djangorestframework-api-key

djangorestframework-api-key copied to clipboard

`KeyParser` matches if authentication scheme ends with the keyword. I suppose, this situation shouldn't come up in most use cases but this behaviour is surprising nonetheless. Example: ```python from rest_framework_api_key.permissions...

Kostia-K

Retrieving the raw API key from within a view

3

**Is your feature request related to a problem? Please describe.** Currently, it's not obvious how we can access the raw API key from within a view that's protected behind a...

florimondmanca

✅ added `I18N` support

1

## Summary - added `gettext_lazy` so that translations for different messages and prompts can be supported.

mabdullahadeel

BaseHasAPIKey should not implement has_object_permission

4

https://github.com/florimondmanca/djangorestframework-api-key/blob/2a343eeaa32c616747e6aae3c4902f1ba55adeb9/src/rest_framework_api_key/permissions.py#L53-L56 Right now the permission `BaseHasAPIKey` implement `has_object_permission` and just calls `has_permission`. This is an incorrect implementation of `BasePermission`. `has_object_permission` is only called after `has_permission` has already passed, so this...

sparkyb

Add support for upgrading API key hashes

1

Found out while working on https://github.com/florimondmanca/djangorestframework-api-key/issues/173#issuecomment-1146677315 Currently, if `PASSWORD_HASHERS` changes and hasher A (eg. PBKDF2) previously used to hash API keys is moved lower in the list than another hasher...

florimondmanca

`HasAPIKey` adds huge performance (speed) hit

7

I'm seeing a huge performance hit when adding the `HasAPIKey` permission class. I've isolated it down to toggling the following setting: ```python REST_FRAMEWORK = { 'DEFAULT_PERMISSION_CLASSES': [], # 'DEFAULT_PERMISSION_CLASSES': ['rest_framework_api_key.permissions.HasAPIKey'],...

jorgenbuilder

Currently, we're testing against Django 3.2 max. But Django 4.0 was released in December 2021: https://www.djangoproject.com/weblog/2021/dec/07/django-40-released/ and 4.1 is just around the corner (alpha state). Let's ensure this library has...

florimondmanca

Enhance APIKey ModelAdmin Class

3

# Enhance APIKey ModelAdmin Class - Adding ("expiry_date", "revoked") to list_filter - Adding search_help_text (New in Django 4.0) - Adding "revoked" to readonly_fields (Depend on the New revoke action to...

mustafaabughazy

Custom API key model w/o default `APIKey` table or admin

15

I would like to be able to inherit AbstractAPIKey directly from the model, without having to reference it via foreignkey, and also I would like django, to not create these...

virogenesis

Explore swappable API key model functionality

1

This is an illustration of a possible resolution for #180. * Allows users to define a default API key model they'd like to use. * If "a default API key...

florimondmanca