Source code for ferrosoft.apps.ferrobase.views.api_token
# Copyright (c) 2026 Ferrosoft GmbH. All rights reserved.
from django.http import HttpResponseRedirect
from django.views.generic.edit import FormMixin
from ferrosoft.apps.ferrobase.filter import APITokenFilterSet
from ferrosoft.apps.ferrobase.forms import APITokenForm
from ferrosoft.apps.ferrobase.models import APIToken, APITokenStatus
from ferrosoft.apps.ferrobase.tables.models import APITokenTable
from ferrosoft.apps.ferrobase.views.generic import (
CreateView,
TableView,
model_crud_routes,
)
[docs]
class APITokenReadView(TableView):
"""Per-user listing of active/inactive API tokens."""
filterset_class = APITokenFilterSet
model = APIToken
ordering = "name"
table_class = APITokenTable
[docs]
def get_queryset(self):
"""Scope the queryset to the current user and visible token statuses."""
return (
super()
.get_queryset()
.filter(
status__in=[APITokenStatus.ACTIVE, APITokenStatus.INACTIVE],
user=self.request.user,
)
)
[docs]
class APITokenCreateView(CreateView):
"""Create an API token and reveal its secret value exactly once."""
form_class = APITokenForm
model = APIToken
template_name = "ferrobase/api_token/create.html"
def __init__(self, *args, **kwargs):
"""Initialise the one-shot ``secret_token`` slot."""
super().__init__(*args, **kwargs)
self.secret_token = None
[docs]
def get_context_data(self, **kwargs):
"""Expose ``secret_token`` so the template can display it once."""
return super().get_context_data(**kwargs) | {
"secret_token": self.secret_token,
}
api_token_urls = model_crud_routes(
APIToken,
create_view=APITokenCreateView,
read_view=APITokenReadView,
)