def send_reset_password_link(request):
'''
Send email with reset password link.
---
serializer: SendResetPasswordLinkSerializer
'''
serializer = SendResetPasswordLinkSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
login = serializer.data['login']
user_class = get_user_model_class()
user_queryset = user_class.objects.all()
user = None
for login_field in get_login_fields():
try:
user = get_object_or_404(user_queryset, **{login_field: login})
break
except Http404:
pass
if not user:
raise BadRequest('User not found')
signer = ResetPasswordSigner({
'user_id': user.pk,
}, request=request)
template_config = (
registration_settings.RESET_PASSWORD_VERIFICATION_EMAIL_TEMPLATES)
send_verification(user, signer, template_config)
return get_ok_response('Reset link sent')
def register_email(request):
'''
Register new email.
'''
user = request.user
serializer = RegisterEmailSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
email = serializer.validated_data['email']
template_config = (
registration_settings.REGISTER_EMAIL_VERIFICATION_EMAIL_TEMPLATES)
if registration_settings.REGISTER_EMAIL_VERIFICATION_ENABLED:
signer = RegisterEmailSigner({
'user_id': user.pk,
'email': email,
},
request=request)
send_verification(user, signer, template_config, email=email)
else:
email_field = get_user_setting('EMAIL_FIELD')
setattr(user, email_field, email)
user.save()
return get_ok_response('Register email link email sent')
def send_reset_password_link(request):
'''
Send email with reset password link.
'''
serializer = SendResetPasswordLinkSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
login = serializer.data['login']
user = None
for login_field in get_login_fields():
user = get_user_by_lookup_dict({login_field: login}, default=None)
if user:
break
if not user:
raise UserNotFound()
signer = ResetPasswordSigner({
'user_id': user.pk,
}, request=request)
template_config = (
registration_settings.RESET_PASSWORD_VERIFICATION_EMAIL_TEMPLATES)
send_verification(user, signer, template_config)
return get_ok_response('Reset link sent')
def login(request):
'''
Logs in the user via given login and password.
'''
serializer = LoginSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.data
user_class = get_user_model()
login_fields = (registration_settings.USER_LOGIN_FIELDS
or getattr(user_class, 'LOGIN_FIELDS', None)
or [user_class.USERNAME_FIELD])
for field_name in login_fields:
kwargs = {
field_name: data['login'],
'password': data['password'],
}
user = auth.authenticate(**kwargs)
if user:
break
if not user:
raise BadRequest('Login or password invalid.')
if should_authenticate_session():
auth.login(request, user)
extra_data = {}
if should_retrieve_token():
token, _ = Token.objects.get_or_create(user=user)
extra_data['token'] = token.key
return get_ok_response('Login successful', extra_data=extra_data)
def logout(request):
'''
Logs out the user. returns an error if the user is not
authenticated.
'''
if not request.user.is_authenticated:
raise BadRequest('Not logged in')
auth.logout(request)
return get_ok_response('Logout successful')
def change_password(request):
'''
Change the user password.
'''
serializer = ChangePasswordSerializer(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
user = request.user
user.set_password(serializer.data['password'])
user.save()
return get_ok_response('Password changed successfully')
def verify_email(request):
'''
Verify email via signature.
'''
if not registration_settings.REGISTER_EMAIL_VERIFICATION_ENABLED:
raise Http404()
serializer = VerifyEmailSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.data
signer = RegisterEmailSigner(data, request=request)
verify_signer_or_bad_request(signer)
email_field = get_user_setting('EMAIL_FIELD')
user = get_user_by_id(data['user_id'])
setattr(user, email_field, data['email'])
user.save()
return get_ok_response('Email verified successfully')
def verify_registration(request):
'''
Verify registration via signature.
'''
if not registration_settings.REGISTER_VERIFICATION_ENABLED:
raise Http404()
serializer = VerifyRegistrationSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.data
signer = RegisterSigner(data, request=request)
verify_signer_or_bad_request(signer)
verification_flag_field = get_user_setting('VERIFICATION_FLAG_FIELD')
user = get_user_by_id(data['user_id'], require_verified=False)
setattr(user, verification_flag_field, True)
user.save()
return get_ok_response('User verified successfully')
def logout(request):
'''
Logs out the user. returns an error if the user is not
authenticated.
'''
user = request.user
serializer = LogoutSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.validated_data
if should_authenticate_session():
auth.logout(request)
if should_retrieve_token() and data['revoke_token']:
try:
user.auth_token.delete()
except Token.DoesNotExist:
raise BadRequest('Cannot remove non-existent token')
return get_ok_response('Logout successful')
def reset_password(request):
'''
Reset password, given the signature and timestamp from the link.
'''
serializer = ResetPasswordSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = serializer.data.copy()
password = data.pop('password')
signer = ResetPasswordSigner(data, request=request)
verify_signer_or_bad_request(signer)
user = get_user_by_id(data['user_id'])
try:
validate_password(password, user=user)
except ValidationError as exc:
raise serializers.ValidationError(exc.messages[0])
user.set_password(password)
user.save()
return get_ok_response('Reset password successful')
def login(request):
'''
Logs in the user via given login and password.
'''
serializer_class = registration_settings.LOGIN_SERIALIZER_CLASS
serializer = serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.get_authenticated_user()
if not user:
raise BadRequest('Login or password invalid.')
if should_authenticate_session():
auth.login(request, user)
extra_data = {}
if should_retrieve_token():
token, _ = Token.objects.get_or_create(user=user)
extra_data['token'] = token.key
return get_ok_response('Login successful', extra_data=extra_data)
def verify_email(request):
'''
Verify email via signature.
'''
process_verify_email_data(request.data)
return get_ok_response('Email verified successfully')
def reset_password(request):
'''
Reset password, given the signature and timestamp from the link.
'''
process_reset_password_data(request.data)
return get_ok_response('Reset password successful')
def verify_registration(request):
'''
Verify registration via signature.
'''
process_verify_registration_data(request.data)
return get_ok_response('User verified successfully')
