Contact Us: Modifies api to fetch name and email for logged in users. #922
Conversation
apps/web/views.py
Outdated
| return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) | ||
|
|
||
| elif request.method == 'GET': | ||
| user = User.objects.get(username=request.user) |
There was a problem hiding this comment.
Whenever using get operation, please make sure that it is properly catched. Same goes for post method.
There was a problem hiding this comment.
@trojan Thank you for guiding. But I think in this case we don't need to catch it separately as it is already being cached in the try and except case.
The function works as follows:
-
If the user is logged in:
a) Ongetrequest theusernameandemailis being fetched from the database.
b) Onpostrequest thename,emailandmessageis posted to the database. -
If the user is not logged in then
name,emailandmessageis posted to the database.
Please review and tell me if I am missing somewhere ?
There was a problem hiding this comment.
We would probably remove the try statement from line 41 and make it more specific to the particular statement. also, if try-except block is required for some other piece of code, then you should add a separate try-catch for that statement.
apps/web/views.py
Outdated
| return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) | ||
|
|
||
| elif request.method == 'GET': | ||
| user = User.objects.get(username=request.user) |
There was a problem hiding this comment.
We would probably remove the try statement from line 41 and make it more specific to the particular statement. also, if try-except block is required for some other piece of code, then you should add a separate try-catch for that statement.
apps/web/views.py
Outdated
| if request.method == 'POST': | ||
| request_data = {"name": name, "email": email} | ||
| request_data['message'] = request.data['message'] | ||
| serializer = ContactSerializer(data=request_data) | ||
| if serializer.is_valid(): | ||
| serializer.save() | ||
| response_data = {'message': 'Your message has been successfully recorded. We will contact you shortly.'} |
There was a problem hiding this comment.
Can we make it "We have received your request and will contact you shortly" ?
apps/web/views.py
Outdated
| @@ -35,29 +35,35 @@ def internal_server_error(request): | |||
|
|
|||
|
|
|||
| @throttle_classes([AnonRateThrottle, ]) | |||
| @api_view(['POST', ]) | |||
| @api_view(['POST', 'GET']) | |||
There was a problem hiding this comment.
Can we make it alphabetically ? GET, POST
apps/web/views.py
Outdated
|
|
||
| if request.method == 'POST': | ||
| request_data = {"name": name, "email": email} | ||
| request_data['message'] = request.data['message'] |
There was a problem hiding this comment.
Is message mandatory on frontend. If not, then I will prefer to use .get here.
There was a problem hiding this comment.
@trojan I think we should keep a check on front-end only as it will prevent unnecessary api calls.
What are your views about it?
There was a problem hiding this comment.
Yeah, we should keep a check on the frontend for this. Also, we should throttle this endpoint to 10 requests/minute. Does that sound reasonable to you guys? @trojan @RishabhJain2018 ?
There was a problem hiding this comment.
On front end, there should be a check that message is mandatory, because if a user is trying to contact then he or she should definitely leave a message.
Also as far as throttling is concerned, I am not sure of what exactly should be the limit.
Anyways it will be nice if you use .get here.
There was a problem hiding this comment.
@deshraj Can you please tell why we should change the limit from 100 requests/minute to 10 requests/minute ?
There was a problem hiding this comment.
Sorry I missed this part. IMO: a user won't submit the contact form 100 times in a minute. No one will have that many problems.
There was a problem hiding this comment.
Anyways, this way we can restrict the users from abusing the system.
There was a problem hiding this comment.
@deshraj I agree that we can restrict the user from abusing the system.
apps/web/views.py
Outdated
| request_data['message'] = request.data['message'] | ||
| serializer = ContactSerializer(data=request_data) | ||
| except: | ||
| serializer = ContactSerializer(data=request.data) |
There was a problem hiding this comment.
This is redundant. Same thing is happening in POST check one just that data is different. I think it can be easily handled with a simple if condition. @RishabhJain2018
There was a problem hiding this comment.
@trojan Please explain how can we remove the redundancy ?
There was a problem hiding this comment.
I think something like this can. Let me know your concerns if any
user_does_not_exist = False
try:
user = User.objects.get(username=request.user)
name = user.username
email = user.email
request_data = {'name': name, 'email': email}
except:
request_data = request.data
user_does_not_exist = True
if request.method == 'POST' or user_does_not_exist:
if request.POST.get('message'):
request_data['message'] = request.POST.get('message')
serializer = ContactSerializer(data=request_data)
if serializer.is_valid():
serializer.save()
response_data = {'message': 'We have received your request and will contact you shortly.'}
return Response(response_data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
elif request.method == 'GET':
response_data = {"name": name, "email": email}
return Response(response_data, status=status.HTTP_200_OK)
|
@RishabhJain2018 any update on this? |
|
LGTM. Let @deshraj review it once. |
|
Looks good. Merging this. :) Good job Rishabh. |
fixes #921 . @deshraj Please review the PR.