def put(self, request, pk, format=None): user = self.get_object(pk) data = request.data serializer = ChangePasswordSerializer(data=data) if serializer.is_valid(): # Check old password if not user.check_password( serializer.data.get("current_password")): return Response( { 'error': { "current_password": ["Wrong current password."] } }, status=status.HTTP_400_BAD_REQUEST) # set_password also hashes the password that the user will get user.set_password(serializer.data.get("new_password")) UserNoteManager.change_password_logger( None, None, user, 'Changed on {now}'.format( now=UserNoteManager.get_current_time()), user) user.save() return Response("Success.", status=status.HTTP_200_OK) return Response({'error': serializer.errors}, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): # simply delete the token to force a login user = request.user UserNoteManager.logout_logger( None, None, user, '{now} logged out'.format(now=UserNoteManager.get_current_time()), user ) try: user.auth_token.delete() except (AttributeError, ObjectDoesNotExist): pass return Response(status=status.HTTP_200_OK)
def post(self, request, *args, **kwargs): serializer = self.serializer_class( data=request.data, context={'request': request} ) serializer.is_valid(raise_exception=True) user = serializer.validated_data['user'] payload = jwt_payload_handler(user) payload['type'] = user.type token = jwt_encode_handler(payload) UserNoteManager.login_logger( None, None, user, '{now} logged in'.format(now=UserNoteManager.get_current_time()), user ) return Response({'token': token})