"""Web account views""" from django.utils.encoding import force_text from django.utils.http import urlsafe_base64_decode from rest_framework import permissions from rest_framework import status from django.shortcuts import get_object_or_404 from rest_framework.response import Response from account import models from account.serializers import web as serializers from utils import exceptions as utils_exceptions from utils.models import gm_token_generator from utils.views import (JWTCreateAPIView, JWTGenericViewMixin) # Password reset class PasswordResetView(JWTCreateAPIView): """View for resetting user password""" serializer_class = serializers.PasswordResetSerializer queryset = models.ResetPasswordToken.objects.valid() class PasswordResetConfirmView(JWTGenericViewMixin): """View for confirmation new password""" serializer_class = serializers.PasswordResetConfirmSerializer permission_classes = (permissions.AllowAny,) def get_queryset(self): """Override get_queryset method""" return models.ResetPasswordToken.objects.valid() def get_object(self): """Override get_object method """ queryset = self.filter_queryset(self.get_queryset()) uidb64 = self.kwargs.get('uid') uid = force_text(urlsafe_base64_decode(uidb64)) token = self.kwargs.get('token') filter_kwargs = {'key': token, 'user_id': uid} obj = get_object_or_404(queryset, **filter_kwargs) if not gm_token_generator.check_token(user=obj.user, token=token): raise utils_exceptions.NotValidTokenError() # May raise a permission denied self.check_object_permissions(self.request, obj) return obj def put(self, request, *args, **kwargs): """Implement PUT method""" instance = self.get_object() serializer = self.get_serializer(instance=instance, data=request.data) serializer.is_valid(raise_exception=True) serializer.save() return Response(status=status.HTTP_200_OK)