Use scoped tokens to load <audio> urls instead of JWT

2025-10-03 18:59:15 +02:00 · 2020-05-11 10:06:35 +02:00 · 2020-05-11 10:06:35 +02:00 · ec8dfdb740
commit ec8dfdb740
parent 13d28f7b0c
17 changed files with 265 additions and 39 deletions
--- a/api/funkwhale_api/users/serializers.py
+++ b/api/funkwhale_api/users/serializers.py
@ -22,6 +22,7 @@ from funkwhale_api.moderation import utils as moderation_utils

 from . import adapters
 from . import models
+from . import authentication as users_authentication


@deconstructible
@ -220,6 +221,7 @@ class UserReadSerializer(serializers.ModelSerializer):
 class MeSerializer(UserReadSerializer):
    quota_status = serializers.SerializerMethodField()
    summary = serializers.SerializerMethodField()
+    tokens = serializers.SerializerMethodField()

    class Meta(UserReadSerializer.Meta):
        fields = UserReadSerializer.Meta.fields + [
@ -227,6 +229,7 @@ class MeSerializer(UserReadSerializer):
            "instance_support_message_display_date",
            "funkwhale_support_message_display_date",
            "summary",
+            "tokens",
        ]

    def get_quota_status(self, o):
@ -237,6 +240,13 @@ class MeSerializer(UserReadSerializer):
            return
        return common_serializers.ContentSerializer(o.actor.summary_obj).data

+    def get_tokens(self, o):
+        return {
+            "listen": users_authentication.generate_scoped_token(
+                user_id=o.pk, user_secret=o.secret_key, scopes=["read:libraries"]
+            )
+        }
+

 class PasswordResetSerializer(PRS):
    def get_email_options(self):