Merge pull request #11 from pyobs/develop

thusser · web-flow · commit 298109628b22 · 2021-06-25T13:13:39.000+02:00
Develop
diff --git a/pyobs_archive/authentication/backends.py b/pyobs_archive/authentication/backends.py
@@ -49,7 +49,6 @@ class BearerAuthentication(authentication.BaseAuthentication):
     the odin auth server
     """
     def authenticate(self, request):
-        print('bearer')
         auth_header = request.META.get('HTTP_AUTHORIZATION', '')
         if 'Bearer' not in auth_header:
             return None
diff --git a/pyobs_archive/frontend/static/js/app.js b/pyobs_archive/frontend/static/js/app.js
@@ -82,7 +82,7 @@ $(function () {
             field: 'basename',
             title: 'Name',
             sortable: true,
-            formatter: function(value, row) {
+            formatter: function (value, row) {
                 let url = '/frames/' + row.id + '/download/';
                 return '<a href="' + url + '">' + value + '.fits.fz</a>';
             }
@@ -259,39 +259,6 @@ $(function () {
         history.pushState({}, '', '?q=a' + buildQueryParms());
     }
 
-    function login(username, password, callback) {
-        $.post('/api-token-auth/', {
-            'username': username,
-            'password': password
-        }).done(function (data) {
-            localStorage.setItem('token', data.token);
-            callback(true);
-        }).fail(function () {
-            callback(false);
-        });
-    }
-
-    function logout() {
-        localStorage.removeItem('token');
-    }
-
-    $('#login').click(function () {
-        login($('#email').val(), $('#password').val(), function (result) {
-            if (result) {
-                $('#login-form').hide();
-                $('#alert').alert('close');
-                $('#logout').show();
-                refreshTable();
-            } else {
-                if ($("#alert-error").find("div#alert").length == 0) {
-                    $("#alert-error").append("<div class='alert alert-danger alert-dismissable' id='alert'>" +
-                        "<button type='button' class='close' data-dismiss='alert' aria-hidden='true'>&times;</button> " +
-                        "Login failed.</div>");
-                }
-            }
-        });
-    });
-
     $('.keyup').typeWatch({
         callback: function callback() {
             refreshTable();
@@ -301,13 +268,6 @@ $(function () {
         captureLength: 1
     });
 
-    $('#logout').click(function () {
-        logout();
-        $('#login-form').show();
-        $('#logout').hide();
-        refreshTable();
-    });
-
     if (localStorage.getItem('token') !== null) {
         $('#login-form').hide();
         $('#logout').show();
@@ -379,10 +339,10 @@ $(function () {
         });
 
         if (frames.length > 0) {
+            let token = $("#zip-form").find('input[name=csrfmiddlewaretoken]').val()
             $.fileDownload('/frames/zip/', {
                 httpMethod: 'POST',
-                data: {'frame_ids': frames, 'auth_token': localStorage.getItem('token')},
-                headers: {}
+                data: {'frame_ids': frames, csrfmiddlewaretoken: token}
             });
         }
     }
diff --git a/pyobs_archive/frontend/templates/archive/index.html b/pyobs_archive/frontend/templates/archive/index.html
@@ -82,7 +82,10 @@
                 <div class="form-inline">
                     <div class="form-group form-inline">
                         <div class="btn-toolbar" role="group">
-                            <button id="downloadBtn" class="btn btn-primary">Download</button>
+                            <form id="zip-form">
+                                {% csrf_token %}
+                                <button type="button" id="downloadBtn" class="btn btn-primary">Download</button>
+                            </form>
                         </div>
                     </div>
                 </div>
