django-rest-auth/rest_auth/registration/serializers.py

from django.http import HttpRequest
from django.conf import settings
from django.utils.translation import ugettext_lazy as _

try:
    from allauth.account import app_settings as allauth_settings
    from allauth.utils import (email_address_exists,
                               get_username_max_length)
    from allauth.account.adapter import get_adapter
    from allauth.account.utils import setup_user_email
except ImportError:
    raise ImportError('allauth needs to be added to INSTALLED_APPS.')

from rest_framework import serializers
from requests.exceptions import HTTPError
# Import is needed only if we are using social login, in which
# case the allauth.socialaccount will be declared
if 'allauth.socialaccount' in settings.INSTALLED_APPS:
    from allauth.socialaccount.helpers import complete_social_login


class SocialLoginSerializer(serializers.Serializer):
    access_token = serializers.CharField(required=False, allow_blank=True)
    code = serializers.CharField(required=False, allow_blank=True)

    def _get_request(self):
        request = self.context.get('request')
        if not isinstance(request, HttpRequest):
            request = request._request
        return request

    def get_social_login(self, adapter, app, token, response):
        """

        :param adapter: allauth.socialaccount Adapter subclass. Usually OAuthAdapter or Auth2Adapter
        :param app: `allauth.socialaccount.SocialApp` instance
        :param token: `allauth.socialaccount.SocialToken` instance
        :param response: Provider's response for OAuth1. Not used in the
        :return: :return: A populated instance of the `allauth.socialaccount.SocialLoginView` instance
        """
        request = self._get_request()
        social_login = adapter.complete_login(request, app, token, response=response)
        social_login.token = token
        return social_login

    def validate(self, attrs):
        view = self.context.get('view')
        request = self._get_request()

        if not view:
            raise serializers.ValidationError(
                _('View is not defined, pass it as a context variable')
            )

        adapter_class = getattr(view, 'adapter_class', None)
        if not adapter_class:
            raise serializers.ValidationError(_('Define adapter_class in view'))

        adapter = adapter_class(request)
        app = adapter.get_provider().get_app(request)

        # More info on code vs access_token
        # http://stackoverflow.com/questions/8666316/facebook-oauth-2-0-code-and-token

        # Case 1: We received the access_token
        if('access_token' in attrs):
            access_token = attrs.get('access_token')

        # Case 2: We received the authorization code
        elif('code' in attrs):
            self.callback_url = getattr(view, 'callback_url', None)
            self.client_class = getattr(view, 'client_class', None)

            if not self.callback_url:
                raise serializers.ValidationError(
                    _('Define callback_url in view')
                )
            if not self.client_class:
                raise serializers.ValidationError(
                    _('Define client_class in view')
                )

            code = attrs.get('code')

            provider = adapter.get_provider()
            scope = provider.get_scope(request)
            client = self.client_class(
                request,
                app.client_id,
                app.secret,
                adapter.access_token_method,
                adapter.access_token_url,
                self.callback_url,
                scope
            )
            token = client.get_access_token(code)
            access_token = token['access_token']

        else:
            raise serializers.ValidationError(_('Incorrect input. access_token or code is required.'))

        token = adapter.parse_token({'access_token': access_token})
        token.app = app

        try:
            login = self.get_social_login(adapter, app, token, access_token)
            complete_social_login(request, login)
        except HTTPError:
            raise serializers.ValidationError(_('Incorrect value'))

        if not login.is_existing:
            login.lookup()
            login.save(request, connect=True)
        attrs['user'] = login.account.user

        return attrs


class RegisterSerializer(serializers.Serializer):
    username = serializers.CharField(
        max_length=get_username_max_length(),
        min_length=allauth_settings.USERNAME_MIN_LENGTH,
        required=allauth_settings.USERNAME_REQUIRED
    )
    email = serializers.EmailField(required=allauth_settings.EMAIL_REQUIRED)
    password1 = serializers.CharField(required=True, write_only=True)
    password2 = serializers.CharField(required=True, write_only=True)

    def validate_username(self, username):
        username = get_adapter().clean_username(username)
        return username

    def validate_email(self, email):
        email = get_adapter().clean_email(email)
        if allauth_settings.UNIQUE_EMAIL:
            if email and email_address_exists(email):
                raise serializers.ValidationError(
                    _("A user is already registered with this e-mail address."))
        return email

    def validate_password1(self, password):
        return get_adapter().clean_password(password)

    def validate(self, data):
        if data['password1'] != data['password2']:
            raise serializers.ValidationError(_("The two password fields didn't match."))
        return data

    def custom_signup(self, request, user):
        pass

    def get_cleaned_data(self):
        return {
            'username': self.validated_data.get('username', ''),
            'password1': self.validated_data.get('password1', ''),
            'email': self.validated_data.get('email', '')
        }

    def save(self, request):
        adapter = get_adapter()
        user = adapter.new_user(request)
        self.cleaned_data = self.get_cleaned_data()
        adapter.save_user(request, user, self)
        self.custom_signup(request, user)
        setup_user_email(request, user, [])
        return user


class VerifyEmailSerializer(serializers.Serializer):
    key = serializers.CharField()
DRF 3 bug: get HttpRequest from DRF request object. Similar to issue #43 2015-02-25 18:52:51 +03:00			`from django.http import HttpRequest`
Fix the optional deps for `allauth.socialaccount` 2015-10-04 13:41:07 +03:00			`from django.conf import settings`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`from django.utils.translation import ugettext_lazy as _`
Fix the optional deps for `allauth.socialaccount` 2015-10-04 13:41:07 +03:00
Rewrite registration logic 2015-11-24 13:11:46 +03:00			`try:`
			`from allauth.account import app_settings as allauth_settings`
			`from allauth.utils import (email_address_exists,`
			`get_username_max_length)`
			`from allauth.account.adapter import get_adapter`
			`from allauth.account.utils import setup_user_email`
			`except ImportError:`
			`raise ImportError('allauth needs to be added to INSTALLED_APPS.')`

create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00			`from rest_framework import serializers`
			`from requests.exceptions import HTTPError`
conditional import 2015-08-07 11:25:40 +03:00			`# Import is needed only if we are using social login, in which`
			`# case the allauth.socialaccount will be declared`
fix import complete_social_login 2015-11-26 12:38:25 +03:00			`if 'allauth.socialaccount' in settings.INSTALLED_APPS:`
Import allauth.socialaccount only when declared in INSTALLED_APPS Don't silently ignore ImportError 2016-03-02 22:33:27 +03:00			`from allauth.socialaccount.helpers import complete_social_login`
fix import complete_social_login 2015-11-26 12:38:25 +03:00
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00
			`class SocialLoginSerializer(serializers.Serializer):`
SocialLoginSerializer allow_blank fix 2015-08-17 13:34:59 +03:00			`access_token = serializers.CharField(required=False, allow_blank=True)`
			`code = serializers.CharField(required=False, allow_blank=True)`
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00
move SocialAccount population to the separate method in the SocialLoginSerializer. It makes easier to get the correct signup for custom user models, because application can subclass SocialLoginSeriaLizer and add required fields to the instance. 2015-07-23 22:22:39 +03:00			`def _get_request(self):`
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00			`request = self.context.get('request')`
DRF 3 bug: get HttpRequest from DRF request object. Similar to issue #43 2015-02-25 18:52:51 +03:00			`if not isinstance(request, HttpRequest):`
			`request = request._request`
move SocialAccount population to the separate method in the SocialLoginSerializer. It makes easier to get the correct signup for custom user models, because application can subclass SocialLoginSeriaLizer and add required fields to the instance. 2015-07-23 22:22:39 +03:00			`return request`

Make names more consistent 2015-07-23 22:33:48 +03:00			`def get_social_login(self, adapter, app, token, response):`
move SocialAccount population to the separate method in the SocialLoginSerializer. It makes easier to get the correct signup for custom user models, because application can subclass SocialLoginSeriaLizer and add required fields to the instance. 2015-07-23 22:22:39 +03:00			`"""`

			`:param adapter: allauth.socialaccount Adapter subclass. Usually OAuthAdapter or Auth2Adapter`
			:param app: `allauth.socialaccount.SocialApp` instance
			:param token: `allauth.socialaccount.SocialToken` instance
			`:param response: Provider's response for OAuth1. Not used in the`
appending all views with View 2015-08-07 13:54:45 +03:00			:return: :return: A populated instance of the `allauth.socialaccount.SocialLoginView` instance
move SocialAccount population to the separate method in the SocialLoginSerializer. It makes easier to get the correct signup for custom user models, because application can subclass SocialLoginSeriaLizer and add required fields to the instance. 2015-07-23 22:22:39 +03:00			`"""`
			`request = self._get_request()`
			`social_login = adapter.complete_login(request, app, token, response=response)`
			`social_login.token = token`
			`return social_login`

			`def validate(self, attrs):`
			`view = self.context.get('view')`
			`request = self._get_request()`
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00
			`if not view:`
Flake8 style fixes 2015-04-28 11:22:08 +03:00			`raise serializers.ValidationError(`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`_('View is not defined, pass it as a context variable')`
Flake8 style fixes 2015-04-28 11:22:08 +03:00			`)`

move SocialAccount population to the separate method in the SocialLoginSerializer. It makes easier to get the correct signup for custom user models, because application can subclass SocialLoginSeriaLizer and add required fields to the instance. 2015-07-23 22:22:39 +03:00			`adapter_class = getattr(view, 'adapter_class', None)`
			`if not adapter_class:`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`raise serializers.ValidationError(_('Define adapter_class in view'))`
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00
Fix social-adatper tests for allauth>=0.25.0 See https://github.com/pennersr/django-allauth/commit/742d114abf57917d69fbdfd9babf7fd806ddba44 for more details. This unfortunately requires bumping up the version to 0.25.0 2016-03-14 15:19:06 +03:00			`adapter = adapter_class(request)`
move SocialAccount population to the separate method in the SocialLoginSerializer. It makes easier to get the correct signup for custom user models, because application can subclass SocialLoginSeriaLizer and add required fields to the instance. 2015-07-23 22:22:39 +03:00			`app = adapter.get_provider().get_app(request)`
now also accepting authorization codes from social login (e.g. facebook) 2015-08-07 13:26:57 +03:00
			`# More info on code vs access_token`
			`# http://stackoverflow.com/questions/8666316/facebook-oauth-2-0-code-and-token`

			`# Case 1: We received the access_token`
			`if('access_token' in attrs):`
			`access_token = attrs.get('access_token')`

			`# Case 2: We received the authorization code`
			`elif('code' in attrs):`
			`self.callback_url = getattr(view, 'callback_url', None)`
			`self.client_class = getattr(view, 'client_class', None)`

			`if not self.callback_url:`
			`raise serializers.ValidationError(`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`_('Define callback_url in view')`
now also accepting authorization codes from social login (e.g. facebook) 2015-08-07 13:26:57 +03:00			`)`
			`if not self.client_class:`
			`raise serializers.ValidationError(`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`_('Define client_class in view')`
now also accepting authorization codes from social login (e.g. facebook) 2015-08-07 13:26:57 +03:00			`)`

			`code = attrs.get('code')`

bugfix 2015-08-10 11:24:21 +03:00			`provider = adapter.get_provider()`
now also accepting authorization codes from social login (e.g. facebook) 2015-08-07 13:26:57 +03:00			`scope = provider.get_scope(request)`
			`client = self.client_class(`
			`request,`
			`app.client_id,`
			`app.secret,`
bugfix 2015-08-10 11:24:21 +03:00			`adapter.access_token_method,`
			`adapter.access_token_url,`
now also accepting authorization codes from social login (e.g. facebook) 2015-08-07 13:26:57 +03:00			`self.callback_url,`
			`scope`
			`)`
			`token = client.get_access_token(code)`
			`access_token = token['access_token']`
fix flake8 2015-08-14 14:49:47 +03:00
catching incorrect input 2015-08-13 10:56:25 +03:00			`else:`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`raise serializers.ValidationError(_('Incorrect input. access_token or code is required.'))`
now also accepting authorization codes from social login (e.g. facebook) 2015-08-07 13:26:57 +03:00
move SocialAccount population to the separate method in the SocialLoginSerializer. It makes easier to get the correct signup for custom user models, because application can subclass SocialLoginSeriaLizer and add required fields to the instance. 2015-07-23 22:22:39 +03:00			`token = adapter.parse_token({'access_token': access_token})`
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00			`token.app = app`

			`try:`
Make names more consistent 2015-07-23 22:33:48 +03:00			`login = self.get_social_login(adapter, app, token, access_token)`
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00			`complete_social_login(request, login)`
			`except HTTPError:`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`raise serializers.ValidationError(_('Incorrect value'))`
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00
			`if not login.is_existing:`
			`login.lookup()`
			`login.save(request, connect=True)`
support django-rest-framework v3.0 2015-01-09 14:05:14 +03:00			`attrs['user'] = login.account.user`
create base view and serializer for social authentication 2014-10-02 18:54:55 +04:00
			`return attrs`
Rewrite registration logic 2015-11-24 13:11:46 +03:00

			`class RegisterSerializer(serializers.Serializer):`
			`username = serializers.CharField(`
Brought back pass verification + added test 2016-01-05 16:56:11 +03:00			`max_length=get_username_max_length(),`
			`min_length=allauth_settings.USERNAME_MIN_LENGTH,`
			`required=allauth_settings.USERNAME_REQUIRED`
			`)`
Rewrite registration logic 2015-11-24 13:11:46 +03:00			`email = serializers.EmailField(required=allauth_settings.EMAIL_REQUIRED)`
Brought back pass verification + added test 2016-01-05 16:56:11 +03:00			`password1 = serializers.CharField(required=True, write_only=True)`
			`password2 = serializers.CharField(required=True, write_only=True)`
Rewrite registration logic 2015-11-24 13:11:46 +03:00
			`def validate_username(self, username):`
			`username = get_adapter().clean_username(username)`
			`return username`

			`def validate_email(self, email):`
			`email = get_adapter().clean_email(email)`
			`if allauth_settings.UNIQUE_EMAIL:`
			`if email and email_address_exists(email):`
			`raise serializers.ValidationError(`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`_("A user is already registered with this e-mail address."))`
Rewrite registration logic 2015-11-24 13:11:46 +03:00			`return email`

Brought back pass verification + added test 2016-01-05 16:56:11 +03:00			`def validate_password1(self, password):`
Rewrite registration logic 2015-11-24 13:11:46 +03:00			`return get_adapter().clean_password(password)`

Brought back pass verification + added test 2016-01-05 16:56:11 +03:00			`def validate(self, data):`
			`if data['password1'] != data['password2']:`
Adds ugettext_lazy to more texts Also adds a first german translation. 2016-02-02 17:29:16 +03:00			`raise serializers.ValidationError(_("The two password fields didn't match."))`
Brought back pass verification + added test 2016-01-05 16:56:11 +03:00			`return data`

Rewrite registration logic 2015-11-24 13:11:46 +03:00			`def custom_signup(self, request, user):`
			`pass`

Update tests and fix register serializer 2015-11-24 18:04:57 +03:00			`def get_cleaned_data(self):`
			`return {`
			`'username': self.validated_data.get('username', ''),`
Brought back pass verification + added test 2016-01-05 16:56:11 +03:00			`'password1': self.validated_data.get('password1', ''),`
Update tests and fix register serializer 2015-11-24 18:04:57 +03:00			`'email': self.validated_data.get('email', '')`
			`}`

Rewrite registration logic 2015-11-24 13:11:46 +03:00			`def save(self, request):`
			`adapter = get_adapter()`
			`user = adapter.new_user(request)`
Update tests and fix register serializer 2015-11-24 18:04:57 +03:00			`self.cleaned_data = self.get_cleaned_data()`
Rewrite registration logic 2015-11-24 13:11:46 +03:00			`adapter.save_user(request, user, self)`
			`self.custom_signup(request, user)`
			`setup_user_email(request, user, [])`
			`return user`


			`class VerifyEmailSerializer(serializers.Serializer):`
			`key = serializers.CharField()`