ConceptPortal-public/rsconcept/backend/apps/users/views.py

''' REST API: User profile and Authorization. '''
from django.contrib.auth import login, logout
from drf_spectacular.utils import extend_schema, extend_schema_view
from rest_framework import generics, permissions
from rest_framework import status as c
from rest_framework import views
from rest_framework.response import Response

from . import models as m
from . import serializers as s


class LoginAPIView(views.APIView):
    ''' Endpoint: Login via username + password. '''
    permission_classes = (permissions.AllowAny,)

    @extend_schema(
        summary='login user',
        tags=['Auth'],
        request=s.LoginSerializer,
        responses={
            c.HTTP_202_ACCEPTED: None,
            c.HTTP_400_BAD_REQUEST: s.NonFieldErrorSerializer
        }
    )
    def post(self, request):
        serializer = s.LoginSerializer(
            data=self.request.data,
            context={'request': self.request}
        )
        serializer.is_valid(raise_exception=True)
        user = serializer.validated_data['user']
        login(request, user)
        return Response(None, status=c.HTTP_202_ACCEPTED)


class LogoutAPIView(views.APIView):
    ''' Endpoint: Logout. '''
    permission_classes = (permissions.IsAuthenticated,)

    @extend_schema(
        summary='logout current user',
        tags=['Auth'],
        request=None,
        responses={c.HTTP_204_NO_CONTENT: None}
    )
    def post(self, request):
        logout(request)
        return Response(None, status=c.HTTP_204_NO_CONTENT)


@extend_schema(tags=['User'])
@extend_schema_view()
class SignupAPIView(generics.CreateAPIView):
    ''' Endpoint: Register user. '''
    permission_classes = (permissions.AllowAny, )
    serializer_class = s.SignupSerializer


@extend_schema(tags=['Auth'])
@extend_schema_view()
class AuthAPIView(generics.RetrieveAPIView):
    ''' Endpoint: Current user info. '''
    permission_classes = (permissions.AllowAny,)
    serializer_class = s.AuthSerializer

    def get_object(self):
        return self.request.user


@extend_schema(tags=['User'])
@extend_schema_view()
class ActiveUsersView(generics.ListAPIView):
    ''' Endpoint: Get list of active users. '''
    permission_classes = (permissions.AllowAny,)
    serializer_class = s.UserSerializer

    def get_queryset(self):
        return m.User.objects.filter(is_active=True)


@extend_schema(tags=['User'])
@extend_schema_view()
class UserProfileAPIView(generics.RetrieveUpdateAPIView):
    ''' Endpoint: User profile. '''
    permission_classes = (permissions.IsAuthenticated,)
    serializer_class = s.UserSerializer

    def get_object(self):
        return self.request.user


class UpdatePassword(views.APIView):
    ''' Endpoint: Change password for current user. '''
    permission_classes = (permissions.IsAuthenticated, )

    def get_object(self, queryset=None):
        return self.request.user

    @extend_schema(
        description='change current user password',
        tags=['Auth'],
        request=s.ChangePasswordSerializer,
        responses={
            c.HTTP_204_NO_CONTENT: None,
            c.HTTP_400_BAD_REQUEST: None
        }
    )
    def patch(self, request, *args, **kwargs):
        self.object = self.get_object()
        serializer = s.ChangePasswordSerializer(data=request.data)
        if serializer.is_valid():
            old_password = serializer.data.get("old_password")
            if not self.object.check_password(old_password):
                return Response({"old_password": ["Wrong password."]},
                                status=c.HTTP_400_BAD_REQUEST)
            # Note: set_password also hashes the password that the user will get
            self.object.set_password(serializer.data.get("new_password"))
            self.object.save()
            return Response(status=c.HTTP_204_NO_CONTENT)
        return Response(serializer.errors, status=c.HTTP_400_BAD_REQUEST)
Fix spelling via spellchecker 2023-12-26 14:23:51 +03:00			`''' REST API: User profile and Authorization. '''`
Initial commit 2023-07-15 17:46:19 +03:00			`from django.contrib.auth import login, logout`
Refactoring: setup isort for backend 2024-05-24 18:31:14 +03:00			`from drf_spectacular.utils import extend_schema, extend_schema_view`
			`from rest_framework import generics, permissions`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`from rest_framework import status as c`
Refactoring: setup isort for backend 2024-05-24 18:31:14 +03:00			`from rest_framework import views`
Initial commit 2023-07-15 17:46:19 +03:00			`from rest_framework.response import Response`

Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`from . import models as m`
Refactoring: setup isort for backend 2024-05-24 18:31:14 +03:00			`from . import serializers as s`
Initial commit 2023-07-15 17:46:19 +03:00
Refactor backend using drf-spectacular 2023-09-21 23:09:51 +03:00
Initial commit 2023-07-15 17:46:19 +03:00			`class LoginAPIView(views.APIView):`
Implement subscriptions and improve UI 2023-08-26 17:26:49 +03:00			`''' Endpoint: Login via username + password. '''`
Initial commit 2023-07-15 17:46:19 +03:00			`permission_classes = (permissions.AllowAny,)`

Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`@extend_schema(`
			`summary='login user',`
			`tags=['Auth'],`
			`request=s.LoginSerializer,`
			`responses={`
			`c.HTTP_202_ACCEPTED: None,`
			`c.HTTP_400_BAD_REQUEST: s.NonFieldErrorSerializer`
			`}`
			`)`
Refactor: include pylint in toolchain and fix errors 2023-08-17 15:43:39 +03:00			`def post(self, request):`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`serializer = s.LoginSerializer(`
Initial commit 2023-07-15 17:46:19 +03:00			`data=self.request.data,`
			`context={'request': self.request}`
			`)`
			`serializer.is_valid(raise_exception=True)`
			`user = serializer.validated_data['user']`
			`login(request, user)`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`return Response(None, status=c.HTTP_202_ACCEPTED)`
Initial commit 2023-07-15 17:46:19 +03:00

			`class LogoutAPIView(views.APIView):`
Implement subscriptions and improve UI 2023-08-26 17:26:49 +03:00			`''' Endpoint: Logout. '''`
Initial commit 2023-07-15 17:46:19 +03:00			`permission_classes = (permissions.IsAuthenticated,)`

Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`@extend_schema(`
			`summary='logout current user',`
			`tags=['Auth'],`
			`request=None,`
			`responses={c.HTTP_204_NO_CONTENT: None}`
			`)`
Refactor: include pylint in toolchain and fix errors 2023-08-17 15:43:39 +03:00			`def post(self, request):`
Initial commit 2023-07-15 17:46:19 +03:00			`logout(request)`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`return Response(None, status=c.HTTP_204_NO_CONTENT)`
Initial commit 2023-07-15 17:46:19 +03:00

Refactor backend using drf-spectacular 2023-09-21 23:09:51 +03:00			`@extend_schema(tags=['User'])`
			`@extend_schema_view()`
Initial commit 2023-07-15 17:46:19 +03:00			`class SignupAPIView(generics.CreateAPIView):`
Implement subscriptions and improve UI 2023-08-26 17:26:49 +03:00			`''' Endpoint: Register user. '''`
Initial commit 2023-07-15 17:46:19 +03:00			`permission_classes = (permissions.AllowAny, )`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`serializer_class = s.SignupSerializer`
Initial commit 2023-07-15 17:46:19 +03:00

Refactor backend using drf-spectacular 2023-09-21 23:09:51 +03:00			`@extend_schema(tags=['Auth'])`
			`@extend_schema_view()`
Initial commit 2023-07-15 17:46:19 +03:00			`class AuthAPIView(generics.RetrieveAPIView):`
Implement subscriptions and improve UI 2023-08-26 17:26:49 +03:00			`''' Endpoint: Current user info. '''`
Initial commit 2023-07-15 17:46:19 +03:00			`permission_classes = (permissions.AllowAny,)`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`serializer_class = s.AuthSerializer`
Initial commit 2023-07-15 17:46:19 +03:00
			`def get_object(self):`
			`return self.request.user`


Refactor backend using drf-spectacular 2023-09-21 23:09:51 +03:00			`@extend_schema(tags=['User'])`
			`@extend_schema_view()`
Initial commit 2023-07-15 17:46:19 +03:00			`class ActiveUsersView(generics.ListAPIView):`
Implement subscriptions and improve UI 2023-08-26 17:26:49 +03:00			`''' Endpoint: Get list of active users. '''`
Initial commit 2023-07-15 17:46:19 +03:00			`permission_classes = (permissions.AllowAny,)`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`serializer_class = s.UserSerializer`
Initial commit 2023-07-15 17:46:19 +03:00
			`def get_queryset(self):`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`return m.User.objects.filter(is_active=True)`
Initial commit 2023-07-15 17:46:19 +03:00

Refactor backend using drf-spectacular 2023-09-21 23:09:51 +03:00			`@extend_schema(tags=['User'])`
			`@extend_schema_view()`
Initial commit 2023-07-15 17:46:19 +03:00			`class UserProfileAPIView(generics.RetrieveUpdateAPIView):`
Implement subscriptions and improve UI 2023-08-26 17:26:49 +03:00			`''' Endpoint: User profile. '''`
Initial commit 2023-07-15 17:46:19 +03:00			`permission_classes = (permissions.IsAuthenticated,)`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`serializer_class = s.UserSerializer`
Initial commit 2023-07-15 17:46:19 +03:00
			`def get_object(self):`
			`return self.request.user`
Refactor: include pylint in toolchain and fix errors 2023-08-17 15:43:39 +03:00

Update password function 2023-08-10 13:53:19 +03:00			`class UpdatePassword(views.APIView):`
Implement subscriptions and improve UI 2023-08-26 17:26:49 +03:00			`''' Endpoint: Change password for current user. '''`
Update password function 2023-08-10 13:53:19 +03:00			`permission_classes = (permissions.IsAuthenticated, )`

			`def get_object(self, queryset=None):`
			`return self.request.user`

Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`@extend_schema(`
			`description='change current user password',`
			`tags=['Auth'],`
			`request=s.ChangePasswordSerializer,`
			`responses={`
			`c.HTTP_204_NO_CONTENT: None,`
			`c.HTTP_400_BAD_REQUEST: None`
			`}`
			`)`
Update password function 2023-08-10 13:53:19 +03:00			`def patch(self, request, args, *kwargs):`
			`self.object = self.get_object()`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`serializer = s.ChangePasswordSerializer(data=request.data)`
Update password function 2023-08-10 13:53:19 +03:00			`if serializer.is_valid():`
			`old_password = serializer.data.get("old_password")`
			`if not self.object.check_password(old_password):`
Refactor: include pylint in toolchain and fix errors 2023-08-17 15:43:39 +03:00			`return Response({"old_password": ["Wrong password."]},`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`status=c.HTTP_400_BAD_REQUEST)`
Refactor: include pylint in toolchain and fix errors 2023-08-17 15:43:39 +03:00			`# Note: set_password also hashes the password that the user will get`
Update password function 2023-08-10 13:53:19 +03:00			`self.object.set_password(serializer.data.get("new_password"))`
			`self.object.save()`
Refactor backend API generation and admin UI 2023-09-22 23:26:22 +03:00			`return Response(status=c.HTTP_204_NO_CONTENT)`
			`return Response(serializer.errors, status=c.HTTP_400_BAD_REQUEST)`