API

Manages the routes for all API patterns

Decorators

blueweather.apps.api.decorators.authorization_required(fn: callable, fail_view: callable = None, permissions: Union[str, List[str]] = None) → callable

Require Authorization to access the view. Authorization will allow either a logged in user, or a valid api_key. This means that a user does not have to be logged in to access the view, but will always be given access if the user is logged in

Note

Csrf tokens are not used in the authentication, and if you want csrf authorization, use csrf_authorization_required() instead

If fail_view is not provided, a httpResponseForbidden exception will be raised

Parameters:
  • fn – The view that will be displayed if authorized
  • fail_view – The view that will be displayed if not authorized
  • permissions – A list of required permissions
blueweather.apps.api.decorators.csrf_authorization_required(fn: callable, fail_view: callable = None, permissions: list = None) → callable

Require Authorization to access the view. Authorization will allow either a logged in user, or a valid api_key. This means that a user does not have to be logged in to access the view, but will always be given access if the user is logged in

Note

If a token is provided, the csrf token will not be verified. In all other cases, the csrf token will be verified.

If fail_view is not provided, a httpResponseForbidden exception will be raised

Parameters:
  • fn – The view that will be displayed if authorized
  • fail_view – The view that will be displayed if not authorized
  • permissions – A list of permissions that the key must have