Merge pull request #5 from Tivix/master

Pull updates
Tivix · Aug 1, 2016 · 5086eeb · 5086eeb
2 parents 1a964f9 + e9215f4
commit 5086eeb
Show file tree

Hide file tree

Showing 31 changed files with 853 additions and 158 deletions.
diff --git a/.coveragerc b/.coveragerc
@@ -0,0 +1,26 @@
+# .coveragerc to control coverage.py
+[run]
+omit=*site-packages*,*distutils*,*migrations*
+
+[report]
+# Regexes for lines to exclude from consideration
+exclude_lines =
+    # Have to re-enable the standard pragma
+    pragma: no cover
+
+    # Don't complain about missing debug-only code:
+    def __repr__
+    if self\.debug
+
+    # Don't complain if tests don't hit defensive assertion code:
+    raise AssertionError
+    raise NotImplementedError
+
+    # Don't complain if non-runnable code isn't run:
+    if 0:
+    if __name__ == .__main__.:
+
+ignore_errors = True
+
+[html]
+directory = coverage_html
diff --git a/.gitignore b/.gitignore
@@ -35,9 +35,6 @@ nosetests.xml
 coverage.xml
 coverage_html
 
-# Translations
-*.mo
-
 # Mr Developer
 .mr.developer.cfg
 .project

diff --git a/.travis.yml b/.travis.yml
@@ -1,13 +1,18 @@
 language: python
 python:
   - "2.7"
+  - "3.5"
 env:
-  - DJANGO=1.7.7
-  - DJANGO=1.8
+  - DJANGO=1.8.13
+  - DJANGO=1.9.7
 install:
   - pip install -q Django==$DJANGO --use-mirrors
   - pip install coveralls
   - pip install -r rest_auth/tests/requirements.pip
+matrix:
+  exclude:
+    - python: "3.5"
+      env: DJANGO=1.8.13
 script:
   - coverage run --source=rest_auth setup.py test
 after_success:

diff --git a/demo/demo/urls.py b/demo/demo/urls.py
@@ -11,6 +11,8 @@
         name='email-verification'),
     url(r'^login/$', TemplateView.as_view(template_name="login.html"),
         name='login'),
+    url(r'^logout/$', TemplateView.as_view(template_name="logout.html"),
+        name='logout'),
     url(r'^password-reset/$',
         TemplateView.as_view(template_name="password_reset.html"),
         name='password-reset'),

diff --git a/demo/requirements.pip b/demo/requirements.pip
@@ -1,4 +1,4 @@
-django>=1.7.0
-django-rest-auth==0.6.0
-django-allauth==0.24.1
+django>=1.8.0
+django-rest-auth==0.8.1
+django-allauth>=0.24.1
 six==1.9.0
diff --git a/demo/templates/base.html b/demo/templates/base.html
@@ -40,6 +40,7 @@
                 <li class="divider"></li>
                 <!-- these pages require user token -->
                 <li><a href="{% url 'user-details' %}">User details</a></li>
+                <li><a href="{% url 'logout' %}">Logout</a></li>
                 <li><a href="{% url 'password-change' %}">Password change</a></li>
             </ul>
           </li>

diff --git a/demo/templates/fragments/logout_form.html b/demo/templates/fragments/logout_form.html
@@ -0,0 +1,20 @@
+{% block content %}
+
+  <form class="form-horizontal ajax-post" role="form" action="{% url 'rest_logout' %}">{% csrf_token %}
+    <div class="form-group">
+      <label for="token" class="col-sm-2 control-label">User Token</label>
+      <div class="col-sm-4">
+        <input name="token" type="text" class="form-control" id="token" placeholder="Token">
+        <p class="help-block">Token received after login</p>
+      </div>
+    </div>
+
+  <div class="form-group">
+    <div class="col-sm-offset-2 col-sm-10">
+      <button type="submit" class="btn btn-default">Login</button>
+    </div>
+  </div>
+
+  <div class="form-group api-response"></div>
+  </form>
+{% endblock %}
diff --git a/demo/templates/logout.html b/demo/templates/logout.html
@@ -0,0 +1,8 @@
+{% extends "base.html" %}
+
+{% block content %}
+  <div class="row">
+    <h3>Logout</h3><hr/>
+    {% include "fragments/logout_form.html" %}
+  </div>
+{% endblock %}
diff --git a/docs/api_endpoints.rst b/docs/api_endpoints.rst
@@ -11,7 +11,11 @@ Basic
     - password (string)
 
 
-- /rest-auth/logout/ (POST)
+- /rest-auth/logout/ (POST, GET)
+
+    .. note:: ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET (this is the exact same conf from allauth)
+
+    - token
 
 - /rest-auth/password/reset/ (POST)
 
@@ -70,3 +74,8 @@ Basing on example from installation section :doc:`Installation </installation>`
 
     - access_token
     - code
+
+- /rest-auth/twitter/ (POST)
+
+    - access_token
+    - token_secret
diff --git a/docs/changelog.rst b/docs/changelog.rst
@@ -1,6 +1,18 @@
 Changelog
 =========
 
+0.8.0
+-----
+- added support for django-rest-framework-jwt
+- bugfixes
+
+0.7.0
+-----
+- Wrapped API returned strings in ugettext_lazy
+- Fixed not using ``get_username`` which caused issues when using custom user model without username field
+- Django 1.9 support
+- Added ``TwitterLoginSerializer``
+
 0.6.0
 -----
 - dropped support for Python 2.6

diff --git a/docs/configuration.rst b/docs/configuration.rst
@@ -10,6 +10,8 @@ Configuration
 
         - TOKEN_SERIALIZER - response for successful authentication in ``rest_auth.views.LoginView``, default value ``rest_auth.serializers.TokenSerializer``
 
+        - JWT_SERIALIZER - (Using REST_USE_JWT=True) response for successful authentication in ``rest_auth.views.LoginView``, default value ``rest_auth.serializers.JWTSerializer``
+
         - USER_DETAILS_SERIALIZER - serializer class in ``rest_auth.views.UserDetailsView``, default value ``rest_auth.serializers.UserDetailsSerializer``
 
         - PASSWORD_RESET_SERIALIZER - serializer class in ``rest_auth.views.PasswordResetView``, default value ``rest_auth.serializers.PasswordResetSerializer``
@@ -29,19 +31,38 @@ Configuration
             ...
         }
 
-- **REST_AUTH_REGISTRATION_SERIALIZERS**
+- **REST_AUTH_REGISTER_SERIALIZERS**
 
     You can define your custom serializers for registration endpoint.
     Possible key values:
 
-        - REGISTER_SERIALIZER - serializer class in ``rest_auth.register.views.RegisterView``, default value ``rest_auth.register.serializers.RegisterSerializer``
+        - REGISTER_SERIALIZER - serializer class in ``rest_auth.register.views.RegisterView``, default value ``rest_auth.registration.serializers.RegisterSerializer``
 
 - **REST_AUTH_TOKEN_MODEL** - model class for tokens, default value ``rest_framework.authtoken.models``
 
 - **REST_AUTH_TOKEN_CREATOR** - callable to create tokens, default value ``rest_auth.utils.default_create_token``.
 
 - **REST_SESSION_LOGIN** - Enable session login in Login API view (default: True)
 
+- **REST_USE_JWT** - Enable JWT Authentication instead of Token/Session based. This is built on top of django-rest-framework-jwt http://getblimp.github.io/django-rest-framework-jwt/, which must also be installed. (default: False)
+
 - **OLD_PASSWORD_FIELD_ENABLED** - set it to True if you want to have old password verification on password change enpoint (default: False)
 
 - **LOGOUT_ON_PASSWORD_CHANGE** - set to False if you want to keep the current user logged in after a password change
+
+
+Throttling
+=============
+
+You may specify custom throttling for ``rest_auth.register.views.RegisterView`` by specifying DRF settings:
+
+    .. code-block:: python
+
+        REST_FRAMEWORK = {
+            'DEFAULT_THROTTLE_RATES': {
+                'anon': '6/m',
+                'register_view':'1/h',
+            },
+        }
+    
+
diff --git a/docs/index.rst b/docs/index.rst
@@ -6,7 +6,7 @@
 Welcome to django-rest-auth's documentation!
 ============================================
 
-.. warning:: Updating django-rest-auth to version **0.3.4** is highly recommended because of a security issue in PasswordResetConfirmation validation method.
+.. warning:: Updating django-rest-auth from version **0.3.3** is highly recommended because of a security issue in PasswordResetConfirmation validation method.
 
 .. note:: django-rest-auth from v0.3.3 supports django-rest-framework v3.0
 

diff --git a/docs/installation.rst b/docs/installation.rst
@@ -38,18 +38,23 @@ You're good to go now!
 Registration (optional)
 -----------------------
 
-1. If you want to enable standard registration process you will need to install ``django-allauth`` by using ``pip install django-rest-auth[extras]`` or ``pip install django-rest-auth[with_social]``.
+1. If you want to enable standard registration process you will need to install ``django-allauth`` by using ``pip install django-rest-auth[with_social]``.
 
-2. Add ``allauth``, ``allauth.account`` and ``rest_auth.registration`` apps to INSTALLED_APPS in your django settings.py:
+2. Add ``django.contrib.sites``, ``allauth``, ``allauth.account`` and ``rest_auth.registration`` apps to INSTALLED_APPS in your django settings.py:
+
+3. Add ``SITE_ID = 1``  to your django settings.py
 
 .. code-block:: python
 
     INSTALLED_APPS = (
         ...,
+        'django.contrib.sites',
         'allauth',
         'allauth.account',
         'rest_auth.registration',
     )
+    
+    SITE_ID = 1
 
 3. Add rest_auth.registration urls:
 
@@ -65,11 +70,11 @@ Registration (optional)
 Social Authentication (optional)
 --------------------------------
 
-Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creating social media authentication view. Below is an example with Facebook authentication.
+Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creating social media authentication view. 
 
-.. note:: Points 1, 2 and 3 are related with ``django-allauth`` configuration, so if you have already configured social authentication, then please go to step 4. See ``django-allauth`` documentation for more details.
+.. note:: Points 1 and 2 are related to ``django-allauth`` configuration, so if you have already configured social authentication, then please go to step 3. See ``django-allauth`` documentation for more details.
 
-1. Add ``allauth.socialaccount`` and ``allauth.socialaccount.providers.facebook`` apps to INSTALLED_APPS in your django settings.py:
+1. Add ``allauth.socialaccount`` and ``allauth.socialaccount.providers.facebook`` or ``allauth.socialaccount.providers.twitter`` apps to INSTALLED_APPS in your django settings.py:
 
 .. code-block:: python
 
@@ -79,16 +84,22 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati
         'rest_framework.authtoken',
         'rest_auth'
         ...,
+        'django.contrib.sites',
         'allauth',
         'allauth.account',
         'rest_auth.registration',
         ...,
         'allauth.socialaccount',
         'allauth.socialaccount.providers.facebook',
+        'allauth.socialaccount.providers.twitter',
+
     )
 
 2. Add Social Application in django admin panel
 
+Facebook
+########
+
 3. Create new view as a subclass of ``rest_auth.registration.views.SocialLoginView`` with ``FacebookOAuth2Adapter`` adapter as an attribute:
 
 .. code-block:: python
@@ -103,9 +114,50 @@ Using ``django-allauth``, ``django-rest-auth`` provides helpful class for creati
 
 .. code-block:: python
 
-    urlpatterns += pattern('',
+    urlpatterns += patterns('',
         ...,
         url(r'^rest-auth/facebook/$', FacebookLogin.as_view(), name='fb_login')
     )
 
+
+Twitter
+#######
+
+If you are using Twitter for your social authentication, it is a bit different since Twitter uses OAuth 1.0.
+
+3. Create new view as a subclass of ``rest_auth.views.LoginView`` with ``TwitterOAuthAdapter`` adapter and  ``TwitterLoginSerializer`` as an attribute:
+
+.. code-block:: python
+
+    from allauth.socialaccount.providers.twitter.views import TwitterOAuthAdapter
+    from rest_auth.views import LoginView
+    from rest_auth.social_serializers import TwitterLoginSerializer
+
+    class TwitterLogin(LoginView):
+        serializer_class = TwitterLoginSerializer
+        adapter_class = TwitterOAuthAdapter
+
+4. Create url for TwitterLogin view:
+
+.. code-block:: python
+
+    urlpatterns += patterns('',
+        ...,
+        url(r'^rest-auth/twitter/$', TwitterLogin.as_view(), name='twitter_login')
+    )
 .. note:: Starting from v0.21.0, django-allauth has dropped support for context processors. Check out http://django-allauth.readthedocs.org/en/latest/changelog.html#from-0-21-0 for more details.
+
+
+JWT Support (optional)
+----------------------
+
+By default, ``django-rest-auth`` uses Django's Token-based authentication. If you want to use JWT authentication, you need to install the following:
+
+1. Install ``django-rest-framework-jwt`` http://getblimp.github.io/django-rest-framework-jwt/ . Right now this is the only supported JWT library. 
+
+2. Add the following to your settings 
+
+.. code-block:: python
+
+    REST_USE_JWT = True
+
diff --git a/rest_auth/app_settings.py b/rest_auth/app_settings.py
@@ -2,6 +2,7 @@
 
 from rest_auth.serializers import (
     TokenSerializer as DefaultTokenSerializer,
+    JWTSerializer as DefaultJWTSerializer,
     UserDetailsSerializer as DefaultUserDetailsSerializer,
     LoginSerializer as DefaultLoginSerializer,
     PasswordResetSerializer as DefaultPasswordResetSerializer,
@@ -17,6 +18,9 @@
 TokenSerializer = import_callable(
     serializers.get('TOKEN_SERIALIZER', DefaultTokenSerializer))
 
+JWTSerializer = import_callable(
+    serializers.get('JWT_SERIALIZER', DefaultJWTSerializer))
+
 UserDetailsSerializer = import_callable(
     serializers.get('USER_DETAILS_SERIALIZER', DefaultUserDetailsSerializer)
 )

diff --git a/rest_auth/locale/de/LC_MESSAGES/django.mo b/rest_auth/locale/de/LC_MESSAGES/django.mo