def put(self, request, login): receiver = get_profile_by_user_login_or_404(login).user if check_if_user_is_banned(receiver): instance = get_ban_object_by_login_or_404(login) serializer = BanSerializer(instance, request.data) if serializer.is_valid(): instance = serializer.save() return Response(BannedUserSerializer(instance).data) raise_400_based_on_serializer(serializer) if receiver.is_staff: raise Forbidden403("Admins cannot be banned") serializer = BanSerializer(data=request.data) if serializer.is_valid(): ban_object = ban_user(receiver=receiver, creator=self.request.user, reason=serializer.validated_data["reason"]) return Response(BannedUserSerializer(ban_object).data, status=HTTP_201_CREATED) raise_400_based_on_serializer(serializer)
def patch(self, request): instance = request.user.profile serializer = UpdateProfileSerializer(instance, data=request.data) if serializer.is_valid(): instance = serializer.save() return Response(AuthenticatedUserProfileSerializer(instance).data) raise_400_based_on_serializer(serializer)
def put(self, request): instance = request.user serializer = UpdatePasswordSerailizer(instance, data=request.data, context={"request": request}) if serializer.is_valid(): user = serializer.save() update_session_auth_hash(request, user) return Response(status=HTTP_204_NO_CONTENT) raise_400_based_on_serializer(serializer)
def post(self, request): if request.user.is_authenticated: raise Forbidden403("You are already authenticated") remove_expired_codes() serializer = VerificationCodeSerializer(data=request.data) if serializer.is_valid(): verify_email_by_code(serializer.validated_data["code"]) return Response(status=HTTP_204_NO_CONTENT) raise_400_based_on_serializer(serializer)
def post(self, request): if request.user.is_authenticated: raise Forbidden403("You are already authenticated") serializer = CreateUserSerializer(data=request.data) if serializer.is_valid(): user = serializer.save() verification_code = create_verification_code(user).code send_verification_email(user, verification_code) return Response(status=HTTP_204_NO_CONTENT) raise_400_based_on_serializer(serializer)
def post(self, request): serializer = CreatePostSerializer(data=request.data, context={"request": request}) if serializer.is_valid(): post = serializer.save() return Response( data=self.serializer_class(post, context={ "request": request }).data, status=HTTP_201_CREATED, headers={"Location": reverse("post", kwargs={"id": post.id})}) raise_400_based_on_serializer(serializer)
def post(self, request): serializer = CustomTokenRefreshSerializer(data=request.data) try: if serializer.is_valid(): user = get_user_from_access_token_or_401( serializer.validated_data["access"]) raise_403_if_user_is_inactive(user) raise_403_if_user_is_banned(user) return Response(serializer.validated_data) raise_400_based_on_serializer(serializer) except TokenError: raise NotAuthenticated401
def patch(self, request, id): instance = get_post_by_id_or_404(id) if request.user.is_staff or instance.author == request.user: serializer = UpdatePostSerializer(instance, request.data) if serializer.is_valid(): instance = serializer.save() return Response( PostSerializer(instance, context={ "request": request }).data) raise_400_based_on_serializer(serializer) raise Forbidden403("You don't have permission to edit this post")
def post(self, request): serializer = CustomTokenObtainPairSerializer(data=request.data) if serializer.is_valid(): validated_data = serializer.validated_data user = authenticate(**validated_data) if user: raise_403_if_user_is_banned(user) raise_403_if_user_is_inactive(user) token = serializer.get_token(user) return Response({ "refresh": str(token), "access": str(token.access_token) }) raise BadRequest400("Incorrect email or password") raise_400_based_on_serializer(serializer)