From 60bc0d447ec51b606e966871812c1481512ac8aa Mon Sep 17 00:00:00 2001 From: Egor Poderyagin Date: Mon, 8 May 2017 07:42:02 +0300 Subject: [PATCH 1/4] add support get user details on login --- docs/configuration.rst | 2 ++ rest_auth/tests/test_api.py | 16 ++++++++++++++++ rest_auth/views.py | 11 ++++++++--- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/docs/configuration.rst b/docs/configuration.rst index 1f5b40f..9cbf198 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -48,6 +48,8 @@ Configuration - **REST_USE_JWT** - Enable JWT Authentication instead of Token/Session based. This is built on top of django-rest-framework-jwt http://getblimp.github.io/django-rest-framework-jwt/, which must also be installed. (default: False) +- **REST_USE_TOKEN** - Set to False if you want get USER_DETAILS_SERIALIZER instead any tokens, that can be useful if you use session auth backend (default: True) + - **OLD_PASSWORD_FIELD_ENABLED** - set it to True if you want to have old password verification on password change enpoint (default: False) - **LOGOUT_ON_PASSWORD_CHANGE** - set to False if you want to keep the current user logged in after a password change diff --git a/rest_auth/tests/test_api.py b/rest_auth/tests/test_api.py index 0356d19..57acd88 100644 --- a/rest_auth/tests/test_api.py +++ b/rest_auth/tests/test_api.py @@ -196,6 +196,22 @@ class APITestCase1(TestCase, BaseAPITestCase): # bring back allauth settings.INSTALLED_APPS.append('allauth') + @override_settings(REST_USE_TOKEN=False) + def test_login_api_return_user_information(self): + get_user_model().objects.create_user( + username=self.USERNAME, password=self.PASS, + ) + + payload = { + 'username': self.USERNAME, + 'password': self.PASS + } + response = self.client.post(self.login_url, payload) + self.assertEqual(response.status_code, 200) + + self.assertEqual(response.json()['username'], self.USERNAME) + self.assertEqual(response.json()['last_name'], "") + def test_password_change(self): login_payload = { "username": self.USERNAME, diff --git a/rest_auth/views.py b/rest_auth/views.py index 0493a76..65c6726 100644 --- a/rest_auth/views.py +++ b/rest_auth/views.py @@ -54,8 +54,10 @@ class LoginView(GenericAPIView): def get_response_serializer(self): if getattr(settings, 'REST_USE_JWT', False): response_serializer = JWTSerializer - else: + elif getattr(settings, 'REST_USE_TOKEN', True): response_serializer = TokenSerializer + else: + response_serializer = UserDetailsSerializer return response_serializer def login(self): @@ -63,7 +65,7 @@ class LoginView(GenericAPIView): if getattr(settings, 'REST_USE_JWT', False): self.token = jwt_encode(self.user) - else: + elif getattr(settings, 'REST_USE_TOKEN', True): self.token = create_token(self.token_model, self.user, self.serializer) @@ -80,9 +82,12 @@ class LoginView(GenericAPIView): } serializer = serializer_class(instance=data, context={'request': self.request}) - else: + elif getattr(settings, 'REST_USE_TOKEN', True): serializer = serializer_class(instance=self.token, context={'request': self.request}) + else: + serializer = serializer_class(instance=self.user, + context={'request': self.request}) return Response(serializer.data, status=status.HTTP_200_OK) From ac4fdfcb8487ae3c626d6d7e3a4625fccce99a13 Mon Sep 17 00:00:00 2001 From: Egor Poderyagin Date: Mon, 8 May 2017 07:46:29 +0300 Subject: [PATCH 2/4] update docs --- docs/configuration.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuration.rst b/docs/configuration.rst index 9cbf198..117b691 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -48,7 +48,7 @@ Configuration - **REST_USE_JWT** - Enable JWT Authentication instead of Token/Session based. This is built on top of django-rest-framework-jwt http://getblimp.github.io/django-rest-framework-jwt/, which must also be installed. (default: False) -- **REST_USE_TOKEN** - Set to False if you want get USER_DETAILS_SERIALIZER instead any tokens, that can be useful if you use session auth backend (default: True) +- **REST_USE_TOKEN** - Set to False if you want get USER_DETAILS_SERIALIZER instead any tokens, that can be useful if you use **just** session auth backend (default: True) - **OLD_PASSWORD_FIELD_ENABLED** - set it to True if you want to have old password verification on password change enpoint (default: False) From f48d19b3ba2b81904b1722163aa0d7e3c05de45c Mon Sep 17 00:00:00 2001 From: Egor Poderyagin Date: Mon, 8 May 2017 08:49:31 +0300 Subject: [PATCH 3/4] refactor unittest --- rest_auth/tests/test_api.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/rest_auth/tests/test_api.py b/rest_auth/tests/test_api.py index 57acd88..1b8fad0 100644 --- a/rest_auth/tests/test_api.py +++ b/rest_auth/tests/test_api.py @@ -206,11 +206,10 @@ class APITestCase1(TestCase, BaseAPITestCase): 'username': self.USERNAME, 'password': self.PASS } - response = self.client.post(self.login_url, payload) - self.assertEqual(response.status_code, 200) + self.post(self.login_url, data=payload, status_code=200) - self.assertEqual(response.json()['username'], self.USERNAME) - self.assertEqual(response.json()['last_name'], "") + self.assertEqual(self.response.json['username'], self.USERNAME) + self.assertEqual(self.response.json['last_name'], "") def test_password_change(self): login_payload = { From a08155a4810d262b0e0c9a4f8d03438b32a847ae Mon Sep 17 00:00:00 2001 From: Egor Poderyagin Date: Fri, 12 May 2017 14:12:44 +0300 Subject: [PATCH 4/4] allow return detail user on registration --- rest_auth/registration/views.py | 9 ++++++--- rest_auth/tests/test_api.py | 12 ++++++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/rest_auth/registration/views.py b/rest_auth/registration/views.py index d6638b6..fd80e82 100644 --- a/rest_auth/registration/views.py +++ b/rest_auth/registration/views.py @@ -14,7 +14,8 @@ from allauth.account.views import ConfirmEmailView from allauth.account.utils import complete_signup from allauth.account import app_settings as allauth_settings -from rest_auth.app_settings import (TokenSerializer, +from rest_auth.app_settings import (UserDetailsSerializer, + TokenSerializer, JWTSerializer, create_token) from rest_auth.models import TokenModel @@ -49,8 +50,9 @@ class RegisterView(CreateAPIView): 'token': self.token } return JWTSerializer(data).data - else: + elif getattr(settings, 'REST_USE_TOKEN', True): return TokenSerializer(user.auth_token).data + return UserDetailsSerializer(user).data def create(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) @@ -66,12 +68,13 @@ class RegisterView(CreateAPIView): user = serializer.save(self.request) if getattr(settings, 'REST_USE_JWT', False): self.token = jwt_encode(user) - else: + elif getattr(settings, 'REST_USE_TOKEN', True): create_token(self.token_model, user, serializer) complete_signup(self.request._request, user, allauth_settings.EMAIL_VERIFICATION, None) + return user diff --git a/rest_auth/tests/test_api.py b/rest_auth/tests/test_api.py index 1b8fad0..c2cc4f3 100644 --- a/rest_auth/tests/test_api.py +++ b/rest_auth/tests/test_api.py @@ -426,6 +426,18 @@ class APITestCase1(TestCase, BaseAPITestCase): self._login() self._logout() + @override_settings(REST_USE_TOKEN=False) + def test_registration_without_token(self): + user_count = get_user_model().objects.all().count() + + self.post(self.register_url, data=self.REGISTRATION_DATA_WITH_EMAIL, status_code=201) + self.assertEqual(self.response.json['username'], self.USERNAME) + self.assertEqual(self.response.json['email'], self.EMAIL) + + self.assertEqual(get_user_model().objects.all().count(), user_count + 1) + self._login() + self._logout() + def test_registration_with_invalid_password(self): data = self.REGISTRATION_DATA.copy() data['password2'] = 'foobar'