django-rest-auth/rest_auth/registration/views.py

from django.conf import settings
from django.utils.decorators import method_decorator
from django.utils.translation import ugettext_lazy as _
from django.views.decorators.debug import sensitive_post_parameters

from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework.permissions import (AllowAny,
                                        IsAuthenticated)
from rest_framework.decorators import detail_route
from rest_framework.viewsets import GenericViewSet
from rest_framework.generics import CreateAPIView
from rest_framework import status

from allauth.account.views import ConfirmEmailView
from allauth.account.utils import complete_signup
from allauth.account import app_settings as allauth_settings

from rest_auth.app_settings import (TokenSerializer,
                                    JWTSerializer,
                                    create_token)
from rest_auth.models import TokenModel
from rest_auth.registration.serializers import (SocialLoginSerializer,
                                                VerifyEmailSerializer,
                                                SocialConnectSerializer)
from rest_auth.utils import jwt_encode
from rest_auth.views import LoginView
from .app_settings import RegisterSerializer, register_permission_classes

sensitive_post_parameters_m = method_decorator(
    sensitive_post_parameters('password1', 'password2')
)


class RegisterView(CreateAPIView):
    serializer_class = RegisterSerializer
    permission_classes = register_permission_classes()
    token_model = TokenModel

    @sensitive_post_parameters_m
    def dispatch(self, *args, **kwargs):
        return super(RegisterView, self).dispatch(*args, **kwargs)

    def get_response_data(self, user):
        if allauth_settings.EMAIL_VERIFICATION == \
                allauth_settings.EmailVerificationMethod.MANDATORY:
            return {"detail": _("Verification e-mail sent.")}

        if getattr(settings, 'REST_USE_JWT', False):
            data = {
                'user': user,
                'token': self.token
            }
            return JWTSerializer(data).data
        else:
            return TokenSerializer(user.auth_token).data

    def create(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        user = self.perform_create(serializer)
        headers = self.get_success_headers(serializer.data)

        return Response(self.get_response_data(user),
                        status=status.HTTP_201_CREATED,
                        headers=headers)

    def perform_create(self, serializer):
        user = serializer.save(self.request)
        if getattr(settings, 'REST_USE_JWT', False):
            self.token = jwt_encode(user)
        else:
            create_token(self.token_model, user, serializer)

        complete_signup(self.request._request, user,
                        allauth_settings.EMAIL_VERIFICATION,
                        None)
        return user


class VerifyEmailView(APIView, ConfirmEmailView):
    permission_classes = (AllowAny,)
    allowed_methods = ('POST', 'OPTIONS', 'HEAD')

    def get_serializer(self, *args, **kwargs):
        return VerifyEmailSerializer(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        self.kwargs['key'] = serializer.validated_data['key']
        confirmation = self.get_object()
        confirmation.confirm(self.request)
        return Response({'detail': _('ok')}, status=status.HTTP_200_OK)


if 'allauth.socialaccount' in settings.INSTALLED_APPS:
    from allauth.socialaccount import signals
    from allauth.socialaccount.models import SocialAccount
    from allauth.socialaccount.adapter import get_adapter

    from rest_auth.registration.serializers import SocialAccountSerializer


    class SocialLoginView(LoginView):
        """
        class used for social authentications
        example usage for facebook with access_token
        -------------
        from allauth.socialaccount.providers.facebook.views import FacebookOAuth2Adapter

        class FacebookLogin(SocialLoginView):
            adapter_class = FacebookOAuth2Adapter
        -------------

        example usage for facebook with code

        -------------
        from allauth.socialaccount.providers.facebook.views import FacebookOAuth2Adapter
        from allauth.socialaccount.providers.oauth2.client import OAuth2Client

        class FacebookLogin(SocialLoginView):
            adapter_class = FacebookOAuth2Adapter
            client_class = OAuth2Client
            callback_url = 'localhost:8000'
        -------------
        """

        serializer_class = SocialLoginSerializer

        def process_login(self):
            get_adapter(self.request).login(self.request, self.user)


    class SocialConnectView(SocialLoginView):
        """
        class used for social account linking

        example usage for facebook with access_token
        -------------
        from allauth.socialaccount.providers.facebook.views import FacebookOAuth2Adapter

        class FacebookConnect(SocialConnectView):
            adapter_class = FacebookOAuth2Adapter
        -------------
        """

        serializer_class = SocialConnectSerializer
        permission_classes = (IsAuthenticated,)


    class SocialAccountViewSet(GenericViewSet):
        """
        allauth SocialAccount REST API read and disconnect views for logged in users

        Refer to the django-allauth package implementation of the models and
        account handling logic for more details, this viewset emulates the allauth web UI.
        """

        serializer_class = SocialAccountSerializer
        permission_classes = (IsAuthenticated,)
        queryset = SocialAccount.objects.none()

        def get_queryset(self):
            return SocialAccount.objects.filter(user=self.request.user)

        def list(self, request):
            """
            list SocialAccounts for the currently logged in user
            """

            return Response(self.get_serializer(self.get_queryset(), many=True).data)

        @detail_route(methods=['POST'])
        def disconnect(self, request, pk):
            """
            disconnect SocialAccount from remote service for the currently logged in user
            """

            accounts = self.get_queryset()
            account = accounts.get(pk=pk)
            get_adapter(self.request).validate_disconnect(account, accounts)

            account.delete()
            signals.social_account_removed.send(
                sender=SocialAccount,
                request=self.request,
                socialaccount=account
            )

            return Response(self.get_serializer(account).data)