110swag / flashy-backend

Download as
Browse Code ยป

Commit f6068531bbee01d27daa3fe3a7979b97062b2b1f

Authored by Chung Wang
1 parent e8079030e4
Exists in master

Update and fix the email confirmation under flashcards/api.py under the userdetail for patch

Showing 1 changed file with 15 additions and 27 deletions Inline Diff

flashcards/api.py View file @ f606853
from django.core.mail import send_mail 1 1 from django.core.mail import send_mail
from django.contrib.auth import authenticate, login 2 2 from django.contrib.auth import authenticate, login
from django.contrib.auth.tokens import default_token_generator 3 3 from django.contrib.auth.tokens import default_token_generator
from rest_framework.views import APIView 4 4 from rest_framework.views import APIView
from rest_framework.response import Response 5 5 from rest_framework.response import Response
from rest_framework import status 6 6 from rest_framework import status
from rest_framework.exceptions import ValidationError, NotFound 7 7 from rest_framework.exceptions import ValidationError, NotFound
from flashcards.serializers import * 8 8 from flashcards.serializers import *
9 9
10 10
class UserDetail(APIView): 11 11 class UserDetail(APIView):
def patch(self, request, format=None): 12 12 def patch(self, request, format=None):
""" 13 13 """
Updates a user's password after they enter a valid old password. 14 14 This method checks either the email or the password passed in
TODO: email verification 15 15 is valid. If confirmation key is correct, it validates the
16 user. It updates the password if the new password
17 is valid.
18
""" 16 19 """
20 currentuser = request.user
17 21
if 'old_password' not in request.data: 18 22 if 'confirmation_key' in request.data:
raise ValidationError('Old password is required') 19 23 if not currentuser.confirm_email( request.data['confirmation_key'] ):
if 'new_password' not in request.data: 20 24 raise ValidationError('confirmation_key is invalid')
raise ValidationError('New password is required') 21
if not request.data['new_password']: 22
raise ValidationError('Password cannot be blank') 23
24 25
currentuser = request.user 25 26 if 'new_password' in request.data:
26 27 if not currentuser.check_password(request.data['old_password']):
if not currentuser.check_password(request.data['old_password']): 27 28 raise ValidationError('Invalid old password')
raise ValidationError('Invalid old password') 28 29 if not request.data['new_password']:
29 30 raise ValidationError('Password cannot be blank')
send_mail("Please verify your Flashy account", 30
body % currentuser.confirmation_key, 31
"noreply@flashy.cards", 32
[currentuser.email]) 33
34
currentuser.confirm_email( currentuser.confirmation_key ) 35
36
if currentuser.isconfirmed 37
currentuser.set_password(request.data['new_password']) 38 31 currentuser.set_password(request.data['new_password'])
currentuser.save() 39 32 currentuser.save()
40 33
return Response(status=status.HTTP_204_NO_CONTENT) 41 34 return Response(status=status.HTTP_204_NO_CONTENT)
42 35
def get(self, request, format=None): 43 36 def get(self, request, format=None):
serializer = UserSerializer(request.user) 44 37 serializer = UserSerializer(request.user)
return Response(serializer.data) 45 38 return Response(serializer.data)
46 39
def post(self, request, format=None): 47 40 def post(self, request, format=None):
if 'email' not in request.data: 48 41 if 'email' not in request.data:
raise ValidationError('Email is required') 49 42 raise ValidationError('Email is required')
if 'password' not in request.data: 50 43 if 'password' not in request.data:
raise ValidationError('Password is required') 51 44 raise ValidationError('Password is required')
52 45
email = request.data['email'] 53 46 email = request.data['email']
user = User.objects.create_user(email, email=email, password=request.data['password']) 54 47 user = User.objects.create_user(email, email=email, password=request.data['password'])
55 48
body = ''' 56 49 body = '''
Visit the following link to confirm your email address: 57 50 Visit the following link to confirm your email address:
http://flashy.cards/app/verify_email/%s 58 51 http://flashy.cards/app/verify_email/%s
59 52
If you did not register for Flashy, no action is required. 60 53 If you did not register for Flashy, no action is required.
''' 61 54 '''
62 55
send_mail("Please verify your Flashy account", 63
body % user.confirmation_key, 64
"noreply@flashy.cards", 65
[user.email]) 66
67
user = authenticate(email=email, password=request.data['password']) 68 56 user = authenticate(email=email, password=request.data['password'])
login(request, user) 69 57 login(request, user)
return Response(UserSerializer(user).data) 70 58 return Response(UserSerializer(user).data)
71 59
def delete(self, request, format=None): 72 60 def delete(self, request, format=None):
request.user.delete() 73 61 request.user.delete()
return Response(status=status.HTTP_204_NO_CONTENT) 74 62 return Response(status=status.HTTP_204_NO_CONTENT)
75 63
76 64
class UserLogin(APIView): 77 65 class UserLogin(APIView):
""" 78 66 """
Authenticates user and returns user data if valid. Handles invalid 79 67 Authenticates user and returns user data if valid. Handles invalid
users. 80 68 users.
""" 81 69 """
82 70
def post(self, request, format=None): 83 71 def post(self, request, format=None):
""" 84 72 """
Returns user data if valid. 85 73 Returns user data if valid.
""" 86 74 """
if 'email' not in request.data: 87 75 if 'email' not in request.data:
raise ValidationError('Email is required') 88 76 raise ValidationError('Email is required')
if 'password' not in request.data: 89 77 if 'password' not in request.data:
raise ValidationError('Password is required') 90 78 raise ValidationError('Password is required')
91 79
email = request.data['email'] 92 80 email = request.data['email']
password = request.data['password'] 93 81 password = request.data['password']
user = authenticate(username=email, password=password) 94 82 user = authenticate(username=email, password=password)
95 83
if user is None: 96 84 if user is None:
raise ValidationError('Invalid email or password') 97 85 raise ValidationError('Invalid email or password')
if not user.is_active: 98 86 if not user.is_active:
raise ValidationError('Account is disabled') 99 87 raise ValidationError('Account is disabled')
login(request, user) 100 88 login(request, user)
return Response(UserSerializer(User).data) 101 89 return Response(UserSerializer(user).data)
102 90
103 91
class PasswordReset(APIView): 104 92 class PasswordReset(APIView):
""" 105 93 """
Allows user to reset their password. 106 94 Allows user to reset their password.
""" 107 95 """
108 96
def post(self, request, format=None): 109 97 def post(self, request, format=None):
""" 110 98 """
Send a password reset token/link to the provided email. 111 99 Send a password reset token/link to the provided email.
""" 112 100 """
if 'email' not in request.data: 113 101 if 'email' not in request.data:
raise ValidationError('Email is required') 114 102 raise ValidationError('Email is required')
115 103
email = request.data['email'] 116 104 email = request.data['email']
117 105
# Find the user since they are not logged in. 118 106 # Find the user since they are not logged in.
try: 119 107 try:
user = User.objects.get(email=email) 120 108 user = User.objects.get(email=email)
except User.DoesNotExist: 121 109 except User.DoesNotExist:
raise NotFound('Email does not exist') 122 110 raise NotFound('Email does not exist')
123 111
token = default_token_generator.make_token(user) 124 112 token = default_token_generator.make_token(user)
125 113
body = ''' 126 114 body = '''
Visit the following link to reset your password: 127 115 Visit the following link to reset your password:
http://flashy.cards/app/reset_password/%d/%s 128 116 http://flashy.cards/app/reset_password/%d/%s
129 117