Add signup and some custom permissions
This commit is contained in:
parent
747478f0d7
commit
0b37305080
|
@ -14,17 +14,6 @@ from django.contrib.auth.models import User as AuthUser;
|
||||||
from perks.models import User;
|
from perks.models import User;
|
||||||
if not AuthUser.objects.filter(username='${DJANGO_ADMIN_USER}').count() :
|
if not AuthUser.objects.filter(username='${DJANGO_ADMIN_USER}').count() :
|
||||||
AuthUser.objects.create_superuser('${DJANGO_ADMIN_USER}', '${DJANGO_ADMIN_MAIL}', '${DJANGO_ADMIN_PASS}')
|
AuthUser.objects.create_superuser('${DJANGO_ADMIN_USER}', '${DJANGO_ADMIN_MAIL}', '${DJANGO_ADMIN_PASS}')
|
||||||
if not User.objects.filter(base_user__username='${DJANGO_ADMIN_USER}').count() :
|
|
||||||
base_admin = AuthUser.objects.get(username='${DJANGO_ADMIN_USER}')
|
|
||||||
admin = User(base_user=base_admin)
|
|
||||||
admin.save()
|
|
||||||
|
|
||||||
if not AuthUser.objects.filter(username='user').count() :
|
|
||||||
base_user = create_user('user', 'user@example.com', 'user')
|
|
||||||
if not User.objects.filter(base_user__username='user').count() :
|
|
||||||
base_user = AuthUser.objects.get(username='user')
|
|
||||||
user = User(base_user=base_user)
|
|
||||||
user.save()
|
|
||||||
" | python manage.py shell
|
" | python manage.py shell
|
||||||
|
|
||||||
gunicorn -w 4 --bind 0.0.0.0:80 perktree.wsgi:application
|
gunicorn -w 4 --bind 0.0.0.0:80 perktree.wsgi:application
|
||||||
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
#! /usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# vim:fenc=utf-8
|
||||||
|
#
|
||||||
|
# Copyright © 2019 pavle <pavle.portic@tilda.center>
|
||||||
|
#
|
||||||
|
# Distributed under terms of the BSD-3-Clause license.
|
||||||
|
|
||||||
|
from rest_framework import permissions
|
||||||
|
|
||||||
|
|
||||||
|
class IsPostOrIsAuthenticated(permissions.BasePermission):
|
||||||
|
def has_permission(self, request, view):
|
||||||
|
if request.method == 'POST':
|
||||||
|
return True
|
||||||
|
|
||||||
|
return request.user and request.user.is_authenticated
|
||||||
|
|
||||||
|
|
||||||
|
class IsGetOrIsSuperuser(permissions.BasePermission):
|
||||||
|
def has_permission(self, request, view):
|
||||||
|
if request.method == 'GET':
|
||||||
|
return True
|
||||||
|
|
||||||
|
return request.user and request.user.is_superuser and request.user.is_authenticated
|
||||||
|
|
|
@ -7,12 +7,14 @@
|
||||||
# Distributed under terms of the BSD-3-Clause license.
|
# Distributed under terms of the BSD-3-Clause license.
|
||||||
|
|
||||||
from os import environ
|
from os import environ
|
||||||
from rest_framework.views import APIView
|
from django.contrib.auth.models import User as AuthUser
|
||||||
|
# from rest_framework.permissions import IsAuthenticated
|
||||||
from rest_framework.response import Response
|
from rest_framework.response import Response
|
||||||
from rest_framework import permissions
|
from rest_framework.views import APIView
|
||||||
|
|
||||||
from .parser import PerkParser
|
|
||||||
from .models import Perk, Tree, User
|
from .models import Perk, Tree, User
|
||||||
|
from .parser import PerkParser
|
||||||
|
from .permissions import IsPostOrIsAuthenticated, IsGetOrIsSuperuser
|
||||||
from .serializers import PerkSerializer, TreeSerializer, UserSerializer
|
from .serializers import PerkSerializer, TreeSerializer, UserSerializer
|
||||||
|
|
||||||
|
|
||||||
|
@ -23,7 +25,7 @@ if not PERKS_DIR:
|
||||||
|
|
||||||
|
|
||||||
class TreeView(APIView):
|
class TreeView(APIView):
|
||||||
# permission_classes = (permissions.IsAuthenticated,)
|
permission_classes = (IsGetOrIsSuperuser,)
|
||||||
|
|
||||||
def get(self, request, format=None):
|
def get(self, request, format=None):
|
||||||
trees = []
|
trees = []
|
||||||
|
@ -46,7 +48,7 @@ class TreeView(APIView):
|
||||||
|
|
||||||
|
|
||||||
class PerkView(APIView):
|
class PerkView(APIView):
|
||||||
# permission_classes = (permissions.IsAuthenticated,)
|
permission_classes = (IsGetOrIsSuperuser,)
|
||||||
|
|
||||||
def get(self, request, tree_id, format=None):
|
def get(self, request, tree_id, format=None):
|
||||||
output_data = {
|
output_data = {
|
||||||
|
@ -83,9 +85,12 @@ class PerkView(APIView):
|
||||||
|
|
||||||
|
|
||||||
class UserView(APIView):
|
class UserView(APIView):
|
||||||
permission_classes = (permissions.IsAuthenticated,)
|
permission_classes = (IsPostOrIsAuthenticated,)
|
||||||
|
|
||||||
def get(self, request):
|
def get(self, request):
|
||||||
|
if not request.user.id:
|
||||||
|
return Response(status=404)
|
||||||
|
|
||||||
user = User.objects.get(base_user__id=request.user.id)
|
user = User.objects.get(base_user__id=request.user.id)
|
||||||
serialized_user = UserSerializer(user).data
|
serialized_user = UserSerializer(user).data
|
||||||
|
|
||||||
|
@ -109,3 +114,14 @@ class UserView(APIView):
|
||||||
serialized_user = UserSerializer(user).data
|
serialized_user = UserSerializer(user).data
|
||||||
return Response(serialized_user)
|
return Response(serialized_user)
|
||||||
|
|
||||||
|
def post(self, request):
|
||||||
|
username = request.data['username']
|
||||||
|
email = request.data['email']
|
||||||
|
password = request.data['password']
|
||||||
|
base_user = AuthUser.objects.create_user(username=username, email=email, password=password)
|
||||||
|
user = User(base_user=base_user)
|
||||||
|
user.save()
|
||||||
|
|
||||||
|
serialized_user = UserSerializer(user).data
|
||||||
|
return Response(serialized_user)
|
||||||
|
|
||||||
|
|
|
@ -42,7 +42,7 @@
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
import AuthController from '../../controllers/auth.controller';
|
import UserController from '../../controllers/user.controller';
|
||||||
|
|
||||||
export default {
|
export default {
|
||||||
name: 'signup',
|
name: 'signup',
|
||||||
|
@ -58,6 +58,8 @@
|
||||||
methods: {
|
methods: {
|
||||||
submit(event) {
|
submit(event) {
|
||||||
event.preventDefault();
|
event.preventDefault();
|
||||||
|
this.signupErrors = [];
|
||||||
|
|
||||||
if (this.password !== this.passwordConfirm) {
|
if (this.password !== this.passwordConfirm) {
|
||||||
this.signupErrors.push('Passwords do not match');
|
this.signupErrors.push('Passwords do not match');
|
||||||
return;
|
return;
|
||||||
|
@ -68,7 +70,7 @@
|
||||||
email: this.email,
|
email: this.email,
|
||||||
password: this.password,
|
password: this.password,
|
||||||
};
|
};
|
||||||
AuthController.signup(data).then(() => {
|
UserController.createUser(data).then(() => {
|
||||||
this.$router.push({ name: 'index' });
|
this.$router.push({ name: 'index' });
|
||||||
}).catch((error) => {
|
}).catch((error) => {
|
||||||
if (error.response) {
|
if (error.response) {
|
||||||
|
|
|
@ -12,8 +12,8 @@ export default class AuthController {
|
||||||
return UserApi.getUser();
|
return UserApi.getUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
static signup(data) {
|
static createUser(data) {
|
||||||
return UserApi.signup(data);
|
return UserApi.createUser(data);
|
||||||
}
|
}
|
||||||
|
|
||||||
static updatePerks(perks) {
|
static updatePerks(perks) {
|
||||||
|
|
|
@ -40,10 +40,13 @@ const configureHttp = () => {
|
||||||
};
|
};
|
||||||
|
|
||||||
const configureRaven = () => {
|
const configureRaven = () => {
|
||||||
Raven
|
if (config.getEnv() !== 'dev') {
|
||||||
.config('https://2b1b0eea285244289175e53d65421fac@sentry.theedgeofrage.com/3')
|
console.log('Setting up Raven.js');
|
||||||
.addPlugin(RavenVue, Vue)
|
Raven
|
||||||
.install();
|
.config('https://2b1b0eea285244289175e53d65421fac@sentry.theedgeofrage.com/3')
|
||||||
|
.addPlugin(RavenVue, Vue)
|
||||||
|
.install();
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
configureHttp();
|
configureHttp();
|
||||||
|
|
Reference in New Issue