def _get_field_names(allow_primary_key=True, non_editable=False): def not_in_seq(names): return lambda name: name not in names user_class = get_user_model_class() fields = user_class._meta.get_fields() default_field_names = [f.name for f in fields if (getattr(f, 'serialize', False) or getattr(f, 'primary_key', False))] pk_field_names = [f.name for f in fields if getattr(f, 'primary_key', False)] hidden_field_names = set(get_user_setting('HIDDEN_FIELDS')) hidden_field_names = hidden_field_names.union(['last_login', 'password']) public_field_names = get_user_setting('PUBLIC_FIELDS') editable_field_names = get_user_setting('EDITABLE_FIELDS') field_names = (public_field_names if public_field_names is not None else default_field_names) if editable_field_names is None: editable_field_names = field_names editable_field_names = set(filter(not_in_seq(pk_field_names), editable_field_names)) field_names = filter(not_in_seq(hidden_field_names), field_names) if not allow_primary_key: field_names = filter(not_in_seq(pk_field_names), field_names) if non_editable: field_names = filter(not_in_seq(editable_field_names), field_names) field_names = tuple(field_names) return field_names
def send_reset_password_link(request): ''' Send email with reset password link. --- serializer: SendResetPasswordLinkSerializer ''' serializer = SendResetPasswordLinkSerializer(data=request.data) serializer.is_valid(raise_exception=True) login = serializer.data['login'] user_class = get_user_model_class() user_queryset = user_class.objects.all() user = None for login_field in get_login_fields(): try: user = get_object_or_404(user_queryset, **{login_field: login}) break except Http404: pass if not user: raise BadRequest('User not found') signer = ResetPasswordSigner({ 'user_id': user.pk, }, request=request) template_config = ( registration_settings.RESET_PASSWORD_VERIFICATION_EMAIL_TEMPLATES) send_verification(user, signer, template_config) return get_ok_response('Reset link sent')
def _build_initial_user(data): user_field_names = _get_field_names(allow_primary_key=False) user_data = {} for field_name in user_field_names: if field_name in data: user_data[field_name] = data[field_name] user_class = get_user_model_class() return user_class(**user_data)
def __init__(self, *args, **kwargs): user_class = get_user_model_class() field_names = _get_field_names(allow_primary_key=False) field_names = field_names + ('password', 'password_confirm') self.Meta = MetaObj() self.Meta.model = user_class self.Meta.fields = field_names super().__init__(*args, **kwargs)
def __init__(self, *args, **kwargs): user_class = get_user_model_class() field_names = _get_field_names(allow_primary_key=True) read_only_field_names = _get_field_names(allow_primary_key=True, non_editable=True) self.Meta = MetaObj() self.Meta.model = user_class self.Meta.fields = field_names self.Meta.read_only_fields = read_only_field_names super().__init__(*args, **kwargs)
def verify_email(request): ''' Verify email via signature. --- serializer: VerifyEmailSerializer ''' if not registration_settings.REGISTER_EMAIL_VERIFICATION_ENABLED: raise Http404() user_class = get_user_model_class() serializer = VerifyEmailSerializer(data=request.data) serializer.is_valid(raise_exception=True) data = serializer.data signer = RegisterEmailSigner(data, request=request) verify_signer_or_bad_request(signer) email_field = get_user_setting('EMAIL_FIELD') user = get_object_or_404(user_class.objects.all(), pk=data['user_id']) setattr(user, email_field, data['email']) user.save() return get_ok_response('Email verified successfully')
def verify_registration(request): ''' Verify registration via signature. --- serializer: VerifyRegistrationSerializer ''' if not registration_settings.REGISTER_VERIFICATION_ENABLED: raise Http404() user_class = get_user_model_class() serializer = VerifyRegistrationSerializer(data=request.data) serializer.is_valid(raise_exception=True) data = serializer.data signer = RegisterSigner(data, request=request) verify_signer_or_bad_request(signer) verification_flag_field = get_user_setting('VERIFICATION_FLAG_FIELD') user = get_object_or_404(user_class.objects.all(), pk=data['user_id']) setattr(user, verification_flag_field, True) user.save() return get_ok_response('User verified successfully')
def login(request): ''' Logs in the user via given login and password. --- serializer: LoginSerializer ''' serializer = LoginSerializer(data=request.data) serializer.is_valid(raise_exception=True) data = serializer.data user_class = get_user_model_class() login_fields = (registration_settings.USER_LOGIN_FIELDS or getattr(user_class, 'LOGIN_FIELDS', None) or [user_class.USERNAME_FIELD]) for field_name in login_fields: kwargs = { field_name: data['login'], 'password': data['password'], } user = auth.authenticate(**kwargs) if user: break if not user: raise BadRequest('Login or password invalid.') if should_authenticate_session(): auth.login(request, user) extra_data = {} if should_retrieve_token(): token, _ = Token.objects.get_or_create(user=user) extra_data['token'] = token.key return get_ok_response('Login successful', extra_data=extra_data)
def reset_password(request): ''' Reset password, given the signature and timestamp from the link. --- serializer: ResetPasswordSerializer ''' serializer = ResetPasswordSerializer(data=request.data) serializer.is_valid(raise_exception=True) data = serializer.data.copy() password = data.pop('password') signer = ResetPasswordSigner(data, request=request) verify_signer_or_bad_request(signer) user_class = get_user_model_class() user = get_object_or_404(user_class.objects.all(), pk=data['user_id']) try: validate_password(password, user=user) except ValidationError as exc: raise serializers.ValidationError(exc.messages[0]) user.set_password(password) user.save() return get_ok_response('Reset password successful')
def setUp(self): self.factory = APIRequestFactory() self.user_class = get_user_model_class()
def get_login_fields(): user_class = get_user_model_class() return get_user_setting('LOGIN_FIELDS') or [user_class.USERNAME_FIELD]