[tasks] Trying to fix webhooks for Todoist
This commit is contained in:
@ -6,7 +6,7 @@ from profiles.models import UserProfile
|
|||||||
from rest_framework import status
|
from rest_framework import status
|
||||||
from rest_framework.authentication import BaseAuthentication
|
from rest_framework.authentication import BaseAuthentication
|
||||||
from rest_framework.exceptions import AuthenticationFailed
|
from rest_framework.exceptions import AuthenticationFailed
|
||||||
from rest_framework.permissions import BasePermission
|
from rest_framework.permissions import IsAuthenticated
|
||||||
from rest_framework.response import Response
|
from rest_framework.response import Response
|
||||||
from rest_framework.views import APIView
|
from rest_framework.views import APIView
|
||||||
from scrobbles.scrobblers import (
|
from scrobbles.scrobblers import (
|
||||||
@ -25,12 +25,21 @@ class TodoistTokenAuthentication(BaseAuthentication):
|
|||||||
def authenticate(self, request):
|
def authenticate(self, request):
|
||||||
auth_header = request.META.get("HTTP_AUTHORIZATION", "")
|
auth_header = request.META.get("HTTP_AUTHORIZATION", "")
|
||||||
|
|
||||||
|
logger.info(
|
||||||
|
"[todoist_auth] Raw auth header: %s",
|
||||||
|
auth_header[:20] if auth_header else "None",
|
||||||
|
)
|
||||||
|
|
||||||
if not auth_header:
|
if not auth_header:
|
||||||
return None
|
return None
|
||||||
|
|
||||||
parts = auth_header.split()
|
parts = auth_header.split()
|
||||||
|
|
||||||
if len(parts) != 2 or parts[0] != self.keyword:
|
if len(parts) != 2 or parts[0] != self.keyword:
|
||||||
|
logger.warning(
|
||||||
|
"[todoist_auth] Invalid auth header format: parts=%s",
|
||||||
|
parts,
|
||||||
|
)
|
||||||
return None
|
return None
|
||||||
|
|
||||||
token = parts[1]
|
token = parts[1]
|
||||||
@ -38,24 +47,23 @@ class TodoistTokenAuthentication(BaseAuthentication):
|
|||||||
profile = UserProfile.objects.filter(todoist_auth_key=token).first()
|
profile = UserProfile.objects.filter(todoist_auth_key=token).first()
|
||||||
|
|
||||||
if not profile:
|
if not profile:
|
||||||
|
logger.warning("[todoist_auth] No profile found for token")
|
||||||
raise AuthenticationFailed("Invalid token")
|
raise AuthenticationFailed("Invalid token")
|
||||||
|
|
||||||
if not profile.user:
|
if not profile.user:
|
||||||
|
logger.warning("[todoist_auth] No user associated with profile")
|
||||||
raise AuthenticationFailed("No user associated with token")
|
raise AuthenticationFailed("No user associated with token")
|
||||||
|
|
||||||
|
logger.info("[todoist_auth] Authenticated user: %s", profile.user.id)
|
||||||
return (profile.user, profile)
|
return (profile.user, profile)
|
||||||
|
|
||||||
|
def authenticate_header(self, request):
|
||||||
class IsAuthenticatedForTodoist(BasePermission):
|
return self.keyword
|
||||||
def has_permission(self, request):
|
|
||||||
return (
|
|
||||||
hasattr(request, "user") and request.user and request.user.is_authenticated
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
class TodoistWebhookView(APIView):
|
class TodoistWebhookView(APIView):
|
||||||
authentication_classes = [TodoistTokenAuthentication]
|
authentication_classes = [TodoistTokenAuthentication]
|
||||||
permission_classes = [IsAuthenticatedForTodoist]
|
permission_classes = [IsAuthenticated]
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def logger(self):
|
def logger(self):
|
||||||
|
|||||||
Reference in New Issue
Block a user