2014-10-07 17:08:08 +04:00
|
|
|
from django.contrib.auth import login, logout
|
2014-04-30 23:52:05 +04:00
|
|
|
from django.conf import settings
|
2015-11-24 00:52:59 +03:00
|
|
|
from django.core.exceptions import ObjectDoesNotExist
|
2016-02-02 17:29:16 +03:00
|
|
|
from django.utils.translation import ugettext_lazy as _
|
2014-04-30 23:52:05 +04:00
|
|
|
|
|
|
|
from rest_framework import status
|
|
|
|
from rest_framework.views import APIView
|
|
|
|
from rest_framework.response import Response
|
|
|
|
from rest_framework.generics import GenericAPIView
|
|
|
|
from rest_framework.permissions import IsAuthenticated, AllowAny
|
2014-10-02 13:18:23 +04:00
|
|
|
from rest_framework.generics import RetrieveUpdateAPIView
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2016-01-09 06:11:35 +03:00
|
|
|
from allauth.account import app_settings as allauth_settings
|
|
|
|
|
2015-04-28 11:22:08 +03:00
|
|
|
from .app_settings import (
|
|
|
|
TokenSerializer, UserDetailsSerializer, LoginSerializer,
|
|
|
|
PasswordResetSerializer, PasswordResetConfirmSerializer,
|
2016-02-16 08:42:18 +03:00
|
|
|
PasswordChangeSerializer, JWTSerializer, create_token
|
2015-04-28 11:22:08 +03:00
|
|
|
)
|
2016-01-01 00:10:52 +03:00
|
|
|
from .models import TokenModel
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2016-01-04 20:45:33 +03:00
|
|
|
from .utils import jwt_encode
|
|
|
|
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2015-08-07 13:54:45 +03:00
|
|
|
class LoginView(GenericAPIView):
|
2014-04-30 23:52:05 +04:00
|
|
|
|
|
|
|
"""
|
|
|
|
Check the credentials and return the REST Token
|
|
|
|
if the credentials are valid and authenticated.
|
|
|
|
Calls Django Auth login method to register User ID
|
|
|
|
in Django session framework
|
|
|
|
|
|
|
|
Accept the following POST parameters: username, password
|
|
|
|
Return the REST Framework Token Object's key.
|
|
|
|
"""
|
2014-10-24 17:52:07 +04:00
|
|
|
permission_classes = (AllowAny,)
|
2014-04-30 23:52:05 +04:00
|
|
|
serializer_class = LoginSerializer
|
2016-01-01 00:10:52 +03:00
|
|
|
token_model = TokenModel
|
2016-01-04 20:45:33 +03:00
|
|
|
|
|
|
|
def get_response_serializer(self):
|
|
|
|
if getattr(settings, 'REST_USE_JWT', False):
|
|
|
|
response_serializer = JWTSerializer
|
|
|
|
else:
|
|
|
|
response_serializer = TokenSerializer
|
|
|
|
return response_serializer
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2014-10-02 13:18:23 +04:00
|
|
|
def login(self):
|
2015-01-09 14:05:14 +03:00
|
|
|
self.user = self.serializer.validated_data['user']
|
2016-03-01 14:51:01 +03:00
|
|
|
|
2016-01-04 20:45:33 +03:00
|
|
|
if getattr(settings, 'REST_USE_JWT', False):
|
|
|
|
self.token = jwt_encode(self.user)
|
|
|
|
else:
|
2016-02-16 08:42:18 +03:00
|
|
|
self.token = create_token(self.token_model, self.user, self.serializer)
|
|
|
|
|
|
|
|
if getattr(settings, 'REST_SESSION_LOGIN', True):
|
|
|
|
login(self.request, self.user)
|
|
|
|
|
2014-10-02 13:18:23 +04:00
|
|
|
def get_response(self):
|
2016-01-04 20:45:33 +03:00
|
|
|
serializer_class = self.get_response_serializer()
|
|
|
|
|
|
|
|
if getattr(settings, 'REST_USE_JWT', False):
|
|
|
|
data = {
|
|
|
|
'user': self.user,
|
|
|
|
'token': self.token
|
|
|
|
}
|
|
|
|
serializer = serializer_class(instance=data)
|
|
|
|
else:
|
|
|
|
serializer = serializer_class(instance=self.token)
|
|
|
|
|
|
|
|
return Response(serializer.data, status=status.HTTP_200_OK)
|
2014-10-02 13:18:23 +04:00
|
|
|
|
|
|
|
def post(self, request, *args, **kwargs):
|
2015-08-07 14:31:33 +03:00
|
|
|
self.serializer = self.get_serializer(data=self.request.data)
|
2015-11-23 17:04:56 +03:00
|
|
|
self.serializer.is_valid(raise_exception=True)
|
2014-10-02 13:18:23 +04:00
|
|
|
self.login()
|
|
|
|
return self.get_response()
|
2014-04-30 23:52:05 +04:00
|
|
|
|
|
|
|
|
2015-08-07 13:54:45 +03:00
|
|
|
class LogoutView(APIView):
|
2014-04-30 23:52:05 +04:00
|
|
|
|
|
|
|
"""
|
|
|
|
Calls Django logout method and delete the Token object
|
|
|
|
assigned to the current User object.
|
|
|
|
|
|
|
|
Accepts/Returns nothing.
|
|
|
|
"""
|
2014-11-12 12:33:29 +03:00
|
|
|
permission_classes = (AllowAny,)
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2016-01-09 06:11:35 +03:00
|
|
|
def get(self, request, *args, **kwargs):
|
|
|
|
try:
|
|
|
|
if allauth_settings.LOGOUT_ON_GET:
|
|
|
|
response = self.logout(request)
|
|
|
|
else:
|
|
|
|
response = self.http_method_not_allowed(request, *args, **kwargs)
|
|
|
|
except Exception as exc:
|
|
|
|
response = self.handle_exception(exc)
|
|
|
|
|
|
|
|
return self.finalize_response(request, response, *args, **kwargs)
|
|
|
|
|
2014-10-02 13:18:23 +04:00
|
|
|
def post(self, request):
|
2016-01-09 06:11:35 +03:00
|
|
|
return self.logout(request)
|
|
|
|
|
|
|
|
def logout(self, request):
|
2014-04-30 23:52:05 +04:00
|
|
|
try:
|
|
|
|
request.user.auth_token.delete()
|
2015-11-24 00:52:59 +03:00
|
|
|
except (AttributeError, ObjectDoesNotExist):
|
2014-04-30 23:52:05 +04:00
|
|
|
pass
|
|
|
|
|
|
|
|
logout(request)
|
|
|
|
|
2016-02-02 17:29:16 +03:00
|
|
|
return Response({"success": _("Successfully logged out.")},
|
2014-04-30 23:52:05 +04:00
|
|
|
status=status.HTTP_200_OK)
|
|
|
|
|
|
|
|
|
2015-08-07 13:54:45 +03:00
|
|
|
class UserDetailsView(RetrieveUpdateAPIView):
|
2014-04-30 23:52:05 +04:00
|
|
|
"""
|
|
|
|
Returns User's details in JSON format.
|
|
|
|
|
|
|
|
Accepts the following GET parameters: token
|
|
|
|
Accepts the following POST parameters:
|
|
|
|
Required: token
|
|
|
|
Optional: email, first_name, last_name and UserProfile fields
|
|
|
|
Returns the updated UserProfile and/or User object.
|
|
|
|
"""
|
2014-10-02 13:18:23 +04:00
|
|
|
serializer_class = UserDetailsSerializer
|
2014-10-24 17:52:07 +04:00
|
|
|
permission_classes = (IsAuthenticated,)
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2014-10-02 13:18:23 +04:00
|
|
|
def get_object(self):
|
|
|
|
return self.request.user
|
2014-04-30 23:52:05 +04:00
|
|
|
|
|
|
|
|
2015-08-07 13:54:45 +03:00
|
|
|
class PasswordResetView(GenericAPIView):
|
2014-04-30 23:52:05 +04:00
|
|
|
|
|
|
|
"""
|
|
|
|
Calls Django Auth PasswordResetForm save method.
|
|
|
|
|
|
|
|
Accepts the following POST parameters: email
|
|
|
|
Returns the success/fail message.
|
|
|
|
"""
|
|
|
|
|
|
|
|
serializer_class = PasswordResetSerializer
|
2014-10-24 17:52:07 +04:00
|
|
|
permission_classes = (AllowAny,)
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2014-10-07 17:08:08 +04:00
|
|
|
def post(self, request, *args, **kwargs):
|
2015-08-07 14:31:33 +03:00
|
|
|
# Create a serializer with request.data
|
|
|
|
serializer = self.get_serializer(data=request.data)
|
2015-11-23 17:04:56 +03:00
|
|
|
serializer.is_valid(raise_exception=True)
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2014-10-07 17:08:08 +04:00
|
|
|
serializer.save()
|
|
|
|
# Return the success message with OK HTTP status
|
2015-04-28 11:22:08 +03:00
|
|
|
return Response(
|
2016-02-02 17:29:16 +03:00
|
|
|
{"success": _("Password reset e-mail has been sent.")},
|
2015-04-28 11:22:08 +03:00
|
|
|
status=status.HTTP_200_OK
|
|
|
|
)
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2014-05-01 00:55:04 +04:00
|
|
|
|
2015-08-07 13:54:45 +03:00
|
|
|
class PasswordResetConfirmView(GenericAPIView):
|
2014-04-30 23:52:05 +04:00
|
|
|
"""
|
|
|
|
Password reset e-mail link is confirmed, therefore this resets the user's password.
|
|
|
|
|
|
|
|
Accepts the following POST parameters: new_password1, new_password2
|
2014-05-06 02:53:06 +04:00
|
|
|
Accepts the following Django URL arguments: token, uid
|
2014-04-30 23:52:05 +04:00
|
|
|
Returns the success/fail message.
|
|
|
|
"""
|
|
|
|
|
2014-10-07 17:08:08 +04:00
|
|
|
serializer_class = PasswordResetConfirmSerializer
|
2014-10-24 17:52:07 +04:00
|
|
|
permission_classes = (AllowAny,)
|
2014-04-30 23:52:05 +04:00
|
|
|
|
2014-10-07 17:08:08 +04:00
|
|
|
def post(self, request):
|
2015-08-07 14:31:33 +03:00
|
|
|
serializer = self.get_serializer(data=request.data)
|
2015-11-23 17:04:56 +03:00
|
|
|
serializer.is_valid(raise_exception=True)
|
2014-10-07 17:08:08 +04:00
|
|
|
serializer.save()
|
2016-02-02 17:29:16 +03:00
|
|
|
return Response({"success": _("Password has been reset with the new password.")})
|
2014-04-30 23:52:05 +04:00
|
|
|
|
|
|
|
|
2015-08-07 13:54:45 +03:00
|
|
|
class PasswordChangeView(GenericAPIView):
|
2014-04-30 23:52:05 +04:00
|
|
|
"""
|
|
|
|
Calls Django Auth SetPasswordForm save method.
|
|
|
|
|
|
|
|
Accepts the following POST parameters: new_password1, new_password2
|
|
|
|
Returns the success/fail message.
|
|
|
|
"""
|
|
|
|
|
2014-10-07 17:08:08 +04:00
|
|
|
serializer_class = PasswordChangeSerializer
|
2014-10-24 17:52:07 +04:00
|
|
|
permission_classes = (IsAuthenticated,)
|
2014-04-30 23:52:05 +04:00
|
|
|
|
|
|
|
def post(self, request):
|
2015-08-07 14:31:33 +03:00
|
|
|
serializer = self.get_serializer(data=request.data)
|
2015-11-23 17:04:56 +03:00
|
|
|
serializer.is_valid(raise_exception=True)
|
2014-10-07 17:08:08 +04:00
|
|
|
serializer.save()
|
2016-02-02 17:29:16 +03:00
|
|
|
return Response({"success": _("New password has been saved.")})
|