16 lines
497 B
Python
16 lines
497 B
Python
from rest_framework import permissions
|
|
from relay.utils.authentication import APITokenUser
|
|
|
|
class HasValidAPIToken(permissions.BasePermission):
|
|
"""
|
|
Custom permission to only allow access to API token authenticated users.
|
|
"""
|
|
|
|
def has_permission(self, request, view):
|
|
# Check if user is authenticated via API token
|
|
return (
|
|
request.user and
|
|
isinstance(request.user, APITokenUser) and
|
|
request.user.is_authenticated
|
|
)
|