110swag / flashy-backend

Download as
Browse Code ยป

Commit a077b19091947f6028b01b470b074eae2395a477

Authored by Andrew Buss
1 parent dfb508c311
Exists in master

I MIGHT HAVE ACCIDENTALLY INTRODUCED A BUG HERE

Showing 1 changed file with 1 additions and 2 deletions Inline Diff

flashcards/api.py View file @ a077b19
from django.core.mail import send_mail 1 1 from django.core.mail import send_mail
from django.contrib.auth import authenticate, login, logout 2 2 from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.tokens import default_token_generator 3 3 from django.contrib.auth.tokens import default_token_generator
from rest_framework.status import HTTP_201_CREATED, HTTP_204_NO_CONTENT 4 4 from rest_framework.status import HTTP_201_CREATED, HTTP_204_NO_CONTENT
from rest_framework.views import APIView 5 5 from rest_framework.views import APIView
from rest_framework.response import Response 6 6 from rest_framework.response import Response
from rest_framework import status 7 7 from rest_framework import status
from rest_framework.exceptions import ValidationError, NotFound 8 8 from rest_framework.exceptions import ValidationError, NotFound
from flashcards.serializers import * 9 9 from flashcards.serializers import *
10 10
11 11
class UserDetail(APIView): 12 12 class UserDetail(APIView):
def patch(self, request, format=None): 13 13 def patch(self, request, format=None):
""" 14 14 """
This method checks either the email or the password passed in 15 15 This method checks either the email or the password passed in
is valid. If confirmation key is correct, it validates the 16 16 is valid. If confirmation key is correct, it validates the
user. It updates the password if the new password 17 17 user. It updates the password if the new password
is valid. 18 18 is valid.
19 19
""" 20 20 """
currentuser = request.user 21 21 currentuser = request.user
22 22
if 'confirmation_key' in request.data: 23 23 if 'confirmation_key' in request.data:
if not currentuser.confirm_email( request.data['confirmation_key'] ): 24 24 if not currentuser.confirm_email( request.data['confirmation_key'] ):
raise ValidationError('confirmation_key is invalid') 25 25 raise ValidationError('confirmation_key is invalid')
26 26
if 'new_password' in request.data: 27 27 if 'new_password' in request.data:
if not currentuser.check_password(request.data['old_password']): 28 28 if not currentuser.check_password(request.data['old_password']):
raise ValidationError('Invalid old password') 29 29 raise ValidationError('Invalid old password')
if not request.data['new_password']: 30 30 if not request.data['new_password']:
raise ValidationError('Password cannot be blank') 31 31 raise ValidationError('Password cannot be blank')
currentuser.set_password(request.data['new_password']) 32 32 currentuser.set_password(request.data['new_password'])
currentuser.save() 33 33 currentuser.save()
34 34
return Response(status=status.HTTP_204_NO_CONTENT) 35 35 return Response(status=status.HTTP_204_NO_CONTENT)
36 36
def get(self, request, format=None): 37 37 def get(self, request, format=None):
serializer = UserSerializer(request.user) 38 38 serializer = UserSerializer(request.user)
return Response(serializer.data) 39 39 return Response(serializer.data)
40 40
def post(self, request, format=None): 41 41 def post(self, request, format=None):
if 'email' not in request.data: 42 42 if 'email' not in request.data:
raise ValidationError('Email is required') 43 43 raise ValidationError('Email is required')
if 'password' not in request.data: 44 44 if 'password' not in request.data:
raise ValidationError('Password is required') 45 45 raise ValidationError('Password is required')
46
email = request.data['email'] 47 46 email = request.data['email']
existing_users = User.objects.filter(email=email) 48 47 existing_users = User.objects.filter(email=email)
if existing_users.exists(): 49 48 if existing_users.exists():
raise ValidationError("An account with this email already exists") 50 49 raise ValidationError("An account with this email already exists")
user = User.objects.create_user(email, email=email, password=request.data['password']) 51 50 user = User.objects.create_user(email, email=email, password=request.data['password'])
52 51
body = ''' 53 52 body = '''
Visit the following link to confirm your email address: 54 53 Visit the following link to confirm your email address:
http://flashy.cards/app/verify_email/%s 55 54 http://flashy.cards/app/verify_email/%s
56 55
If you did not register for Flashy, no action is required. 57 56 If you did not register for Flashy, no action is required.
''' 58 57 '''
59 58
user = authenticate(email=email, password=request.data['password']) 60 59 user = authenticate(email=email, password=request.data['password'])
login(request, user) 61 60 login(request, user)
return Response(UserSerializer(user).data, status=HTTP_201_CREATED) 62 61 return Response(UserSerializer(user).data, status=HTTP_201_CREATED)
63 62
def delete(self, request): 64 63 def delete(self, request):
request.user.delete() 65 64 request.user.delete()
return Response(status=HTTP_204_NO_CONTENT) 66 65 return Response(status=HTTP_204_NO_CONTENT)
67 66
68 67
class UserLogin(APIView): 69 68 class UserLogin(APIView):
""" 70 69 """
Authenticates user and returns user data if valid. Handles invalid 71 70 Authenticates user and returns user data if valid. Handles invalid
users. 72 71 users.
""" 73 72 """
74 73
def post(self, request, format=None): 75 74 def post(self, request, format=None):
""" 76 75 """
Returns user data if valid. 77 76 Returns user data if valid.
""" 78 77 """
if 'email' not in request.data: 79 78 if 'email' not in request.data:
raise ValidationError('Email is required') 80 79 raise ValidationError('Email is required')
if 'password' not in request.data: 81 80 if 'password' not in request.data:
raise ValidationError('Password is required') 82 81 raise ValidationError('Password is required')
83 82
email = request.data['email'] 84 83 email = request.data['email']
password = request.data['password'] 85 84 password = request.data['password']
user = authenticate(email=email, password=password) 86 85 user = authenticate(email=email, password=password)
87 86
if user is None: 88 87 if user is not None:
raise ValidationError('Invalid email or password') 89 88 raise ValidationError('Invalid email or password')
if not user.is_active: 90 89 if not user.is_active:
raise ValidationError('Account is disabled') 91 90 raise ValidationError('Account is disabled')
login(request, user) 92 91 login(request, user)
return Response(UserSerializer(user).data) 93 92 return Response(UserSerializer(user).data)
94 93
class UserLogout(APIView): 95 94 class UserLogout(APIView):
""" 96 95 """
Logs out an authenticated user. 97 96 Logs out an authenticated user.
""" 98 97 """
99 98
def post(self, request, format=None): 100 99 def post(self, request, format=None):
logout(request, request.user) 101 100 logout(request, request.user)
return Response(status=status.HTTP_204_NO_CONTENT) 102 101 return Response(status=status.HTTP_204_NO_CONTENT)
103 102
104 103
class PasswordReset(APIView): 105 104 class PasswordReset(APIView):
""" 106 105 """
Allows user to reset their password. 107 106 Allows user to reset their password.
""" 108 107 """
109 108
def post(self, request, format=None): 110 109 def post(self, request, format=None):
""" 111 110 """
Send a password reset token/link to the provided email. 112 111 Send a password reset token/link to the provided email.
""" 113 112 """
if 'email' not in request.data: 114 113 if 'email' not in request.data:
raise ValidationError('Email is required') 115 114 raise ValidationError('Email is required')
116 115
email = request.data['email'] 117 116 email = request.data['email']
118 117
# Find the user since they are not logged in. 119 118 # Find the user since they are not logged in.
try: 120 119 try:
user = User.objects.get(email=email) 121 120 user = User.objects.get(email=email)
except User.DoesNotExist: 122 121 except User.DoesNotExist: