c3lf-system-3/core/authentication/api_v2.py

100 lines
3.4 KiB
Python
Raw Normal View History

2023-12-11 21:18:33 +00:00
from rest_framework import routers, viewsets, serializers, permissions
2023-12-08 23:57:09 +00:00
from rest_framework.decorators import api_view, permission_classes, authentication_classes
2023-12-13 07:09:29 +00:00
from rest_framework.authtoken.serializers import AuthTokenSerializer
from rest_framework.permissions import IsAuthenticated
2023-12-08 23:57:09 +00:00
from rest_framework.response import Response
2023-12-11 21:18:33 +00:00
from django.contrib.auth import login
2023-12-09 00:07:01 +00:00
from django.urls import path
2023-12-11 21:18:33 +00:00
from django.dispatch import receiver
from django.db.models.signals import post_save
from knox.models import AuthToken
from knox.views import LoginView as KnoxLoginView
from authentication.models import ExtendedUser
2023-11-23 22:17:20 +00:00
class UserSerializer(serializers.ModelSerializer):
2023-12-13 11:51:36 +00:00
permissions = serializers.SerializerMethodField()
2023-11-23 22:17:20 +00:00
class Meta:
2023-12-11 21:18:33 +00:00
model = ExtendedUser
2023-12-13 11:51:36 +00:00
fields = ('id', 'username', 'email', 'first_name', 'last_name', 'permissions')
read_only_fields = ('id', 'username', 'email', 'first_name', 'last_name', 'permissions')
def collect_permissions(self, obj):
for permission in obj.get_all_permissions():
yield "*:" + permission
for permission in obj.event_permissions.all():
yield permission.event.slug + ":" + permission.permission.codename
def get_permissions(self, obj):
return list(self.collect_permissions(obj))
2023-11-23 22:17:20 +00:00
2023-12-11 21:18:33 +00:00
@receiver(post_save, sender=ExtendedUser)
def create_auth_token(sender, instance=None, created=False, **kwargs):
if created:
AuthToken.objects.create(user=instance)
2023-12-08 23:57:09 +00:00
2023-11-23 22:17:20 +00:00
class UserViewSet(viewsets.ModelViewSet):
2023-12-11 21:18:33 +00:00
queryset = ExtendedUser.objects.all()
2023-11-23 22:17:20 +00:00
serializer_class = UserSerializer
2023-12-13 11:51:36 +00:00
@api_view(['GET'])
2023-12-13 07:09:29 +00:00
@permission_classes([IsAuthenticated])
2023-12-11 21:18:33 +00:00
def selfUser(request):
serializer = UserSerializer(request.user)
return Response(serializer.data, status=200)
2023-12-08 23:57:09 +00:00
@api_view(['POST'])
@permission_classes([])
@authentication_classes([])
def registerUser(request):
2023-12-11 21:18:33 +00:00
try:
username = request.data.get('username')
password = request.data.get('password')
email = request.data.get('email')
errors = {}
if not username:
errors['username'] = 'Username is required'
if not password:
errors['password'] = 'Password is required'
if not email:
errors['email'] = 'Email is required'
if ExtendedUser.objects.filter(email=email).exists():
errors['email'] = 'Email already exists'
if ExtendedUser.objects.filter(username=username).exists():
errors['username'] = 'Username already exists'
if errors:
return Response({'errors': errors}, status=400)
user = ExtendedUser.objects.create_user(username, email, password)
2023-12-08 23:57:09 +00:00
return Response({'username': user.username, 'email': user.email}, status=201)
2023-12-11 21:18:33 +00:00
except Exception as e:
return Response({'errors': str(e)}, status=400)
class LoginView(KnoxLoginView):
permission_classes = (permissions.AllowAny,)
authentication_classes = ()
def post(self, request, format=None):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
login(request, user)
return super(LoginView, self).post(request, format=None)
2023-12-08 23:57:09 +00:00
2023-11-23 22:17:20 +00:00
router = routers.SimpleRouter()
router.register(r'users', UserViewSet, basename='users')
2023-12-09 00:07:01 +00:00
urlpatterns = router.urls + [
2023-12-11 21:18:33 +00:00
path('self/', selfUser),
path('login/', LoginView.as_view()),
2023-12-09 00:07:01 +00:00
path('register/', registerUser),
]