Reputation: 103
How do I specify DRF oauth required_scopes in function based api_view?
I'm trying to make my function based rest framework views which use the @api_view decorator with the Django OAuth Rest Framework Toolkit, where I'm using TokenHasScope as the permission_class. However, this needs a mandatory attribute called required_scopes but I'm not sure how I can get this specified in a function based views?
Upvotes: 3
Views: 482
Answers (2)
Reputation: 15
You can create a view that subclasses TokenHasScope then hardcode get_scopes method to return the scopes you want. If the scopes change across different view, you can create a decorator which takes in a list of scopes and passes it on, then set your get_scopes method to pick up the scopes from that decorator.
Upvotes: 0
Reputation: 1036
Not exactly what you asked for, but an alternative to using Viewsets could be defining a view that subclass ScopedProtectedResourceView and set the scopes with the required_scopes attribute.
Upvotes: 0
Related Questions
- Can I Override Global Authentication for a Single Request Type in an ApiView using DRF?
- Django OAuthToolkit Scopes per specific method
- django - login view in DRF
- django oauth toolkit `or` in required scopes in view
- Conditionally authenticate users to DRF view
- DRF and Oauth2: creating resource and authorization servers
- DRF : parameter in custom permission class with function based views
- Django DRF with oAuth2 using DOT (django-oauth-toolkit)
- Basic auth protected views in DRF
- DRF - How to Authentify an application with Oauth Toolkit?