OpenConceptLab/ocl_issues#1338 | user token view to use auth service

OpenConceptLab · Aug 1, 2022 · 296ee2a · 296ee2a
1 parent 8e37230
commit 296ee2a
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 6 deletions.
diff --git a/core/users/models.py b/core/users/models.py
@@ -10,12 +10,12 @@
 from django.urls import reverse
 from rest_framework.authtoken.models import Token
 
+from core.common.mixins import SourceContainerMixin
 from core.common.models import BaseModel, CommonLogoModel
 from core.common.tasks import send_user_verification_email, send_user_reset_password_email
 from core.common.utils import web_url
 from core.users.constants import AUTH_GROUPS
 from .constants import USER_OBJECT_TYPE
-from core.common.mixins import SourceContainerMixin
 
 
 class UserProfile(AbstractUser, BaseModel, CommonLogoModel, SourceContainerMixin):

diff --git a/core/users/views.py b/core/users/views.py
@@ -27,17 +27,25 @@
 from core.users.search import UserProfileSearch
 from core.users.serializers import UserDetailSerializer, UserCreateSerializer, UserListSerializer, UserSummarySerializer
 from .models import UserProfile
+from ..common.services import AuthService
 
 
 class TokenAuthenticationView(ObtainAuthToken):
     """Implementation of ObtainAuthToken with last_login update"""
 
     @swagger_auto_schema(request_body=AuthTokenSerializer)
     def post(self, request, *args, **kwargs):
-        user = UserProfile.objects.filter(username=request.data.get('username')).first()
-        if not user or not user.check_password(request.data.get('password')):
+        username = request.data.get('username')
+        password = request.data.get('password')
+
+        auth_service = AuthService.get(username=username, password=password)
+        token = auth_service.get_token()
+
+        if token is False:
             raise Http400(dict(non_field_errors=["Unable to log in with provided credentials."]))
 
+        user = auth_service.user
+
         if not user.is_active:
             user.verify()
             return Response(
@@ -49,14 +57,12 @@ def post(self, request, *args, **kwargs):
                 {'detail': VERIFY_EMAIL_MESSAGE, 'email': user.email}, status=status.HTTP_401_UNAUTHORIZED
             )
 
-        result = super().post(request, *args, **kwargs)
-
         try:
             update_last_login(None, user)
         except:  # pylint: disable=bare-except
             pass
 
-        return result
+        return Response(token)
 
 
 class UserBaseView(BaseAPIView):