from django.db import models
from django.contrib.auth.models import User
class APIKey(models.Model):
user = models.OneToOneField(User, on_delete=models.CASCADE)
key = models.CharField(max_length=64, unique=True)from django.http import JsonResponse
from your_app.models import APIKey
def api_key_required(view_func):
@wraps(view_func)
def _wrapped_view(request, *args, **kwargs):
api_key = request.headers.get("X-API-Key")
if not api_key or not APIKey.objects.filter(key=api_key).exists():
return JsonResponse({"error": "Unauthorized"}, status=403)
return view_func(request, *args, **kwargs)
return _wrapped_viewfrom django.http import JsonResponse
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
@api_key_required
def my_api_view(request):
return JsonResponse({"message": "Success"})