class AuthTokenSerializer(serializers.Serializer): username = serializers.CharField(label=_("Username")) password = serializers.CharField(label=_("Password"), style={'input_type': 'password'}, trim_whitespace=False) def validate(self, attrs): username = attrs.get('username') password = attrs.get('password') if username and password: user = authenticate(request=self.context.get('request'), username=username, password=password) # The authenticate call simply returns None for is_active=False # users. (Assuming the default ModelBackend authentication # backend.) if not user: msg = _('Unable to log in with provided credentials.') raise serializers.ValidationError(msg, code='authorization') else: msg = _('Must include "username" and "password".') raise serializers.ValidationError(msg, code='authorization') attrs['user'] = user return attrs
class RegisterSerializer(serializers.Serializer): username = serializers.CharField( max_length=get_username_max_length(), min_length=allauth_settings.USERNAME_MIN_LENGTH, required=allauth_settings.USERNAME_REQUIRED ) email = serializers.EmailField(required=allauth_settings.EMAIL_REQUIRED) password1 = serializers.CharField(write_only=True) password2 = serializers.CharField(write_only=True) def validate_username(self, username): username = get_adapter().clean_username(username) return username def validate_email(self, email): email = get_adapter().clean_email(email) if allauth_settings.UNIQUE_EMAIL: if email and email_address_exists(email): raise serializers.ValidationError( _("A user is already registered with this e-mail address.")) return email def validate_password1(self, password): return get_adapter().clean_password(password) def validate(self, data): if data['password1'] != data['password2']: raise serializers.ValidationError(_("The two password fields didn't match.")) return data def custom_signup(self, request, user): pass def get_cleaned_data(self): return { 'username': self.validated_data.get('username', ''), 'password1': self.validated_data.get('password1', ''), 'email': self.validated_data.get('email', '') } def save(self, request): adapter = get_adapter() user = adapter.new_user(request) self.cleaned_data = self.get_cleaned_data() adapter.save_user(request, user, self) self.custom_signup(request, user) setup_user_email(request, user, []) return user
class TestSerializer(serializers.ModelSerializer): non_model_field = serializers.CharField() class Meta: model = OneFieldModel read_only_fields = ('char_field', 'non_model_field') fields = read_only_fields extra_kwargs = {}
def __init__(self, *args, **kwargs): """ Dynamically add the USERNAME_FIELD to self.fields. """ super(JSONWebTokenSerializer, self).__init__(*args, **kwargs) self.fields[self.username_field] = serializers.CharField() self.fields['password'] = PasswordField(write_only=True)
class ValidationSerializer(serializers.Serializer): foo = serializers.CharField() def validate_foo(self, attrs, source): raise serializers.ValidationError("foo invalid") def validate(self, attrs): raise serializers.ValidationError("serializer invalid")
class PasswordChangeSerializer(serializers.Serializer): old_password = serializers.CharField(max_length=128) new_password1 = serializers.CharField(max_length=128) new_password2 = serializers.CharField(max_length=128) set_password_form_class = SetPasswordForm def __init__(self, *args, **kwargs): self.old_password_field_enabled = getattr( settings, 'OLD_PASSWORD_FIELD_ENABLED', False) self.logout_on_password_change = getattr(settings, 'LOGOUT_ON_PASSWORD_CHANGE', False) super(PasswordChangeSerializer, self).__init__(*args, **kwargs) if not self.old_password_field_enabled: self.fields.pop('old_password') self.request = self.context.get('request') self.user = getattr(self.request, 'user', None) def validate_old_password(self, value): invalid_password_conditions = (self.old_password_field_enabled, self.user, not self.user.check_password(value)) if all(invalid_password_conditions): raise serializers.ValidationError('Invalid password') return value def validate(self, attrs): self.set_password_form = self.set_password_form_class(user=self.user, data=attrs) if not self.set_password_form.is_valid(): raise serializers.ValidationError(self.set_password_form.errors) return attrs def save(self): self.set_password_form.save() if not self.logout_on_password_change: from django.contrib.auth import update_session_auth_hash update_session_auth_hash(self.request, self.user)
class ShouldValidateModelSerializer(serializers.ModelSerializer): renamed = serializers.CharField(source='should_validate_field', required=False) def validate_renamed(self, value): if len(value) < 3: raise serializers.ValidationError('Minimum 3 characters.') return value class Meta: model = ShouldValidateModel fields = ('renamed',)
class ExampleSerializer(serializers.Serializer): choice_field = serializers.ChoiceField(['red', 'green', 'blue']) integer_field = serializers.IntegerField(min_value=1, max_value=1000) char_field = serializers.CharField(required=False, min_length=3, max_length=40) list_field = serializers.ListField(child=serializers.ListField( child=serializers.IntegerField())) nested_field = NestedField() uuid_field = serializers.UUIDField(label="UUID field")
class PasswordResetConfirmSerializer(serializers.Serializer): """ Serializer for requesting a password reset e-mail. """ new_password1 = serializers.CharField(max_length=128) new_password2 = serializers.CharField(max_length=128) uid = serializers.CharField() token = serializers.CharField() set_password_form_class = SetPasswordForm def custom_validation(self, attrs): pass def validate(self, attrs): self._errors = {} # Decode the uidb64 to uid to get User object try: uid = force_text(uid_decoder(attrs['uid'])) self.user = UserModel._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): raise ValidationError({'uid': ['Invalid value']}) self.custom_validation(attrs) # Construct SetPasswordForm instance self.set_password_form = self.set_password_form_class(user=self.user, data=attrs) if not self.set_password_form.is_valid(): raise serializers.ValidationError(self.set_password_form.errors) if not default_token_generator.check_token(self.user, attrs['token']): raise ValidationError({'token': ['Invalid value']}) return attrs def save(self): return self.set_password_form.save()
class VerificationBaseSerializer(Serializer): """ Abstract serializer used for verifying and refreshing JWTs. """ token = serializers.CharField() def validate(self, attrs): msg = 'Please define a validate method.' raise NotImplementedError(msg) def _check_payload(self, token): # Check payload valid (based off of JSONWebTokenAuthentication, # may want to refactor) try: payload = jwt_decode_handler(token) except jwt.ExpiredSignature: msg = _('Signature has expired.') raise serializers.ValidationError(msg) except jwt.DecodeError: msg = _('Error decoding signature.') raise serializers.ValidationError(msg) return payload def _check_user(self, payload): username = jwt_get_username_from_payload(payload) if not username: msg = _('Invalid payload.') raise serializers.ValidationError(msg) # Make sure user exists try: user = User.objects.get_by_natural_key(username) except User.DoesNotExist: msg = _("User doesn't exist.") raise serializers.ValidationError(msg) if not user.is_active: msg = _('User account is disabled.') raise serializers.ValidationError(msg) return user
class JWTSerializer(serializers.Serializer): """ Serializer for JWT authentication. """ token = serializers.CharField() user = serializers.SerializerMethodField() def get_user(self, obj): """ Required to allow using custom USER_DETAILS_SERIALIZER in JWTSerializer. Defining it here to avoid circular imports """ mind_auth_serializers = getattr(settings, 'mind_auth_SERIALIZERS', {}) JWTUserDetailsSerializer = import_callable( mind_auth_serializers.get('USER_DETAILS_SERIALIZER', UserDetailsSerializer)) user_data = JWTUserDetailsSerializer(obj['user'], context=self.context).data return user_data
class Nested(serializers.Serializer): more_text = serializers.CharField(max_length=100) amount = serializers.IntegerField()
class ExampleSerializer(serializers.Serializer): text = serializers.CharField(max_length=100) amount = serializers.IntegerField()
class Nested2(serializers.Serializer): nested1 = Nested1(allow_null=True) text_field = serializers.CharField()
class Nested1(serializers.Serializer): text_field = serializers.CharField()
class ExampleSerializer(serializers.Serializer): char = serializers.CharField(default='abc') integer = serializers.IntegerField()
class ExampleSerializer(serializers.Serializer): name = serializers.CharField(required=True) choices = serializers.CharField(required=True)
class LoginSerializer(serializers.Serializer): username = serializers.CharField(required=False, allow_blank=True) email = serializers.EmailField(required=False, allow_blank=True) password = serializers.CharField(style={'input_type': 'password'}) def authenticate(self, **kwargs): return authenticate(self.context['request'], **kwargs) def _validate_email(self, email, password): user = None if email and password: user = self.authenticate(email=email, password=password) else: msg = _('Must include "email" and "password".') raise exceptions.ValidationError(msg) return user def _validate_username(self, username, password): user = None if username and password: user = self.authenticate(username=username, password=password) else: msg = _('Must include "username" and "password".') raise exceptions.ValidationError(msg) return user def _validate_username_email(self, username, email, password): user = None if email and password: user = self.authenticate(email=email, password=password) elif username and password: user = self.authenticate(username=username, password=password) else: msg = _( 'Must include either "username" or "email" and "password".') raise exceptions.ValidationError(msg) return user def validate(self, attrs): username = attrs.get('username') email = attrs.get('email') password = attrs.get('password') user = None if 'allauth' in settings.INSTALLED_APPS: from allauth.account import app_settings # Authentication through email if app_settings.AUTHENTICATION_METHOD == app_settings.AuthenticationMethod.EMAIL: user = self._validate_email(email, password) # Authentication through username elif app_settings.AUTHENTICATION_METHOD == app_settings.AuthenticationMethod.USERNAME: user = self._validate_username(username, password) # Authentication through either username or email else: user = self._validate_username_email(username, email, password) else: # Authentication without using allauth if email: try: username = UserModel.objects.get( email__iexact=email).get_username() except UserModel.DoesNotExist: pass if username: user = self._validate_username_email(username, '', password) # Did we get back an active user? if user: if not user.is_active: msg = _('User account is disabled.') raise exceptions.ValidationError(msg) else: msg = _('Unable to log in with provided credentials.') raise exceptions.ValidationError(msg) # If required, is the email verified? if 'mind_auth.registration' in settings.INSTALLED_APPS: from allauth.account import app_settings if app_settings.EMAIL_VERIFICATION == app_settings.EmailVerificationMethod.MANDATORY: email_address = user.emailaddress_set.get(email=user.email) if not email_address.verified: raise serializers.ValidationError( _('E-mail is not verified.')) attrs['user'] = user return attrs
class ExampleSerializer(serializers.Serializer): field1 = serializers.CharField() field2 = serializers.CharField()
class ExampleSerializer(serializers.Serializer): text = serializers.CharField(max_length=100) nested = Nested()
class ExampleSerializer(serializers.Serializer): char = serializers.CharField() integer = serializers.IntegerField()
class SocialLoginSerializer(serializers.Serializer): access_token = serializers.CharField(required=False, allow_blank=True) code = serializers.CharField(required=False, allow_blank=True) def _get_request(self): request = self.context.get('request') if not isinstance(request, HttpRequest): request = request._request return request def get_social_login(self, adapter, app, token, response): """ :param adapter: allauth.socialaccount Adapter subclass. Usually OAuthAdapter or Auth2Adapter :param app: `allauth.socialaccount.SocialApp` instance :param token: `allauth.socialaccount.SocialToken` instance :param response: Provider's response for OAuth1. Not used in the :returns: A populated instance of the `allauth.socialaccount.SocialLoginView` instance """ request = self._get_request() social_login = adapter.complete_login(request, app, token, response=response) social_login.token = token return social_login def validate(self, attrs): view = self.context.get('view') request = self._get_request() if not view: raise serializers.ValidationError( _("View is not defined, pass it as a context variable") ) adapter_class = getattr(view, 'adapter_class', None) if not adapter_class: raise serializers.ValidationError(_("Define adapter_class in view")) adapter = adapter_class(request) app = adapter.get_provider().get_app(request) # More info on code vs access_token # http://stackoverflow.com/questions/8666316/facebook-oauth-2-0-code-and-token # Case 1: We received the access_token if attrs.get('access_token'): access_token = attrs.get('access_token') # Case 2: We received the authorization code elif attrs.get('code'): self.callback_url = getattr(view, 'callback_url', None) self.client_class = getattr(view, 'client_class', None) if not self.callback_url: raise serializers.ValidationError( _("Define callback_url in view") ) if not self.client_class: raise serializers.ValidationError( _("Define client_class in view") ) code = attrs.get('code') provider = adapter.get_provider() scope = provider.get_scope(request) client = self.client_class( request, app.client_id, app.secret, adapter.access_token_method, adapter.access_token_url, self.callback_url, scope ) token = client.get_access_token(code) access_token = token['access_token'] else: raise serializers.ValidationError( _("Incorrect input. access_token or code is required.")) social_token = adapter.parse_token({'access_token': access_token}) social_token.app = app try: login = self.get_social_login(adapter, app, social_token, access_token) complete_social_login(request, login) except HTTPError: raise serializers.ValidationError(_("Incorrect value")) if not login.is_existing: # We have an account already signed up in a different flow # with the same email address: raise an exception. # This needs to be handled in the frontend. We can not just # link up the accounts due to security constraints if allauth_settings.UNIQUE_EMAIL: # Do we have an account already with this email address? account_exists = get_user_model().objects.filter( email=login.user.email, ).exists() if account_exists: raise serializers.ValidationError( _("User is already registered with this e-mail address.") ) login.lookup() login.save(request, connect=True) attrs['user'] = login.account.user return attrs
class VerifyEmailSerializer(serializers.Serializer): key = serializers.CharField()
class NestedSerializer(serializers.Serializer): a = serializers.CharField(default='1') c = serializers.CharField(default='2', source='b.c')
class Parent(serializers.Serializer): f1 = serializers.CharField() f2 = serializers.CharField()
class RegexSerializer(serializers.Serializer): pin = serializers.CharField( validators=[RegexValidator(regex=re.compile('^[0-9]{4,6}$'), message='A PIN is 4-6 digits')])
class TwitterLoginSerializer(serializers.Serializer): access_token = serializers.CharField() token_secret = serializers.CharField() def _get_request(self): request = self.context.get('request') if not isinstance(request, HttpRequest): request = request._request return request def get_social_login(self, adapter, app, token, response): """ :param adapter: allauth.socialaccount Adapter subclass. Usually OAuthAdapter or Auth2Adapter :param app: `allauth.socialaccount.SocialApp` instance :param token: `allauth.socialaccount.SocialToken` instance :param response: Provider's response for OAuth1. Not used in the :returns: A populated instance of the `allauth.socialaccount.SocialLoginView` instance """ request = self._get_request() social_login = adapter.complete_login(request, app, token, response=response) social_login.token = token return social_login def validate(self, attrs): view = self.context.get('view') request = self._get_request() if not view: raise serializers.ValidationError( "View is not defined, pass it as a context variable" ) adapter_class = getattr(view, 'adapter_class', None) if not adapter_class: raise serializers.ValidationError("Define adapter_class in view") adapter = adapter_class(request) app = adapter.get_provider().get_app(request) access_token = attrs.get('access_token') token_secret = attrs.get('token_secret') request.session['oauth_api.twitter.com_access_token'] = { 'oauth_token': access_token, 'oauth_token_secret': token_secret, } token = SocialToken(token=access_token, token_secret=token_secret) token.app = app try: login = self.get_social_login(adapter, app, token, access_token) complete_social_login(request, login) except OAuthError as e: raise serializers.ValidationError(str(e)) if not login.is_existing: login.lookup() login.save(request, connect=True) attrs['user'] = login.account.user return attrs
class ExampleSerializer(serializers.Serializer): integer_field = serializers.IntegerField(max_value=10) char_field = serializers.CharField(required=False)
class ExampleSerializer(serializers.Serializer): choice_field = serializers.ChoiceField(['red', 'green', 'blue']) integer_field = serializers.IntegerField(max_value=10) char_field = serializers.CharField(required=False)
class Serializer(serializers.Serializer): foo = serializers.CharField() bar = serializers.CharField(source='foo.bar', allow_null=True) optional = serializers.CharField(required=False, allow_null=True)