Menu
How does the Tastypie APIKey authentication work? I know there is a signal as mentioned in the documentation:
from django.contrib.auth.models import User
from django.db import models
from tastypie.models import create_api_key
models.signals.post_save.connect(create_api_key, sender=User)
However, when is this called? If I want to give a user their APIkey I know I can find it in the APIKey db that this create_api_key function adds the key into, but where and when do I call this models.signals.post_save function?
Is this just another django model? I think it is?
Is this called everytime a user account is saved?
328
You can put this in models.py file of the relevant app (such as main/). What post_save.connect(create_api_key, sender=User) does is that everytime an User instance is saved, create_api_key() will be called.
Now let's look into what create_api_key() does by diving a bit into the source of tastypie:
class ApiKey(models.Model):
user = models.OneToOneField(User, related_name='api_key')
key = models.CharField(max_length=256, blank=True, default='')
created = models.DateTimeField(default=datetime.datetime.now)
def __unicode__(self):
return u"%s for %s" % (self.key, self.user)
def save(self, *args, **kwargs):
if not self.key:
self.key = self.generate_key()
return super(ApiKey, self).save(*args, **kwargs)
def generate_key(self):
# Get a random UUID.
new_uuid = uuid.uuid4()
# Hmac that beast.
return hmac.new(str(new_uuid), digestmod=sha1).hexdigest()
def create_api_key(sender, **kwargs):
"""
A signal for hooking up automatic ``ApiKey`` creation.
"""
if kwargs.get('created') is True:
ApiKey.objects.create(user=kwargs.get('instance'))
As you can see, create_api_key() will create a new ApiKey record, which will be related to the calling User. This record will also have a HMAC key when it was saved to the ApiKey table. The key is generated by generate_key() function.
106
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
