Views

The views respond to browser requests and control the response that is rendered.

class fleetingform.views.FleetingFormListCreateView(**kwargs)[source]

Bases: rest_framework.generics.ListCreateAPIView

authentication_classes = [<class 'fleetingform.authentication.FleetingAuthentication'>]
get_queryset()[source]

Get the list of items for this view. This must be an iterable, and may be a queryset. Defaults to using self.queryset.

This method should always be used rather than accessing self.queryset directly, as self.queryset gets evaluated only once, and those results are cached for all subsequent requests.

You may want to override this if you need to provide different querysets depending on the incoming request.

(Eg. return a list of items that is specific to the user)

perform_create(serializer)[source]
permission_classes = [<class 'fleetingform.permissions.FleetingFormTokenPermission'>, <class 'fleetingform.permissions.FleetingFormHardLimitPermission'>]
serializer_class

alias of fleetingform.serializers.FleetingFormSerializer

class fleetingform.views.FleetingFormLoginView(**kwargs)[source]

Bases: django.views.generic.base.View

Handle Fleeting Form Logins

Overall workflow depends on the authentication type configured.

  1. Username only: - Display username form.

    • on match proceed

    • on fail return to

  2. Password only: - Display password form

    • on match proceed

    • on fail return to

  3. Username and Password: 1. Username and password provided:

    • Display Userpass form - on match proceed - on fail return to

    1. Username and otp: - Display Username form

      • on match, continue

      • Display password form - on match, proceed - on cancel, back to username form - on fail return to

Workflows

USERNAME

  • sets auth_token

PASSWORD

  • sets auth_token

USERPASS

  • sets auth_token

USERPASS_OTP

  • sets auth_username

  • sets auth_token

get(request, code)[source]

Handle a get request for a Fleeting Form Login.

Checks is the form requires authentication. If so, and not authenticated, renders login. If not, or authenticated, redirects to form.

Parameters

  • request (django.http.HttpRequest) – the request

  • code (str) – the one time code for the form extracted from the url

Returns

If auth required redender, else redirect to form

Return type

django.views.generic.base.RedirectView or django.template.response.TemplateResponse

otp_instructions = 'Unlock this form with your one time code.'
password_instructions = 'Unlock this form with a password.'
post(request, code)[source]

Handle a get request for a Fleeting Form Login.

Check if the authentication form is valid. If so, set session variables and either redirect to the form or render the next authentication stage.

Parameters

  • request (django.http.HttpRequest) – the request

  • code (str) – the one time code for the form extracted from the url

Returns

If further auth required or invalid render, else redirect to form

Return type

django.views.generic.base.RedirectView or django.template.response.TemplateResponse

username_instructions = 'Unlock this form with a username.'
userpass_instructions = 'Unlock this form with a username and password.'
class fleetingform.views.FleetingFormRetrieveDestroyView(**kwargs)[source]

Bases: rest_framework.generics.RetrieveDestroyAPIView

authentication_classes = [<class 'fleetingform.authentication.FleetingAuthentication'>]
get_queryset()[source]

Get the list of items for this view. This must be an iterable, and may be a queryset. Defaults to using self.queryset.

This method should always be used rather than accessing self.queryset directly, as self.queryset gets evaluated only once, and those results are cached for all subsequent requests.

You may want to override this if you need to provide different querysets depending on the incoming request.

(Eg. return a list of items that is specific to the user)

permission_classes = [<class 'fleetingform.permissions.FleetingFormTokenPermission'>]
serializer_class

alias of fleetingform.serializers.FleetingFormSerializer

class fleetingform.views.FleetingNamespaceListCreateView(**kwargs)[source]

Bases: rest_framework.generics.ListCreateAPIView

authentication_classes = [<class 'rest_framework.authentication.TokenAuthentication'>]
get_queryset()[source]

Get the list of items for this view. This must be an iterable, and may be a queryset. Defaults to using self.queryset.

This method should always be used rather than accessing self.queryset directly, as self.queryset gets evaluated only once, and those results are cached for all subsequent requests.

You may want to override this if you need to provide different querysets depending on the incoming request.

(Eg. return a list of items that is specific to the user)

perform_create(serializer)[source]
permission_classes = [<class 'fleetingform.permissions.FleetingNamespaceTokenPermission'>]
serializer_class

alias of fleetingform.serializers.FleetingNamespaceSerializer

class fleetingform.views.FleetingNamespaceRetrieveUpdateView(**kwargs)[source]

Bases: rest_framework.mixins.RetrieveModelMixin, rest_framework.mixins.UpdateModelMixin, rest_framework.generics.GenericAPIView

authentication_classes = [<class 'fleetingform.authentication.FleetingAuthentication'>, <class 'rest_framework.authentication.TokenAuthentication'>]
get(request, *args, **kwargs)[source]
get_queryset()[source]

Get the list of items for this view. This must be an iterable, and may be a queryset. Defaults to using self.queryset.

This method should always be used rather than accessing self.queryset directly, as self.queryset gets evaluated only once, and those results are cached for all subsequent requests.

You may want to override this if you need to provide different querysets depending on the incoming request.

(Eg. return a list of items that is specific to the user)

permission_classes = [<class 'fleetingform.permissions.FleetingNamespaceTokenPermission'>]
put(request, *args, **kwargs)[source]
serializer_class

alias of fleetingform.serializers.FleetingNamespaceSerializer

class fleetingform.views.FleetingNamespaceRetrieveView(**kwargs)[source]

Bases: rest_framework.generics.RetrieveUpdateAPIView

authentication_classes = [<class 'fleetingform.authentication.FleetingAuthentication'>, <class 'rest_framework.authentication.TokenAuthentication'>]
get_queryset()[source]

Get the list of items for this view. This must be an iterable, and may be a queryset. Defaults to using self.queryset.

This method should always be used rather than accessing self.queryset directly, as self.queryset gets evaluated only once, and those results are cached for all subsequent requests.

You may want to override this if you need to provide different querysets depending on the incoming request.

(Eg. return a list of items that is specific to the user)

permission_classes = [<class 'fleetingform.permissions.FleetingNamespaceTokenPermission'>]
serializer_class

alias of fleetingform.serializers.FleetingNamespaceSerializer

class fleetingform.views.FleetingOTPResetRedirectView(**kwargs)[source]

Bases: django.views.generic.base.RedirectView

Reset and resend the OTP for a form.

For two stage auth types, silently noops for sessions in which the username hasn’t been verified yet.

Otherwise, forces a new passcode to be generated and sent.

get_redirect_url(*args, **kwargs)[source]

If this is an OTP secured form, and the user is set if required, reset and resend the otp, then redirect to the form login view.

pattern_name = 'form-login'
permanent = False
class fleetingform.views.UserFormView(**kwargs)[source]

Bases: django.views.generic.base.View

User facing forms.

This view is responsible for rendering the forms and handling user input.

decode_query_params(params={})[source]

Decode query params.

Query params can be sent as base64 encoded values when prefixed with b64:. Decode query params into a flat dict of decoded key: value pairs.

Parameters

params (dict-like) – GET and/or POST querydict contents

Returns

all decoded key: value pairs.

Return type

dict

get(request, code)[source]

Handle a get request for a Fleeting Form.

Checks is the form requires authentication. If so, and not authenticated, redirect to login workflow. If not, or authenticated, render dynamically generated form.

Parameters

  • request (django.http.HttpRequest) – the request

  • code (str) – the one time code for the form extracted from the url

Returns

If auth required redirect, else render form

Return type

django.views.generic.base.RedirectView or django.template.response.TemplateResponse

post(request, code)[source]

Handle a post request for a Fleeting Form.

Checks is the form requires authentication. If so, and not authenticated, redirect to login workflow. If not, or authenticated, create dynamically generated form and check validity.

If valid, save and complete form. If invalid, render form with errors.

Parameters

  • request (django.http.HttpRequest) – the request

  • code (str) – the one time code for the form extracted from the url

Returns

If auth required redirect, else render form.

Return type

django.views.generic.base.RedirectView or django.template.response.TemplateResponse

fleetingform.views.send_otp_and_set_messages(user, fform, request)[source]