Compare commits

..

No commits in common. "74afc805dcc2ce7b952b51b364bd40e02a43cc3c" and "ab1981f1bc64faf2538f92779f1dc730d1850054" have entirely different histories.

13 changed files with 88 additions and 169 deletions

View file

@ -8,7 +8,7 @@ export class APIError extends Error {
}
}
async function api_request(
async function request(
method: HTTPMethod,
endpoint: string,
successStatus: number,
@ -29,7 +29,7 @@ async function api_request(
}
init.headers.set("Accept", "application/json");
init.headers.set("Content-Type", "application/json");
const response = await fetch(`/api/${endpoint}/`, init);
const response = await fetch(`/${endpoint}/`, init);
if (response.status !== 204) {
if (response.status === successStatus) {
return await response.json();
@ -39,6 +39,16 @@ async function api_request(
}
}
async function api_request(
method: HTTPMethod,
endpoint: string,
successStatus: number,
data: any,
authToken?: string
) {
return request(method, `api/${endpoint}`, successStatus, data, authToken);
}
export class User {
email: string | undefined;
password: string | undefined;
@ -52,7 +62,7 @@ export class User {
}
async login(): Promise<void> {
if (!this.username || !this.password) throw new APIError("", "");
if (!this.email || !this.password) throw new APIError("", "");
// logout any existing sessions
//await logout()
@ -63,7 +73,7 @@ export class User {
// authenticate us
const body = new window.FormData();
body.append("username", this.username);
body.append("username", this.email);
body.append("password", this.password);
const csrf_token = Cookies.get("csrftoken");
if (csrf_token) body.append("csrfmiddlewaretoken", csrf_token);
@ -92,7 +102,7 @@ export class User {
async signup(): Promise<void> {
await api_request("POST", "users", 201, {
username: this.username,
email: this.email,
password: this.password,
});
}

View file

@ -1,45 +1,38 @@
<template>
<form class="box" @submit.prevent="doAction">
<div v-if="errorMessage" class="notification is-danger">
{{ errorMessage }}
</div>
<b-field label="Benutzername">
<b-input type="text" v-model="user.username" />
<b-field label="E-Mail-Adresse">
<b-input type="email" v-model="user.email" />
</b-field>
<b-field label="Kennwort">
<b-input type="password" v-model="user.password" />
</b-field>
<b-field v-if="mode === 'signup'" label="Kennwort wiederholen">
<b-input type="password" v-model="password2" />
</b-field>
<div v-if="false" class="notification is-danger">
Email or password was wrong.
</div>
<div class="buttons">
<b-button native-type="submit" type="is-primary">
<b-button
native-type="submit"
type="is-primary"
style="margin-left: auto; margin-right: 0; order: 10"
>
{{ mode === "login" ? "Anmelden" : "Konto anlegen" }}
</b-button>
<router-link v-if="mode === 'login'" to="/signup"
>Konto anlegen</router-link
>
<router-link v-else to="/login">Anmelden</router-link>
</div>
</form>
</template>
<script lang="ts">
import { Component, Prop, Watch } from "vue-property-decorator";
import { mixins } from "vue-class-component";
import { Component, Prop, Vue, Watch } from "vue-property-decorator";
import { User } from "@/api";
import { Route } from "vue-router";
import { NotifyMixin } from "@/mixins";
@Component
export default class LoginForm extends mixins(NotifyMixin) {
export default class LoginForm extends Vue {
@Prop() private user!: User;
private mode: "login" | "signup" = "login";
private password2 = "";
private errorMessage = "";
public created(): void {
if (this.$route.name === "signup") this.mode = "signup";
@ -55,20 +48,19 @@ export default class LoginForm extends mixins(NotifyMixin) {
}
private async doAction() {
try {
if (this.mode === "login") {
await this.user.login();
if (this.$route.name !== "home") this.$router.push({ name: "home" });
} else {
await this.user.signup();
this.$router.push({ name: "login" });
this.showSuccess("Du kannst dich nun anmelden.");
}
} catch {
this.errorMessage = "Fehler";
this.$buefy.toast.open({
message:
"Eine E-Mail zur Bestätigung deiner E-Mail-Adresse wurde versendet.",
type: "is-success",
});
}
// TODO: error handling, show confirmation page
}
}
</script>
<style lang="scss"></style>

View file

@ -2,12 +2,35 @@
<b-navbar>
<template #brand>
<b-navbar-item tag="router-link" :to="{ path: '/' }">
<img src="/img/logo_text.png" alt="userausfall" />
<img
src="/img/logo_text.png"
alt="Lightweight UI components for Vue.js based on Bulma"
/>
</b-navbar-item>
</template>
<template #start> </template>
<template #start>
<!--
<b-navbar-item href="#"> Home </b-navbar-item>
<b-navbar-item href="#"> Documentation </b-navbar-item>
<b-navbar-dropdown label="Info">
<b-navbar-item href="#"> About </b-navbar-item>
<b-navbar-item href="#"> Contact </b-navbar-item>
</b-navbar-dropdown>
-->
</template>
<template #end> </template>
<template #end>
<b-navbar-item tag="div">
<div class="buttons">
<router-link :to="{ name: 'signup' }" class="button is-primary">
<strong>Konto anlegen</strong>
</router-link>
<router-link :to="{ name: 'login' }" class="button is-light"
>Anmelden</router-link
>
</div>
</b-navbar-item>
</template>
</b-navbar>
</template>

View file

@ -3,22 +3,17 @@ import Vue from "vue";
@Component
export class NotifyMixin extends Vue {
public showError(): void {
this.showMessage("Es ist leider ein Fehler aufgetreten.", "is-danger");
showError(): void {
this.$buefy.toast.open({
message: "Es ist leider ein Fehler aufgetreten.",
type: "is-danger",
});
}
showSuccess(message: string): void {
this.showMessage(message, "is-success");
}
showWarning(message: string): void {
this.showMessage(message, "is-warning");
}
private showMessage(
message: string,
type: "is-success" | "is-danger" | "is-warning"
): void {
this.$buefy.toast.open({ message, type });
this.$buefy.toast.open({
message,
type: "is-success",
});
}
}

View file

@ -29,7 +29,7 @@ export default class Home extends mixins(NotifyMixin) {
public async created(): Promise<void> {
if (this.$route.name === "confirm") {
await this.doConfirm();
} else if (!this.user.isAuthenticated && this.$route.name !== "login") {
} else if (!this.user.isAuthenticated) {
this.$router.push({ name: "login" });
}
}

View file

@ -1,18 +0,0 @@
# Generated by Django 2.2.20 on 2021-07-29 10:10
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('userausfall', '0006_auto_20210521_0805'),
]
operations = [
migrations.AddField(
model_name='user',
name='email_unconfirmed',
field=models.EmailField(blank=True, max_length=254, unique=True, verbose_name='email address'),
),
]

View file

@ -1,25 +0,0 @@
# Generated by Django 2.2.20 on 2021-08-02 07:44
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('userausfall', '0007_user_email_unconfirmed'),
]
operations = [
migrations.AlterField(
model_name='user',
name='confidant',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='confidants', to=settings.AUTH_USER_MODEL),
),
migrations.AlterField(
model_name='user',
name='confidant_unconfirmed',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='unconfirmed_confidants', to=settings.AUTH_USER_MODEL),
),
]

View file

@ -1,29 +0,0 @@
# Generated by Django 2.2.20 on 2021-08-02 07:45
import django.contrib.auth.validators
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('userausfall', '0008_auto_20210802_0744'),
]
operations = [
migrations.AlterField(
model_name='user',
name='email',
field=models.EmailField(blank=True, max_length=254, verbose_name='email address'),
),
migrations.AlterField(
model_name='user',
name='email_unconfirmed',
field=models.EmailField(blank=True, max_length=254, verbose_name='email address'),
),
migrations.AlterField(
model_name='user',
name='username',
field=models.CharField(blank=True, error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username'),
),
]

View file

@ -24,21 +24,21 @@ class PasswordMismatch(Exception):
class UserManager(BaseUserManager):
use_in_migrations = True
def _create_user(self, username, password, **extra_fields):
def _create_user(self, email, password, **extra_fields):
"""
Create and save a user with the given username, email, and password.
"""
# email = self.normalize_email(email)
username = self.model.normalize_username(username)
user = self.model(username=username, **extra_fields)
email = self.normalize_email(email)
# TODO: username = self.model.normalize_username(username)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save(using=self._db)
return user
def create_user(self, username, password=None, **extra_fields):
def create_user(self, email, password=None, **extra_fields):
extra_fields.setdefault("is_staff", False)
extra_fields.setdefault("is_superuser", False)
return self._create_user(username, password, **extra_fields)
return self._create_user(email, password, **extra_fields)
def create_superuser(self, email, password, **extra_fields):
extra_fields.setdefault("is_staff", True)
@ -63,11 +63,9 @@ class User(AbstractBaseUser, PermissionsMixin):
),
validators=[username_validator],
error_messages={"unique": _("A user with that username already exists.")},
unique=True,
blank=True,
)
email = models.EmailField(_("email address"), blank=True)
email_unconfirmed = models.EmailField(_("email address"), blank=True)
email = models.EmailField(_("email address"), unique=True, blank=True)
is_staff = models.BooleanField(
_("staff status"),
default=False,
@ -75,20 +73,19 @@ class User(AbstractBaseUser, PermissionsMixin):
)
date_joined = models.DateTimeField(_("date joined"), default=timezone.now)
confidant = models.ForeignKey(
"User", on_delete=models.SET_NULL, null=True, blank=True, related_name="confidants"
"User", on_delete=models.SET_NULL, null=True, related_name="confidants"
)
confidant_unconfirmed = models.ForeignKey(
"User",
on_delete=models.SET_NULL,
null=True,
blank=True,
related_name="unconfirmed_confidants",
)
objects = UserManager()
EMAIL_FIELD = "email"
USERNAME_FIELD = "username"
USERNAME_FIELD = "email"
REQUIRED_FIELDS = []
class Meta:

View file

@ -1,11 +0,0 @@
from rest_framework import permissions
class UserPermission(permissions.BasePermission):
def has_permission(self, request, view):
if request.method == "POST":
return True
return False
def has_object_permission(self, request, view, obj):
return False

View file

@ -13,19 +13,9 @@ class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ("pk", "email", "username", "confidant_email")
read_only_fields = ("email",)
def update(self, instance: User, validated_data):
confidant_email = validated_data.pop("confidant_email")
confidant, _ = User.objects.get_or_create(email=confidant_email)
instance.confidant_unconfirmed = confidant
return super().update(instance, validated_data)
class CreateUserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ("username", "password")
def create(self, validated_data):
return User.objects.create_user(**validated_data)

View file

@ -5,8 +5,7 @@ from rest_framework.response import Response
from djeveric import ConfirmationView
from userausfall.models import User, MissingUserAttribute, PasswordMismatch
from userausfall.confirmations import ConfidantConfirmation
from userausfall.rest_api.permissions import UserPermission
from userausfall.rest_api.serializers import UserSerializer, UserActivationSerializer, CreateUserSerializer
from userausfall.rest_api.serializers import UserSerializer, UserActivationSerializer
class ConfidantConfirmationView(ConfirmationView):
@ -14,8 +13,8 @@ class ConfidantConfirmationView(ConfirmationView):
class UserViewSet(viewsets.ModelViewSet):
permission_classes = [UserPermission]
queryset = User.objects.all()
serializer_class = UserSerializer
@action(detail=True, methods=["post"])
def activate(self, request, pk=None):
@ -30,7 +29,3 @@ class UserViewSet(viewsets.ModelViewSet):
return Response(status=status.HTTP_204_NO_CONTENT)
else:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def get_serializer_class(self):
if self.action == "create":
return CreateUserSerializer

View file

@ -19,7 +19,7 @@ DATA_DIR = os.environ.get("USERAUSFALL_DATA_DIR", BASE_DIR)
# See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = os.environ.get('LOCAL_DJANGO_SECRET_KEY')
SECRET_KEY = os.environ.get('USERAUSFALL_SECRET_KEY')
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True