Compare commits
No commits in common. "048c8927b839f272574093ac5b21dc3f5d8fea5e" and "6835240173de587a26d1de1acf0b4fb881447bef" have entirely different histories.
048c8927b8
...
6835240173
12 changed files with 57 additions and 140 deletions
|
@ -1,3 +1,4 @@
|
||||||
setuptools~=40.8.0
|
setuptools~=56.0.0
|
||||||
django~=2.2.13
|
django~=2.2.13
|
||||||
djangorestframework~=3.9.0
|
djangorestframework~=3.12.4
|
||||||
|
djoser~=2.1.0
|
||||||
|
|
54
src/api.ts
54
src/api.ts
|
@ -2,7 +2,7 @@ import Cookies from "js-cookie";
|
||||||
|
|
||||||
type HTTPMethod = "GET" | "POST" | "PUT" | "PATCH";
|
type HTTPMethod = "GET" | "POST" | "PUT" | "PATCH";
|
||||||
|
|
||||||
export class APIError extends Error {
|
class APIError extends Error {
|
||||||
constructor(message: string, public readonly errors: unknown) {
|
constructor(message: string, public readonly errors: unknown) {
|
||||||
super(message);
|
super(message);
|
||||||
}
|
}
|
||||||
|
@ -29,7 +29,7 @@ async function request(
|
||||||
}
|
}
|
||||||
init.headers.set("Accept", "application/json");
|
init.headers.set("Accept", "application/json");
|
||||||
init.headers.set("Content-Type", "application/json");
|
init.headers.set("Content-Type", "application/json");
|
||||||
const response = await fetch(`/${endpoint}/`, init);
|
const response = await fetch(`/api/${endpoint}/`, init);
|
||||||
if (response.status !== 204) {
|
if (response.status !== 204) {
|
||||||
if (response.status === successStatus) {
|
if (response.status === successStatus) {
|
||||||
return await response.json();
|
return await response.json();
|
||||||
|
@ -39,69 +39,41 @@ async function request(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async function api_request(
|
|
||||||
method: HTTPMethod,
|
|
||||||
endpoint: string,
|
|
||||||
successStatus: number,
|
|
||||||
data: any,
|
|
||||||
authToken?: string
|
|
||||||
) {
|
|
||||||
return request(method, `api/${endpoint}`, successStatus, data, authToken);
|
|
||||||
}
|
|
||||||
|
|
||||||
export class User {
|
export class User {
|
||||||
email: string | undefined;
|
email: string | undefined;
|
||||||
password: string | undefined;
|
password: string | undefined;
|
||||||
username: string | null = null;
|
private username: string | null = null;
|
||||||
confidantEmail: string | null = null;
|
private confidantEmail: string | null = null;
|
||||||
isAuthenticated = false;
|
isAuthenticated = false;
|
||||||
private token = "";
|
private token = "";
|
||||||
|
|
||||||
static async confirm(uid: string, token: string): Promise<void> {
|
static async confirm(uid: string, token: string): Promise<void> {
|
||||||
await api_request("POST", "users/activation", 204, { uid, token });
|
await request("POST", "users/activation", 204, { uid, token });
|
||||||
}
|
}
|
||||||
|
|
||||||
async login(): Promise<void> {
|
async login(): Promise<void> {
|
||||||
if (!this.email || !this.password) throw new APIError("", "");
|
const response = await request("POST", "token/login", 200, {
|
||||||
|
email: this.email,
|
||||||
// logout any existing sessions
|
password: this.password,
|
||||||
//await logout()
|
});
|
||||||
// fetch the login endpoint we use for authentication
|
this.token = response.auth_token;
|
||||||
const loginEndpoint = "/api-auth/login/";
|
this.isAuthenticated = true;
|
||||||
// fetch the login page, so it sets csrf cookies
|
|
||||||
await window.fetch(loginEndpoint);
|
|
||||||
|
|
||||||
// authenticate us
|
|
||||||
const body = new window.FormData();
|
|
||||||
body.append("username", this.email);
|
|
||||||
body.append("password", this.password);
|
|
||||||
const csrf_token = Cookies.get("csrftoken");
|
|
||||||
if (csrf_token) body.append("csrfmiddlewaretoken", csrf_token);
|
|
||||||
const res = await window.fetch(loginEndpoint, { method: "post", body });
|
|
||||||
|
|
||||||
// successful logins are followed by a redirect
|
|
||||||
if (res.redirected && res.status === 200) {
|
|
||||||
this.isAuthenticated = true;
|
|
||||||
} else {
|
|
||||||
throw new APIError("", "");
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async save(): Promise<void> {
|
async save(): Promise<void> {
|
||||||
await api_request(
|
await request(
|
||||||
"PATCH",
|
"PATCH",
|
||||||
"users/me",
|
"users/me",
|
||||||
200,
|
200,
|
||||||
{
|
{
|
||||||
username: this.username,
|
username: this.username,
|
||||||
confidant_email: this.confidantEmail,
|
|
||||||
},
|
},
|
||||||
this.token
|
this.token
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
async signup(): Promise<void> {
|
async signup(): Promise<void> {
|
||||||
await api_request("POST", "users", 201, {
|
await request("POST", "users", 201, {
|
||||||
email: this.email,
|
email: this.email,
|
||||||
password: this.password,
|
password: this.password,
|
||||||
});
|
});
|
||||||
|
|
|
@ -24,15 +24,11 @@
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>Benutzername</td>
|
<td>Benutzername</td>
|
||||||
<td>
|
<td><InlineEditor v-model="user.username" @input="user.save()" /></td>
|
||||||
<InlineEditor v-model="user.username" @input="user.save()" />
|
|
||||||
</td>
|
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>Vertrauensperson</td>
|
<td>Vertrauensperson</td>
|
||||||
<td>
|
<td><inline-editor v-model="user.confidant_email" /></td>
|
||||||
<inline-editor v-model="user.confidantEmail" @input="user.save()" />
|
|
||||||
</td>
|
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>E-Mail-Adresse</td>
|
<td>E-Mail-Adresse</td>
|
||||||
|
|
|
@ -1,19 +0,0 @@
|
||||||
import Component from "vue-class-component";
|
|
||||||
import Vue from "vue";
|
|
||||||
|
|
||||||
@Component
|
|
||||||
export class NotifyMixin extends Vue {
|
|
||||||
showError(): void {
|
|
||||||
this.$buefy.toast.open({
|
|
||||||
message: "Es ist leider ein Fehler aufgetreten.",
|
|
||||||
type: "is-danger",
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
showSuccess(message: string): void {
|
|
||||||
this.$buefy.toast.open({
|
|
||||||
message,
|
|
||||||
type: "is-success",
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -15,34 +15,24 @@
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
<script lang="ts">
|
<script lang="ts">
|
||||||
import { Component } from "vue-property-decorator";
|
import { Component, Vue } from "vue-property-decorator";
|
||||||
import LoginForm from "@/components/LoginForm.vue";
|
import LoginForm from "@/components/LoginForm.vue";
|
||||||
import { mixins } from "vue-class-component";
|
|
||||||
import { User } from "@/api";
|
import { User } from "@/api";
|
||||||
import UserTable from "@/components/UserTable.vue";
|
import UserTable from "@/components/UserTable.vue";
|
||||||
import { NotifyMixin } from "@/mixins";
|
|
||||||
|
|
||||||
@Component({ components: { UserTable, LoginForm } })
|
@Component({ components: { UserTable, LoginForm } })
|
||||||
export default class Home extends mixins(NotifyMixin) {
|
export default class Home extends Vue {
|
||||||
private user = new User();
|
private user = new User();
|
||||||
|
|
||||||
public async created(): Promise<void> {
|
public async created(): Promise<void> {
|
||||||
if (this.$route.name === "confirm") {
|
if (this.$route.name === "confirm") {
|
||||||
await this.doConfirm();
|
|
||||||
} else if (!this.user.isAuthenticated) {
|
|
||||||
this.$router.push({ name: "login" });
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private async doConfirm() {
|
|
||||||
try {
|
|
||||||
await User.confirm(this.$route.params.uid, this.$route.params.token);
|
await User.confirm(this.$route.params.uid, this.$route.params.token);
|
||||||
this.$router.push({ name: "login" });
|
this.$router.push({ name: "login" });
|
||||||
this.showSuccess(
|
this.$buefy.toast.open({
|
||||||
"Deine E-Mail-Adresse wurde bestätigt. Du kannst dich nun anmelden."
|
message:
|
||||||
);
|
"Deine E-Mail-Adresse wurde bestätigt. Du kannst dich nun anmelden.",
|
||||||
} catch {
|
type: "is-success",
|
||||||
this.showError();
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,20 +0,0 @@
|
||||||
# Generated by Django 2.2.20 on 2021-05-18 08:09
|
|
||||||
|
|
||||||
from django.conf import settings
|
|
||||||
from django.db import migrations, models
|
|
||||||
import django.db.models.deletion
|
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
|
||||||
|
|
||||||
dependencies = [
|
|
||||||
('userausfall', '0003_auto_20210414_0827'),
|
|
||||||
]
|
|
||||||
|
|
||||||
operations = [
|
|
||||||
migrations.AddField(
|
|
||||||
model_name='user',
|
|
||||||
name='confidant',
|
|
||||||
field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL),
|
|
||||||
),
|
|
||||||
]
|
|
|
@ -68,7 +68,6 @@ class User(AbstractBaseUser, PermissionsMixin):
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
|
date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
|
||||||
confidant = models.ForeignKey("User", on_delete=models.SET_NULL, null=True)
|
|
||||||
|
|
||||||
objects = UserManager()
|
objects = UserManager()
|
||||||
|
|
||||||
|
@ -84,9 +83,6 @@ class User(AbstractBaseUser, PermissionsMixin):
|
||||||
super().clean()
|
super().clean()
|
||||||
self.email = self.__class__.objects.normalize_email(self.email)
|
self.email = self.__class__.objects.normalize_email(self.email)
|
||||||
|
|
||||||
def get_confidant_email(self):
|
|
||||||
return ""
|
|
||||||
|
|
||||||
def get_full_name(self):
|
def get_full_name(self):
|
||||||
"""
|
"""
|
||||||
Return the first_name plus the last_name, with a space in between.
|
Return the first_name plus the last_name, with a space in between.
|
||||||
|
|
|
@ -1,19 +1,15 @@
|
||||||
|
from djoser.serializers import UserSerializer as BaseUserSerializer
|
||||||
from rest_framework import serializers
|
from rest_framework import serializers
|
||||||
|
|
||||||
from userausfall.models import AccountRequest, User
|
from userausfall.models import AccountRequest
|
||||||
|
|
||||||
|
|
||||||
class UserSerializer(serializers.ModelSerializer):
|
class AccountRequestSerializer(serializers.HyperlinkedModelSerializer):
|
||||||
confidant_email = serializers.EmailField(source="get_confidant_email")
|
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
model = User
|
model = AccountRequest
|
||||||
fields = ("email", "username", "confidant_email")
|
fields = ('url', 'email', 'confidant_email', 'username', 'is_verified', 'is_trustable')
|
||||||
|
|
||||||
def get_confidant_email(self):
|
|
||||||
return ""
|
|
||||||
|
|
||||||
def update(self, instance, validated_data):
|
class UserSerializer(BaseUserSerializer):
|
||||||
print(validated_data)
|
class Meta(BaseUserSerializer.Meta):
|
||||||
confidant = validated_data.pop("get_confidant_email")
|
fields = ('email', 'username')
|
||||||
return super().update(instance, validated_data)
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
from rest_framework import routers
|
from rest_framework import routers
|
||||||
|
|
||||||
from userausfall.rest_api.views import UserViewSet
|
from userausfall.rest_api.views import AccountRequestViewSet
|
||||||
|
|
||||||
router = routers.DefaultRouter(trailing_slash=True)
|
router = routers.DefaultRouter(trailing_slash=True)
|
||||||
router.register(r'users', UserViewSet, basename="user")
|
router.register(r'account_requests', AccountRequestViewSet)
|
||||||
|
|
|
@ -1,19 +1,9 @@
|
||||||
from rest_framework import viewsets
|
from rest_framework import viewsets
|
||||||
from rest_framework.decorators import action
|
|
||||||
from rest_framework.response import Response
|
|
||||||
|
|
||||||
from userausfall.models import User
|
from userausfall.models import AccountRequest
|
||||||
from userausfall.rest_api.serializers import UserSerializer
|
from userausfall.rest_api.serializers import AccountRequestSerializer
|
||||||
|
|
||||||
|
|
||||||
class UserViewSet(viewsets.ModelViewSet):
|
class AccountRequestViewSet(viewsets.ModelViewSet):
|
||||||
class Meta:
|
serializer_class = AccountRequestSerializer
|
||||||
queryset = User.objects.all()
|
queryset = AccountRequest.objects.all()
|
||||||
|
|
||||||
@action(detail=False, methods=["PATCH"])
|
|
||||||
def me(self, request):
|
|
||||||
return Response(
|
|
||||||
UserSerializer(
|
|
||||||
instance=request.user, context={"request": request}
|
|
||||||
).data
|
|
||||||
)
|
|
||||||
|
|
|
@ -38,6 +38,8 @@ INSTALLED_APPS = [
|
||||||
'django.contrib.staticfiles',
|
'django.contrib.staticfiles',
|
||||||
'userausfall',
|
'userausfall',
|
||||||
'rest_framework',
|
'rest_framework',
|
||||||
|
'rest_framework.authtoken',
|
||||||
|
'djoser',
|
||||||
]
|
]
|
||||||
|
|
||||||
MIDDLEWARE = [
|
MIDDLEWARE = [
|
||||||
|
@ -135,6 +137,18 @@ MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
|
||||||
MEDIA_URL = '/media/'
|
MEDIA_URL = '/media/'
|
||||||
|
|
||||||
|
|
||||||
|
# Djoser settings
|
||||||
|
# https://djoser.readthedocs.io/en/2.1.0/settings.html
|
||||||
|
|
||||||
|
DJOSER = {
|
||||||
|
"ACTIVATION_URL": "confirm/{uid}/{token}",
|
||||||
|
"SEND_ACTIVATION_EMAIL": True,
|
||||||
|
"SERIALIZERS": {
|
||||||
|
"current_user": "userausfall.rest_api.serializers.UserSerializer",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
# Sending email
|
# Sending email
|
||||||
# https://docs.djangoproject.com/en/3.2/topics/email/
|
# https://docs.djangoproject.com/en/3.2/topics/email/
|
||||||
|
|
||||||
|
@ -146,6 +160,6 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
|
||||||
|
|
||||||
REST_FRAMEWORK = {
|
REST_FRAMEWORK = {
|
||||||
'DEFAULT_AUTHENTICATION_CLASSES': (
|
'DEFAULT_AUTHENTICATION_CLASSES': (
|
||||||
'rest_framework.authentication.SessionAuthentication',
|
'rest_framework.authentication.TokenAuthentication',
|
||||||
),
|
),
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,5 +6,6 @@ from userausfall.rest_api import urls as rest_api_urls
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path('admin/', admin.site.urls),
|
path('admin/', admin.site.urls),
|
||||||
path('api/', include(rest_api_urls.router.urls)),
|
path('api/', include(rest_api_urls.router.urls)),
|
||||||
path("api-auth/", include("rest_framework.urls")),
|
path('api/', include('djoser.urls')),
|
||||||
|
path('api/', include('djoser.urls.authtoken')),
|
||||||
]
|
]
|
||||||
|
|
Reference in a new issue