Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Christopher Collin Løkken
tdt4242-group-13
Commits
76d20502
Commit
76d20502
authored
Apr 03, 2022
by
Christopher Løkken
Browse files
moved RememberMe serializer to user + fixed api urls
parent
f9a31555
Pipeline
#171561
failed with stages
in 35 seconds
Changes
5
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
backend/secfit/secfit/urls.py
View file @
76d20502
...
...
@@ -21,16 +21,9 @@ from rest_framework_simplejwt.views import (
TokenObtainPairView
,
TokenRefreshView
,
)
import
workouts.views
from
users.views
import
user
from
secfit
import
views
api_url_patterns
=
[
path
(
""
,
include
(
"workouts.urls"
)),
path
(
""
,
include
(
"users.urls"
)),
path
(
""
,
include
(
"comments.urls"
)),
path
(
""
,
include
(
"meals.urls"
)),
]
token_url_patterns
=
[
path
(
""
,
...
...
@@ -42,17 +35,25 @@ token_url_patterns = [
name
=
"token_refresh"
),
]
urlpatterns
=
[
path
(
""
,
views
.
api_root
),
path
(
"admin/"
,
admin
.
site
.
urls
),
path
(
"api/"
,
include
(
api_url_patterns
)),
api_url_patterns
=
[
path
(
""
,
include
(
"workouts.urls"
)),
path
(
""
,
include
(
"users.urls"
)),
path
(
""
,
include
(
"comments.urls"
)),
path
(
""
,
include
(
"meals.urls"
)),
path
(
"auth/"
,
include
(
"rest_framework.urls"
)),
path
(
"token/"
,
include
(
token_url_patterns
)),
path
(
"remember_me/"
,
workouts
.
views
.
RememberMe
.
as_view
(),
user
.
RememberMe
.
as_view
(),
name
=
"remember_me"
),
]
urlpatterns
=
[
path
(
""
,
views
.
api_root
),
path
(
"admin/"
,
admin
.
site
.
urls
),
path
(
"api/"
,
include
(
api_url_patterns
)),
]
urlpatterns
+=
static
(
settings
.
STATIC_URL
,
document_root
=
settings
.
STATIC_ROOT
)
urlpatterns
+=
static
(
settings
.
MEDIA_URL
,
document_root
=
settings
.
MEDIA_ROOT
)
backend/secfit/users/serializers/UserCustomSerializers.py
View file @
76d20502
from
rest_framework
import
serializers
from
django.contrib.auth
import
get_user_model
,
password_validation
from
users.models
import
Offer
,
AthleteFile
from
django
import
forms
from
django.contrib.auth
import
get_user_model
from
users.models
import
Offer
,
AthleteFile
,
RememberMe
class
UserGetSerializer
(
serializers
.
HyperlinkedModelSerializer
):
...
...
@@ -74,3 +71,16 @@ class OfferSerializer(serializers.HyperlinkedModelSerializer):
"status"
,
"timestamp"
,
]
class
RememberMeSerializer
(
serializers
.
HyperlinkedModelSerializer
):
"""Serializer for an RememberMe. Hyperlinks are used for relationships by default.
Serialized fields: remember_me
Attributes:
remember_me: Value of cookie used for remember me functionality
"""
class
Meta
:
model
=
RememberMe
fields
=
[
"remember_me"
]
backend/secfit/users/views/user.py
View file @
76d20502
import
django
import
json
import
base64
import
pickle
from
collections
import
namedtuple
from
django.contrib.auth
import
get_user_model
from
django.core.exceptions
import
PermissionDenied
from
django.core.signing
import
Signer
from
rest_framework
import
mixins
,
generics
from
rest_framework
import
permissions
from
rest_framework
import
status
from
rest_framework.response
import
Response
from
rest_framework.views
import
APIView
from
rest_framework_simplejwt.tokens
import
RefreshToken
from
users.models
import
User
from
users.permissions
import
IsCurrentUser
from
users.serializers.UserSerializer
import
UserSerializer
from
users.serializers.UserCustomSerializers
import
(
UserPutAthleteSerializer
,
UserPutVisibilitySerializer
,
UserGetSerializer
,
RememberMeSerializer
)
from
users.models
import
User
from
django.contrib.auth
import
get_user_model
from
users.permissions
import
IsCurrentUser
from
workouts.permissions
import
IsReadOnly
# Create your views here.
...
...
@@ -38,8 +42,8 @@ class UserList(mixins.ListModelMixin, mixins.CreateModelMixin,
if
self
.
request
.
user
:
# Return the currently logged in user
stat
us
=
self
.
request
.
query_params
.
get
(
"user"
,
None
)
if
stat
us
and
stat
us
==
"current"
:
stat
=
self
.
request
.
query_params
.
get
(
"user"
,
None
)
if
stat
and
stat
==
"current"
:
qs
=
get_user_model
().
objects
.
filter
(
pk
=
self
.
request
.
user
.
pk
)
return
qs
...
...
@@ -101,3 +105,50 @@ class UserVisibility(
def
put
(
self
,
request
,
*
args
,
**
kwargs
):
self
.
serializer_class
=
UserPutVisibilitySerializer
return
self
.
update
(
request
,
*
args
,
**
kwargs
)
# Allow users to save a persistent session in their browser
class
RememberMe
(
mixins
.
ListModelMixin
,
mixins
.
CreateModelMixin
,
mixins
.
DestroyModelMixin
,
generics
.
GenericAPIView
,
):
serializer_class
=
RememberMeSerializer
def
get
(
self
,
request
):
if
not
request
.
user
.
is_authenticated
:
raise
PermissionDenied
else
:
return
Response
({
"remember_me"
:
self
.
rememberme
()})
def
post
(
self
,
request
):
cookie_object
=
namedtuple
(
"Cookies"
,
request
.
COOKIES
.
keys
())(
*
request
.
COOKIES
.
values
()
)
user
=
self
.
get_user
(
cookie_object
)
refresh
=
RefreshToken
.
for_user
(
user
)
return
Response
(
{
"refresh"
:
str
(
refresh
),
"access"
:
str
(
refresh
.
access_token
),
}
)
def
get_user
(
self
,
cookie_object
):
decode
=
base64
.
b64decode
(
cookie_object
.
remember_me
)
user
,
sign
=
pickle
.
loads
(
decode
)
# Validate signature
if
sign
==
self
.
sign_user
(
user
):
return
user
def
rememberme
(
self
):
creds
=
[
self
.
request
.
user
,
self
.
sign_user
(
str
(
self
.
request
.
user
))]
return
base64
.
b64encode
(
pickle
.
dumps
(
creds
))
def
sign_user
(
self
,
username
):
signer
=
Signer
()
signed_user
=
signer
.
sign
(
username
)
return
signed_user
backend/secfit/workouts/serializers.py
View file @
76d20502
...
...
@@ -5,7 +5,6 @@ from rest_framework.serializers import HyperlinkedRelatedField
from
workouts.models.workouts
import
Workout
from
workouts.models.exercises
import
Exercise
,
ExerciseInstance
from
workouts.models.storage
import
WorkoutFile
from
users.models
import
RememberMe
class
ExerciseInstanceSerializer
(
serializers
.
HyperlinkedModelSerializer
):
...
...
@@ -233,17 +232,3 @@ class ExerciseSerializer(serializers.HyperlinkedModelSerializer):
"muscleGroup"
,
"unit"
,
"instances"
]
class
RememberMeSerializer
(
serializers
.
HyperlinkedModelSerializer
):
"""Serializer for an RememberMe. Hyperlinks are used for relationships by default.
Serialized fields: remember_me
Attributes:
remember_me: Value of cookie used for remember me functionality
"""
class
Meta
:
model
=
RememberMe
fields
=
[
"remember_me"
]
backend/secfit/workouts/views.py
View file @
76d20502
"""Contains views for the workouts application. These are mostly class-based views.
"""
import
base64
import
pickle
from
collections
import
namedtuple
from
rest_framework
import
generics
,
mixins
from
rest_framework
import
permissions
from
rest_framework
import
filters
from
rest_framework.parsers
import
(
JSONParser
,
)
from
rest_framework.response
import
Response
from
rest_framework
import
filters
from
rest_framework_simplejwt.tokens
import
RefreshToken
from
django.db.models
import
Q
from
django.core.exceptions
import
PermissionDenied
from
django.core.signing
import
Signer
from
workouts.parsers
import
MultipartJsonParser
from
workouts.permissions
import
(
IsOwner
,
...
...
@@ -29,56 +22,7 @@ from workouts.mixins import CreateListModelMixin
from
workouts.models.workouts
import
Workout
from
workouts.models.exercises
import
Exercise
,
ExerciseInstance
from
workouts.models.storage
import
WorkoutFile
from
workouts.serializers
import
WorkoutSerializer
,
ExerciseSerializer
from
workouts.serializers
import
RememberMeSerializer
from
workouts.serializers
import
ExerciseInstanceSerializer
,
WorkoutFileSerializer
# Allow users to save a persistent session in their browser
class
RememberMe
(
mixins
.
ListModelMixin
,
mixins
.
CreateModelMixin
,
mixins
.
DestroyModelMixin
,
generics
.
GenericAPIView
,
):
serializer_class
=
RememberMeSerializer
def
get
(
self
,
request
):
if
not
request
.
user
.
is_authenticated
:
raise
PermissionDenied
else
:
return
Response
({
"remember_me"
:
self
.
rememberme
()})
def
post
(
self
,
request
):
cookie_object
=
namedtuple
(
"Cookies"
,
request
.
COOKIES
.
keys
())(
*
request
.
COOKIES
.
values
()
)
user
=
self
.
get_user
(
cookie_object
)
refresh
=
RefreshToken
.
for_user
(
user
)
return
Response
(
{
"refresh"
:
str
(
refresh
),
"access"
:
str
(
refresh
.
access_token
),
}
)
def
get_user
(
self
,
cookie_object
):
decode
=
base64
.
b64decode
(
cookie_object
.
remember_me
)
user
,
sign
=
pickle
.
loads
(
decode
)
# Validate signature
if
sign
==
self
.
sign_user
(
user
):
return
user
def
rememberme
(
self
):
creds
=
[
self
.
request
.
user
,
self
.
sign_user
(
str
(
self
.
request
.
user
))]
return
base64
.
b64encode
(
pickle
.
dumps
(
creds
))
def
sign_user
(
self
,
username
):
signer
=
Signer
()
signed_user
=
signer
.
sign
(
username
)
return
signed_user
from
workouts.serializers
import
WorkoutSerializer
,
ExerciseSerializer
,
ExerciseInstanceSerializer
,
WorkoutFileSerializer
class
WorkoutList
(
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment