feat(api): added auth/whoami endpoint (#737)

Author: Matthew Fisher

rootfs/api/tests/test_auth.py

@@ -25,7 +25,7 @@ def setUp(self):
 
     def test_auth(self):
         """
-        Test that a user can register using the API, login and logout
+        Test that a user can register using the API, login, whoami and logout
         """
         # test registration workflow
         username, password = 'newuser', 'password'
@@ -63,6 +63,26 @@ def test_auth(self):
         response = self.client.login(username=username, password=password)
         self.assertEqual(response, True)
 
+        user = User.objects.get(username=username)
+        token = Token.objects.get(user=user).key
+        url = '/v2/auth/whoami'
+        response = self.client.get(url, HTTP_AUTHORIZATION='token {}'.format(token))
+        self.assertEqual(response.status_code, 200)
+        for key in response.data:
+            self.assertIn(key, ['id', 'last_login', 'is_superuser', 'username', 'first_name',
+                                'last_name', 'email', 'is_active', 'is_superuser', 'is_staff',
+                                'date_joined', 'groups', 'user_permissions'])
+        expected = {
+            'username': username,
+            'email': email,
+            'first_name': first_name,
+            'last_name': last_name,
+            'is_active': True,
+            'is_superuser': False,
+            'is_staff': False
+        }
+        self.assertDictContainsSubset(expected, response.data)
+
     @override_settings(REGISTRATION_MODE="disabled")
     def test_auth_registration_disabled(self):
         """test that a new user cannot register when registration is disabled."""

rootfs/api/urls.py

@@ -92,6 +92,8 @@
         views.UserManagementViewSet.as_view({'delete': 'destroy'})),
     url(r'^auth/passwd/?',
         views.UserManagementViewSet.as_view({'post': 'passwd'})),
+    url(r'^auth/whoami/?',
+        views.UserManagementViewSet.as_view({'get': 'list'})),
     url(r'^auth/login/',
         views_obtain_auth_token),
     url(r'^auth/tokens/',

rootfs/api/views.py

@@ -68,6 +68,11 @@ def get_queryset(self):
     def get_object(self):
         return self.get_queryset()[0]
 
+    def list(self, request, **kwargs):
+        user = self.get_object()
+        serializer = self.get_serializer(user, many=False)
+        return Response(serializer.data)
+
     def destroy(self, request, **kwargs):
         calling_obj = self.get_object()
         target_obj = calling_obj