allow mobile device token to retrieve user info
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
ba4dd7f1d2
commit
fd22e1f08d
|
@ -31,6 +31,7 @@ from drf_spectacular.utils import (
|
|||
inline_serializer,
|
||||
)
|
||||
from guardian.shortcuts import get_anonymous_user, get_objects_for_user
|
||||
from rest_framework.authentication import SessionAuthentication
|
||||
from rest_framework.decorators import action
|
||||
from rest_framework.fields import CharField, IntegerField, ListField, SerializerMethodField
|
||||
from rest_framework.request import Request
|
||||
|
@ -48,6 +49,7 @@ from rest_framework.viewsets import ModelViewSet
|
|||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.admin.api.metrics import CoordinateSerializer
|
||||
from authentik.api.authentication import TokenAuthentication
|
||||
from authentik.api.decorators import permission_required
|
||||
from authentik.blueprints.v1.importer import SERIALIZER_CONTEXT_BLUEPRINT
|
||||
from authentik.core.api.used_by import UsedByMixin
|
||||
|
@ -72,6 +74,7 @@ from authentik.flows.models import FlowToken
|
|||
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner
|
||||
from authentik.flows.views.executor import QS_KEY_TOKEN
|
||||
from authentik.lib.config import CONFIG
|
||||
from authentik.stages.authenticator_mobile.api.auth import MobileDeviceTokenAuthentication
|
||||
from authentik.stages.email.models import EmailStage
|
||||
from authentik.stages.email.tasks import send_mails
|
||||
from authentik.stages.email.utils import TemplateEmailMessage
|
||||
|
@ -489,7 +492,18 @@ class UserViewSet(UsedByMixin, ModelViewSet):
|
|||
return Response(data={"non_field_errors": [str(exc)]}, status=400)
|
||||
|
||||
@extend_schema(responses={200: SessionUserSerializer(many=False)})
|
||||
@action(url_path="me", url_name="me", detail=False, pagination_class=None, filter_backends=[])
|
||||
@action(
|
||||
url_path="me",
|
||||
url_name="me",
|
||||
detail=False,
|
||||
pagination_class=None,
|
||||
filter_backends=[],
|
||||
authentication_classes=[
|
||||
TokenAuthentication,
|
||||
SessionAuthentication,
|
||||
MobileDeviceTokenAuthentication,
|
||||
],
|
||||
)
|
||||
def user_me(self, request: Request) -> Response:
|
||||
"""Get information about current user"""
|
||||
context = {"request": request}
|
||||
|
|
|
@ -18,7 +18,9 @@ class MobileDeviceTokenAuthentication(BaseAuthentication):
|
|||
"""Token-based authentication using HTTP Bearer authentication"""
|
||||
auth = get_authorization_header(request)
|
||||
raw_token = validate_auth(auth)
|
||||
device_token: MobileDeviceToken = MobileDeviceToken.filter_not_expired(token=raw_token).first()
|
||||
device_token: MobileDeviceToken = MobileDeviceToken.filter_not_expired(
|
||||
token=raw_token
|
||||
).first()
|
||||
if not device_token:
|
||||
return None
|
||||
CTX_AUTH_VIA.set("mobile_token")
|
||||
|
|
|
@ -127,7 +127,9 @@ class MobileTransaction(ExpiringModel):
|
|||
|
||||
def send_message(self, request: Optional[HttpRequest], **context):
|
||||
"""Send mobile message"""
|
||||
app = initialize_app(credentials.Certificate(self.device.stage.firebase_config), name=str(self.tx_id))
|
||||
app = initialize_app(
|
||||
credentials.Certificate(self.device.stage.firebase_config), name=str(self.tx_id)
|
||||
)
|
||||
branding = DEFAULT_TENANT.branding_title
|
||||
domain = ""
|
||||
if request:
|
||||
|
|
|
@ -5740,6 +5740,7 @@ paths:
|
|||
- core
|
||||
security:
|
||||
- authentik: []
|
||||
- mobile_device_token: []
|
||||
responses:
|
||||
'200':
|
||||
content:
|
||||
|
|
Reference in New Issue