updated reset-password method

2019-08-23 14:35:47 +03:00 · 2019-08-23 14:35:47 +03:00 · 1d18d654e3
commit 1d18d654e3
parent 2ebfc265e3
2 changed files with 27 additions and 11 deletions
--- a/apps/account/serializers/web.py
+++ b/apps/account/serializers/web.py
@ -1,7 +1,7 @@
 """Serializers for account web"""
 from django.conf import settings
-from rest_framework import serializers
 from django.contrib.auth import password_validation as password_validators
+from rest_framework import serializers

 from account import models
 from account import tasks
@ -10,20 +10,36 @@ from utils import exceptions as utils_exceptions

 class PasswordResetSerializer(serializers.ModelSerializer):
    """Serializer from model PasswordReset"""
+    email = serializers.EmailField(required=False,
+                                   write_only=True)

    class Meta:
        """Meta class"""
        model = models.ResetPasswordToken
-        fields = ('expiry_datetime', )
-        read_only_fields = [
-            'expiry_datetime',
-        ]
+        fields = (
+            'email',
+        )
+
+    def validate(self, attrs):
+        """Override validate method"""
+        user = self.context.get('request').user
+        email = attrs.get('email')
+
+        if not user.is_anonymous:
+            attrs['user'] = user
+        else:
+            # Check user in DB
+            user_qs = models.User.objects.filter(email=email)
+            if user_qs.exists():
+                attrs['user'] = user_qs.first()
+            else:
+                raise utils_exceptions.UserNotFoundError()
+        return attrs

    def create(self, validated_data, *args, **kwargs):
        """Override create method"""
-        request = self.context.get('request')
-        user = request.user
-        ip_address = request.META.get('REMOTE_ADDR')
+        user = validated_data.pop('user')
+        ip_address = self.context.get('request').META.get('REMOTE_ADDR')
        obj = models.ResetPasswordToken.objects.create(
            user=user,
            ip_address=ip_address,
--- a/apps/account/views/web.py
+++ b/apps/account/views/web.py
@ -16,16 +16,15 @@ from rest_framework import permissions
 from rest_framework import status
 from rest_framework import views
 from rest_framework.response import Response
-from account import tasks

 from account import models
+from account import tasks
 from account.forms import SetPasswordForm
 from account.serializers import web as serializers
 from utils import exceptions as utils_exceptions
 from utils.models import gm_token_generator
 from utils.views import (JWTCreateAPIView,
-                         JWTGenericViewMixin,
-                         JWTUpdateAPIView)
+                         JWTGenericViewMixin)


 # Email confirmation
@ -70,6 +69,7 @@ class VerifyEmailConfirmView(JWTGenericViewMixin):
 # Password reset
 class PasswordResetView(JWTCreateAPIView):
    """View for resetting user password"""
+    permission_classes = (permissions.AllowAny, )
    serializer_class = serializers.PasswordResetSerializer
    queryset = models.ResetPasswordToken.objects.valid()