added endpoint to change an email

2019-08-30 17:56:35 +03:00 · 2019-08-30 17:56:35 +03:00 · f8b87c4788
commit f8b87c4788
parent f0743fe688
13 changed files with 197 additions and 34 deletions
--- a/apps/account/admin.py
+++ b/apps/account/admin.py
@ -27,7 +27,7 @@ class UserAdmin(BaseUserAdmin):
        (_('Important dates'), {'fields': ('last_login', 'date_joined')}),
        (_('Permissions'), {
            'fields': (
-                'is_active', 'is_staff', 'is_superuser', 'email_confirmed'
+                'is_active', 'is_staff', 'is_superuser', 'email_confirmed',
                'groups', 'user_permissions'),
            'classes': ('collapse', )
        }),
--- a/apps/account/models.py
+++ b/apps/account/models.py
@ -15,7 +15,7 @@ from rest_framework.authtoken.models import Token
 from authorization.models import Application
 from utils.models import ImageMixin, ProjectBaseMixin, PlatformMixin
-from utils.models import gm_token_generator
+from utils.models import GMTokenGenerator
 class UserManager(BaseUserManager):
@ -126,24 +126,40 @@ class User(ImageMixin, AbstractUser):
    @property
    def confirm_email_token(self):
        """Make a token for finish signup."""
-        return gm_token_generator.make_token(self)
+        return GMTokenGenerator(purpose=GMTokenGenerator.CONFIRM_EMAIL).make_token(self)
    @property
    def change_email_token(self):
        """Make a token for change email."""
        return GMTokenGenerator(purpose=GMTokenGenerator.CHANGE_EMAIL).make_token(self)
    @property
    def reset_password_token(self):
        """Make a token for finish signup."""
-        return password_token_generator.make_token(self)
+        return GMTokenGenerator(purpose=GMTokenGenerator.RESET_PASSWORD).make_token(self)
    @property
    def get_user_uidb64(self):
        """Get base64 value for user by primary key identifier"""
        return urlsafe_base64_encode(force_bytes(self.pk))
-    def get_confirm_email_template(self):
+    @property
    def confirm_email_template(self):
        """Get confirm email template"""
        return render_to_string(
            template_name=settings.CONFIRM_EMAIL_TEMPLATE,
            context={'token': self.confirm_email_token,
-                     'uid': self.get_user_uidb64,
+                     'uidb64': self.get_user_uidb64,
                     'domain_uri': settings.DOMAIN_URI,
                     'site_name': settings.SITE_NAME})
    @property
    def change_email_template(self):
        """Get change email template"""
        return render_to_string(
            template_name=settings.CHANGE_EMAIL_TEMPLATE,
            context={'token': self.change_email_token,
                     'uidb64': self.get_user_uidb64,
                     'domain_uri': settings.DOMAIN_URI,
                     'site_name': settings.SITE_NAME})
@ -221,10 +237,20 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
        """Generates a pseudo random code"""
        return password_token_generator.make_token(self.user)
    @property
    def reset_password_template(self):
        """Get reset password template"""
        return render_to_string(
            template_name=settings.RESETTING_TOKEN_TEMPLATE,
            context={'token': self.key,
                     'uidb64': self.user.get_user_uidb64,
                     'domain_uri': settings.DOMAIN_URI,
                     'site_name': settings.SITE_NAME})
    @staticmethod
    def token_is_valid(user, token):
        """Check if token is valid"""
-        return gm_token_generator.check_token(user, token)
+        return password_token_generator.check_token(user, token)
    def overdue(self):
        """Overdue instance"""
@ -241,13 +267,3 @@ class ResetPasswordToken(PlatformMixin, ProjectBaseMixin):
        if not self.key:
            self.key = self.generate_token
        return super(ResetPasswordToken, self).save(*args, **kwargs)
    def get_reset_password_template(self):
        """Get reset password template"""
        return render_to_string(
            template_name=settings.RESETTING_TOKEN_TEMPLATE,
            context={'token': self.key,
                     'uidb64': self.user.get_user_uidb64,
                     'domain_uri': settings.DOMAIN_URI,
                     'site_name': settings.SITE_NAME})
--- a/apps/account/serializers/common.py
+++ b/apps/account/serializers/common.py
@ -6,6 +6,7 @@ from account import models
 from utils import exceptions as utils_exceptions
 from rest_framework_simplejwt import tokens
 from django.conf import settings
 from account import tasks
 # User serializers
@ -98,3 +99,47 @@ class RefreshTokenSerializer(serializers.Serializer):
            data['refresh_token'] = str(token)
        return data
 class ChangeEmailSerializer(serializers.ModelSerializer):
    """Change user email serializer"""
    class Meta:
        """Meta class"""
        model = models.User
        fields = (
            'id',
            'email',
        )
        read_only_fields = (
            'id',
        )
    def validate_email(self, value):
        """Validate email value"""
        if value == self.instance.email:
            # todo: added custom exception
            raise serializers.ValidationError()
        return value
    def validate(self, attrs):
        """Override validate method"""
        email_confirmed = self.instance.email_confirmed
        if not email_confirmed:
            # todo: added custom exception
            raise serializers.ValidationError()
        return attrs
    def update(self, instance, validated_data):
        """
        Override update method
        """
        instance.email = validated_data.get('email')
        instance.email_confirmed = False
        instance.save()
        # Send verification link on user email for change email address
        if settings.USE_CELERY:
            tasks.confirm_new_email_address.delay(instance.id)
        else:
            tasks.confirm_new_email_address(instance.id)
        return instance
--- a/apps/account/tasks.py
+++ b/apps/account/tasks.py
@ -17,8 +17,20 @@ def send_reset_password_email(request_id):
        obj = models.ResetPasswordToken.objects.get(id=request_id)
        user = obj.user
        user.send_email(subject=_('Password resetting'),
-                        message=obj.get_reset_password_template())
+                        message=obj.reset_password_template)
    except:
        logger.error(f'METHOD_NAME: {send_reset_password_email.__name__}\n'
                     f'DETAIL: Exception occurred for ResetPasswordToken instance: '
                     f'{request_id}')
@shared_task
 def confirm_new_email_address(user_id):
    """Send email to user new email."""
    try:
        user = models.User.objects.get(id=user_id)
        user.send_email(subject=_('Validate new email address'),
                        message=user.change_email_template)
    except:
        logger.error(f'METHOD_NAME: {confirm_new_email_address.__name__}\n'
                     f'DETAIL: Exception occurred for user: {user_id}')
--- a/apps/account/urls/common.py
+++ b/apps/account/urls/common.py
@ -7,5 +7,7 @@ app_name = 'account'
 urlpatterns = [
    path('user/', views.UserView.as_view(), name='user-get-update'),
-    path('refresh-token/', views.RefreshTokenView.as_view(), name="refresh-token"),
+    path('refresh-token/', views.RefreshTokenView.as_view(), name='refresh-token'),
    path('change-email/', views.ChangeEmailView.as_view(), name='change-email'),
    path('change-email/confirm/<uidb64>/<token>/', views.ChangeEmailConfirmView.as_view(), name='change-email-confirm'),
 ]
--- a/apps/account/views/common.py
+++ b/apps/account/views/common.py
@ -3,6 +3,10 @@ from fcm_django.models import FCMDevice
 from rest_framework import generics, status
 from rest_framework import permissions
 from rest_framework.response import Response
 from django.utils.encoding import force_text
 from django.utils.http import urlsafe_base64_decode
 from utils.models import GMTokenGenerator
 from utils import exceptions as utils_exceptions
 from account import models
 from account.serializers import common as serializers
@ -72,3 +76,43 @@ class RefreshTokenView(JWTGenericViewMixin):
            cookies=self._put_data_in_cookies(access_token=access_token,
                                              refresh_token=refresh_token),
            response=response)
 # Change user email
 class ChangeEmailView(JWTGenericViewMixin):
    """Change user email view"""
    serializer_class = serializers.ChangeEmailSerializer
    queryset = models.User.objects.all()
    def patch(self, request, *args, **kwargs):
        """Implement POST-method"""
        # Get user instance
        instance = self.request.user
        serializer = self.get_serializer(data=request.data, instance=instance)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        return Response(status=status.HTTP_200_OK)
 class ChangeEmailConfirmView(JWTGenericViewMixin):
    """View for confirm changing email"""
    permission_classes = (permissions.AllowAny, )
    def get(self, request, *args, **kwargs):
        """Implement GET-method"""
        uidb64 = kwargs.get('uidb64')
        token = kwargs.get('token')
        uid = force_text(urlsafe_base64_decode(uidb64))
        user_qs = models.User.objects.filter(pk=uid)
        if user_qs.exists():
            user = user_qs.first()
            if not GMTokenGenerator(GMTokenGenerator.CHANGE_EMAIL).check_token(
                    user, token):
                raise utils_exceptions.NotValidTokenError()
            # Approve email status
            user.confirm_email()
            return Response(status=status.HTTP_200_OK)
        else:
            raise utils_exceptions.UserNotFoundError()
--- a/apps/account/views/web.py
+++ b/apps/account/views/web.py
@ -21,7 +21,7 @@ from account import models
 from account.forms import SetPasswordForm
 from account.serializers import web as serializers
 from utils import exceptions as utils_exceptions
-from utils.models import gm_token_generator
+from utils.models import GMTokenGenerator
 from utils.views import (JWTCreateAPIView,
                         JWTGenericViewMixin)
@ -55,7 +55,8 @@ class PasswordResetConfirmView(JWTGenericViewMixin):
        filter_kwargs = {'key': token, 'user_id': user_id}
        obj = get_object_or_404(queryset, **filter_kwargs)
-        if not gm_token_generator.check_token(user=obj.user, token=token):
+        if not GMTokenGenerator(GMTokenGenerator.RESET_PASSWORD).check_token(
                user=obj.user, token=token):
            raise utils_exceptions.NotValidAccessTokenError()
        # May raise a permission denied
@ -89,6 +90,8 @@ class PasswordContextMixin:
 class FormPasswordResetSuccessView(views.APIView):
    """View for successful reset password"""
    permission_classes = (permissions.AllowAny, )
    def get(self, request, *args, **kwargs):
        """Implement GET-method"""
        return Response(status=status.HTTP_200_OK)
--- a/apps/authorization/serializers/common.py
+++ b/apps/authorization/serializers/common.py
@ -123,7 +123,8 @@ class LoginByUsernameOrEmailSerializer(JWTBaseSerializerMixin, serializers.Model
        username_or_email = attrs.pop('username_or_email')
        password = attrs.pop('password')
        user_qs = account_models.User.objects.filter(Q(username=username_or_email) |
-                                                     Q(email=username_or_email))
+                                                     (Q(email=username_or_email) &
                                                      Q(email_confirmed=True)))
        if not user_qs.exists():
            raise utils_exceptions.UserNotFoundError()
        else:
--- a/apps/authorization/tasks.py
+++ b/apps/authorization/tasks.py
@ -15,7 +15,7 @@ def send_confirm_email(user_id):
    try:
        obj = account_models.User.objects.get(id=user_id)
        obj.send_email(subject=_('Email confirmation'),
-                       message=obj.get_confirm_email_template())
+                       message=obj.confirm_email_template)
    except:
        logger.error(f'METHOD_NAME: {send_confirm_email.__name__}\n'
                     f'DETAIL: Exception occurred for user: {user_id}')
--- a/apps/authorization/views/common.py
+++ b/apps/authorization/views/common.py
@ -16,7 +16,7 @@ from rest_framework.response import Response
 from rest_framework_simplejwt import tokens as jwt_tokens
 from rest_framework_social_oauth2.oauth2_backends import KeepRequestCore
 from rest_framework_social_oauth2.oauth2_endpoints import SocialTokenServer
-from utils.models import gm_token_generator
+from utils.models import GMTokenGenerator
 from account.models import User
 from authorization.models import Application
@ -182,7 +182,8 @@ class VerifyEmailConfirmView(JWTGenericViewMixin):
        user_qs = User.objects.filter(pk=uid)
        if user_qs.exists():
            user = user_qs.first()
-            if not gm_token_generator.check_token(user, token):
+            if not GMTokenGenerator(GMTokenGenerator.CONFIRM_EMAIL).check_token(
                    user, token):
                raise utils_exceptions.NotValidTokenError()
            # Approve email status
            user.confirm_email()
--- a/apps/utils/models.py
+++ b/apps/utils/models.py
@ -189,13 +189,39 @@ class LocaleManagerMixin(models.Manager):
 class GMTokenGenerator(PasswordResetTokenGenerator):
    CHANGE_EMAIL = 0
    RESET_PASSWORD = 1
    CHANGE_PASSWORD = 2
    CONFIRM_EMAIL = 3
    TOKEN_CHOICES = (
        CHANGE_EMAIL,
        RESET_PASSWORD,
        CHANGE_PASSWORD,
        CONFIRM_EMAIL
    )
    def __init__(self, purpose: int):
        if purpose in self.TOKEN_CHOICES:
            self.purpose = purpose
    def get_fields(self, user, timestamp):
        """
        Get user fields for hash value.
        """
        fields = [str(timestamp), str(user.is_active), str(user.pk)]
        if self.purpose == self.CHANGE_EMAIL or \
           self.purpose == self.CONFIRM_EMAIL:
            fields.extend([str(user.email_confirmed), str(user.email)])
        elif self.purpose == self.RESET_PASSWORD or \
             self.purpose == self.CHANGE_PASSWORD:
            fields.append(str(user.password))
        return fields
    def _make_hash_value(self, user, timestamp):
-        return (
+        """
-                str(user.pk) +
+        Hash the user's primary key and some user state that's sure to change
-                str(user.email_confirmed) +
+        after a password reset to produce a token that invalidated when it's
-                str(timestamp) +
+        used.
-                str(user.is_active)
+        """
-        )
+        return self.get_fields(user, timestamp)
 gm_token_generator = GMTokenGenerator()
--- a/project/settings/base.py
+++ b/project/settings/base.py
@ -369,6 +369,7 @@ PASSWORD_RESET_TIMEOUT_DAYS = 1
 # TEMPLATES
 CONFIRMATION_PASSWORD_RESET_TEMPLATE = 'account/password_reset_confirm.html'
 RESETTING_TOKEN_TEMPLATE = 'account/password_reset_email.html'
 CHANGE_EMAIL_TEMPLATE = 'account/change_email.html'
 CONFIRM_EMAIL_TEMPLATE = 'authorization/confirm_email.html'
--- a/project/templates/account/change_email.html
+++ b/project/templates/account/change_email.html
@ -0,0 +1,12 @@
 {% load i18n %}{% autoescape off %}
 {% blocktrans %}You're receiving this email because you want to change email address at {{ site_name }}.{% endblocktrans %}
 {% trans "Please go to the following page for confirmation new email address:" %}
 {% block reset_link %}
 http://{{ domain_uri }}{% url 'web:account:change-email-confirm' uidb64=uidb64 token=token %}
 {% endblock %}
 {% trans "Thanks for using our site!" %}
 {% blocktrans %}The {{ site_name }} team{% endblocktrans %}
 {% endautoescape %}