Ejemplo n.º 1
0
    def create(self, request, *args, **kwargs):
        if 'username' in request.data:
            request.data['username'] = request.data['username'].lower()

        serializer = super().get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)

        user = serializer.save()
        user.set_password(request.data['password'])
        user.save()

        if not user.uuid or not user.email:
            raise exceptions.APIException(detail="No data to send email.")

        token = TokenService.create(user.uuid, Token.TYPE_USER_CONFIRM,
                                    timedelta(hours=1)).get_token()

        EmailService().send_mail('confirm_account.html', 'Welcome to Cooksel',
                                 [user.email], {
                                     'token': token,
                                     'request': request,
                                 })

        headers = super().get_success_headers(serializer.data)
        return Response(serializer.data,
                        status=status.HTTP_201_CREATED,
                        headers=headers)
Ejemplo n.º 2
0
    def retrieve(self, request, *args, **kwargs):
        self.queryset = Recipe.objects.all()
        instance = self.get_object()

        is_owner = request.user.is_authenticated and request.user.uuid == instance.chef.uuid
        has_public_link = TokenService.exists(type=Token.TYPE_RECIPE_SHORTLINK,
                                              reference=instance.uuid)

        if not is_owner and (not instance.is_public and not has_public_link):
            raise exceptions.NotFound

        serializer = self.get_serializer(instance)
        return Response(serializer.data)
Ejemplo n.º 3
0
def getRecipeFromShortlink(request, token):
    token = TokenService.get_from(token)
    token.is_type(Token.TYPE_RECIPE_SHORTLINK, raise_exception=True)

    if request.method == 'DELETE':
        recipe = Recipe.objects.get(uuid=token.get_token().reference)
        if not request.user.is_authenticated or recipe.chef.uuid != request.user.uuid:
            raise exceptions.PermissionDenied

        token.delete()
        return Response()

    return Response({'recipe_uuid': token.get_token().reference})
Ejemplo n.º 4
0
def passwordReset(request, chef_uuid, token):
    user = MyUser.objects.get(uuid=chef_uuid)
    tokenService = TokenService.get_from(token)

    tokenService.is_type(Token.TYPE_PASSWORD_RESET, raise_exception=True)
    tokenService.check_expired(raise_exception=True)

    if request.method == 'POST':
        form = PasswordResetForm(request.POST)

        if form.is_valid():
            user.set_password(form.cleaned_data.get('password'))
            user.save()
            tokenService.delete()

    else:
        form = PasswordResetForm()

    return render(request, 'app/password_reset.html', {'form': form})
Ejemplo n.º 5
0
def getShortlinkForPublicRecipe(request, recipe_uuid):
    recipe = Recipe.objects.get(uuid=recipe_uuid)

    try:
        token = Token.objects.get(type=Token.TYPE_RECIPE_SHORTLINK,
                                  reference=recipe_uuid)
        return Response({'token': token.token})
    except ObjectDoesNotExist:
        pass

    # if the recipe is private, only the creator can get the link
    if not recipe.is_public and (not request.user.is_authenticated
                                 or recipe.chef.uuid != request.user.uuid):
        raise exceptions.PermissionDenied(
            'You are not allowed to share this recipe')

    token = TokenService.create_short(recipe_uuid,
                                      Token.TYPE_RECIPE_SHORTLINK).get_token()
    return Response({'token': token.token})
Ejemplo n.º 6
0
    def post(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)

        try:
            user = MyUser.objects.get(email=serializer.data['email'])
        except:
            return Response('ok')

        token = TokenService.create(user.uuid, Token.TYPE_PASSWORD_RESET,
                                    timedelta(hours=1)).get_token()

        EmailService().send_mail('password_reset_request.html',
                                 'Reset your password', [user.email], {
                                     'token': token,
                                     'request': request,
                                 })

        return Response('ok')
Ejemplo n.º 7
0
def confirmAccount(request, chef_uuid, token):
    user = MyUser.objects.get(uuid=chef_uuid)
    try:
        tokenService = TokenService.get_from(token)

        tokenService.is_type(Token.TYPE_USER_CONFIRM, raise_exception=True)
        tokenService.check_expired(raise_exception=True)
    except ObjectDoesNotExist:
        tokenService.delete()
        raise Http404('Invalid token. This account may be confirmed already.')
    except ValidationError:
        tokenService.delete()
        raise Http404('Token has expired')

    user.is_confirmed = True
    user.save()
    tokenService.delete(raise_exception=True)

    return render(request, 'app/confirm_successful.html',
                  {'username': user.username})