added

- document index
- api access for thumbnails/downloads
- more api filters

updated
- pipfile

removed
- filename handling
- legacy thumb/download access
- obsolete admin gui settings (per page items, FY, inline view)

src/paperless/auth.py

@@ -0,0 +1,11 @@
+from rest_framework.authentication import TokenAuthentication
+
+# This authentication method is required to serve documents and thumbnails for the front end.
+# https://stackoverflow.com/questions/29433416/token-in-query-string-with-django-rest-frameworks-tokenauthentication
+class QueryTokenAuthentication(TokenAuthentication):
+    def authenticate(self, request):
+        # Check if 'token_auth' is in the request query params.
+        if 'auth_token' in request.query_params and 'HTTP_AUTHORIZATION' not in request.META:
+            return self.authenticate_credentials(request.query_params.get('auth_token'))
+        else:
+            return None

src/paperless/settings.py

@@ -91,17 +91,13 @@ INSTALLED_APPS = [
 REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': [
         'rest_framework.authentication.BasicAuthentication',
-        'rest_framework.authentication.SessionAuthentication',
         'rest_framework.authentication.TokenAuthentication',
+        'paperless.auth.QueryTokenAuthentication'
     ]
 }
 
-if os.getenv("PAPERLESS_INSTALLED_APPS"):
-    INSTALLED_APPS += os.getenv("PAPERLESS_INSTALLED_APPS").split(",")
-
 MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
-    'whitenoise.middleware.WhiteNoiseMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'corsheaders.middleware.CorsMiddleware',
     'django.middleware.common.CommonMiddleware',
@@ -111,8 +107,7 @@ MIDDLEWARE = [
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
-# Enable whitenoise compression and caching
-STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
+# X_FRAME_OPTIONS = 'SAMEORIGIN'
 
 # We allow CORS from localhost:8080
 CORS_ORIGIN_WHITELIST = tuple(os.getenv("PAPERLESS_CORS_ALLOWED_HOSTS", "http://localhost:8080,https://localhost:8080,http://localhost:4200").split(","))
@@ -299,6 +294,8 @@ SCRATCH_DIR = os.getenv("PAPERLESS_SCRATCH_DIR", "/tmp/paperless")
 # This is where Paperless will look for PDFs to index
 CONSUMPTION_DIR = os.getenv("PAPERLESS_CONSUMPTION_DIR")
 
+INDEX_DIR = os.getenv('PAPERLESS_INDEX_DIR', os.path.join(BASE_DIR, "..", "index"))
+
 # (This setting is ignored on Linux where inotify is used instead of a
 # polling loop.)
 # The number of seconds that Paperless will wait between checking
@@ -323,17 +320,6 @@ PASSPHRASE = os.getenv("PAPERLESS_PASSPHRASE")
 PRE_CONSUME_SCRIPT = os.getenv("PAPERLESS_PRE_CONSUME_SCRIPT")
 POST_CONSUME_SCRIPT = os.getenv("PAPERLESS_POST_CONSUME_SCRIPT")
 
-# Whether to display a selected document inline, or download it as attachment:
-INLINE_DOC = __get_boolean("PAPERLESS_INLINE_DOC")
-
-# The number of items on each page in the web UI.  This value must be a
-# positive integer, but if you don't define one in paperless.conf, a default of
-# 100 will be used.
-PAPERLESS_LIST_PER_PAGE = int(os.getenv("PAPERLESS_LIST_PER_PAGE", 100))
-
-FY_START = os.getenv("PAPERLESS_FINANCIAL_YEAR_START")
-FY_END = os.getenv("PAPERLESS_FINANCIAL_YEAR_END")
-
 # Specify the default date order (for autodetected dates)
 DATE_ORDER = os.getenv("PAPERLESS_DATE_ORDER", "DMY")
 FILENAME_DATE_ORDER = os.getenv("PAPERLESS_FILENAME_DATE_ORDER")
@@ -342,6 +328,3 @@ FILENAME_DATE_ORDER = os.getenv("PAPERLESS_FILENAME_DATE_ORDER")
 FILENAME_PARSE_TRANSFORMS = []
 for t in json.loads(os.getenv("PAPERLESS_FILENAME_PARSE_TRANSFORMS", "[]")):
     FILENAME_PARSE_TRANSFORMS.append((re.compile(t["pattern"]), t["repl"]))
-
-# Specify the filename format for out files
-PAPERLESS_FILENAME_FORMAT = os.getenv("PAPERLESS_FILENAME_FORMAT")

src/paperless/urls.py

@@ -1,49 +1,34 @@
 from django.conf import settings
 from django.conf.urls import include, static, url
 from django.contrib import admin
-from django.urls import reverse_lazy
-from django.views.decorators.csrf import csrf_exempt
-from django.views.generic import RedirectView
+from rest_framework.authtoken import views
 from rest_framework.routers import DefaultRouter
 
 from paperless.views import FaviconView
 from documents.views import (
     CorrespondentViewSet,
     DocumentViewSet,
-    FetchView,
     LogViewSet,
-    PushView,
     TagViewSet,
-    DocumentTypeViewSet
+    DocumentTypeViewSet,
+    SearchView,
+    IndexView
 )
 
-router = DefaultRouter()
-router.register(r"correspondents", CorrespondentViewSet)
-router.register(r"document_types", DocumentTypeViewSet)
-router.register(r"documents", DocumentViewSet)
-router.register(r"logs", LogViewSet)
-router.register(r"tags", TagViewSet)
+api_router = DefaultRouter()
+api_router.register(r"correspondents", CorrespondentViewSet)
+api_router.register(r"document_types", DocumentTypeViewSet)
+api_router.register(r"documents", DocumentViewSet)
+api_router.register(r"logs", LogViewSet)
+api_router.register(r"tags", TagViewSet)
+
 
 urlpatterns = [
 
     # API
-    url(
-        r"^api/auth/",
-        include(
-            ('rest_framework.urls', 'rest_framework'),
-            namespace="rest_framework")
-    ),
-    url(r"^api/", include((router.urls, 'drf'), namespace="drf")),
-
-    # File downloads
-    url(
-        r"^fetch/(?P<kind>doc|thumb|preview)/(?P<pk>\d+)$",
-        FetchView.as_view(),
-        name="fetch"
-    ),
-
-    # File uploads
-    url(r"^push$", csrf_exempt(PushView.as_view()), name="push"),
+    url(r"^api/auth/",include(('rest_framework.urls', 'rest_framework'), namespace="rest_framework")),
+    url(r"^api/search/", SearchView.as_view(), name="search"),
+    url(r"^api/token/", views.obtain_auth_token), url(r"^api/", include((api_router.urls, 'drf'), namespace="drf")),
 
     # Favicon
     url(r"^favicon.ico$", FaviconView.as_view(), name="favicon"),
@@ -51,9 +36,8 @@ urlpatterns = [
     # The Django admin
     url(r"admin/", admin.site.urls),
 
-    # Redirect / to /admin
-    url(r"^$", RedirectView.as_view(
-        permanent=True, url=reverse_lazy("admin:index"))),
+    # Root of the Frontent
+    url(r".*", IndexView.as_view()),
 
 ] + static.static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)