Friday, July 27, 2018

Re: Change the default route of a view

Hi Fernando,

In DRF even with token authentication you will be able to get the currently logged in user via the user object on the request. So request.user will be the user doing the request.

If you for example want to have an endpoint that is for the current user you could just check the request.user to see which user is doing the request. Then you don't need to use the id from the url.

Regards,

Andréas

2018-07-27 16:36 GMT+02:00 Fernando Miranda <fndmiranda@gmail.com>:
I think I understood about the rest, the right one to edit for example would be to have the route of type PUT passing the token OAuth2 in the route and there I look for the user owner of the token? Or the user ID and check if the authenticated user is the same as the last ID?

Em sexta-feira, 27 de julho de 2018 08:10:19 UTC-3, Jason escreveu:
you can probably do this with overriding a few things, but for me, your use case has some major problems.  you're effectively breaking away from the basics of REST.

If you want to implement some sort of non-sequential identifiers for users/resources, use UUIDs.  Any token passed in the headers should be used for auth only, not contain explicit routing values.

On Thursday, July 26, 2018 at 4:10:55 PM UTC-4, Fernando Miranda wrote:
Hello, I'm using Django Rest Framework, I was wondering if you have how to change the default url of an endpoint in a view? In case it is a view of account where I wanted the retrieve method to be without / {id} this also for the delete and edit because I will identify the user by the token passed in the header.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
 To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/875eb467-9cd2-492b-9aea-e311bb3da022%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAK4qSCdBiFuMgVtj%3DSdK0nPvBru353HGEGwDr6kfKH0%3DZh%2BgbQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)