You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

107 regels
3.1 KiB

  1. import json
  2. from django.conf import settings
  3. from django.contrib import messages
  4. from django.contrib.auth import authenticate, login, logout
  5. from django.contrib.auth.decorators import login_required
  6. from django.http import HttpResponseRedirect, HttpResponseBadRequest, HttpResponse
  7. from django.urls import reverse
  8. from django.utils.functional import lazy
  9. from django_filters.rest_framework import DjangoFilterBackend
  10. from rest_framework import mixins, routers
  11. from rest_framework.permissions import BasePermission
  12. from rest_framework.renderers import JSONRenderer
  13. from rest_framework.viewsets import GenericViewSet
  14. from core.serializers import UserSerializer
  15. from users.models import User
  16. def reverse_lazy(name=None, *args):
  17. return lazy(reverse, str)(name, args=args)
  18. class PublicUserViewSet(
  19. mixins.RetrieveModelMixin,
  20. mixins.ListModelMixin,
  21. GenericViewSet,
  22. ):
  23. serializer_class = UserSerializer
  24. filter_backends = (DjangoFilterBackend, )
  25. filter_fields = ("username", )
  26. pagination_class = None
  27. def get_queryset(self):
  28. username = self.request.GET.get("username", "")
  29. return User.objects.filter(username=username)
  30. class UserViewSet(
  31. mixins.RetrieveModelMixin,
  32. mixins.ListModelMixin,
  33. mixins.CreateModelMixin,
  34. GenericViewSet,
  35. ):
  36. class Permission(BasePermission):
  37. def has_permission(self, request, view):
  38. if not request.method == "POST":
  39. return True
  40. return settings.ALLOW_NEW_REGISTRATIONS
  41. def has_object_permission(self, request, view, obj):
  42. return request.user == obj
  43. permission_classes = [Permission, ]
  44. serializer_class = UserSerializer
  45. pagination_class = None
  46. def get_queryset(self):
  47. if self.request.user.is_anonymous:
  48. return User.objects.none()
  49. return User.objects.filter(id=self.request.user.id)
  50. def login_user(request):
  51. try:
  52. data = json.loads(request.body)
  53. except json.JSONDecodeError:
  54. return HttpResponseBadRequest()
  55. if 'username' not in data:
  56. return HttpResponseBadRequest(
  57. json.dumps({"username": "this field is required"})
  58. )
  59. if 'password' not in data:
  60. return HttpResponseBadRequest(
  61. json.dumps({"password": "this field is required"})
  62. )
  63. user = authenticate(
  64. request,
  65. username=data['username'],
  66. password=data['password']
  67. )
  68. if not user:
  69. return HttpResponseBadRequest(
  70. json.dumps({"password": "username and password doesn't match"})
  71. )
  72. login(request, user)
  73. data = UserSerializer(
  74. user,
  75. context={'request': request},
  76. ).data
  77. return HttpResponse(
  78. JSONRenderer().render(data),
  79. content_type="application/json"
  80. )
  81. @login_required
  82. def logout_user(request):
  83. logout(request)
  84. messages.success(request, 'You have successfully logged out.')
  85. return HttpResponseRedirect('/')
  86. drf_router = routers.DefaultRouter()
  87. drf_router.register(r'users', UserViewSet, basename="user")
  88. drf_router.register(r'public-users', PublicUserViewSet, basename="public-user")