gault-millau/apps/account/views/web.py

"""Web account views"""
from django.conf import settings
from django.contrib.auth.tokens import default_token_generator as password_token_generator
from django.shortcuts import get_object_or_404
from django.utils.encoding import force_text
from django.utils.http import urlsafe_base64_decode
from rest_framework import permissions, status, generics
from rest_framework.response import Response

from account import tasks, models
from account.serializers import web as serializers
from utils import exceptions as utils_exceptions
from utils.views import JWTGenericViewMixin


class PasswordResetView(generics.GenericAPIView):
    """View for resetting user password"""
    permission_classes = (permissions.AllowAny, )
    serializer_class = serializers.PasswordResetSerializer

    def post(self, request, *args, **kwargs):
        """Override create method"""
        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        if not serializer.validated_data.get('user').is_anonymous:
            user = serializer.validated_data.pop('user')
            if settings.USE_CELERY:
                tasks.send_reset_password_email.delay(user_id=user.id,
                                                      country_code=self.request.country_code)
            else:
                tasks.send_reset_password_email(user_id=user.id,
                                                country_code=self.request.country_code)
        return Response(status=status.HTTP_200_OK)


class PasswordResetConfirmView(JWTGenericViewMixin):
    """View for confirmation new password"""
    serializer_class = serializers.PasswordResetConfirmSerializer
    permission_classes = (permissions.AllowAny,)
    queryset = models.User.objects.active()

    def get_object(self):
        """Override get_object method"""
        queryset = self.filter_queryset(self.get_queryset())
        uidb64 = self.kwargs.get('uidb64')

        user_id = force_text(urlsafe_base64_decode(uidb64))
        token = self.kwargs.get('token')

        obj = get_object_or_404(queryset, id=user_id)

        if not password_token_generator.check_token(user=obj, token=token):
            raise utils_exceptions.NotValidTokenError()

        # May raise a permission denied
        self.check_object_permissions(self.request, obj)

        return obj

    def patch(self, request, *args, **kwargs):
        """Implement PATCH method"""
        instance = self.get_object()
        serializer = self.get_serializer(instance=instance,
                                         data=request.data)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        # Create tokens
        tokens = instance.create_jwt_tokens()
        return self._put_cookies_in_response(
            cookies=self._put_data_in_cookies(
                access_token=tokens.get('access_token'),
                refresh_token=tokens.get('refresh_token')),
            response=Response(status=status.HTTP_200_OK))