Commit 93a3554c929f0f1ebdd54545335bac9e619fc3a5
Exists in
master
Merge branch 'master' of git.ucsd.edu:110swag/flashy-backend
Showing 2 changed files Inline Diff
flashcards/api.py
View file @
93a3554
| from django.core.mail import send_mail | 1 | 1 | from django.core.mail import send_mail | |
| from django.contrib.auth import authenticate, login, logout | 2 | 2 | from django.contrib.auth import authenticate, login, logout | |
| from django.contrib.auth.tokens import default_token_generator | 3 | 3 | from django.contrib.auth.tokens import default_token_generator | |
| from rest_framework.status import HTTP_201_CREATED, HTTP_204_NO_CONTENT | 4 | 4 | from rest_framework.status import HTTP_201_CREATED, HTTP_204_NO_CONTENT | |
| from rest_framework.views import APIView | 5 | 5 | from rest_framework.views import APIView | |
| from rest_framework.response import Response | 6 | 6 | from rest_framework.response import Response | |
| from rest_framework import status | 7 | 7 | from rest_framework import status | |
| from rest_framework.exceptions import ValidationError, NotFound | 8 | 8 | from rest_framework.exceptions import ValidationError, NotFound | |
| from flashcards.serializers import * | 9 | 9 | from flashcards.serializers import * | |
| 10 | 10 | |||
| 11 | 11 | |||
| class UserDetail(APIView): | 12 | 12 | class UserDetail(APIView): | |
| def patch(self, request, format=None): | 13 | 13 | def patch(self, request, format=None): | |
| """ | 14 | 14 | """ | |
| This method checks either the email or the password passed in | 15 | 15 | This method checks either the email or the password passed in | |
| is valid. If confirmation key is correct, it validates the | 16 | 16 | is valid. If confirmation key is correct, it validates the | |
| user. It updates the password if the new password | 17 | 17 | user. It updates the password if the new password | |
| is valid. | 18 | 18 | is valid. | |
| 19 | 19 | |||
| """ | 20 | 20 | """ | |
| currentuser = request.user | 21 | 21 | currentuser = request.user | |
| 22 | 22 | |||
| if 'confirmation_key' in request.data: | 23 | 23 | if 'confirmation_key' in request.data: | |
| if not currentuser.confirm_email( request.data['confirmation_key'] ): | 24 | 24 | if not currentuser.confirm_email( request.data['confirmation_key'] ): | |
| raise ValidationError('confirmation_key is invalid') | 25 | 25 | raise ValidationError('confirmation_key is invalid') | |
| 26 | 26 | |||
| if 'new_password' in request.data: | 27 | 27 | if 'new_password' in request.data: | |
| if not currentuser.check_password(request.data['old_password']): | 28 | 28 | if not currentuser.check_password(request.data['old_password']): | |
| raise ValidationError('Invalid old password') | 29 | 29 | raise ValidationError('Invalid old password') | |
| if not request.data['new_password']: | 30 | 30 | if not request.data['new_password']: | |
| raise ValidationError('Password cannot be blank') | 31 | 31 | raise ValidationError('Password cannot be blank') | |
| currentuser.set_password(request.data['new_password']) | 32 | 32 | currentuser.set_password(request.data['new_password']) | |
| currentuser.save() | 33 | 33 | currentuser.save() | |
| 34 | 34 | |||
| return Response(status=status.HTTP_204_NO_CONTENT) | 35 | 35 | return Response(status=status.HTTP_204_NO_CONTENT) | |
| 36 | 36 | |||
| def get(self, request, format=None): | 37 | 37 | def get(self, request, format=None): | |
| serializer = UserSerializer(request.user) | 38 | 38 | serializer = UserSerializer(request.user) | |
| return Response(serializer.data) | 39 | 39 | return Response(serializer.data) | |
| 40 | 40 | |||
| def post(self, request, format=None): | 41 | 41 | def post(self, request, format=None): | |
| if 'email' not in request.data: | 42 | 42 | if 'email' not in request.data: | |
| raise ValidationError('Email is required') | 43 | 43 | raise ValidationError('Email is required') | |
| if 'password' not in request.data: | 44 | 44 | if 'password' not in request.data: | |
| raise ValidationError('Password is required') | 45 | 45 | raise ValidationError('Password is required') | |
| 46 | ||||
| email = request.data['email'] | 47 | 46 | email = request.data['email'] | |
| 47 | existing_users = User.objects.filter(email=email) | |||
| 48 | if existing_users.exists(): | |||
| 49 | raise ValidationError("An account with this email already exists") | |||
| user = User.objects.create_user(email, email=email, password=request.data['password']) | 48 | 50 | user = User.objects.create_user(email, email=email, password=request.data['password']) | |
| 49 | 51 | |||
| body = ''' | 50 | 52 | body = ''' | |
| Visit the following link to confirm your email address: | 51 | 53 | Visit the following link to confirm your email address: | |
| http://flashy.cards/app/verify_email/%s | 52 | 54 | http://flashy.cards/app/verify_email/%s | |
| 53 | 55 | |||
| If you did not register for Flashy, no action is required. | 54 | 56 | If you did not register for Flashy, no action is required. | |
| ''' | 55 | 57 | ''' | |
| 56 | 58 | |||
| user = authenticate(email=email, password=request.data['password']) | 57 | 59 | user = authenticate(email=email, password=request.data['password']) | |
| login(request, user) | 58 | 60 | login(request, user) | |
| return Response(UserSerializer(user).data, status=HTTP_201_CREATED) | 59 | 61 | return Response(UserSerializer(user).data, status=HTTP_201_CREATED) | |
| 60 | 62 | |||
| def delete(self, request, format=None): | 61 | 63 | def delete(self, request): | |
| request.user.delete() | 62 | 64 | request.user.delete() | |
| return Response(status=HTTP_204_NO_CONTENT) | 63 | 65 | return Response(status=HTTP_204_NO_CONTENT) | |
| 64 | 66 | |||
| 65 | 67 | |||
| class UserLogin(APIView): | 66 | 68 | class UserLogin(APIView): | |
| """ | 67 | 69 | """ | |
| Authenticates user and returns user data if valid. Handles invalid | 68 | 70 | Authenticates user and returns user data if valid. Handles invalid | |
| users. | 69 | 71 | users. | |
| """ | 70 | 72 | """ | |
| 71 | 73 | |||
| def post(self, request, format=None): | 72 | 74 | def post(self, request, format=None): | |
| """ | 73 | 75 | """ | |
| Returns user data if valid. | 74 | 76 | Returns user data if valid. | |
| """ | 75 | 77 | """ | |
| if 'email' not in request.data: | 76 | 78 | if 'email' not in request.data: | |
| raise ValidationError('Email is required') | 77 | 79 | raise ValidationError('Email is required') | |
| if 'password' not in request.data: | 78 | 80 | if 'password' not in request.data: | |
| raise ValidationError('Password is required') | 79 | 81 | raise ValidationError('Password is required') | |
| 80 | 82 | |||
| email = request.data['email'] | 81 | 83 | email = request.data['email'] | |
| password = request.data['password'] | 82 | 84 | password = request.data['password'] | |
| user = authenticate(email=email, password=password) | 83 | 85 | user = authenticate(email=email, password=password) | |
| 84 | 86 | |||
| if user is None: | 85 | 87 | if user is not None: | |
| raise ValidationError('Invalid email or password') | 86 | 88 | raise ValidationError('Invalid email or password') | |
| if not user.is_active: | 87 | 89 | if not user.is_active: | |
| raise ValidationError('Account is disabled') | 88 | 90 | raise ValidationError('Account is disabled') | |
| login(request, user) | 89 | 91 | login(request, user) | |
| return Response(UserSerializer(user).data) | 90 | 92 | return Response(UserSerializer(user).data) | |
| 91 | 93 | |||
| class UserLogout(APIView): | 92 | 94 | class UserLogout(APIView): | |
| """ | 93 | 95 | """ | |
| Logs out an authenticated user. | 94 | 96 | Logs out an authenticated user. | |
| """ | 95 | 97 | """ | |
| 96 | 98 | |||
| def post(self, request, format=None): | 97 | 99 | def post(self, request, format=None): | |
| logout(request, request.user) | 98 | 100 | logout(request, request.user) | |
| return Response(status=status.HTTP_204_NO_CONTENT) | 99 | 101 | return Response(status=status.HTTP_204_NO_CONTENT) | |
| 100 | 102 | |||
| 101 | 103 | |||
| class PasswordReset(APIView): | 102 | 104 | class PasswordReset(APIView): | |
| """ | 103 | 105 | """ | |
| Allows user to reset their password. | 104 | 106 | Allows user to reset their password. | |
| """ | 105 | 107 | """ | |
| 106 | 108 | |||
| def post(self, request, format=None): | 107 | 109 | def post(self, request, format=None): | |
| """ | 108 | 110 | """ | |
| Send a password reset token/link to the provided email. | 109 | 111 | Send a password reset token/link to the provided email. | |
| """ | 110 | 112 | """ | |
| if 'email' not in request.data: | 111 | 113 | if 'email' not in request.data: | |
| raise ValidationError('Email is required') | 112 | 114 | raise ValidationError('Email is required') | |
| 113 | 115 | |||
| email = request.data['email'] | 114 | 116 | email = request.data['email'] | |
| 115 | 117 | |||
| # Find the user since they are not logged in. | 116 | 118 | # Find the user since they are not logged in. | |
| try: | 117 | 119 | try: | |
| user = User.objects.get(email=email) | 118 | 120 | user = User.objects.get(email=email) | |
| except User.DoesNotExist: | 119 | 121 | except User.DoesNotExist: | |
| raise NotFound('Email does not exist') | 120 | 122 | raise NotFound('Email does not exist') |
run_tests.sh
View file @
93a3554
| venv/bin/coverage run --source='flashcards' manage.py test flashcards/tests/ | 1 | 1 | #!/bin/bash -xe | |
| venv/bin/coverage html | 2 | 2 | venv/bin/python venv/bin/coverage run --source='flashcards' manage.py test flashcards/tests/ | |
| 3 | venv/bin/python venv/bin/coverage html | |||