class LoginView(CreateAPIView):
"""
This is used to Login into system.
"""
permission_classes = import_string_list(drfr_settings.LOGIN_PERMISSION_CLASSES)
serializer_class = import_string(drfr_settings.LOGIN_SERIALIZER)
def post(self, request, *args, **kwargs):
"""
Override to check user login
Args:
request (object): The request object
"""
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
# Update last logged in
update_last_login(None, user)
data = get_user_profile_data(user)
return Response(data, status=status.HTTP_200_OK)
class RegisterView(CreateAPIView):
"""
Register a new user to the system
"""
permission_classes = import_string_list(
drfr_settings.REGISTER_PERMISSION_CLASSES)
serializer_class = import_string(drfr_settings.REGISTER_SERIALIZER)
def create(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.save()
data = get_user_profile_data(user)
domain = get_current_domain(request)
# Send email activation link
if has_user_activate_token() or has_user_verify_code():
send_verify_email(user, domain)
else:
send_email_welcome(user)
return Response(data, status=status.HTTP_201_CREATED)
def test_import_string_list(self):
permission_classes = import_string_list([
'rest_framework.permissions.AllowAny',
])
self.assertEqual(permission_classes, [
AllowAny,
])
class SocialLoginView(CreateAPIView):
"""
This is used to Social Login into system.
"""
permission_classes = import_string_list(
drfr_settings.LOGIN_PERMISSION_CLASSES)
serializer_class = SocialLoginSerializer
def post(self, request, *args, **kwargs):
"""
Authenticate user through the provider and access_token
"""
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
provider = serializer.data.get('provider', None)
# Check is invalid provider
if not socials.is_valid_provider(provider):
raise InvalidProvider()
# Check valid token
access_token = serializer.data.get('access_token', None)
user_data = socials.get_user_info(provider, access_token)
# None value mean the access token is not valid
if not user_data:
raise InvalidAccessToken()
# Check the case can not get user email address
if not user_data.get('email'):
raise MissingEmail()
# Create user if not exist
User = get_user_model()
try:
user = User.objects.get(email=user_data['email'])
except User.DoesNotExist:
user = User.objects.create(
username=user_data['email'],
email=user_data['email'],
first_name=user_data.get('first_name'),
last_name=user_data.get('last_name'),
)
# Always verified user if they using Google or Facebook
set_user_verified(user)
# Update last logged in
update_last_login(None, user)
data = get_user_profile_data(user)
return Response(data, status=status.HTTP_200_OK)
class SetPasswordView(UpdateAPIView):
"""
Set user password
"""
permission_classes = import_string_list(drfr_settings.SET_PASSWORD_PERMISSION_CLASSES)
serializer_class = import_string(drfr_settings.SET_PASSWORD_SERIALIZER)
def update(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.save()
# Response data include new tokens
data = get_user_profile_data(user)
return Response(data, status=status.HTTP_200_OK)
class ProfileView(RetrieveUpdateAPIView):
"""
Get update user profile information
"""
permission_classes = import_string_list(
drfr_settings.PROFILE_PERMISSION_CLASSES)
serializer_class = import_string(drfr_settings.PROFILE_SERIALIZER)
queryset = get_all_users()
def get_object(self):
return self.request.user
def update(self, request, *args, **kwargs):
"""
Custom update user profile
"""
# Remove write only fields when update profile
for field in drfr_settings.USER_WRITE_ONLY_FIELDS:
if field in request.data.keys():
# Make it editable
request.data._mutable = True
request.data.pop(field)
# Disable editable
request.data._mutable = False
# Support the case user can change password in profile if
# USER_WRITE_ONLY_FIELDS not contain password field
if 'password' in request.data.keys():
request.data._mutable = True
self.request.user.set_password(request.data.pop('password')[0])
self.request.user.save()
request.data._mutable = False
return super(ProfileView, self).update(request, *args, **kwargs)
class ResetPasswordView(APIView):
"""
Reset user password by send the link to email
"""
permission_classes = import_string_list(
drfr_settings.RESET_PASSWORD_PERMISSION_CLASSES)
serializer_class = import_string(drfr_settings.RESET_PASSWORD_SERIALIZER)
def post(self, request, *args, **kwargs):
"""
Override to check reset password request
Args:
request (object): The request object
Raises:
Http404: In the case RESET_PASSWORD_ENABLED is False
"""
# Check in the case reset password is not supported
if not drfr_settings.RESET_PASSWORD_ENABLED:
raise Http404()
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
# Get user from validated data
user = serializer.validated_data['user']
# Send reset password link to email
domain = get_current_domain(request)
send_reset_password_token_email(user, domain)
return Response({'detail': _('Password reset e-mail has been sent.')},
status=status.HTTP_200_OK)
