phzhik/kwork-poizonstore
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

+ djoser routes for user API

Browse Source
This commit is contained in:
Phil Zhitnikov 2023-07-12 23:18:31 +04:00
parent 92a5ac2c15
commit 2fdd009ca5
7 changed files with 18 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
poizonstore/settings.py
View File

@ -47,7 +47,6 @@ CORS_ALLOWED_ORIGINS = [
if DISABLE_CORS:
CORS_ALLOW_ALL_ORIGINS = True
CORS_ALLOW_CREDENTIALS = True
AUTH_USER_MODEL = 'store.User'
@ -65,6 +64,8 @@ INSTALLED_APPS = [
'corsheaders',
'django_cleanup.apps.CleanupSelectedConfig',
'rest_framework',
'rest_framework.authtoken',
'djoser',
'debug_toolbar',
'django_filters',
@ -146,14 +147,22 @@ REST_FRAMEWORK = {
'rest_framework.permissions.AllowAny'
],
'DEFAULT_AUTHENTICATION_CLASSES': (
'utils.permissions.CsrfExemptSessionAuthentication',
),
'DEFAULT_AUTHENTICATION_CLASSES': ['rest_framework.authentication.TokenAuthentication'],
'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend'],
'DEFAULT_PAGINATION_CLASS': 'utils.drf.StandardResultsSetPagination'
}
DJOSER = {
'LOGIN_FIELD': 'email',
'TOKEN_MODEL': 'rest_framework.authtoken.models.Token',
'SERIALIZERS': {
'user': 'store.serializers.UserSerializer',
'current_user': 'store.serializers.UserSerializer',
},
}
# Internationalization
# https://docs.djangoproject.com/en/4.2/topics/i18n/

2
poizonstore/urls.py
View File

@ -24,6 +24,8 @@ urlpatterns = [
path('admin/', admin.site.urls),
path('__debug__/', include('debug_toolbar.urls')),
path('', include('store.urls')),
path('', include('djoser.urls')),
path('auth/', include('djoser.urls.authtoken')),
] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) \
+ static(settings.STATIC_URL)

1
requirements.txt
View File

@ -4,6 +4,7 @@ django-cleanup==8.0.0
django-filter==23.2
djangorestframework==3.14.0
django-cors-headers==4.1.0
djoser==2.2.0
drf-extra-fields==3.5.0
Pillow==9.5.0

24
store/serializers.py
View File

@ -6,30 +6,6 @@ from store.exceptions import CRMException, InvalidCredentialsException
from store.models import User, Checklist, GlobalSettings, Category, PaymentMethod, Promocode, Image
class LoginSerializer(serializers.Serializer):
login = serializers.CharField(write_only=True, required=False)
password = serializers.CharField(trim_whitespace=False, write_only=True, required=False)
def validate(self, attrs):
email = attrs.get('login')
password = attrs.get('password')
if not email or not password:
raise CRMException('login and password is required')
user = authenticate(request=self.context.get('request'),
email=email,
password=password)
# The authenticate call simply returns None for is_active=False
# users. (Assuming the default ModelBackend authentication backend.)
if not user:
raise InvalidCredentialsException()
attrs['user'] = user
return attrs
class UserSerializer(serializers.ModelSerializer):
login = serializers.CharField(source='email', required=False)
job = serializers.CharField(source='job_title', required=False)

4
store/urls.py
View File

@ -10,10 +10,6 @@ router.register(r'statistics', views.StatisticsAPI, basename='statistics')
router.register(r'cdek', views.CDEKAPI, basename='cdek')
urlpatterns = [
path("login/", views.LoginAPI.as_view()),
path("users/", views.UserAPI.as_view()),
path("users/<int:pk>", views.UserAPI.as_view()),
path("checklist/", views.ChecklistAPI.as_view()),
path("checklist/<str:id>", views.ChecklistAPI.as_view()),

37
store/views.py
View File

@ -14,8 +14,8 @@ from rest_framework.response import Response
from cdek.api import CDEKClient
from store.exceptions import CRMException
from store.models import User, Checklist, GlobalSettings, Category, PaymentMethod, Promocode
from store.serializers import (UserSerializer, LoginSerializer, ChecklistSerializer, GlobalSettingsYuanRateSerializer,
from store.models import Checklist, GlobalSettings, Category, PaymentMethod, Promocode
from store.serializers import (ChecklistSerializer, GlobalSettingsYuanRateSerializer,
CategorySerializer, GlobalSettingsPriceSerializer, PaymentMethodSerializer,
PromocodeSerializer, GlobalSettingsPickupSerializer, AnonymousUserChecklistSerializer)
from utils.permissions import ReadOnly
@ -29,39 +29,6 @@ class DisablePermissionsMixin(generics.GenericAPIView):
return super().get_permissions()
class UserAPI(mixins.ListModelMixin, mixins.RetrieveModelMixin, generics.GenericAPIView):
serializer_class = UserSerializer
def get_queryset(self):
return User.objects.all()
def get(self, request, *args, **kwargs):
if 'pk' in kwargs:
return self.retrieve(request, *args, **kwargs)
return self.list(request, *args, **kwargs)
# Update some data on current user
def patch(self, request, *args, **kwargs):
instance = self.request.user
serializer = self.get_serializer(instance, data=request.data, partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
return Response(serializer.data)
class LoginAPI(generics.GenericAPIView):
serializer_class = LoginSerializer
permission_classes = (permissions.AllowAny,)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
login(request, user)
return Response(UserSerializer(user).data)
class ChecklistAPI(mixins.ListModelMixin,
mixins.CreateModelMixin,
mixins.RetrieveModelMixin,

8
utils/permissions.py
View File

@ -1,14 +1,6 @@
from rest_framework import permissions
from rest_framework.authentication import SessionAuthentication
from rest_framework.permissions import BasePermission, SAFE_METHODS
class CsrfExemptSessionAuthentication(SessionAuthentication):
def enforce_csrf(self, request):
# To not perform the csrf check previously happening
return
class ReadOnly(BasePermission):
def has_permission(self, request, view):
return request.method in SAFE_METHODS