VladPolskiy/mediacms-user-docs
1
0
Fork 0
mirror of https://github.com/mediacms-io/mediacms.git synced 2025-07-25 01:19:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feat urls (#257)

Browse Source 
add new URLS, add swaggger doc, add tests
This commit is contained in:
Markos Gogoulos
2021-08-05 13:25:25 +03:00
committed by GitHub
parent 86cc0442d8
commit ba94989e6a
17 changed files with 370 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
users/forms.py
View File

@ -1,5 +1,7 @@
from django import forms
from files.methods import is_mediacms_manager
from .models import Channel, User
@ -17,7 +19,6 @@ class UserForm(forms.ModelForm):
fields = (
"name",
"description",
"email",
"logo",
"notification_on_comments",
"is_featured",
@ -39,7 +40,7 @@ class UserForm(forms.ModelForm):
def __init__(self, user, *args, **kwargs):
super(UserForm, self).__init__(*args, **kwargs)
self.fields.pop("is_featured")
if not user.is_superuser:
if not is_mediacms_manager(user):
self.fields.pop("advancedUser")
self.fields.pop("is_manager")
self.fields.pop("is_editor")

46
users/serializers.py
View File

@ -1,4 +1,7 @@
from django.conf import settings
from django.contrib.auth import authenticate
from rest_framework import serializers
from rest_framework.authtoken.models import Token
from .models import User
@ -77,3 +80,46 @@ class UserDetailSerializer(serializers.ModelSerializer):
"default_channel_edit_url",
)
extra_kwargs = {"name": {"required": False}}
class LoginSerializer(serializers.Serializer):
email = serializers.CharField(max_length=255, required=False)
username = serializers.CharField(max_length=255, required=False)
password = serializers.CharField(max_length=128, write_only=True)
token = serializers.CharField(max_length=255, required=False)
def validate(self, data):
email = data.get('email', None)
username = data.get('username', None)
password = data.get('password', None)
if settings.ACCOUNT_AUTHENTICATION_METHOD == 'username' and not username:
raise serializers.ValidationError('username is required to log in.')
else:
username_or_email = username
if settings.ACCOUNT_AUTHENTICATION_METHOD == 'email' and not email:
raise serializers.ValidationError('email is required to log in.')
else:
username_or_email = email
if settings.ACCOUNT_AUTHENTICATION_METHOD == 'username_email' and not (username or email):
raise serializers.ValidationError('username or email is required to log in.')
else:
username_or_email = username or email
if password is None:
raise serializers.ValidationError('password is required to log in.')
user = authenticate(username=username_or_email, password=password)
if user is None:
raise serializers.ValidationError('User not found.')
if not user.is_active:
raise serializers.ValidationError('User has been deactivated.')
token = Token.objects.filter(user=user).first()
if not token:
token = Token.objects.create(user=user)
return {'email': user.email, 'username': user.username, 'token': token.key}

30
users/urls.py
View File

@ -1,41 +1,45 @@
from django.conf.urls import url
from django.conf.urls import re_path
from django.urls import path
from . import views
urlpatterns = [
url(r"^user/(?P<username>[\w@._-]*)$", views.view_user, name="get_user"),
url(r"^user/(?P<username>[\w@._-]*)/$", views.view_user, name="get_user"),
url(
re_path(r"^user/(?P<username>[\w@._-]*)$", views.view_user, name="get_user"),
re_path(r"^user/(?P<username>[\w@._-]*)/$", views.view_user, name="get_user"),
re_path(
r"^user/(?P<username>[\w@.]*)/media$",
views.view_user_media,
name="get_user_media",
),
url(
re_path(
r"^user/(?P<username>[\w@.]*)/playlists$",
views.view_user_playlists,
name="get_user_playlists",
),
url(
re_path(
r"^user/(?P<username>[\w@.]*)/about$",
views.view_user_about,
name="get_user_about",
),
url(r"^user/(?P<username>[\w@.]*)/edit$", views.edit_user, name="edit_user"),
url(r"^channel/(?P<friendly_token>[\w]*)$", views.view_channel, name="view_channel"),
url(
re_path(r"^user/(?P<username>[\w@.]*)/edit$", views.edit_user, name="edit_user"),
re_path(r"^channel/(?P<friendly_token>[\w]*)$", views.view_channel, name="view_channel"),
re_path(
r"^channel/(?P<friendly_token>[\w]*)/edit$",
views.edit_channel,
name="edit_channel",
),
# API VIEWS
url(r"^api/v1/users$", views.UserList.as_view(), name="api_users"),
url(r"^api/v1/users/$", views.UserList.as_view()),
url(
path('api/v1/whoami', views.UserWhoami.as_view(), name='user-whoami'),
path('api/v1/user/token', views.UserToken.as_view(), name='user-token'),
path('api/v1/login', views.LoginView.as_view(), name='user-login'),
re_path(r"^api/v1/users$", views.UserList.as_view(), name="api_users"),
re_path(r"^api/v1/users/$", views.UserList.as_view()),
re_path(
r"^api/v1/users/(?P<username>[\w@._-]*)$",
views.UserDetail.as_view(),
name="api_get_user",
),
url(
re_path(
r"^api/v1/users/(?P<username>[\w@._-]*)/contact",
views.contact_user,
name="api_contact_user",

67
users/views.py
View File

@ -5,7 +5,8 @@ from django.http import HttpResponseRedirect
from django.shortcuts import render
from drf_yasg import openapi as openapi
from drf_yasg.utils import swagger_auto_schema
from rest_framework import permissions, status
from rest_framework import generics, permissions, status
from rest_framework.authtoken.models import Token
from rest_framework.decorators import api_view
from rest_framework.exceptions import PermissionDenied
from rest_framework.parsers import (
@ -23,7 +24,7 @@ from files.methods import is_mediacms_editor, is_mediacms_manager
from .forms import ChannelForm, UserForm
from .models import Channel, User
from .serializers import UserDetailSerializer, UserSerializer
from .serializers import LoginSerializer, UserDetailSerializer, UserSerializer
def get_user(username):
@ -305,3 +306,65 @@ class UserDetail(APIView):
user.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
class UserWhoami(generics.RetrieveAPIView):
parser_classes = (JSONParser, FormParser, MultiPartParser)
queryset = User.objects.all()
permission_classes = (permissions.IsAuthenticated,)
serializer_class = UserDetailSerializer
def get_object(self):
return User.objects.get(id=self.request.user.id)
@swagger_auto_schema(
tags=['Users'],
operation_summary='Whoami user information',
operation_description='Whoami user information',
responses={200: openapi.Response('response description', UserDetailSerializer), 403: 'Forbidden'},
)
def get(self, request, *args, **kwargs):
return super(UserWhoami, self).get(request, *args, **kwargs)
class UserToken(APIView):
parser_classes = (JSONParser,)
permission_classes = (permissions.IsAuthenticated,)
@swagger_auto_schema(
tags=['Users'],
operation_summary='Get a user token',
operation_description="Returns an authenticated user's token",
responses={200: 'token', 403: 'Forbidden'},
)
def get(self, request, *args, **kwargs):
token = Token.objects.filter(user=request.user).first()
if not token:
token = Token.objects.create(user=request.user)
return Response({'token': str(token)}, status=200)
class LoginView(APIView):
permission_classes = (permissions.AllowAny,)
serializer_class = LoginSerializer
parser_classes = (MultiPartParser, FormParser, FileUploadParser)
@swagger_auto_schema(
tags=['Users'],
operation_summary='Login url',
operation_description="Login url endpoint. According to what the portal provides, you may provide username and/or email, plus the password",
manual_parameters=[
openapi.Parameter(name="username", in_=openapi.IN_FORM, type=openapi.TYPE_STRING, required=False, description="username"),
openapi.Parameter(name="email", in_=openapi.IN_FORM, type=openapi.TYPE_STRING, required=False, description="email"),
openapi.Parameter(name="password", in_=openapi.IN_FORM, type=openapi.TYPE_STRING, required=True, description="password"),
],
responses={200: openapi.Response('user details', LoginSerializer), 404: 'Bad request'},
)
def post(self, request):
data = request.data
serializer = self.serializer_class(data=data)
serializer.is_valid(raise_exception=True)
return Response(serializer.data, status=status.HTTP_200_OK)