From 70a4dc9a13af6ecb1cd99681f056a05c0c780c84 Mon Sep 17 00:00:00 2001 From: Mateus Caruccio Date: Sat, 9 Jan 2016 01:11:35 -0200 Subject: [PATCH 01/19] Allow logout on GET --- docs/api_endpoints.rst | 4 +++- rest_auth/tests/test_api.py | 26 ++++++++++++++++++++++++++ rest_auth/views.py | 18 ++++++++++++++++++ 3 files changed, 47 insertions(+), 1 deletion(-) diff --git a/docs/api_endpoints.rst b/docs/api_endpoints.rst index 1f9660f..2ff23d2 100644 --- a/docs/api_endpoints.rst +++ b/docs/api_endpoints.rst @@ -11,7 +11,9 @@ Basic - password (string) -- /rest-auth/logout/ (POST) +- /rest-auth/logout/ (POST, GET) + + .. note:: ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET (this is the exact same conf from allauth) - /rest-auth/password/reset/ (POST) diff --git a/rest_auth/tests/test_api.py b/rest_auth/tests/test_api.py index 222b3a7..63a941c 100644 --- a/rest_auth/tests/test_api.py +++ b/rest_auth/tests/test_api.py @@ -372,3 +372,29 @@ class APITestCase1(TestCase, BaseAPITestCase): # try to login again self._login() self._logout() + + @override_settings(ACCOUNT_LOGOUT_ON_GET=True) + def test_logout_on_get(self): + payload = { + "username": self.USERNAME, + "password": self.PASS + } + + # create user + user = get_user_model().objects.create_user(self.USERNAME, '', self.PASS) + + self.post(self.login_url, data=payload, status_code=200) + self.get(self.logout_url, status=status.HTTP_200_OK) + + @override_settings(ACCOUNT_LOGOUT_ON_GET=False) + def test_logout_on_post_only(self): + payload = { + "username": self.USERNAME, + "password": self.PASS + } + + # create user + user = get_user_model().objects.create_user(self.USERNAME, '', self.PASS) + + self.post(self.login_url, data=payload, status_code=status.HTTP_200_OK) + self.get(self.logout_url, status_code=status.HTTP_405_METHOD_NOT_ALLOWED) diff --git a/rest_auth/views.py b/rest_auth/views.py index 3bb6f6b..6f2ce99 100644 --- a/rest_auth/views.py +++ b/rest_auth/views.py @@ -9,6 +9,8 @@ from rest_framework.generics import GenericAPIView from rest_framework.permissions import IsAuthenticated, AllowAny from rest_framework.generics import RetrieveUpdateAPIView +from allauth.account import app_settings as allauth_settings + from .app_settings import ( TokenSerializer, UserDetailsSerializer, LoginSerializer, PasswordResetSerializer, PasswordResetConfirmSerializer, @@ -61,7 +63,23 @@ class LogoutView(APIView): """ permission_classes = (AllowAny,) + def get(self, request, *args, **kwargs): + try: + if allauth_settings.LOGOUT_ON_GET: + response = self.logout(request) + else: + response = self.http_method_not_allowed(request, *args, **kwargs) + except Exception as exc: + response = self.handle_exception(exc) + + return self.finalize_response(request, response, *args, **kwargs) + self.response = self.finalize_response(request, response, *args, **kwargs) + return self.response + def post(self, request): + return self.logout(request) + + def logout(self, request): try: request.user.auth_token.delete() except (AttributeError, ObjectDoesNotExist): From 1af16ae7ba68300ee562d8dc1685af7ba73331fa Mon Sep 17 00:00:00 2001 From: Tevin Joseph K O Date: Wed, 13 Jan 2016 12:43:12 +0530 Subject: [PATCH 02/19] Added a Serializer for Twitter oauth Added a serializer for twitter OAuth to work. If you are not using this it will cause an error ('TwitterOAuthAdapter' object has no attribute 'parse_token'). It happens because method parse_token() is implemented in OAuth2Adapter, but Twitter uses OAuth 1.0, so TwitterOAuthAdapter inherits from OAuthAdapter, which doesn't have parse_token() method. Example usage is given below: class TwitterLogin(LoginView): serializer_class = TwitterLoginSerializer adapter_class = TwitterOAuthAdapter --- rest_auth/social_serializers.py | 78 +++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 rest_auth/social_serializers.py diff --git a/rest_auth/social_serializers.py b/rest_auth/social_serializers.py new file mode 100644 index 0000000..2aee4ea --- /dev/null +++ b/rest_auth/social_serializers.py @@ -0,0 +1,78 @@ +from django.http import HttpRequest +from rest_framework import serializers +from requests.exceptions import HTTPError +# Import is needed only if we are using social login, in which +# case the allauth.socialaccount will be declared +try: + from allauth.socialaccount.helpers import complete_social_login +except ImportError: + pass + +from allauth.socialaccount.models import SocialToken + + +class TwitterLoginSerializer(serializers.Serializer): + access_token = serializers.CharField(required=True) + token_secret = serializers.CharField(required=True) + + def _get_request(self): + request = self.context.get('request') + if not isinstance(request, HttpRequest): + request = request._request + return request + + def get_social_login(self, adapter, app, token, response): + """ + + :param adapter: allauth.socialaccount Adapter subclass. Usually OAuthAdapter or Auth2Adapter + :param app: `allauth.socialaccount.SocialApp` instance + :param token: `allauth.socialaccount.SocialToken` instance + :param response: Provider's response for OAuth1. Not used in the + :return: :return: A populated instance of the `allauth.socialaccount.SocialLoginView` instance + """ + request = self._get_request() + social_login = adapter.complete_login(request, app, token, response=response) + social_login.token = token + return social_login + + def validate(self, attrs): + view = self.context.get('view') + request = self._get_request() + + if not view: + raise serializers.ValidationError( + 'View is not defined, pass it as a context variable' + ) + + adapter_class = getattr(view, 'adapter_class', None) + if not adapter_class: + raise serializers.ValidationError('Define adapter_class in view') + + adapter = adapter_class() + app = adapter.get_provider().get_app(request) + + if('access_token' in attrs) and ('token_secret' in attrs): + access_token = attrs.get('access_token') + token_secret = attrs.get('token_secret') + else: + raise serializers.ValidationError('Incorrect input. access_token and token_secret are required.') + + request.session['oauth_api.twitter.com_access_token'] = { + 'oauth_token': access_token, + 'oauth_token_secret': token_secret, + } + token = SocialToken(token=access_token, token_secret=token_secret) + token.app = app + + try: + login = self.get_social_login(adapter, app, token, access_token) + complete_social_login(request, login) + except HTTPError: + raise serializers.ValidationError('Incorrect value') + + if not login.is_existing: + login.lookup() + login.save(request, connect=True) + attrs['user'] = login.account.user + + return attrs From 152b0a6fb622703b19e568df138fb96eaf1060af Mon Sep 17 00:00:00 2001 From: Nicola Hauke Date: Tue, 2 Feb 2016 15:29:16 +0100 Subject: [PATCH 03/19] Adds ugettext_lazy to more texts Also adds a first german translation. --- rest_auth/locale/de/LC_MESSAGES/django.po | 99 +++++++++++++++++++++++ rest_auth/registration/serializers.py | 17 ++-- rest_auth/registration/views.py | 2 +- rest_auth/serializers.py | 2 +- rest_auth/views.py | 12 ++- 5 files changed, 115 insertions(+), 17 deletions(-) create mode 100644 rest_auth/locale/de/LC_MESSAGES/django.po diff --git a/rest_auth/locale/de/LC_MESSAGES/django.po b/rest_auth/locale/de/LC_MESSAGES/django.po new file mode 100644 index 0000000..3ad22d0 --- /dev/null +++ b/rest_auth/locale/de/LC_MESSAGES/django.po @@ -0,0 +1,99 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2016-02-02 14:11+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#: registration/serializers.py:54 +msgid "View is not defined, pass it as a context variable" +msgstr "\"View\" ist nicht definiert, übergib es als Contextvariable" + +#: registration/serializers.py:59 +msgid "Define adapter_class in view" +msgstr "Definier \"adapter_class\" in view" + +#: registration/serializers.py:78 +msgid "Define callback_url in view" +msgstr "Definier \"callback_url\" in view" + +#: registration/serializers.py:82 +msgid "Define client_class in view" +msgstr "Definier \"client_class\" in view" + +#: registration/serializers.py:102 +msgid "Incorrect input. access_token or code is required." +msgstr "Falsche Eingabe. \"access_token\" oder \"code\" erforderlich." + +#: registration/serializers.py:111 +msgid "Incorrect value" +msgstr "Falscher Wert." + +#: registration/serializers.py:140 +msgid "A user is already registered with this e-mail address." +msgstr "Ein User mit dieser E-Mail Adresse ist schon registriert." + +#: registration/serializers.py:148 +msgid "The two password fields didn't match." +msgstr "Die beiden Passwörter sind nicht identisch." + +#: registration/views.py:64 +msgid "ok" +msgstr "Ok" + +#: serializers.py:29 +msgid "Must include \"email\" and \"password\"." +msgstr "Muss \"email\" und \"password\" enthalten." + +#: serializers.py:40 +msgid "Must include \"username\" and \"password\"." +msgstr "Muss \"username\" und \"password\" enthalten." + +#: serializers.py:53 +msgid "Must include either \"username\" or \"email\" and \"password\"." +msgstr "Muss entweder \"username\" oder \"email\" und password \"password\"" + +#: serializers.py:94 +msgid "User account is disabled." +msgstr "Der Useraccount ist deaktiviert." + +#: serializers.py:97 +msgid "Unable to log in with provided credentials." +msgstr "Kann nicht mit den angegeben Zugangsdaten anmelden." + +#: serializers.py:106 +msgid "E-mail is not verified." +msgstr "E-Mail Adresse ist nicht verifiziert." + +#: serializers.py:152 +msgid "Error" +msgstr "Fehler" + +#: views.py:71 +msgid "Successfully logged out." +msgstr "Erfolgreich ausgeloggt." + +#: views.py:111 +msgid "Password reset e-mail has been sent." +msgstr "Die E-Mail zum Zurücksetzen des Passwortes wurde verschickt." + +#: views.py:132 +msgid "Password has been reset with the new password." +msgstr "Das Passwort wurde mit dem neuen Passwort ersetzt." + +#: views.py:150 +msgid "New password has been saved." +msgstr "Das neue Passwort wurde gespeichert." diff --git a/rest_auth/registration/serializers.py b/rest_auth/registration/serializers.py index b27d7bd..444010b 100644 --- a/rest_auth/registration/serializers.py +++ b/rest_auth/registration/serializers.py @@ -1,5 +1,6 @@ from django.http import HttpRequest from django.conf import settings +from django.utils.translation import ugettext_lazy as _ try: from allauth.account import app_settings as allauth_settings @@ -53,12 +54,12 @@ class SocialLoginSerializer(serializers.Serializer): if not view: raise serializers.ValidationError( - 'View is not defined, pass it as a context variable' + _('View is not defined, pass it as a context variable') ) adapter_class = getattr(view, 'adapter_class', None) if not adapter_class: - raise serializers.ValidationError('Define adapter_class in view') + raise serializers.ValidationError(_('Define adapter_class in view')) adapter = adapter_class() app = adapter.get_provider().get_app(request) @@ -77,11 +78,11 @@ class SocialLoginSerializer(serializers.Serializer): if not self.callback_url: raise serializers.ValidationError( - 'Define callback_url in view' + _('Define callback_url in view') ) if not self.client_class: raise serializers.ValidationError( - 'Define client_class in view' + _('Define client_class in view') ) code = attrs.get('code') @@ -101,7 +102,7 @@ class SocialLoginSerializer(serializers.Serializer): access_token = token['access_token'] else: - raise serializers.ValidationError('Incorrect input. access_token or code is required.') + raise serializers.ValidationError(_('Incorrect input. access_token or code is required.')) token = adapter.parse_token({'access_token': access_token}) token.app = app @@ -110,7 +111,7 @@ class SocialLoginSerializer(serializers.Serializer): login = self.get_social_login(adapter, app, token, access_token) complete_social_login(request, login) except HTTPError: - raise serializers.ValidationError('Incorrect value') + raise serializers.ValidationError(_('Incorrect value')) if not login.is_existing: login.lookup() @@ -139,7 +140,7 @@ class RegisterSerializer(serializers.Serializer): if allauth_settings.UNIQUE_EMAIL: if email and email_address_exists(email): raise serializers.ValidationError( - "A user is already registered with this e-mail address.") + _("A user is already registered with this e-mail address.")) return email def validate_password1(self, password): @@ -147,7 +148,7 @@ class RegisterSerializer(serializers.Serializer): def validate(self, data): if data['password1'] != data['password2']: - raise serializers.ValidationError("The two password fields didn't match.") + raise serializers.ValidationError(_("The two password fields didn't match.")) return data def custom_signup(self, request, user): diff --git a/rest_auth/registration/views.py b/rest_auth/registration/views.py index fa95e7d..2b3e4ed 100644 --- a/rest_auth/registration/views.py +++ b/rest_auth/registration/views.py @@ -61,7 +61,7 @@ class VerifyEmailView(APIView, ConfirmEmailView): self.kwargs['key'] = serializer.validated_data['key'] confirmation = self.get_object() confirmation.confirm(self.request) - return Response({'message': 'ok'}, status=status.HTTP_200_OK) + return Response({'message': _('ok')}, status=status.HTTP_200_OK) class SocialLoginView(LoginView): diff --git a/rest_auth/serializers.py b/rest_auth/serializers.py index 5f3541d..892a8d8 100644 --- a/rest_auth/serializers.py +++ b/rest_auth/serializers.py @@ -103,7 +103,7 @@ class LoginSerializer(serializers.Serializer): if app_settings.EMAIL_VERIFICATION == app_settings.EmailVerificationMethod.MANDATORY: email_address = user.emailaddress_set.get(email=user.email) if not email_address.verified: - raise serializers.ValidationError('E-mail is not verified.') + raise serializers.ValidationError(_('E-mail is not verified.')) attrs['user'] = user return attrs diff --git a/rest_auth/views.py b/rest_auth/views.py index 3bb6f6b..b369456 100644 --- a/rest_auth/views.py +++ b/rest_auth/views.py @@ -1,6 +1,7 @@ from django.contrib.auth import login, logout from django.conf import settings from django.core.exceptions import ObjectDoesNotExist +from django.utils.translation import ugettext_lazy as _ from rest_framework import status from rest_framework.views import APIView @@ -69,12 +70,11 @@ class LogoutView(APIView): logout(request) - return Response({"success": "Successfully logged out."}, + return Response({"success": _("Successfully logged out.")}, status=status.HTTP_200_OK) class UserDetailsView(RetrieveUpdateAPIView): - """ Returns User's details in JSON format. @@ -111,13 +111,12 @@ class PasswordResetView(GenericAPIView): serializer.save() # Return the success message with OK HTTP status return Response( - {"success": "Password reset e-mail has been sent."}, + {"success": _("Password reset e-mail has been sent.")}, status=status.HTTP_200_OK ) class PasswordResetConfirmView(GenericAPIView): - """ Password reset e-mail link is confirmed, therefore this resets the user's password. @@ -133,11 +132,10 @@ class PasswordResetConfirmView(GenericAPIView): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) serializer.save() - return Response({"success": "Password has been reset with the new password."}) + return Response({"success": _("Password has been reset with the new password.")}) class PasswordChangeView(GenericAPIView): - """ Calls Django Auth SetPasswordForm save method. @@ -152,4 +150,4 @@ class PasswordChangeView(GenericAPIView): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) serializer.save() - return Response({"success": "New password has been saved."}) + return Response({"success": _("New password has been saved.")}) From 8d91e1881e41eefa8f28891a508b2ea2a4f280aa Mon Sep 17 00:00:00 2001 From: Billy Ferguson Date: Mon, 8 Feb 2016 17:14:25 -0500 Subject: [PATCH 04/19] Added logout functionality to demo project --- demo/demo/urls.py | 2 ++ demo/templates/base.html | 1 + demo/templates/fragments/logout_form.html | 20 ++++++++++++++++++++ demo/templates/logout.html | 8 ++++++++ 4 files changed, 31 insertions(+) create mode 100644 demo/templates/fragments/logout_form.html create mode 100644 demo/templates/logout.html diff --git a/demo/demo/urls.py b/demo/demo/urls.py index 54d06ad..3813e5a 100644 --- a/demo/demo/urls.py +++ b/demo/demo/urls.py @@ -11,6 +11,8 @@ urlpatterns = [ name='email-verification'), url(r'^login/$', TemplateView.as_view(template_name="login.html"), name='login'), + url(r'^logout/$', TemplateView.as_view(template_name="logout.html"), + name='logout'), url(r'^password-reset/$', TemplateView.as_view(template_name="password_reset.html"), name='password-reset'), diff --git a/demo/templates/base.html b/demo/templates/base.html index 8a0b0ed..03a2b73 100644 --- a/demo/templates/base.html +++ b/demo/templates/base.html @@ -40,6 +40,7 @@
  • User details
    • +
  • Logout
  • Password change
    • diff --git a/demo/templates/fragments/logout_form.html b/demo/templates/fragments/logout_form.html new file mode 100644 index 0000000..7fd281d --- /dev/null +++ b/demo/templates/fragments/logout_form.html @@ -0,0 +1,20 @@ +{% block content %} + +
    {% csrf_token %} +
    + +
    + +

    Token received after login

    +
    +
    + +
    +
    + +
    +
    + +
    +
    +{% endblock %} diff --git a/demo/templates/logout.html b/demo/templates/logout.html new file mode 100644 index 0000000..2ae28e2 --- /dev/null +++ b/demo/templates/logout.html @@ -0,0 +1,8 @@ +{% extends "base.html" %} + +{% block content %} +
    +

    Logout

    + {% include "fragments/logout_form.html" %} +
    +{% endblock %} From 37c49e0c86b7c42c513dd4e8c3f0650485072623 Mon Sep 17 00:00:00 2001 From: Billy Ferguson Date: Mon, 8 Feb 2016 17:35:37 -0500 Subject: [PATCH 05/19] Adds token to logout API documentation --- docs/api_endpoints.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/api_endpoints.rst b/docs/api_endpoints.rst index 1f9660f..7f22efd 100644 --- a/docs/api_endpoints.rst +++ b/docs/api_endpoints.rst @@ -13,6 +13,8 @@ Basic - /rest-auth/logout/ (POST) + - token + - /rest-auth/password/reset/ (POST) - email From cc9552adda97012f2c90aa8636fb6d2f80f53bae Mon Sep 17 00:00:00 2001 From: Poderyagin Egor Date: Wed, 17 Feb 2016 08:35:47 +0300 Subject: [PATCH 06/19] update for accept login users of CustomUserModel objects where doesn't exist username field and setted USERNAME_FIELD property --- rest_auth/serializers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_auth/serializers.py b/rest_auth/serializers.py index 5f3541d..817e561 100644 --- a/rest_auth/serializers.py +++ b/rest_auth/serializers.py @@ -81,7 +81,7 @@ class LoginSerializer(serializers.Serializer): # Authentication without using allauth if email: try: - username = UserModel.objects.get(email__iexact=email).username + username = UserModel.objects.get(email__iexact=email).get_username() except UserModel.DoesNotExist: pass From 40ac97b847d11e0c0aa47b62a0a1ed282bf05920 Mon Sep 17 00:00:00 2001 From: Maciej Jaworski Date: Tue, 23 Feb 2016 10:20:52 +0000 Subject: [PATCH 07/19] Update index.rst --- docs/index.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/index.rst b/docs/index.rst index 2ad4a05..dc25e83 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -6,7 +6,7 @@ Welcome to django-rest-auth's documentation! ============================================ -.. warning:: Updating django-rest-auth to version **0.3.4** is highly recommended because of a security issue in PasswordResetConfirmation validation method. +.. warning:: Updating django-rest-auth from version **0.3.3** is highly recommended because of a security issue in PasswordResetConfirmation validation method. .. note:: django-rest-auth from v0.3.3 supports django-rest-framework v3.0 From 23221dc4d5e77a38aa6807cbff1bf326f30565d9 Mon Sep 17 00:00:00 2001 From: Maciej Jaworski Date: Tue, 23 Feb 2016 10:30:25 +0000 Subject: [PATCH 08/19] Update .travis.yml --- .travis.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 5152e3c..f07f4a3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,8 +2,9 @@ language: python python: - "2.7" env: - - DJANGO=1.7.7 - - DJANGO=1.8 + - DJANGO=1.7.11 + - DJANGO=1.8.9 + - DJANGO=1.9.2 install: - pip install -q Django==$DJANGO --use-mirrors - pip install coveralls From 3bcabe6b173faf11c112b2d22ed1b05813c356fb Mon Sep 17 00:00:00 2001 From: Maciej Jaworski Date: Tue, 23 Feb 2016 10:35:41 +0000 Subject: [PATCH 09/19] Update serializers.py pepfix --- rest_auth/registration/serializers.py | 1 - 1 file changed, 1 deletion(-) diff --git a/rest_auth/registration/serializers.py b/rest_auth/registration/serializers.py index e3c83fb..e6d23f8 100644 --- a/rest_auth/registration/serializers.py +++ b/rest_auth/registration/serializers.py @@ -22,7 +22,6 @@ if 'allauth.socialaccount' in settings.INSTALLED_APPS: pass - class SocialLoginSerializer(serializers.Serializer): access_token = serializers.CharField(required=False, allow_blank=True) code = serializers.CharField(required=False, allow_blank=True) From aa839f97d218f8c84c7b4d8bf24b1fdd7eee245d Mon Sep 17 00:00:00 2001 From: Maciej Jaworski Date: Tue, 23 Feb 2016 10:59:47 +0000 Subject: [PATCH 10/19] Added missing import --- rest_auth/registration/views.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rest_auth/registration/views.py b/rest_auth/registration/views.py index 2b3e4ed..1f9da3c 100644 --- a/rest_auth/registration/views.py +++ b/rest_auth/registration/views.py @@ -1,3 +1,5 @@ +from django.utils.translation import ugettext_lazy as _ + from rest_framework.views import APIView from rest_framework.response import Response from rest_framework.permissions import AllowAny From e6c5be4b69759df8f9d8d94c3709a6255e9c8cbf Mon Sep 17 00:00:00 2001 From: Tevin Joseph K O Date: Tue, 23 Feb 2016 17:15:57 +0530 Subject: [PATCH 11/19] Updated index.rst with twitter login --- docs/installation.rst | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/docs/installation.rst b/docs/installation.rst index 92251dc..7717fef 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -85,6 +85,8 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati ..., 'allauth.socialaccount', 'allauth.socialaccount.providers.facebook', + 'allauth.socialaccount.providers.twitter', + ) 2. Add Social Application in django admin panel @@ -108,4 +110,20 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati url(r'^rest-auth/facebook/$', FacebookLogin.as_view(), name='fb_login') ) +5. If you are using Twitter for your social authentication, it is a bit different from + Facebook since Twitter uses OAuth 1.0. + + +6. Create new view as a subclass of ``rest_auth.views.LoginView`` with ``TwitterOAuthAdapter`` adapter and ``TwitterLoginSerializer`` as an attribute: + +.. code-block:: python + + from allauth.socialaccount.providers.twitter.views import TwitterOAuthAdapter + from rest_auth.views import LoginView + from rest_auth.social_serializers import TwitterLoginSerializer + + class TwitterLogin(LoginView): + serializer_class = TwitterLoginSerializer + adapter_class = TwitterOAuthAdapter + .. note:: Starting from v0.21.0, django-allauth has dropped support for context processors. Check out http://django-allauth.readthedocs.org/en/latest/changelog.html#from-0-21-0 for more details. From 8f05f200514bf74f85b695724d08d04ea2720e5b Mon Sep 17 00:00:00 2001 From: Tevin Joseph K O Date: Tue, 23 Feb 2016 17:18:30 +0530 Subject: [PATCH 12/19] Updated api_endpoints.rst with twitter login --- docs/api_endpoints.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/api_endpoints.rst b/docs/api_endpoints.rst index 1f9660f..40fd99f 100644 --- a/docs/api_endpoints.rst +++ b/docs/api_endpoints.rst @@ -70,3 +70,8 @@ Basing on example from installation section :doc:`Installation ` - access_token - code + +- /rest-auth/twitter/ (POST) + + - access_token + - token_secret From ee9e848694b5848761a30962b8a8c378d338d805 Mon Sep 17 00:00:00 2001 From: Tevin Joseph K O Date: Tue, 23 Feb 2016 17:31:11 +0530 Subject: [PATCH 13/19] URL for twitter login added. --- docs/installation.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/installation.rst b/docs/installation.rst index 7717fef..a0723d7 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -126,4 +126,12 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati serializer_class = TwitterLoginSerializer adapter_class = TwitterOAuthAdapter +7. Create url for TwitterLogin view: + +.. code-block:: python + + urlpatterns += pattern('', + ..., + url(r'^rest-auth/twitter/$', TwitterLogin.as_view(), name='twitter_login') + ) .. note:: Starting from v0.21.0, django-allauth has dropped support for context processors. Check out http://django-allauth.readthedocs.org/en/latest/changelog.html#from-0-21-0 for more details. From bb7b1270b7c1a621e7f86f32dbe5e431162c2677 Mon Sep 17 00:00:00 2001 From: Maciej Jaworski Date: Tue, 23 Feb 2016 12:16:24 +0000 Subject: [PATCH 14/19] Adjusted phrasing and layout of social integration examples --- docs/installation.rst | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/docs/installation.rst b/docs/installation.rst index a0723d7..60b47ca 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -65,11 +65,11 @@ Registration (optional) Social Authentication (optional) -------------------------------- -Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creating social media authentication view. Below is an example with Facebook authentication. +Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creating social media authentication view. -.. note:: Points 1, 2 and 3 are related with ``django-allauth`` configuration, so if you have already configured social authentication, then please go to step 4. See ``django-allauth`` documentation for more details. +.. note:: Points 1 and 2 are related to ``django-allauth`` configuration, so if you have already configured social authentication, then please go to step 3. See ``django-allauth`` documentation for more details. -1. Add ``allauth.socialaccount`` and ``allauth.socialaccount.providers.facebook`` apps to INSTALLED_APPS in your django settings.py: +1. Add ``allauth.socialaccount`` and ``allauth.socialaccount.providers.facebook`` or ``allauth.socialaccount.providers.twitter`` apps to INSTALLED_APPS in your django settings.py: .. code-block:: python @@ -91,6 +91,9 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati 2. Add Social Application in django admin panel +Facebook +######## + 3. Create new view as a subclass of ``rest_auth.registration.views.SocialLoginView`` with ``FacebookOAuth2Adapter`` adapter as an attribute: .. code-block:: python @@ -110,11 +113,13 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati url(r'^rest-auth/facebook/$', FacebookLogin.as_view(), name='fb_login') ) -5. If you are using Twitter for your social authentication, it is a bit different from - Facebook since Twitter uses OAuth 1.0. +Twitter +####### -6. Create new view as a subclass of ``rest_auth.views.LoginView`` with ``TwitterOAuthAdapter`` adapter and ``TwitterLoginSerializer`` as an attribute: +If you are using Twitter for your social authentication, it is a bit different since Twitter uses OAuth 1.0. + +3. Create new view as a subclass of ``rest_auth.views.LoginView`` with ``TwitterOAuthAdapter`` adapter and ``TwitterLoginSerializer`` as an attribute: .. code-block:: python @@ -126,7 +131,7 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati serializer_class = TwitterLoginSerializer adapter_class = TwitterOAuthAdapter -7. Create url for TwitterLogin view: +4. Create url for TwitterLogin view: .. code-block:: python From b2edfffc91380cc0554504a67ee2a556cf9c360c Mon Sep 17 00:00:00 2001 From: Tevin Joseph K O Date: Tue, 23 Feb 2016 17:52:44 +0530 Subject: [PATCH 15/19] fixed pep8 error in social_serializers fixed pep8 error in social_serializers which cause documentation build error --- rest_auth/social_serializers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rest_auth/social_serializers.py b/rest_auth/social_serializers.py index 2aee4ea..087e6e1 100644 --- a/rest_auth/social_serializers.py +++ b/rest_auth/social_serializers.py @@ -58,8 +58,8 @@ class TwitterLoginSerializer(serializers.Serializer): raise serializers.ValidationError('Incorrect input. access_token and token_secret are required.') request.session['oauth_api.twitter.com_access_token'] = { - 'oauth_token': access_token, - 'oauth_token_secret': token_secret, + 'oauth_token': access_token, + 'oauth_token_secret': token_secret, } token = SocialToken(token=access_token, token_secret=token_secret) token.app = app From f01ed78d59243034b80c21ceece19ce5b21d41ea Mon Sep 17 00:00:00 2001 From: Maciej Jaworski Date: Tue, 23 Feb 2016 15:30:53 +0000 Subject: [PATCH 16/19] Update changelog.rst --- docs/changelog.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/changelog.rst b/docs/changelog.rst index 735b936..e3e9064 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -1,6 +1,13 @@ Changelog ========= +0.7.0 +----- +- Wrapped API returned strings in ugettext_lazy +- Fixed not using ``get_username`` which caused issues when using custom user model without username field +- Django 1.9 support +- Added ``TwitterLoginSerializer`` + 0.6.0 ----- - dropped support for Python 2.6 From ed42925053b7e3d17e8a3f633dea1a555129b5ae Mon Sep 17 00:00:00 2001 From: Maciej Jaworski Date: Tue, 23 Feb 2016 15:39:26 +0000 Subject: [PATCH 17/19] Update setup.py --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index d85b2d2..49deb9a 100644 --- a/setup.py +++ b/setup.py @@ -18,7 +18,7 @@ f.close() setup( name='django-rest-auth', - version='0.6.0', + version='0.7.0', author='Sumit Chachra', author_email='chachra@tivix.com', url='http://github.com/Tivix/django-rest-auth', From 0850fb47ae279d9a8b34b0d66475a0347f922751 Mon Sep 17 00:00:00 2001 From: Maciej Jaworski Date: Tue, 23 Feb 2016 15:46:34 +0000 Subject: [PATCH 18/19] Update requirements.pip --- demo/requirements.pip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/demo/requirements.pip b/demo/requirements.pip index f1c5057..4949275 100644 --- a/demo/requirements.pip +++ b/demo/requirements.pip @@ -1,4 +1,4 @@ django>=1.7.0 -django-rest-auth==0.6.0 +django-rest-auth==0.7.0 django-allauth==0.24.1 six==1.9.0 From 42b860b8bf739cd92da6889e15bcd6060d2f1cbc Mon Sep 17 00:00:00 2001 From: Nicola Date: Thu, 25 Feb 2016 21:37:08 +0100 Subject: [PATCH 19/19] Change the variable name in the doc --- docs/configuration.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuration.rst b/docs/configuration.rst index 3746234..e00d2b5 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -29,7 +29,7 @@ Configuration ... } -- **REST_AUTH_REGISTRATION_SERIALIZERS** +- **REST_AUTH_REGISTER_SERIALIZERS** You can define your custom serializers for registration endpoint. Possible key values: