Why Gemfury? Push, build, and install  RubyGems npm packages Python packages Maven artifacts PHP packages Go Modules Debian packages RPM packages NuGet packages

intellineers / wbauth python

Repository URL to install this package:

Version: 
0.1.1  ▾
Details    
wbauth / authentication / views.py
Size: Mime: 
import logging
import django_filters

from django.contrib.auth import get_user_model
from django.contrib.auth.models import Group, Permission
from django.contrib.auth.password_validation import validate_password
from django.core.exceptions import ValidationError
from django.shortcuts import render
from rest_framework import filters, permissions, status, viewsets
from rest_framework.authentication import (BasicAuthentication,
                                           SessionAuthentication,
                                           TokenAuthentication)
from rest_framework.authtoken.models import Token
from rest_framework.decorators import api_view, detail_route, list_route, permission_classes
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response
from rest_framework.reverse import reverse
from rest_framework.views import APIView
from authentication import serializers
from authentication.models import User
from rest_framework_simplejwt.authentication import JWTAuthentication
from authentication.filters import UserModelFilterSet
from django.http import HttpResponse, Http404
from wbutils.views import AppModelResponseHeaderMixin

logger = logging.getLogger()



class GroupViewSet(AppModelResponseHeaderMixin, viewsets.ModelViewSet):
    IDENTIFIER = 'authentication:group'
    queryset = Group.objects.all()
    serializer_class = serializers.GroupSerializer
    authentication_classes = (JWTAuthentication, TokenAuthentication, SessionAuthentication)


class PermissionViewSet(AppModelResponseHeaderMixin, viewsets.ModelViewSet):
    IDENTIFIER = 'authentication:permission'
    queryset = Permission.objects.all()
    serializer_class = serializers.PermissionSerializer
    authentication_classes = (JWTAuthentication, TokenAuthentication, SessionAuthentication)


class UserModelViewSet(AppModelResponseHeaderMixin, viewsets.ModelViewSet):
    IDENTIFIER = 'authentication:user'
    filter_backends = (django_filters.rest_framework.DjangoFilterBackend,filters.SearchFilter,filters.OrderingFilter,)
    filter_class = UserModelFilterSet
    search_fields = ('profile__first_name', 'profile__last_name', 'email')
    queryset = get_user_model().objects.none()
    serializer_class = serializers.UserModelSerializer

    def get_queryset(self):
        if self.request.user.is_superuser or self.request.user.profile.is_employee:
            return get_user_model().objects.all()
        qs = get_user_model().objects.filter(id=self.request.user.id)
        return self.get_serializer_class().prefetch_related(qs, self.request)


    @detail_route(methods=['post'], permission_classes=[permissions.IsAuthenticated])
    def reset_password(self, request, pk=None):
        user = get_user_model().objects.get(id=pk)
        user.reset_password()
        return Response({
            'detail': 'E-Mail send.'
        })

    @detail_route(methods=['post'], permission_classes=[permissions.IsAuthenticated])
    def change_password(self, request, pk=None):
        try:
            user = get_user_model().objects.get(id=pk)
            if user.check_password(request.data['old_password']):
                try:
                    validate_password(request.data['new_password'])
                    user.set_password(request.data['new_password'])
                    user.save()
                except ValidationError as e:
                    return Response({'error':e}, status=status.HTTP_400_BAD_REQUEST)

                return Response({
                    'detail': 'Password changed.'
                })
            else:
                return Response({'error':'wrong password'}, status=status.HTTP_401_UNAUTHORIZED)
        except:
            return Response({'detail':'old_password or new_password not given'}, status=status.HTTP_400_BAD_REQUEST)

@api_view(['GET'])
def reset_password(request):
    if request.method == 'GET':
        try:
            user = get_user_model().objects.get(email=request.GET['email'])
        except:
            return Response({
                'error': 'E-Mail does not exist.'
            }, status=status.HTTP_404_NOT_FOUND)
        else:
            user.reset_password()
            return Response({
                'detail': 'E-Mail send.'
            })
    else:
        return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)

@api_view(['GET'])
@permission_classes((IsAuthenticated, ))
def get_api_token(request):
    user = request.user
    print(user)
    if user:
        token, _created = Token.objects.get_or_create(user=user)
        return Response({
            'api_token': token.key
        })
    else:
        return Http404("No user found")

Products

About

Resources

Contact Gemfury