Source code for ferrosoft.apps.ferrobase.views.api_token

#  Copyright (c) 2026 Ferrosoft GmbH. All rights reserved.
from django.http import HttpResponseRedirect
from django.views.generic.edit import FormMixin

from ferrosoft.apps.ferrobase.filter import APITokenFilterSet
from ferrosoft.apps.ferrobase.forms import APITokenForm
from ferrosoft.apps.ferrobase.models import APIToken, APITokenStatus
from ferrosoft.apps.ferrobase.tables.models import APITokenTable
from ferrosoft.apps.ferrobase.views.generic import (
    CreateView,
    TableView,
    model_crud_routes,
)


[docs] class APITokenReadView(TableView): """Per-user listing of active/inactive API tokens.""" filterset_class = APITokenFilterSet model = APIToken ordering = "name" table_class = APITokenTable
[docs] def get_queryset(self): """Scope the queryset to the current user and visible token statuses.""" return ( super() .get_queryset() .filter( status__in=[APITokenStatus.ACTIVE, APITokenStatus.INACTIVE], user=self.request.user, ) )
[docs] class APITokenCreateView(CreateView): """Create an API token and reveal its secret value exactly once.""" form_class = APITokenForm model = APIToken template_name = "ferrobase/api_token/create.html" def __init__(self, *args, **kwargs): """Initialise the one-shot ``secret_token`` slot.""" super().__init__(*args, **kwargs) self.secret_token = None
[docs] def form_valid(self, form): """If the form is valid, create the token using specialized function.""" token_model, token = APIToken.create( self.request.user, self.request.current_tenant, name=form.cleaned_data["name"], ) self.object = token_model self.secret_token = token return self.render_to_response(self.get_context_data())
[docs] def get_context_data(self, **kwargs): """Expose ``secret_token`` so the template can display it once.""" return super().get_context_data(**kwargs) | { "secret_token": self.secret_token, }
api_token_urls = model_crud_routes( APIToken, create_view=APITokenCreateView, read_view=APITokenReadView, )