From 1a08fd90dca3a27298d1da23af88461f23f615b2 Mon Sep 17 00:00:00 2001
From: Tabatha Memmott <tabatha.memmott@tivix.com>
Date: Thu, 7 Jan 2016 13:39:16 -0800
Subject: [PATCH] email work

---
 demo/demo/urls.py                             |  3 ++
 demo/templates/base.html                      |  1 +
 demo/templates/email_change.html              | 39 +++++++++++++++++++
 .../fragments/email_change_form.html          | 26 +++++++++++++
 .../fragments/email_verification_form.html    |  2 +-
 rest_auth/app_settings.py                     | 10 ++++-
 rest_auth/registration/urls.py                |  1 +
 rest_auth/serializers.py                      | 33 +++++++++++++++-
 rest_auth/urls.py                             |  4 +-
 rest_auth/views.py                            | 18 +++++++++
 10 files changed, 132 insertions(+), 5 deletions(-)
 create mode 100644 demo/templates/email_change.html
 create mode 100644 demo/templates/fragments/email_change_form.html

diff --git a/demo/demo/urls.py b/demo/demo/urls.py
index 54d06ad..5b075e6 100644
--- a/demo/demo/urls.py
+++ b/demo/demo/urls.py
@@ -24,6 +24,9 @@ urlpatterns = [
     url(r'^password-change/$',
         TemplateView.as_view(template_name="password_change.html"),
         name='password-change'),
+    url(r'^email-change/$',
+        TemplateView.as_view(template_name="email_change.html"),
+        name='email-change'),
 
 
     # this url is used to generate email content
diff --git a/demo/templates/base.html b/demo/templates/base.html
index 8a0b0ed..9d513c4 100644
--- a/demo/templates/base.html
+++ b/demo/templates/base.html
@@ -37,6 +37,7 @@
                 <li><a href="{% url 'login' %}">Login</a></li>
                 <li><a href="{% url 'password-reset' %}">Password Reset</a></li>
                 <li><a href="{% url 'password-reset-confirm' %}">Password Reset Confirm</a></li>
+                <li><a href="{% url 'email-change' %}">Update Primary Email</a></li>
                 <li class="divider"></li>
                 <!-- these pages require user token -->
                 <li><a href="{% url 'user-details' %}">User details</a></li>
diff --git a/demo/templates/email_change.html b/demo/templates/email_change.html
new file mode 100644
index 0000000..958d87b
--- /dev/null
+++ b/demo/templates/email_change.html
@@ -0,0 +1,39 @@
+{% extends "base.html" %}
+
+{% block content %}
+
+  <div class="row">
+    <div class="form-group">
+      <label for="token" class="col-sm-2 control-label">User Token</label>
+      <div class="col-sm-4">
+        <input name="token" type="text" class="form-control" id="token" placeholder="Token">
+        <p class="help-block">Token received after login</p>
+      </div>
+    </div>
+  </div>
+
+  <div class="row">
+    <h3>Update User Details</h3><hr/>
+    {% include "fragments/email_change_form.html" %}
+  </div>
+{% endblock %}
+
+{% block script %}
+    <script type="text/javascript">
+      $().ready(function(){
+        $('form button[type=submit]').click(function(){
+          var token = $('input[name=token]').val();
+          var form = $('form');
+          $.ajax({
+            url: form.attr('action'),
+            data: $('form').serialize(),
+            type: "POST",
+            beforeSend: function(xhr){xhr.setRequestHeader('Authorization', 'Token '+token);}
+          }).fail(function(data){error_response(data);})
+          .done(function(data){susccess_response(data);});
+          return false;
+        });
+
+      });
+    </script>
+{% endblock %}
diff --git a/demo/templates/fragments/email_change_form.html b/demo/templates/fragments/email_change_form.html
new file mode 100644
index 0000000..a807112
--- /dev/null
+++ b/demo/templates/fragments/email_change_form.html
@@ -0,0 +1,26 @@
+<!-- Signup form -->
+<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_email_change' %}">{% csrf_token %}
+  <div class="form-group">
+
+    <label for="email" class="col-sm-2 control-label">Email</label>
+    <div class="col-sm-10">
+      <input name="email" type="text" class="form-control" id="email" placeholder="Email">
+    </div>
+  </div>
+  <div class="form-group">
+    <label for="password" class="col-sm-2 control-label">Password</label>
+    <div class="col-sm-10">
+      <input name="password" type="password" class="form-control" id="password" placeholder="Password">
+    </div>
+  </div>
+
+  <div class="form-group">
+    <div class="col-sm-offset-2 col-sm-10">
+      <button type="submit" class="btn btn-default">Change Email</button>
+    </div>
+  </div>
+
+  <div class="form-group api-response"></div>
+</form>
+
+
diff --git a/demo/templates/fragments/email_verification_form.html b/demo/templates/fragments/email_verification_form.html
index a718e0b..0bd5e62 100644
--- a/demo/templates/fragments/email_verification_form.html
+++ b/demo/templates/fragments/email_verification_form.html
@@ -1,5 +1,5 @@
 <!-- Signup form -->
-<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_verify_email' %}">{% csrf_token %}
+<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_email_change' %}">{% csrf_token %}
   <div class="form-group">
     <label for="key" class="col-sm-2 control-label">Key</label>
     <div class="col-sm-10">
diff --git a/rest_auth/app_settings.py b/rest_auth/app_settings.py
index e0340b7..cd6571a 100644
--- a/rest_auth/app_settings.py
+++ b/rest_auth/app_settings.py
@@ -6,7 +6,8 @@ from rest_auth.serializers import (
     LoginSerializer as DefaultLoginSerializer,
     PasswordResetSerializer as DefaultPasswordResetSerializer,
     PasswordResetConfirmSerializer as DefaultPasswordResetConfirmSerializer,
-    PasswordChangeSerializer as DefaultPasswordChangeSerializer)
+    PasswordChangeSerializer as DefaultPasswordChangeSerializer
+    EmailChangeSerializer as DefaultEmailChangeSerializer)
 from .utils import import_callable
 
 
@@ -42,4 +43,11 @@ PasswordChangeSerializer = import_callable(
         'PASSWORD_CHANGE_SERIALIZER',
         DefaultPasswordChangeSerializer
     )
+    )
+
+EmailChangeSerializer = import_callable(
+    serializers.get(
+        'EMAIL_CHANGE_SERIALIZER',
+        DefaultEmailChangeSerializer)
+    )
 )
diff --git a/rest_auth/registration/urls.py b/rest_auth/registration/urls.py
index 9e56c3b..3206c9e 100644
--- a/rest_auth/registration/urls.py
+++ b/rest_auth/registration/urls.py
@@ -20,4 +20,5 @@ urlpatterns = [
     # djang-allauth https://github.com/pennersr/django-allauth/blob/master/allauth/account/views.py#L190
     url(r'^account-confirm-email/(?P<key>\w+)/$', TemplateView.as_view(),
         name='account_confirm_email'),
+    url(r'^change-email/$', VerifyEmailView.as_view(), name='rest_email_change'),
 ]
diff --git a/rest_auth/serializers.py b/rest_auth/serializers.py
index a2d1a82..657a221 100644
--- a/rest_auth/serializers.py
+++ b/rest_auth/serializers.py
@@ -85,7 +85,7 @@ class TokenSerializer(serializers.ModelSerializer):
 
     class Meta:
         model = Token
-        fields = ('key',)
+        fields = ('key')
 
 
 class UserDetailsSerializer(serializers.ModelSerializer):
@@ -96,7 +96,6 @@ class UserDetailsSerializer(serializers.ModelSerializer):
     class Meta:
         model = UserModel
         fields = ('username', 'email', 'first_name', 'last_name')
-        read_only_fields = ('email', )
 
 
 class PasswordResetSerializer(serializers.Serializer):
@@ -221,3 +220,33 @@ class PasswordChangeSerializer(serializers.Serializer):
         if not self.logout_on_password_change:
             from django.contrib.auth import update_session_auth_hash
             update_session_auth_hash(self.request, self.user)
+
+
+class EmailChangeSerializer(serializers.Serializer):
+
+    email_address = serializers.CharField(max_length=128)
+
+    set_email_form_class = SetEmailForm
+
+    def __init__(self, *args, **kwargs):
+        self.old_email_field_enabled = getattr(
+            settings, 'OLD_EMAIL_FIELD_ENABLED', False
+        )
+        self.logout_on_email_change = getattr(
+            settings, 'LOGOUT_ON_EMAIL_CHANGE', False
+        )
+        super(EmailChangeSerializer, self).__init__(*args, **kwargs)
+
+        if not self.old_email_field_enabled:
+            self.fields.pop('old_email')
+
+        self.request = self.context.get('request')
+        self.user = getattr(self.request, 'user', None)
+
+
+
+    def save(self):
+        self.set_email_form.save()
+        if not self.logout_on_email_change:
+            from django.contrib.auth import update_session_auth_hash
+            update_session_auth_hash(self.request, self.user)
\ No newline at end of file
diff --git a/rest_auth/urls.py b/rest_auth/urls.py
index 7a35e9b..4067b75 100644
--- a/rest_auth/urls.py
+++ b/rest_auth/urls.py
@@ -2,7 +2,7 @@ from django.conf.urls import url
 
 from rest_auth.views import (
     LoginView, LogoutView, UserDetailsView, PasswordChangeView,
-    PasswordResetView, PasswordResetConfirmView
+    PasswordResetView, PasswordResetConfirmView, EmailChangeView,
 )
 
 urlpatterns = [
@@ -17,4 +17,6 @@ urlpatterns = [
     url(r'^user/$', UserDetailsView.as_view(), name='rest_user_details'),
     url(r'^password/change/$', PasswordChangeView.as_view(),
         name='rest_password_change'),
+    url(r'^email/change/$', EmailChangeView.as_view(),
+        name='rest_email_change'),
 ]
diff --git a/rest_auth/views.py b/rest_auth/views.py
index 3af1557..52718eb 100644
--- a/rest_auth/views.py
+++ b/rest_auth/views.py
@@ -154,3 +154,21 @@ class PasswordChangeView(GenericAPIView):
         serializer.is_valid(raise_exception=True)
         serializer.save()
         return Response({"success": "New password has been saved."})
+
+ class EmailChangeView(GenericAPIView):
+
+    """
+    Calls Django Auth SetPasswordForm save method.
+
+    Accepts the following POST parameters: new_password1, new_password2
+    Returns the success/fail message.
+    """
+
+    serializer_class = EmailChangeSerializer
+    permission_classes = (IsAuthenticated,)
+
+    def post(self, request):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        serializer.save()
+        return Response({"success": "New Email has been saved."})