unitystation · corp-0 · Oct 23, 2023 · Oct 23, 2023 · Oct 23, 2023 · Oct 23, 2023
diff --git a/api-collection/CreateAccount/Invalid identifier.bru b/api-collection/CreateAccount/Invalid identifier.bru
@@ -0,0 +1,20 @@
+meta {
+  name: Invalid identifier
+  type: http
+  seq: 2
+}
+
+post {
+  url: {{baseUrl}}/accounts/register
+  body: json
+  auth: none
+}
+
+body:json {
+  {
+    "account_identifier": "' 'DROP TABLE USERS;",
+    "username": "My Name",
+    "password": "qweasd123",
+    "email": "myname@email.com"
+  }
+}
diff --git a/api-collection/CreateAccount/Valid.bru b/api-collection/CreateAccount/Valid.bru
@@ -0,0 +1,20 @@
+meta {
+  name: Valid
+  type: http
+  seq: 1
+}
+
+post {
+  url: {{baseUrl}}/accounts/register
+  body: json
+  auth: none
+}
+
+body:json {
+  {
+    "account_identifier": "myname",
+    "username": "My Name",
+    "password": "qweasd123",
+    "email": "myname@email.com"
+  }
+}
diff --git a/api-collection/LoginWithCreds/non existent account.bru b/api-collection/LoginWithCreds/non existent account.bru
@@ -0,0 +1,18 @@
+meta {
+  name: non existent account
+  type: http
+  seq: 3
+}
+
+post {
+  url: {{baseUrl}}/accounts/login-credentials
+  body: json
+  auth: none
+}
+
+body:json {
+  {
+    "email": "doesnot@exists.com",
+    "password": "qweasd123"
+  }
+}
diff --git a/api-collection/LoginWithCreds/not verified.bru b/api-collection/LoginWithCreds/not verified.bru
@@ -0,0 +1,18 @@
+meta {
+  name: not verified
+  type: http
+  seq: 2
+}
+
+post {
+  url: {{baseUrl}}/accounts/login-credentials
+  body: json
+  auth: none
+}
+
+body:json {
+  {
+    "email": "myname@email.com",
+    "password": "qweasd123"
+  }
+}
diff --git a/api-collection/LoginWithCreds/success.bru b/api-collection/LoginWithCreds/success.bru
@@ -0,0 +1,18 @@
+meta {
+  name: success
+  type: http
+  seq: 1
+}
+
+post {
+  url: {{baseUrl}}/accounts/login-credentials
+  body: json
+  auth: none
+}
+
+body:json {
+  {
+    "email": "admin@admin.com",
+    "password": "admin"
+  }
+}
diff --git a/api-collection/LoginWithToken/invalid token.bru b/api-collection/LoginWithToken/invalid token.bru
@@ -0,0 +1,22 @@
+meta {
+  name: invalid token
+  type: http
+  seq: 3
+}
+
+post {
+  url: {{baseUrl}}/accounts/login-token
+  body: json
+  auth: none
+}
+
+headers {
+  Authorization: Token 6dc6178ad72f5beA0581b6b49024cdbb41d85ffdd1fbbf40991cce24a69a327b
+}
+
+body:json {
+  {
+    "username": "admin@admin.com",
+    "password": "admin"
+  }
+}
diff --git a/api-collection/LoginWithToken/missing token.bru b/api-collection/LoginWithToken/missing token.bru
@@ -0,0 +1,18 @@
+meta {
+  name: missing token
+  type: http
+  seq: 2
+}
+
+post {
+  url: {{baseUrl}}/accounts/login-token
+  body: json
+  auth: none
+}
+
+body:json {
+  {
+    "username": "admin@admin.com",
+    "password": "admin"
+  }
+}
diff --git a/api-collection/LoginWithToken/success.bru b/api-collection/LoginWithToken/success.bru
@@ -0,0 +1,22 @@
+meta {
+  name: success
+  type: http
+  seq: 1
+}
+
+post {
+  url: {{baseUrl}}/accounts/login-token
+  body: json
+  auth: none
+}
+
+headers {
+  Authorization: Token 6dc6178ad72f5bed0581b6b49024cdbb41d85ffdd1fbbf40991cce24a69a327b
+}
+
+body:json {
+  {
+    "username": "admin@admin.com",
+    "password": "admin"
+  }
+}
diff --git a/api-collection/bruno.json b/api-collection/bruno.json
@@ -0,0 +1,5 @@
+{
+  "version": "1",
+  "name": "central-command",
+  "type": "collection"
+}
diff --git a/api-collection/environments/local.bru b/api-collection/environments/local.bru
@@ -0,0 +1,3 @@
+vars {
+  baseUrl: http://localhost:8000
+}
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -64,7 +64,7 @@ authors = ["Andrés Riquelme <andresfranco.rs@gmail.com>"]
 python = "^3.10"
 Django = "^3.2.12"
 djangorestframework = "^3.12.1"
-psycopg2-binary = "^2.8.6"
+psycopg2-binary = "2.9.9"
 django-email-verification = "^0.0.7"
 django-rest-knox = "^4.1.0"
 gunicorn = "^20.1.0"

diff --git a/src/accounts/api/views.py b/src/accounts/api/views.py
@@ -30,6 +30,15 @@ class PublicAccountDataView(RetrieveAPIView):
 class LoginWithTokenView(KnoxLoginView):
     permission_classes = (AllowAny,)
 
+    def post(self, request, format=None):
+        if request.auth is None:
+            return Response(
+                {"detail": "Invalid token."},
+                status=status.HTTP_401_UNAUTHORIZED,
+            )
+
+        return super().post(request, format=None)
+
     def get_post_response_data(self, request, token, instance):
         try:
             if not request.user.is_active:

diff --git a/src/accounts/migrations/0004_alter_account_verification_token.py b/src/accounts/migrations/0004_alter_account_verification_token.py
@@ -0,0 +1,19 @@
+# Generated by Django 3.2.15 on 2023-10-23 15:34
+
+from django.db import migrations, models
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0003_alter_account_verification_token'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='account',
+            name='verification_token',
+            field=models.UUIDField(blank=True, default=uuid.UUID('6c74ff29-b92d-4175-8581-e91c38b84195'), verbose_name='Verification token'),
+        ),
+    ]
diff --git a/src/accounts/migrations/0005_alter_account_verification_token.py b/src/accounts/migrations/0005_alter_account_verification_token.py
@@ -0,0 +1,19 @@
+# Generated by Django 3.2.15 on 2023-10-23 15:44
+
+from django.db import migrations, models
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0004_alter_account_verification_token'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='account',
+            name='verification_token',
+            field=models.UUIDField(blank=True, default=uuid.UUID('32dfaa59-45fc-4c7a-bbd5-b195075e5f89'), verbose_name='Verification token'),
+        ),
+    ]
diff --git a/src/accounts/migrations/0006_alter_account_verification_token.py b/src/accounts/migrations/0006_alter_account_verification_token.py
@@ -0,0 +1,19 @@
+# Generated by Django 3.2.22 on 2023-10-23 15:53
+
+from django.db import migrations, models
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0005_alter_account_verification_token'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='account',
+            name='verification_token',
+            field=models.UUIDField(blank=True, default=uuid.UUID('f4a76c91-a5b1-444e-af33-32c82ac1dc4b'), verbose_name='Verification token'),
+        ),
+    ]
diff --git a/src/accounts/models.py b/src/accounts/models.py
@@ -10,7 +10,7 @@ class Account(AbstractUser):
     email = models.EmailField(
         verbose_name="Email address",
         unique=True,
-        help_text=("Email address must be unique. It is used to login and confirm the account."),
+        help_text="Email address must be unique. It is used to login and confirm the account.",
     )
 
     account_identifier = models.CharField(
@@ -38,7 +38,7 @@ class Account(AbstractUser):
     is_verified = models.BooleanField(
         default=False,
         verbose_name="Verified",
-        help_text=("Is this account verified to be who they claim to be? Are they famous?!"),
+        help_text="Is this account verified to be who they claim to be? Are they famous?!",
     )
 
     legacy_id = models.CharField(
@@ -55,7 +55,7 @@ class Account(AbstractUser):
     characters_data = models.JSONField(
         verbose_name="Characters data",
         default=dict,
-        help_text=("Characters data is used to store all the characters associated with this account."),
+        help_text="Characters data is used to store all the characters associated with this account.",
     )
 
     is_authorized_server = models.BooleanField(