def reset_password_view(request):
token = None
if request.method == "GET":
token = request.GET.get("token")
elif request.method == "POST":
token = request.data.get("token")
if token is None:
raise APIException("RESET.INVALID_TOKEN")
try:
timeout = int(
token[64:], 16
) # tokens are 64-character random bytes + hex-encoded time
if int(timeout) - time.time() < 0:
raise APIException("RESET.INVALID_TOKEN")
except ValueError:
raise APIException("RESET.INVALID_TOKEN")
if request.method == "GET":
try:
user = SluglineUser.objects.get(password_reset_token=token)
return Response(UserSerializer(user).data)
except SluglineUser.DoesNotExist:
raise APIException("RESET.INVALID_TOKEN")
else:
user = SluglineUser.objects.get(password_reset_token=token)
serializer = UserSerializer(
data={"password": request.data["password"]}, instance=user, partial=True
)
serializer.is_valid()
if len(serializer.errors):
raise APIException(serializer.errors)
else:
user.password_reset_token = ""
serializer.save()
return Response(None)
def create(self, request, *args, **kwargs):
if SluglineUser.objects.filter(username=request.data["username"]).exists():
raise APIException({"username": ["USER.USERNAME.ALREADY_EXISTS"]})
# max username length; https://docs.djangoproject.com/en/3.0/ref/contrib/auth/
if len(request.data["username"]) > 150:
raise APIException({"username": ["USER.USERNAME.TOO_LONG"]})
if request.data["role"] != CONTRIBUTOR_GROUP:
confirm_password(request)
serializer = UserSerializer(data=request.data)
serializer.is_valid()
if len(serializer.errors):
raise APIException(serializer.errors)
else:
try:
serializer.save()
return Response(status=status.HTTP_201_CREATED, data=serializer.data)
except Exception:
raise APIException("USER.COULD_NOT_CREATE")
def post(self, request, *args, **kwargs):
response = {'status_code': 200, "message": "注册成功"}
username = request.data.get('username')
email = request.data.get('email')
user_obj = User.objects.filter(username=username)
if not user_obj:
# 反序列话
user = UserSerializer(data=request.data)
if user.is_valid():
user.save()
response['data'] = {'username': username, 'email': email}
else:
response['status_code'] = 400
response['message'] = '注册失败:无效的参数'
else:
response['status_code'] = 201
response['message'] = "用户已存在"
return JsonResponse(response)
def thankYouPage(request):
output_json = {}
if request.method == 'POST' and request.FILES['photo']:
input_json = request.POST.dict()
try:
insert_param = {}
insert_param['name'] = input_json['name']
insert_param['phone_id'] = input_json['phone']
insert_param['email'] = input_json['email']
insert_param['photo'] = request.FILES['photo']
insert_param['account_type'] = input_json['status']
serialized_user_params = UserSerializer(data=insert_param)
if serialized_user_params.is_valid(raise_exception=True):
serialized_user_params.save()
output_json['Status'] = "Success"
output_json['Message'] = "Data has been insert successfully"
except Exception as ex:
output_json['Status'] = "Failure"
output_json[
'Message'] = "Data could not be inserted successfully" + str(
ex)
output_json['Payload'] = str(ex)
return render(request, 'thankyou.html', output_json)
def update_user(user, request):
data = request.data
# We set the partial flag as the front-end may not choose to update all fields at once
serializer = UserSerializer(data=data, instance=user, partial=True)
serializer.is_valid()
# if we're changing roles, or password, confirm password
if data.get("role") != user.role or "password" in data:
confirm_password(request)
if len(serializer.errors):
raise APIException(serializer.errors)
else:
try:
updated_user = serializer.save()
if "password" in data:
update_session_auth_hash(request, updated_user)
return Response(serializer.data)
except Exception:
raise APIException("USER.COULD_NOT_UPDATE")