Skip to content

Feature/auth #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
VeryBigSad merged 5 commits into from
Nov 15, 2022
Merged

Feature/auth #27

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
72c3b60
Fix reset password
stolzor Nov 12, 2022
cdf1bd6
Merge branch 'dev' into feature/auth
stolzor Nov 13, 2022
8cf0954
update function change password
stolzor Nov 13, 2022
23ad161
fix calc time between last update and current time
stolzor Nov 13, 2022
39f25cb
Add current user route, refactor views names
yakser Nov 15, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions users/urls.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
from django.urls import path, re_path

from users.views import (
CurrentUser,
EmailResetPassword,
ResetPassword,
SpecialistsList,
UserAdditionalRolesView,
UserAdditionalRoles,
UserDetail,
UserList,
UserTypesView,
VerifyEmail,
UserTypes,
VerifyEmail,
)

app_name = "users"
Expand All @@ -19,11 +19,11 @@
"specialists/", SpecialistsList.as_view()
), # this url actually returns mentors, experts and investors
path("users/", UserList.as_view()),
path("users/roles/", UserAdditionalRolesView.as_view()),
path("users/types/", UserTypesView.as_view()),
path("users/roles/", UserAdditionalRoles.as_view()),
path("users/types/", UserTypes.as_view()),
path("users/<int:pk>/", UserDetail.as_view()),
path("users/reset-password/", EmailResetPassword.as_view()),
path("users/user-types", UserTypes.as_view()),
path("users/current/", CurrentUser.as_view()),
re_path(
r"^account-confirm-email/",
VerifyEmail.as_view(),
Expand Down
82 changes: 54 additions & 28 deletions users/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,11 @@
from rest_framework.permissions import AllowAny, IsAuthenticated
from rest_framework.response import Response
from rest_framework.views import APIView
from rest_framework_simplejwt.tokens import RefreshToken
from rest_framework_simplejwt.tokens import RefreshToken, TokenError

from core.permissions import IsOwnerOrReadOnly
from core.utils import Email
from users.helpers import VERBOSE_ROLE_TYPES, VERBOSE_USER_TYPES
from users.helpers import VERBOSE_ROLE_TYPES
from users.serializers import (
EmailSerializer,
PasswordSerializer,
Expand Down Expand Up @@ -73,17 +73,7 @@ def post(self, request, *args, **kwargs):
return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)


class UserTypesView(GenericAPIView):
permission_classes = [AllowAny]

def get(self, request, format=None):
"""
Return a tuple of user types.
"""
return Response(VERBOSE_USER_TYPES, status=status.HTTP_200_OK)


class UserAdditionalRolesView(GenericAPIView):
class UserAdditionalRoles(GenericAPIView):
permission_classes = [AllowAny]

def get(self, request, format=None):
Expand Down Expand Up @@ -111,6 +101,17 @@ class UserDetail(RetrieveUpdateDestroyAPIView):
serializer_class = UserDetailSerializer


class CurrentUser(APIView):
queryset = User.objects.get_users_for_detail_view()
permission_classes = [IsAuthenticated]
serializer_class = UserDetailSerializer

def get(self, request):
user = request.user
serializer = UserDetailSerializer(user)
return Response(serializer.data, status=status.HTTP_200_OK)


class UserTypes(APIView):
def get(self, request, format=None):
"""
Expand Down Expand Up @@ -145,13 +146,13 @@ def get(self, request):
except jwt.ExpiredSignatureError:
return redirect(
REDIRECT_URL,
status=status.HTTP_200_OK,
status=status.HTTP_400_BAD_REQUEST,
message="Activate Expired",
)
except jwt.DecodeError:
return redirect(
REDIRECT_URL,
status=status.HTTP_200_OK,
status=status.HTTP_400_BAD_REQUEST,
message="Decode error",
)

Expand All @@ -166,20 +167,26 @@ def post(self, request, *args, **kwargs):

user = User.objects.get(email=serializer.data["email"])

token = RefreshToken.for_user(user).access_token
access_token = RefreshToken.for_user(user).access_token
refresh_token = RefreshToken.for_user(user)

relative_link = reverse("users:password_reset_sent")

current_site = get_current_site(request).domain
absolute_url = "http://" + current_site + relative_link + "?token=" + str(token)
absolute_url = (
"http://"
+ current_site
+ relative_link
+ f"?access_token={access_token}&refresh_token={refresh_token}"
)

email_body = "Hi, {} {}! Use link below verify your email {}".format(
email_body = "Hi, {} {}! Use link below for reset password {}".format(
user.first_name, user.last_name, absolute_url
)

data = {
"email_body": email_body,
"email_subject": "Verify your email",
"email_subject": "Reset password",
"to_email": user.email,
}

Expand All @@ -192,24 +199,43 @@ class ResetPassword(UpdateAPIView):
serializer_class = PasswordSerializer
permission_classes = [AllowAny]

def get(self, request, *args, **kwargs):
refresh_token = request.GET.get("refresh_token")
try:
RefreshToken(refresh_token).check_blacklist()
except TokenError:
return redirect(
"https://procollab.ru/auth/reset_password/",
status=status.HTTP_400_BAD_REQUEST,
message="Used token",
)

return Response({"message": "Enter new password"})

def update(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid()

try:
token = request.GET.get("token")
payload = jwt.decode(jwt=token, key=settings.SECRET_KEY, algorithms=["HS256"])
refresh_token = request.GET.get("refresh_token")
access_token = request.GET.get("access_token")
payload = jwt.decode(
jwt=access_token, key=settings.SECRET_KEY, algorithms=["HS256"]
)
user = User.objects.get(id=payload["user_id"])
last_update = user.datatime_updated
if (datetime.now().minute - last_update.minute) <= 10:
return Response(
{"response": "You can't change your password so often"},
status=status.HTTP_200_OK,
last_update = user.datetime_updated
frequency_update = datetime.utcnow().minute - last_update.minute
if frequency_update <= 10:
return redirect(
"https://procollab.ru/auth/reset_password/",
status=status.HTTP_400_BAD_REQUEST,
message="You can't change your password so often",
)

user.set_password(serializer.data["new_password"])
user.save()

RefreshToken(refresh_token).blacklist()
return redirect(
"https://procollab.ru/auth/reset_password/",
status=status.HTTP_200_OK,
Expand All @@ -219,12 +245,12 @@ def update(self, request, *args, **kwargs):
except jwt.ExpiredSignatureError:
return redirect(
"https://procollab.ru/auth/reset_password/",
status=status.HTTP_200_OK,
status=status.HTTP_400_BAD_REQUEST,
message="Activate Expired",
)
except jwt.DecodeError:
return redirect(
"https://procollab.ru/auth/reset_password/",
status=status.HTTP_200_OK,
status=status.HTTP_400_BAD_REQUEST,
message="Decode error",
)