version 0.0.5.11: refactored and setup CORS

2019-08-12 15:06:38 +03:00 · 2019-08-12 15:06:38 +03:00 · 0a35f06ff5
commit 0a35f06ff5
parent c9c5534cf0
8 changed files with 87 additions and 48 deletions
--- a/apps/account/models.py
+++ b/apps/account/models.py
@ -1,3 +1,4 @@
+"""Account models"""
 from typing import Union

 from django.conf import settings
@ -79,7 +80,9 @@ class User(ImageMixin, AbstractUser):
        """Method to remove user refresh tokens"""
        source = source if isinstance(source, list) else [source, ]
        refresh_tokens = self.oauth2_provider_refreshtoken.filter(
-            application__source__in=source)
+            application__source__in=source,
+            access_token__isnull=False
+        )
        if refresh_tokens.exists():
            for token in refresh_tokens:
                token.revoke()
@ -156,10 +159,15 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
        """Check if valid token or not"""
        return timezone.now() > self.expiry_datetime

-    def generate_key(self):
-        """generates a pseudo random code"""
+    def generate_token(self):
+        """Generates a pseudo random code"""
        return default_token_generator.make_token(self.user)

+    @staticmethod
+    def token_is_valid(user, token):
+        """Check if token is valid"""
+        return default_token_generator.check_token(user, token)
+
    def save(self, *args, **kwargs):
        """Override save method"""
        if not self.expiry_datetime:
@ -168,7 +176,7 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
                    timezone.timedelta(hours=self.get_resetting_token_expiration)
            )
        if not self.key:
-            self.key = self.generate_key()
+            self.key = self.generate_token()
        return super(ResetPasswordToken, self).save(*args, **kwargs)

    def get_reset_password_template(self):
@ -186,7 +194,7 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
                             message=self.get_reset_password_template())

    def confirm_reset_password_request(self):
-        """Method to confirm reset user passwrod request"""
+        """Method to confirm reset user password request"""
        # Remove access token and revoke refresh tokens
        self.user.remove_access_tokens(source=[Application.MOBILE,
-                                               Application.WEB])
+                                               Application.WEB])
--- a/apps/account/serializers/common.py
+++ b/apps/account/serializers/common.py
@ -1,4 +1,4 @@
-"""Common serializers"""
+"""Common account serializers"""
 from fcm_django.models import FCMDevice
 from rest_framework import serializers, exceptions

--- a/apps/account/serializers/web.py
+++ b/apps/account/serializers/web.py
@ -1,17 +1,47 @@
+"""Serializers for account web"""
 from django.contrib.auth import password_validation as password_validators
 from rest_framework import serializers

+from account import models
+from utils import exceptions as utils_exceptions

-class PasswordResetConfirmSerializer(serializers.Serializer):
-    """Serializer for reset password"""

-    password = serializers.CharField(write_only=True)
+class PasswordResetSerializer(serializers.ModelSerializer):
+    """Serializer from model PasswordReset"""

-    def validate_password(self, data):
-        """Custom password validation"""
+    class Meta:
+        """Meta class"""
+        model = models.ResetPasswordToken
+        fields = ('expiry_datetime', )
+
+    def create(self, validated_data, *args, **kwargs):
+        """Override create method"""
+        request = self.context.get('request')
+        user = request.user
+        ip_address = request.META.get('REMOTE_ADDR')
+        obj = models.ResetPasswordToken.objects.create(
+            user=user,
+            ip_address=ip_address,
+            source=models.ResetPasswordToken.MOBILE
+        )
        try:
-            password_validators.validate_password(password=data)
-        except serializers.ValidationError as e:
-            raise serializers.ValidationError(str(e))
-        else:
-            return data
+            # todo: make as celery task
+            obj.send_reset_password_request()
+            return obj
+        except:
+            raise utils_exceptions.EmailSendingError(user.email)
+
+
+# class PasswordResetConfirmSerializer(serializers.Serializer):
+#     """Serializer for reset password"""
+#
+#     password = serializers.CharField(write_only=True)
+#
+#     def validate_password(self, data):
+#         """Custom password validation"""
+#         try:
+#             password_validators.validate_password(password=data)
+#         except serializers.ValidationError as e:
+#             raise serializers.ValidationError(str(e))
+#         else:
+#             return data
--- a/apps/account/urls/web.py
+++ b/apps/account/urls/web.py
@ -1,5 +1,4 @@
 """Web account URLs"""
-from django.contrib.auth.urls import urlpatterns as django_urls
 from django.urls import path

 from account.urls import common as common_views
@ -10,10 +9,9 @@ app_name = 'account'
 urlpatterns_api = [
    path('reset-password/', views.PasswordResetView.as_view(),
         name='password-reset'),
-    path('reset-password/<str:token>/confirm', views.PasswordResetConfirmView.as_view(),
-         name='password-reset-confirm'),
+    # path('reset-password/<str:token>/confirm/', views.PasswordResetConfirmView.as_view(),
+    #      name='password-reset-confirm'),
 ]

 urlpatterns = urlpatterns_api + \
-              common_views.urlpatterns + \
-              django_urls
+              common_views.urlpatterns
--- a/apps/account/views/web.py
+++ b/apps/account/views/web.py
@ -1,36 +1,29 @@
 """Web account views"""
-from rest_framework import status, generics
-from rest_framework.response import Response
+from rest_framework import generics

 from account import models
 from account.serializers import web as serializers
-from utils import exceptions as utils_exceptions


 # Password reset
-class PasswordResetView(generics.GenericAPIView):
+class PasswordResetView(generics.CreateAPIView):
    """View for resetting user password"""

-    def post(self, request, *args, **kwargs):
-        """Post-method for password resetting"""
-        user = request.user
-        obj = models.ResetPasswordToken.objects.create(
-            user=user,
-            ip_address=request.META.get('REMOTE_ADDR'),
-            source=models.ResetPasswordToken.MOBILE
-        )
-        try:
-            # todo: make as celery task
-            obj.send_reset_password_request()
-            return Response(status=status.HTTP_200_OK)
-        except:
-            raise utils_exceptions.EmailSendingError(user.email)
+    serializer_class = serializers.PasswordResetSerializer
+    queryset = models.ResetPasswordToken


-class PasswordResetConfirmView(generics.GenericAPIView):
-    """View for confirmation new password"""
-
-    serializer_class = serializers.PasswordResetConfirmSerializer
-
-    def post(self, request, *args, **kwargs):
-        """Post method to confirm user change password request"""
+# class PasswordResetConfirmView(generics.GenericAPIView):
+#     """View for confirmation new password"""
+#
+#     serializer_class = serializers.PasswordResetConfirmSerializer
+#
+#     def post(self, request, *args, **kwargs):
+#         """Post method to confirm user change password request"""
+#         user = request.user
+#         token = kwargs.get('token')
+#         serializer = self.get_serializer(data=request.data)
+#         serializer.is_valid(raise_exception=True)
+#         if models.ResetPasswordToken.token_is_valid(user=user,
+#                                                     token=token):
+#             pass
--- a/project/settings/base.py
+++ b/project/settings/base.py
@ -78,6 +78,7 @@ MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'oauth2_provider.middleware.OAuth2TokenMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
@ -323,3 +324,7 @@ THUMBNAIL_ALIASES = {

 # Password reset
 RESETTING_TOKEN_EXPIRATION = 24  # hours
+
+# CORS Config
+CORS_ORIGIN_ALLOW_ALL = True
+CORS_ALLOW_CREDENTIALS = False
--- a/requirements/base.txt
+++ b/requirements/base.txt
@ -21,4 +21,7 @@ amqp>=2.4.0
 djangorestframework-oauth
 django-rest-framework-social-oauth2==1.1.0

-django-extensions==2.2.1
+django-extensions==2.2.1
+
+# CORS
+django-cors-headers==3.0.2
--- a/requirements/development.txt
+++ b/requirements/development.txt
@ -0,0 +1,2 @@
+-r base.txt
+ipython