Compare commits

..

No commits in common. "048c8927b839f272574093ac5b21dc3f5d8fea5e" and "6835240173de587a26d1de1acf0b4fb881447bef" have entirely different histories.

12 changed files with 57 additions and 140 deletions

View file

@ -1,3 +1,4 @@
setuptools~=40.8.0 setuptools~=56.0.0
django~=2.2.13 django~=2.2.13
djangorestframework~=3.9.0 djangorestframework~=3.12.4
djoser~=2.1.0

View file

@ -2,7 +2,7 @@ import Cookies from "js-cookie";
type HTTPMethod = "GET" | "POST" | "PUT" | "PATCH"; type HTTPMethod = "GET" | "POST" | "PUT" | "PATCH";
export class APIError extends Error { class APIError extends Error {
constructor(message: string, public readonly errors: unknown) { constructor(message: string, public readonly errors: unknown) {
super(message); super(message);
} }
@ -29,7 +29,7 @@ async function request(
} }
init.headers.set("Accept", "application/json"); init.headers.set("Accept", "application/json");
init.headers.set("Content-Type", "application/json"); init.headers.set("Content-Type", "application/json");
const response = await fetch(`/${endpoint}/`, init); const response = await fetch(`/api/${endpoint}/`, init);
if (response.status !== 204) { if (response.status !== 204) {
if (response.status === successStatus) { if (response.status === successStatus) {
return await response.json(); return await response.json();
@ -39,69 +39,41 @@ async function request(
} }
} }
async function api_request(
method: HTTPMethod,
endpoint: string,
successStatus: number,
data: any,
authToken?: string
) {
return request(method, `api/${endpoint}`, successStatus, data, authToken);
}
export class User { export class User {
email: string | undefined; email: string | undefined;
password: string | undefined; password: string | undefined;
username: string | null = null; private username: string | null = null;
confidantEmail: string | null = null; private confidantEmail: string | null = null;
isAuthenticated = false; isAuthenticated = false;
private token = ""; private token = "";
static async confirm(uid: string, token: string): Promise<void> { static async confirm(uid: string, token: string): Promise<void> {
await api_request("POST", "users/activation", 204, { uid, token }); await request("POST", "users/activation", 204, { uid, token });
} }
async login(): Promise<void> { async login(): Promise<void> {
if (!this.email || !this.password) throw new APIError("", ""); const response = await request("POST", "token/login", 200, {
email: this.email,
// logout any existing sessions password: this.password,
//await logout() });
// fetch the login endpoint we use for authentication this.token = response.auth_token;
const loginEndpoint = "/api-auth/login/"; this.isAuthenticated = true;
// fetch the login page, so it sets csrf cookies
await window.fetch(loginEndpoint);
// authenticate us
const body = new window.FormData();
body.append("username", this.email);
body.append("password", this.password);
const csrf_token = Cookies.get("csrftoken");
if (csrf_token) body.append("csrfmiddlewaretoken", csrf_token);
const res = await window.fetch(loginEndpoint, { method: "post", body });
// successful logins are followed by a redirect
if (res.redirected && res.status === 200) {
this.isAuthenticated = true;
} else {
throw new APIError("", "");
}
} }
async save(): Promise<void> { async save(): Promise<void> {
await api_request( await request(
"PATCH", "PATCH",
"users/me", "users/me",
200, 200,
{ {
username: this.username, username: this.username,
confidant_email: this.confidantEmail,
}, },
this.token this.token
); );
} }
async signup(): Promise<void> { async signup(): Promise<void> {
await api_request("POST", "users", 201, { await request("POST", "users", 201, {
email: this.email, email: this.email,
password: this.password, password: this.password,
}); });

View file

@ -24,15 +24,11 @@
</tr> </tr>
<tr> <tr>
<td>Benutzername</td> <td>Benutzername</td>
<td> <td><InlineEditor v-model="user.username" @input="user.save()" /></td>
<InlineEditor v-model="user.username" @input="user.save()" />
</td>
</tr> </tr>
<tr> <tr>
<td>Vertrauensperson</td> <td>Vertrauensperson</td>
<td> <td><inline-editor v-model="user.confidant_email" /></td>
<inline-editor v-model="user.confidantEmail" @input="user.save()" />
</td>
</tr> </tr>
<tr> <tr>
<td>E-Mail-Adresse</td> <td>E-Mail-Adresse</td>

View file

@ -1,19 +0,0 @@
import Component from "vue-class-component";
import Vue from "vue";
@Component
export class NotifyMixin extends Vue {
showError(): void {
this.$buefy.toast.open({
message: "Es ist leider ein Fehler aufgetreten.",
type: "is-danger",
});
}
showSuccess(message: string): void {
this.$buefy.toast.open({
message,
type: "is-success",
});
}
}

View file

@ -15,34 +15,24 @@
</template> </template>
<script lang="ts"> <script lang="ts">
import { Component } from "vue-property-decorator"; import { Component, Vue } from "vue-property-decorator";
import LoginForm from "@/components/LoginForm.vue"; import LoginForm from "@/components/LoginForm.vue";
import { mixins } from "vue-class-component";
import { User } from "@/api"; import { User } from "@/api";
import UserTable from "@/components/UserTable.vue"; import UserTable from "@/components/UserTable.vue";
import { NotifyMixin } from "@/mixins";
@Component({ components: { UserTable, LoginForm } }) @Component({ components: { UserTable, LoginForm } })
export default class Home extends mixins(NotifyMixin) { export default class Home extends Vue {
private user = new User(); private user = new User();
public async created(): Promise<void> { public async created(): Promise<void> {
if (this.$route.name === "confirm") { if (this.$route.name === "confirm") {
await this.doConfirm();
} else if (!this.user.isAuthenticated) {
this.$router.push({ name: "login" });
}
}
private async doConfirm() {
try {
await User.confirm(this.$route.params.uid, this.$route.params.token); await User.confirm(this.$route.params.uid, this.$route.params.token);
this.$router.push({ name: "login" }); this.$router.push({ name: "login" });
this.showSuccess( this.$buefy.toast.open({
"Deine E-Mail-Adresse wurde bestätigt. Du kannst dich nun anmelden." message:
); "Deine E-Mail-Adresse wurde bestätigt. Du kannst dich nun anmelden.",
} catch { type: "is-success",
this.showError(); });
} }
} }
} }

View file

@ -1,20 +0,0 @@
# Generated by Django 2.2.20 on 2021-05-18 08:09
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('userausfall', '0003_auto_20210414_0827'),
]
operations = [
migrations.AddField(
model_name='user',
name='confidant',
field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL),
),
]

View file

@ -68,7 +68,6 @@ class User(AbstractBaseUser, PermissionsMixin):
), ),
) )
date_joined = models.DateTimeField(_('date joined'), default=timezone.now) date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
confidant = models.ForeignKey("User", on_delete=models.SET_NULL, null=True)
objects = UserManager() objects = UserManager()
@ -84,9 +83,6 @@ class User(AbstractBaseUser, PermissionsMixin):
super().clean() super().clean()
self.email = self.__class__.objects.normalize_email(self.email) self.email = self.__class__.objects.normalize_email(self.email)
def get_confidant_email(self):
return ""
def get_full_name(self): def get_full_name(self):
""" """
Return the first_name plus the last_name, with a space in between. Return the first_name plus the last_name, with a space in between.

View file

@ -1,19 +1,15 @@
from djoser.serializers import UserSerializer as BaseUserSerializer
from rest_framework import serializers from rest_framework import serializers
from userausfall.models import AccountRequest, User from userausfall.models import AccountRequest
class UserSerializer(serializers.ModelSerializer): class AccountRequestSerializer(serializers.HyperlinkedModelSerializer):
confidant_email = serializers.EmailField(source="get_confidant_email")
class Meta: class Meta:
model = User model = AccountRequest
fields = ("email", "username", "confidant_email") fields = ('url', 'email', 'confidant_email', 'username', 'is_verified', 'is_trustable')
def get_confidant_email(self):
return ""
def update(self, instance, validated_data): class UserSerializer(BaseUserSerializer):
print(validated_data) class Meta(BaseUserSerializer.Meta):
confidant = validated_data.pop("get_confidant_email") fields = ('email', 'username')
return super().update(instance, validated_data)

View file

@ -1,6 +1,6 @@
from rest_framework import routers from rest_framework import routers
from userausfall.rest_api.views import UserViewSet from userausfall.rest_api.views import AccountRequestViewSet
router = routers.DefaultRouter(trailing_slash=True) router = routers.DefaultRouter(trailing_slash=True)
router.register(r'users', UserViewSet, basename="user") router.register(r'account_requests', AccountRequestViewSet)

View file

@ -1,19 +1,9 @@
from rest_framework import viewsets from rest_framework import viewsets
from rest_framework.decorators import action
from rest_framework.response import Response
from userausfall.models import User from userausfall.models import AccountRequest
from userausfall.rest_api.serializers import UserSerializer from userausfall.rest_api.serializers import AccountRequestSerializer
class UserViewSet(viewsets.ModelViewSet): class AccountRequestViewSet(viewsets.ModelViewSet):
class Meta: serializer_class = AccountRequestSerializer
queryset = User.objects.all() queryset = AccountRequest.objects.all()
@action(detail=False, methods=["PATCH"])
def me(self, request):
return Response(
UserSerializer(
instance=request.user, context={"request": request}
).data
)

View file

@ -38,6 +38,8 @@ INSTALLED_APPS = [
'django.contrib.staticfiles', 'django.contrib.staticfiles',
'userausfall', 'userausfall',
'rest_framework', 'rest_framework',
'rest_framework.authtoken',
'djoser',
] ]
MIDDLEWARE = [ MIDDLEWARE = [
@ -135,6 +137,18 @@ MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
MEDIA_URL = '/media/' MEDIA_URL = '/media/'
# Djoser settings
# https://djoser.readthedocs.io/en/2.1.0/settings.html
DJOSER = {
"ACTIVATION_URL": "confirm/{uid}/{token}",
"SEND_ACTIVATION_EMAIL": True,
"SERIALIZERS": {
"current_user": "userausfall.rest_api.serializers.UserSerializer",
}
}
# Sending email # Sending email
# https://docs.djangoproject.com/en/3.2/topics/email/ # https://docs.djangoproject.com/en/3.2/topics/email/
@ -146,6 +160,6 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
REST_FRAMEWORK = { REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': ( 'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication', 'rest_framework.authentication.TokenAuthentication',
), ),
} }

View file

@ -6,5 +6,6 @@ from userausfall.rest_api import urls as rest_api_urls
urlpatterns = [ urlpatterns = [
path('admin/', admin.site.urls), path('admin/', admin.site.urls),
path('api/', include(rest_api_urls.router.urls)), path('api/', include(rest_api_urls.router.urls)),
path("api-auth/", include("rest_framework.urls")), path('api/', include('djoser.urls')),
path('api/', include('djoser.urls.authtoken')),
] ]