ms_identity_web.login_required to a class-based view

anjanesh · April 6, 2023, 7:55am

@ms_identity_web.login_required
def index(request):
    print(request.identity_context_data.username)
    return render(request, "auth/status.html")

But how do I add @ms_identity_web.login_required to a class based view ?
(this is DRF JSON view)

@ms_identity_web.login_required
class ApplicationViewSet(viewsets.ModelViewSet):
    queryset = Application.objects.all().order_by('-version')
    serializer_class = ApplicationSerializer

throws :

extra_actions = viewset.get_extra_actions()
AttributeError: ‘function’ object has no attribute ‘get_extra_actions’

addwebsolution · April 6, 2023, 8:30am

It seems you want to check if the user is authenticated or not, in this case you should use permission_classes in your ModelViewSet like this

from rest_framework import permissions

class ApplicationViewSet(viewsets.ModelViewSet):
    queryset = Application.objects.all().order_by('-version')
    serializer_class = ApplicationSerializer
    permission_classes = [permissions.IsAuthenticated]

and for further reference you can check this out Permissions - Django REST framework

anjanesh · April 6, 2023, 8:33am

How is this working ? I assumed permission_classes = [permissions.IsAuthenticated] was only applicable to Django’s default login and not a custom login like Azure AD.

addwebsolution · April 6, 2023, 8:36am

The permission_classes with IsAuthenticated permission specifies if the user is logged in or not, If you want custom authentication then you can create custom permission class and can use it.

anjanesh · April 6, 2023, 8:38am

But right now adding permission_classes = [permissions.IsAuthenticated] it still didnt fetch when not logged in.

EDIT - sorry, I was logged in to admin. So I need to write custom permission_classes

fedebelve · October 25, 2023, 2:41pm

hi! how you manage to use @ms_identity_web.login_required for you DRF??