statezero 0.1.0b64__py3-none-any.whl → 0.1.0b66__py3-none-any.whl

statezero/adaptors/django/urls.py

@@ -1,12 +1,13 @@
 from django.urls import path
 
-from .views import EventsAuthView, ModelListView, ModelView, SchemaView, FileUploadView, FastUploadView, ActionSchemaView, ActionView, ValidateView, FieldPermissionsView
+from .views import EventsAuthView, ModelListView, MeView, ModelView, SchemaView, FileUploadView, FastUploadView, ActionSchemaView, ActionView, ValidateView, FieldPermissionsView
 
 app_name = "statezero"
 
 urlpatterns = [
     path("events/auth/", EventsAuthView.as_view(), name="events_auth"),
     path("models/", ModelListView.as_view(), name="model_list"),
+    path("me/", MeView.as_view(), name="me"),
     path("files/upload/", FileUploadView.as_view(), name="file_upload"),
     path("files/fast-upload/", FastUploadView.as_view(), name="fast_file_upload"),
     path("actions/<str:action_name>/", ActionView.as_view(), name="action"),

statezero/adaptors/django/views.py

@@ -23,6 +23,7 @@ from statezero.adaptors.django.exception_handler import \
 from statezero.adaptors.django.permissions import ORMBridgeViewAccessGate
 from statezero.adaptors.django.actions import DjangoActionSchemaGenerator
 from statezero.adaptors.django.action_serializers import get_or_build_action_serializer
+from statezero.adaptors.django.serializers import DRFDynamicSerializer
 from statezero.core.interfaces import AbstractEventEmitter, AbstractActionPermission
 from statezero.core.process_request import RequestProcessor
 from statezero.core.actions import action_registry
@@ -44,6 +45,18 @@ class EventsAuthView(APIView):
     permission_classes = [permission_class]
     
     def post(self, request, *args, **kwargs):
+        sync_token = getattr(settings, "STATEZERO_SYNC_TOKEN", None)
+        client_token = request.headers.get("X-StateZero-Sync-Token")
+        if client_token is not None:
+            if not sync_token or client_token != sync_token:
+                return Response(
+                    {
+                        "error": "Sync token mismatch for events auth.",
+                        "header": "X-StateZero-Sync-Token",
+                    },
+                    status=status.HTTP_409_CONFLICT,
+                )
+
         channel_name = request.data.get("channel_name")
         socket_id = request.data.get("socket_id")
 
@@ -77,6 +90,14 @@ class EventsAuthView(APIView):
 
         # Delegate authentication to the event emitter.
         response = event_emitter.authenticate(request)
+        if client_token is not None:
+            if isinstance(response, dict):
+                response["statezero_sync_token_match"] = True
+            else:
+                response = {
+                    "auth": response,
+                    "statezero_sync_token_match": True,
+                }
         logger.debug(f"Authentication successful for channel: {channel_name}")
         return Response(response, status=status.HTTP_200_OK)
 
@@ -94,6 +115,64 @@ class ModelListView(APIView):
             model_names.append(model_name)
         return Response(model_names, status=status.HTTP_200_OK)
 
+class MeView(APIView):
+    """
+    Returns the current authenticated user as a guaranteed model summary.
+    Uses the existing StateZero serializer with only the PK field requested,
+    which includes `pk` and `repr` by design.
+    """
+
+    permission_classes = []
+
+    def get(self, request, *args, **kwargs):
+        try:
+            user = config.orm_provider.get_user(request)
+            if not user or not getattr(user, "is_authenticated", False):
+                raise PermissionDenied(detail="Authentication required.")
+
+            model = user.__class__
+            model_name = config.orm_provider.get_model_name(model)
+            pk_field = model._meta.pk.name
+            pk_value = getattr(user, pk_field)
+
+            fields_map = {
+                model_name: {pk_field},
+            }
+
+            serializer = DRFDynamicSerializer()
+            serialized = serializer.serialize(
+                data=user,
+                model=model,
+                depth=0,
+                fields_map=fields_map,
+                many=False,
+                request=request,
+            )
+
+            included = serialized.get("included", {})
+            user_bucket = included.get(model_name, {})
+            user_data = user_bucket.get(pk_value)
+
+            # Defensive fallback to keep the endpoint contract stable.
+            if user_data is None:
+                user_data = {
+                    pk_field: pk_value,
+                    "repr": {
+                        "str": str(user),
+                        "img": user.__img__() if hasattr(user, "__img__") else None,
+                    },
+                }
+
+            return Response(
+                {
+                    "model_name": model_name,
+                    "data": user_data,
+                },
+                status=status.HTTP_200_OK,
+            )
+        except Exception as original_exception:
+            return explicit_exception_handler(original_exception)
+
 
 class ModelView(APIView):
 

{statezero-0.1.0b64.dist-info → statezero-0.1.0b66.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: statezero
-Version: 0.1.0b64
+Version: 0.1.0b66
 Summary: Connect your Python backend to a modern JavaScript SPA frontend with 90% less complexity.
 Author-email: Robert <robert.herring@statezero.dev>
 Project-URL: homepage, https://www.statezero.dev

{statezero-0.1.0b64.dist-info → statezero-0.1.0b66.dist-info}/RECORD

@@ -19,9 +19,9 @@ statezero/adaptors/django/schemas.py,sha256=SBYPKre7o6RANCXhzDgyZOvhChIO32W609AT
 statezero/adaptors/django/serializers.py,sha256=Sh7xp6alXPLv7V0m1ypM1y2q8Q0obpw6rQwpMg4N1Ts,28124
 statezero/adaptors/django/signals.py,sha256=bL_-vGEFUBbDhCdO7vCXdHcRBWLcs2R7e2mkFq_8-7A,14229
 statezero/adaptors/django/testing.py,sha256=mRPtDMGGTVe3OFfzIx7uIiiWuuE3Lw15teMJHMU_erw,4818
-statezero/adaptors/django/urls.py,sha256=sPalAG8ZCrNbs5u8IV3xzwUGe9tRRgh-WRh0D3BQ2BA,1036
+statezero/adaptors/django/urls.py,sha256=esh05k-EFPqgXeztAkZF1CIzS3rNv4QxHZeVc0rBDMA,1090
 statezero/adaptors/django/utils.py,sha256=EyRc-R4P47L6eYufDwd1ZADU9Lz9NCVaORmxZdkgu5M,14666
-statezero/adaptors/django/views.py,sha256=aJFX7hO5ql4tAK4veSwcJAQui2No77imd0IqFGzBNao,24407
+statezero/adaptors/django/views.py,sha256=SU-7n-DWU1VMtyuvqBXoPx-NUGrER1qF1Mu77GdA0G4,27250
 statezero/adaptors/django/extensions/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 statezero/adaptors/django/extensions/simple_history.py,sha256=jksS8N6EWE-0raB0qMT-aAHqxibrVvwqTCGlwW7UiNE,1947
 statezero/adaptors/django/extensions/custom_field_serializers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -51,7 +51,7 @@ statezero/core/process_request.py,sha256=s1yys2ms856KJxV-cIfnVIdMkrOW9nLfzyLor64
 statezero/core/query_cache.py,sha256=haEBdd4nCm8h8ugj8KmCHUbyiHApU4rv-9PncKJJCys,9528
 statezero/core/telemetry.py,sha256=EV2yLV6WAS-MTYCQSRQadiMgOD_ViJ_qUspgvbD0GqA,7757
 statezero/core/types.py,sha256=An57YP1sdd7u6eppXeKMoSudEn_6-Pb6UoC3IdR5E8w,916
-statezero-0.1.0b64.dist-info/METADATA,sha256=w9RB4CSkF-uQ5WZSRrYb2D_kHFwtXu-V216Pe229kAM,9872
-statezero-0.1.0b64.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-statezero-0.1.0b64.dist-info/top_level.txt,sha256=UAuZYPKczradU1kcMQxsGjUzEW0qdgsqzhXyscrcLpw,10
-statezero-0.1.0b64.dist-info/RECORD,,
+statezero-0.1.0b66.dist-info/METADATA,sha256=CyUxGvEbo_BFe8jgIDWOlFu5e6-J9oCRk-vjbe6BHtA,9872
+statezero-0.1.0b66.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+statezero-0.1.0b66.dist-info/top_level.txt,sha256=UAuZYPKczradU1kcMQxsGjUzEW0qdgsqzhXyscrcLpw,10
+statezero-0.1.0b66.dist-info/RECORD,,