pro.local> Co-authored-by: gurusainath <gurusainath007@gmail.com> Co-authored-by: Ramesh Kumar Chandra <rameshkumar2299@gmail.com> * fix: url validation added * fix: seperated env for webhook and api * Web hooks refactoring * add show option for generated hook key * Api token restructure * webhook minor fixes * fix build errors * chore: improvements in file structring * dev: rate limiting the open apis --------- Co-authored-by: pablohashescobar <nikhilschacko@gmail.com> Co-authored-by: LAKHAN BAHETI <lakhanbaheti9@gmail.com> Co-authored-by: rahulramesha <71900764+rahulramesha@users.noreply.github.com> Co-authored-by: Ramesh Kumar <rameshkumar@rameshs-MacBook-Pro.local> Co-authored-by: gurusainath <gurusainath007@gmail.com> Co-authored-by: Ramesh Kumar Chandra <rameshkumar2299@gmail.com> Co-authored-by: Nikhil <118773738+pablohashescobar@users.noreply.github.com> Co-authored-by: sriram veeraghanta <veeraghanta.sriram@gmail.com> Co-authored-by: rahulramesha <rahulramesham@gmail.com>
47 lines
1.3 KiB
Python
47 lines
1.3 KiB
Python
# Django imports
|
|
from django.utils import timezone
|
|
from django.db.models import Q
|
|
|
|
# Third party imports
|
|
from rest_framework import authentication
|
|
from rest_framework.exceptions import AuthenticationFailed
|
|
|
|
# Module imports
|
|
from plane.db.models import APIToken
|
|
|
|
|
|
class APIKeyAuthentication(authentication.BaseAuthentication):
|
|
"""
|
|
Authentication with an API Key
|
|
"""
|
|
|
|
www_authenticate_realm = "api"
|
|
media_type = "application/json"
|
|
auth_header_name = "X-Api-Key"
|
|
|
|
def get_api_token(self, request):
|
|
return request.headers.get(self.auth_header_name)
|
|
|
|
def validate_api_token(self, token):
|
|
try:
|
|
api_token = APIToken.objects.get(
|
|
Q(Q(expired_at__gt=timezone.now()) | Q(expired_at__isnull=True)),
|
|
token=token,
|
|
is_active=True,
|
|
)
|
|
except APIToken.DoesNotExist:
|
|
raise AuthenticationFailed("Given API token is not valid")
|
|
|
|
# save api token last used
|
|
api_token.last_used = timezone.now()
|
|
api_token.save(update_fields=["last_used"])
|
|
return (api_token.user, api_token.token)
|
|
|
|
def authenticate(self, request):
|
|
token = self.get_api_token(request=request)
|
|
if not token:
|
|
return None
|
|
|
|
# Validate the API token
|
|
user, token = self.validate_api_token(token)
|
|
return user, token
|