version 0.0.5.11: refactored and setup CORS

apps/account/models.py

@@ -1,3 +1,4 @@
+"""Account models"""
 from typing import Union
 
 from django.conf import settings
@@ -79,7 +80,9 @@ class User(ImageMixin, AbstractUser):
         """Method to remove user refresh tokens"""
         source = source if isinstance(source, list) else [source, ]
         refresh_tokens = self.oauth2_provider_refreshtoken.filter(
-            application__source__in=source)
+            application__source__in=source,
+            access_token__isnull=False
+        )
         if refresh_tokens.exists():
             for token in refresh_tokens:
                 token.revoke()
@@ -156,10 +159,15 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
         """Check if valid token or not"""
         return timezone.now() > self.expiry_datetime
 
-    def generate_key(self):
+    def generate_token(self):
-        """generates a pseudo random code"""
+        """Generates a pseudo random code"""
         return default_token_generator.make_token(self.user)
 
+    @staticmethod
+    def token_is_valid(user, token):
+        """Check if token is valid"""
+        return default_token_generator.check_token(user, token)
+
     def save(self, *args, **kwargs):
         """Override save method"""
         if not self.expiry_datetime:
@@ -168,7 +176,7 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
                     timezone.timedelta(hours=self.get_resetting_token_expiration)
             )
         if not self.key:
-            self.key = self.generate_key()
+            self.key = self.generate_token()
         return super(ResetPasswordToken, self).save(*args, **kwargs)
 
     def get_reset_password_template(self):
@@ -186,7 +194,7 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
                              message=self.get_reset_password_template())
 
     def confirm_reset_password_request(self):
-        """Method to confirm reset user passwrod request"""
+        """Method to confirm reset user password request"""
         # Remove access token and revoke refresh tokens
         self.user.remove_access_tokens(source=[Application.MOBILE,
                                                Application.WEB])

apps/account/serializers/common.py

@@ -1,4 +1,4 @@
-"""Common serializers"""
+"""Common account serializers"""
 from fcm_django.models import FCMDevice
 from rest_framework import serializers, exceptions
 

apps/account/serializers/web.py

@@ -1,17 +1,47 @@
+"""Serializers for account web"""
 from django.contrib.auth import password_validation as password_validators
 from rest_framework import serializers
 
+from account import models
+from utils import exceptions as utils_exceptions
 
-class PasswordResetConfirmSerializer(serializers.Serializer):
-    """Serializer for reset password"""
 
-    password = serializers.CharField(write_only=True)
+class PasswordResetSerializer(serializers.ModelSerializer):
+    """Serializer from model PasswordReset"""
 
-    def validate_password(self, data):
+    class Meta:
-        """Custom password validation"""
+        """Meta class"""
+        model = models.ResetPasswordToken
+        fields = ('expiry_datetime', )
+
+    def create(self, validated_data, *args, **kwargs):
+        """Override create method"""
+        request = self.context.get('request')
+        user = request.user
+        ip_address = request.META.get('REMOTE_ADDR')
+        obj = models.ResetPasswordToken.objects.create(
+            user=user,
+            ip_address=ip_address,
+            source=models.ResetPasswordToken.MOBILE
+        )
         try:
-            password_validators.validate_password(password=data)
+            # todo: make as celery task
-        except serializers.ValidationError as e:
+            obj.send_reset_password_request()
-            raise serializers.ValidationError(str(e))
+            return obj
-        else:
+        except:
-            return data
+            raise utils_exceptions.EmailSendingError(user.email)
+
+
+# class PasswordResetConfirmSerializer(serializers.Serializer):
+#     """Serializer for reset password"""
+#
+#     password = serializers.CharField(write_only=True)
+#
+#     def validate_password(self, data):
+#         """Custom password validation"""
+#         try:
+#             password_validators.validate_password(password=data)
+#         except serializers.ValidationError as e:
+#             raise serializers.ValidationError(str(e))
+#         else:
+#             return data

apps/account/urls/web.py

@@ -1,5 +1,4 @@
 """Web account URLs"""
-from django.contrib.auth.urls import urlpatterns as django_urls
 from django.urls import path
 
 from account.urls import common as common_views
@@ -10,10 +9,9 @@ app_name = 'account'
 urlpatterns_api = [
     path('reset-password/', views.PasswordResetView.as_view(),
          name='password-reset'),
-    path('reset-password/<str:token>/confirm', views.PasswordResetConfirmView.as_view(),
+    # path('reset-password/<str:token>/confirm/', views.PasswordResetConfirmView.as_view(),
-         name='password-reset-confirm'),
+    #      name='password-reset-confirm'),
 ]
 
 urlpatterns = urlpatterns_api + \
-              common_views.urlpatterns + \
+              common_views.urlpatterns
-              django_urls

apps/account/views/web.py

@@ -1,36 +1,29 @@
 """Web account views"""
-from rest_framework import status, generics
+from rest_framework import generics
-from rest_framework.response import Response
 
 from account import models
 from account.serializers import web as serializers
-from utils import exceptions as utils_exceptions
 
 
 # Password reset
-class PasswordResetView(generics.GenericAPIView):
+class PasswordResetView(generics.CreateAPIView):
     """View for resetting user password"""
 
-    def post(self, request, *args, **kwargs):
+    serializer_class = serializers.PasswordResetSerializer
-        """Post-method for password resetting"""
+    queryset = models.ResetPasswordToken
-        user = request.user
-        obj = models.ResetPasswordToken.objects.create(
-            user=user,
-            ip_address=request.META.get('REMOTE_ADDR'),
-            source=models.ResetPasswordToken.MOBILE
-        )
-        try:
-            # todo: make as celery task
-            obj.send_reset_password_request()
-            return Response(status=status.HTTP_200_OK)
-        except:
-            raise utils_exceptions.EmailSendingError(user.email)
 
 
-class PasswordResetConfirmView(generics.GenericAPIView):
+# class PasswordResetConfirmView(generics.GenericAPIView):
-    """View for confirmation new password"""
+#     """View for confirmation new password"""
-
+#
-    serializer_class = serializers.PasswordResetConfirmSerializer
+#     serializer_class = serializers.PasswordResetConfirmSerializer
-
+#
-    def post(self, request, *args, **kwargs):
+#     def post(self, request, *args, **kwargs):
-        """Post method to confirm user change password request"""
+#         """Post method to confirm user change password request"""
+#         user = request.user
+#         token = kwargs.get('token')
+#         serializer = self.get_serializer(data=request.data)
+#         serializer.is_valid(raise_exception=True)
+#         if models.ResetPasswordToken.token_is_valid(user=user,
+#                                                     token=token):
+#             pass

project/settings/base.py

@@ -78,6 +78,7 @@ MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'oauth2_provider.middleware.OAuth2TokenMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
@@ -323,3 +324,7 @@ THUMBNAIL_ALIASES = {
 
 # Password reset
 RESETTING_TOKEN_EXPIRATION = 24  # hours
+
+# CORS Config
+CORS_ORIGIN_ALLOW_ALL = True
+CORS_ALLOW_CREDENTIALS = False

requirements/base.txt

@@ -22,3 +22,6 @@ djangorestframework-oauth
 django-rest-framework-social-oauth2==1.1.0
 
 django-extensions==2.2.1
+
+# CORS
+django-cors-headers==3.0.2

requirements/development.txt

@@ -0,0 +1,2 @@
+-r base.txt
+ipython