feat: add token authentication in all api

+# Generated by Django 3.1.2 on 2020-11-22 14:39
+
+from django.db import migrations, models
+import django.utils.timezone
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='AddDevice',
+            fields=[
+                ('id', models.IntegerField(primary_key=True, serialize=False)),
+                ('state', models.BooleanField(default=False)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Device',
+            fields=[
+                ('device_id', models.AutoField(primary_key=True, serialize=False)),
+                ('rfid_id', models.CharField(max_length=255)),
+                ('created', models.DateTimeField(default=django.utils.timezone.now)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Door',
+            fields=[
+                ('door_id', models.CharField(max_length=255, primary_key=True, serialize=False)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Lock',
+            fields=[
+                ('id', models.IntegerField(primary_key=True, serialize=False)),
+                ('state', models.BooleanField(default=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Record',
+            fields=[
+                ('id', models.IntegerField(primary_key=True, serialize=False)),
+                ('recording', models.BooleanField(default=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='RemoteHistory',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('device_name', models.CharField(max_length=255)),
+                ('created', models.DateTimeField(default=django.utils.timezone.now)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Video',
+            fields=[
+                ('vid_name', models.CharField(max_length=255, primary_key=True, serialize=False)),
+                ('created', models.DateTimeField(default=django.utils.timezone.now)),
+                ('vid_time', models.CharField(max_length=255)),
+                ('thumb', models.CharField(max_length=255)),
+            ],
+        ),
+    ]

@@ -3,7 +3,7 @@ import botocore
 import threading
 import threading
 from django.http import HttpResponse
 from django.http import HttpResponse
 from django.core import serializers
 from django.core import serializers
-from django.core.exceptions import FieldDoesNotExist, ObjectDoesNotExist
+from django.core.exceptions import FieldDoesNotExist, ObjectDoesNotExist, PermissionDenied
 from django.shortcuts import render
 from django.shortcuts import render
 from django.contrib.auth.models import User
 from django.contrib.auth.models import User
 
 
@@ -15,6 +15,7 @@ from rest_framework.views import APIView
 from rest_framework.request import Request
 from rest_framework.request import Request
 from rest_framework.response import Response
 from rest_framework.response import Response
 from rest_framework.authtoken.models import Token
 from rest_framework.authtoken.models import Token
+from rest_framework.authentication import TokenAuthentication
 
 
 from boto3.session import Session
 from boto3.session import Session
 from src.settings import AWS_REGION
 from src.settings import AWS_REGION
@@ -61,29 +62,44 @@ class Login(APIView) :
 
 
 
 
 
 
-'''
+
     def post(self, request, format = None) : 
     def post(self, request, format = None) : 
         queryset = Door.objects.create(door_id = 12345)
         queryset = Door.objects.create(door_id = 12345)
         return Response({
         return Response({
                 'msg' : 'doorid값 삽입 완료',
                 'msg' : 'doorid값 삽입 완료',
             })
             })
-'''
+
 
 
 
 
 #기기 관련 api
 #기기 관련 api
 class Devices(APIView) :
 class Devices(APIView) :
     # 기기 목록 조회
     # 기기 목록 조회
-    def get(self, request, format = None) : 
-        queryset = Device.objects.all()
-        serializer = DeviceSerializer(queryset, many = True)
-        res = {
-            'deviceList': serializer.data
-        }
-        return Response(res, status = status.HTTP_200_OK)
+    def get(self, request, format = None) :
+        try :
+            if request.auth == None :
+                raise PermissionDenied
+            queryset = Device.objects.all()
+            serializer = DeviceSerializer(queryset, many = True)
+            res = {
+                'deviceList': serializer.data
+            }
+            return Response(res, status = status.HTTP_200_OK)
+        except FieldDoesNotExist as error :
+            return Response({
+                'error' : "FieldDoesNotExist ",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST)
+        except PermissionDenied as error :
+            return Response({
+                'error' : "PermissionDenied",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST)            
 
 
     # 기기 추가 요청
     # 기기 추가 요청
     def put(self, request, format = None) :
     def put(self, request, format = None) :
         try :
         try :
+            if request.auth == None :
+                raise PermissionDenied
             print(request.body)
             print(request.body)
             data = json.loads(request.body)
             data = json.loads(request.body)
             target = AddDevice.objects.get(id=1)
             target = AddDevice.objects.get(id=1)
@@ -105,10 +121,17 @@ class Devices(APIView) :
                 'error' : "FieldDoesNotExist ",
                 'error' : "FieldDoesNotExist ",
                 'date' : datetime.now()
                 'date' : datetime.now()
             }, status = status.HTTP_400_BAD_REQUEST)
             }, status = status.HTTP_400_BAD_REQUEST)
+        except PermissionDenied as error :
+            return Response({
+                'error' : "PermissionDenied",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST)         
 
 
     # 기기 추가
     # 기기 추가
     def post(self, request, format = None) : # request body에 rfid_id 포함되어있음 
     def post(self, request, format = None) : # request body에 rfid_id 포함되어있음 
         try : 
         try : 
+            if request.auth == None :
+                raise PermissionDenied            
             print(request.data)
             print(request.data)
             data = {x: request.POST.get(x) for x in request.POST.keys()}
             data = {x: request.POST.get(x) for x in request.POST.keys()}
             request_id = data.get('rfid_id', None)
             request_id = data.get('rfid_id', None)
@@ -125,12 +148,19 @@ class Devices(APIView) :
                 'error' : "FieldDoesNotExist ",
                 'error' : "FieldDoesNotExist ",
                 'date' : datetime.now()
                 'date' : datetime.now()
             }, status = status.HTTP_400_BAD_REQUEST)
             }, status = status.HTTP_400_BAD_REQUEST)
+        except PermissionDenied as error :
+            return Response({
+                'error' : "PermissionDenied",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST) 
 
 
 
 
 
 
     # 기기 삭제
     # 기기 삭제
     def delete(self, request, device_id, format = None): # request URI에 device_id(자동생성되는 기기 고유 번호 != rfid_id) 포함
     def delete(self, request, device_id, format = None): # request URI에 device_id(자동생성되는 기기 고유 번호 != rfid_id) 포함
-        try : 
+        try :
+            if request.auth == None :
+                raise PermissionDenied 
             request_id = device_id
             request_id = device_id
             if request_id == None:
             if request_id == None:
                 raise FieldDoesNotExist   
                 raise FieldDoesNotExist   
@@ -145,22 +175,37 @@ class Devices(APIView) :
                 'error' : "FieldDoesNotExist ",
                 'error' : "FieldDoesNotExist ",
                 'date' : datetime.now()
                 'date' : datetime.now()
             }, status = status.HTTP_400_BAD_REQUEST)
             }, status = status.HTTP_400_BAD_REQUEST)
+        except PermissionDenied as error :
+            return Response({
+                'error' : "PermissionDenied",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST) 
 
 
 # 원격 잠금 해제 
 # 원격 잠금 해제 
 class Remote(APIView):
 class Remote(APIView):
     # 원격 잠금 해제 기록 조회
     # 원격 잠금 해제 기록 조회
     def get(self, request, format = None) : 
     def get(self, request, format = None) : 
         #models.py의 class History 사용.
         #models.py의 class History 사용.
-        queryset = RemoteHistory.objects.all()
-        serializer = RemoteHistorySerializer(queryset, many = True)
-        res = {
-            "remoteHistoryList": serializer.data
-        }
-        return Response(res, status = status.HTTP_200_OK)
+        try:
+            if request.auth == None :
+                raise PermissionDenied            
+            queryset = RemoteHistory.objects.all()
+            serializer = RemoteHistorySerializer(queryset, many = True)
+            res = {
+                "remoteHistoryList": serializer.data
+            }
+            return Response(res, status = status.HTTP_200_OK)
+        except PermissionDenied as error : 
+            return Response({
+                'error' : "FieldDoesNotExist ",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST)
 
 
     # 원격 잠금 해제
     # 원격 잠금 해제
     def put(self, request, format = None) :
     def put(self, request, format = None) :
         try:
         try:
+            if request.auth == None :
+                raise PermissionDenied 
             print(request.body)
             print(request.body)
             data = json.loads(request.body)
             data = json.loads(request.body)
             device_name = data.get('device_name', None)
             device_name = data.get('device_name', None)
@@ -182,27 +227,48 @@ class Remote(APIView):
             return Response({
             return Response({
                 'msg' : 'success remote unlock'
                 'msg' : 'success remote unlock'
             }, status = status.HTTP_200_OK)
             }, status = status.HTTP_200_OK)
+
         except FieldDoesNotExist as error:
         except FieldDoesNotExist as error:
             return Response({
             return Response({
                 'error': "FieldDoesNotExist ",
                 'error': "FieldDoesNotExist ",
                 'date': datetime.now()
                 'date': datetime.now()
             }, status=status.HTTP_400_BAD_REQUEST)
             }, status=status.HTTP_400_BAD_REQUEST)
+        except PermissionDenied as error :
+            return Response({
+                'error' : "PermissionDenied",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST) 
 
 
 
 
 
 
 # 비디오 목록 조회
 # 비디오 목록 조회
 class VideoList(APIView) : 
 class VideoList(APIView) : 
     def get(self, request, format = None) :
     def get(self, request, format = None) :
-        queryset = Video.objects.all()
-        serializer = VideoSerializer(queryset, many = True)
-        res = {     
-            'videoList': serializer.data
-        }       # 응답코드에 포함될 데이터
-        return Response(res, status = status.HTTP_200_OK) 
+        try :
+            if request.auth == None :
+                raise PermissionDenied             
+            queryset = Video.objects.all()
+            serializer = VideoSerializer(queryset, many = True)
+            res = {     
+                'videoList': serializer.data
+            }       # 응답코드에 포함될 데이터
+            return Response(res, status = status.HTTP_200_OK)
+        except FieldDoesNotExist as error:
+            return Response({
+                'error': "FieldDoesNotExist ",
+                'date': datetime.now()
+            }, status=status.HTTP_400_BAD_REQUEST)
+        except PermissionDenied as error :
+            return Response({
+                'error' : "PermissionDenied",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST) 
 
 
 # 비디오 수동 삭제
 # 비디오 수동 삭제
     def delete(self, request, vid_name, format = None) :  # request URI에 vid_name가 포함되어있음 : api/video/{vid_name}
     def delete(self, request, vid_name, format = None) :  # request URI에 vid_name가 포함되어있음 : api/video/{vid_name}
         try : 
         try : 
+            if request.auth == None :
+                raise PermissionDenied             
             request_id = vid_name
             request_id = vid_name
             if request_id == 'None' :
             if request_id == 'None' :
                 raise FieldDoesNotExist
                 raise FieldDoesNotExist
@@ -219,11 +285,18 @@ class VideoList(APIView) :
                 'error' : "FieldDoesNotExist ",
                 'error' : "FieldDoesNotExist ",
                 'date' : datetime.now()
                 'date' : datetime.now()
             }, status = status.HTTP_400_BAD_REQUEST)
             }, status = status.HTTP_400_BAD_REQUEST)
+        except PermissionDenied as error :
+            return Response({
+                'error' : "PermissionDenied",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST)         
 
 
 # 비디오 확인(다운로드)
 # 비디오 확인(다운로드)
 class VideoDownload(APIView) :
 class VideoDownload(APIView) :
     def get(self, request, vid_name, format = None) : # 요청한 URI에 vid_name가 포함되어있음
     def get(self, request, vid_name, format = None) : # 요청한 URI에 vid_name가 포함되어있음
-        try :   
+        try :
+            if request.auth == None :
+                raise PermissionDenied   
             request_id = vid_name
             request_id = vid_name
             if request_id == 'None' :
             if request_id == 'None' :
                 raise FieldDoesNotExist   
                 raise FieldDoesNotExist   
@@ -244,6 +317,11 @@ class VideoDownload(APIView) :
                 'error' : "ObjectDoesNotExist",
                 'error' : "ObjectDoesNotExist",
                 'date' : datetime.now()
                 'date' : datetime.now()
             }, status = status.HTTP_404_NOT_FOUND)
             }, status = status.HTTP_404_NOT_FOUND)
+        except PermissionDenied as error :
+            return Response({
+                'error' : "PermissionDenied",
+                'date' : datetime.now()
+            }, status = status.HTTP_400_BAD_REQUEST) 
 
 
 # 비디오 자동 삭제
 # 비디오 자동 삭제
 class CheckDate(APIView) :
 class CheckDate(APIView) :
@@ -261,24 +339,28 @@ class CheckDate(APIView) :
 class Recording(APIView) :
 class Recording(APIView) :
     def get(self, request, format = None) :
     def get(self, request, format = None) :
         try :
         try :
+            if request.auth == None :
+                raise PermissionDenied
             target = Record.objects.get(id = 1)
             target = Record.objects.get(id = 1)
             serializer = RecordSerializer(target, many = False)
             serializer = RecordSerializer(target, many = False)
             res = {
             res = {
                 'recording' : serializer.data['recording']
                 'recording' : serializer.data['recording']
             }
             }
             return Response(res, status = status.HTTP_200_OK)
             return Response(res, status = status.HTTP_200_OK)
-        except FieldDoesNotExist as error :
+        except PermissionDenied as error :
             return Response({
             return Response({
-                'error' : "FieldDoesNotExist ",
+                'error' : "PermissionDenied",
                 'date' : datetime.now()
                 'date' : datetime.now()
-            }, status = status.HTTP_400_BAD_REQUEST)
+            }, status = status.HTTP_400_BAD_REQUEST) 
 
 
     def put(self, request, format = None) :
     def put(self, request, format = None) :
-        try :  
+        try :
+            if request.auth == None :
+                raise PermissionDenied
             target = Record.objects.filter(id = 1)
             target = Record.objects.filter(id = 1)
             target.update(recording = request.data['recording'])
             target.update(recording = request.data['recording'])
             return Response(status = status.HTTP_200_OK)
             return Response(status = status.HTTP_200_OK)
-        except FieldDoesNotExist as error :
+        except PermissionDenied as error :
             return Response({
             return Response({
                 'error' : "FieldDoesNotExist ",
                 'error' : "FieldDoesNotExist ",
                 'date' : datetime.now()
                 'date' : datetime.now()

@@ -44,6 +44,12 @@ INSTALLED_APPS = [
     'rest_framework.authtoken',
     'rest_framework.authtoken',
 ]
 ]
 
 
+REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES' : [
+        'rest_framework.authentication.TokenAuthentication',
+    ]
+}
+
 MIDDLEWARE = [
 MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',