revised user details view

2024-11-29 12:23:43 +03:00 · 2014-10-02 11:18:23 +02:00 · 2014-10-02 11:18:23 +02:00 · 459d03e30d
commit 459d03e30d
parent 65b5caa3d0
3 changed files with 33 additions and 158 deletions
--- a/rest_auth/serializers.py
+++ b/rest_auth/serializers.py
@ -2,14 +2,10 @@ from django.contrib.auth import get_user_model
 from django.conf import settings
 from rest_framework import serializers
 from rest_framework.serializers import _resolve_model
 from rest_framework.authtoken.models import Token
 from rest_framework.authtoken.serializers import AuthTokenSerializer
 profile_model_path = lambda: getattr(settings, 'REST_PROFILE_MODULE', None)
 class LoginSerializer(AuthTokenSerializer):
    def validate(self, attrs):
@ -26,7 +22,6 @@ class LoginSerializer(AuthTokenSerializer):
 class TokenSerializer(serializers.ModelSerializer):
    """
    Serializer for Token model.
    """
@ -43,96 +38,9 @@ class UserDetailsSerializer(serializers.ModelSerializer):
    """
    class Meta:
        model = get_user_model()
-        fields = ('username', 'email', 'first_name', 'last_name')
+        exclude = ('password', 'groups', 'user_permissions', 'is_staff',
-
+            'is_superuser')
-
+        read_only_fields = ('id', 'last_login', 'is_active', 'date_joined')
 class DynamicFieldsModelSerializer(serializers.ModelSerializer):
    """
    ModelSerializer that allows fields argument to control fields
    """
    def __init__(self, *args, **kwargs):
        fields = kwargs.pop('fields', None)
        super(DynamicFieldsModelSerializer, self).__init__(*args, **kwargs)
        if fields:
            allowed = set(fields)
            existing = set(self.fields.keys())
            for field_name in existing - allowed:
                self.fields.pop(field_name)
 class UserUpdateSerializer(DynamicFieldsModelSerializer):
    """
    User model w/o username and password
    """
    class Meta:
        model = get_user_model()
        fields = ('id', 'email', 'first_name', 'last_name')
 def get_user_registration_profile_serializer(*args, **kwargs):
    if profile_model_path():
        class UserRegistrationProfileSerializer(serializers.ModelSerializer):
            """
            Serializer that includes all profile fields except for user fk / id.
            """
            class Meta:
                model = _resolve_model(profile_model_path())
                fields = filter(lambda x: x != 'id' and x != 'user',
                                map(lambda x: x.name, model._meta.fields))
    else:
        class UserRegistrationProfileSerializer(serializers.Serializer):
            pass
    return UserRegistrationProfileSerializer
 def get_user_profile_serializer(*args, **kwargs):
    if profile_model_path():
        class UserProfileSerializer(serializers.ModelSerializer):
            """
            Serializer for UserProfile model.
            """
            user = UserDetailsSerializer()
            class Meta:
                # http://stackoverflow.com/questions/4881607/django-get-model-from-string
                model = _resolve_model(profile_model_path())
            def __init__(self, *args, **kwargs):
                super(UserProfileSerializer, self).__init__(*args, **kwargs)
    else:
        class UserProfileSerializer(serializers.Serializer):
            pass
    return UserProfileSerializer
 def get_user_profile_update_serializer(*args, **kwargs):
    if profile_model_path():
        class UserProfileUpdateSerializer(serializers.ModelSerializer):
            """
            Serializer for updating User and UserProfile model.
            """
            user = UserUpdateSerializer()
            class Meta:
                # http://stackoverflow.com/questions/4881607/django-get-model-from-string
                model = _resolve_model(profile_model_path())
    else:
        class UserProfileUpdateSerializer(serializers.Serializer):
            pass
    return UserProfileUpdateSerializer
 class SetPasswordSerializer(serializers.Serializer):
--- a/rest_auth/tests.py
+++ b/rest_auth/tests.py
@ -269,7 +269,7 @@ class APITestCase1(TestCase, BaseAPITestCase):
        self.token = self.response.json['key']
        self.get(self.user_url, status_code=200)
-        self.post(self.user_url, data=self.BASIC_USER_DATA, status_code=200)
+        self.patch(self.user_url, data=self.BASIC_USER_DATA, status_code=200)
        user = User.objects.get(pk=user.pk)
        if self.user_profile_model:
--- a/rest_auth/views.py
+++ b/rest_auth/views.py
@ -17,12 +17,10 @@ from rest_framework.permissions import IsAuthenticated, AllowAny
 from rest_framework.authentication import SessionAuthentication, \
    TokenAuthentication
 from rest_framework.authtoken.models import Token
 from rest_framework.generics import RetrieveUpdateAPIView
 from rest_auth.utils import construct_modules_and_import
 from rest_auth.serializers import (TokenSerializer, UserDetailsSerializer,
-    LoginSerializer,
+    LoginSerializer, SetPasswordSerializer, PasswordResetSerializer)
    SetPasswordSerializer, PasswordResetSerializer, UserUpdateSerializer,
    get_user_profile_serializer, get_user_profile_update_serializer)
 def get_user_profile_model():
@ -56,25 +54,34 @@ class Login(LoggedOutRESTAPIView, GenericAPIView):
    serializer_class = LoginSerializer
    token_model = Token
-    token_serializer = TokenSerializer
+    response_serializer = TokenSerializer
-    def post(self, request):
+    def get_serializer(self):
-        # Create a serializer with request.DATA
+        return self.serializer_class(data=self.request.DATA)
        serializer = self.serializer_class(data=request.DATA)
-        if not serializer.is_valid():
+    def login(self):
-            return Response(serializer.errors,
+        self.user = self.serializer.object['user']
-                status=status.HTTP_400_BAD_REQUEST)
+        self.token, created = self.token_model.objects.get_or_create(
-
+            user=self.user)
        user = serializer.object['user']
        token, created = self.token_model.objects.get_or_create(user=user)
        if getattr(settings, 'REST_SESSION_LOGIN', True):
-            login(request, user)
+            login(self.request, self.user)
-        return Response(self.token_serializer(token).data,
+    def get_response(self):
        return Response(self.response_serializer(self.token).data,
            status=status.HTTP_200_OK)
    def get_error_response(self):
        return Response(self.serializer.errors,
            status=status.HTTP_400_BAD_REQUEST)
    def post(self, request, *args, **kwargs):
        self.serializer = self.get_serializer()
        if not self.serializer.is_valid():
            return self.get_error_response()
        self.login()
        return self.get_response()
 class Logout(LoggedInRESTAPIView):
@ -85,7 +92,7 @@ class Logout(LoggedInRESTAPIView):
    Accepts/Returns nothing.
    """
-    def get(self, request):
+    def post(self, request):
        try:
            request.user.auth_token.delete()
        except:
@ -97,7 +104,7 @@ class Logout(LoggedInRESTAPIView):
                        status=status.HTTP_200_OK)
-class UserDetails(LoggedInRESTAPIView, GenericAPIView):
+class UserDetails(LoggedInRESTAPIView, RetrieveUpdateAPIView):
    """
    Returns User's details in JSON format.
@ -108,50 +115,10 @@ class UserDetails(LoggedInRESTAPIView, GenericAPIView):
        Optional: email, first_name, last_name and UserProfile fields
    Returns the updated UserProfile and/or User object.
    """
-    if get_user_profile_model():
+    serializer_class = UserDetailsSerializer
        serializer_class = get_user_profile_update_serializer()
    else:
        serializer_class = UserUpdateSerializer
-    def get_profile_serializer_class(self):
+    def get_object(self):
-        return get_user_profile_serializer()
+        return self.request.user
    def get_profile_update_serializer_class(self):
        return get_user_profile_update_serializer()
    def get(self, request):
        # Create serializers with request.user and profile
        user_profile_model = get_user_profile_model()
        if user_profile_model:
            profile_serializer_class = self.get_profile_serializer_class()
            serializer = profile_serializer_class(request.user.get_profile())
        else:
            serializer = UserDetailsSerializer(request.user)
        # Send the Return the User and its profile model with OK HTTP status
        return Response(serializer.data, status=status.HTTP_200_OK)
    def post(self, request):
        # Get the User object updater via this Serializer
        user_profile_model = get_user_profile_model()
        if user_profile_model:
            profile_serializer_class = self.get_profile_update_serializer_class()
            serializer = profile_serializer_class(request.user.get_profile(),
                data=request.DATA, partial=True)
        else:
            serializer = UserUpdateSerializer(request.user, data=request.DATA,
                partial=True)
        if serializer.is_valid():
            # Save UserProfileUpdateSerializer
            serializer.save()
            # Return the User object with OK HTTP status
            return Response(serializer.data, status=status.HTTP_200_OK)
        else:
            # Return the UserProfileUpdateSerializer errors with Bad Request
            # HTTP status
            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
 class PasswordReset(LoggedOutRESTAPIView, GenericAPIView):