kit-eco.social/consumocuidado-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix for user registration

Browse Source
This commit is contained in:
Sam
2021-02-01 12:56:28 +00:00
parent d94eb9882c
commit b8cd663fee
5 changed files with 80 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
companies/models.py
View File

@@ -38,11 +38,13 @@ class Company(models.Model):
shipping_cost = models.DecimalField('Gastos de envío', max_digits=10, decimal_places=2, null=True, blank=True) shipping_cost = models.DecimalField('Gastos de envío', max_digits=10, decimal_places=2, null=True, blank=True)
tags = TagField(force_lowercase=True,max_count=5, tree=True) tags = TagField(force_lowercase=True,max_count=5, tree=True)
sync = models.BooleanField('Sincronizar tienda', default=False, null=True, blank=True) sync = models.BooleanField('Sincronizar tienda', default=False, null=True, blank=True)
is_validated = models.BooleanField('Validado', default=False, null=True, blank=True)
is_active = models.BooleanField('Activado', default=False, null=True, blank=True) # Accesible on site
# internal # internal
created = models.DateTimeField('date of creation', auto_now_add=True) created = models.DateTimeField('date of creation', auto_now_add=True)
updated = models.DateTimeField('date last update', auto_now=True) updated = models.DateTimeField('date last update', auto_now=True)
creator = models.ForeignKey('core.CustomUser', on_delete=models.DO_NOTHING, null=True, related_name='company') creator = models.ForeignKey('core.CustomUser', on_delete=models.DO_NOTHING, null=True, related_name='company_creator')
def __str__(self): def __str__(self):
return self.company_name return self.company_name

10
core/models.py
View File

@@ -2,9 +2,11 @@ from django.db import models
from django.contrib.auth.base_user import AbstractBaseUser, BaseUserManager from django.contrib.auth.base_user import AbstractBaseUser, BaseUserManager
from django.contrib.auth.models import PermissionsMixin from django.contrib.auth.models import PermissionsMixin
from companies.models import Company
# Create your models here. # Create your models here.
class UserManager(BaseUserManager): class CustomUserManager(BaseUserManager):
use_in_migrations = True use_in_migrations = True
def _create_user(self, email, password, **extra_fields): def _create_user(self, email, password, **extra_fields):
@@ -16,7 +18,7 @@ class UserManager(BaseUserManager):
email = self.normalize_email(email) email = self.normalize_email(email)
user = self.model(email=email, **extra_fields) user = self.model(email=email, **extra_fields)
user.set_password(password) user.set_password(password)
user.save(using=self._db) user.save()
return user return user
def create_user(self, email, password=None, **extra_fields): def create_user(self, email, password=None, **extra_fields):
@@ -42,7 +44,7 @@ class CustomUser(AbstractBaseUser, PermissionsMixin):
notify = models.BooleanField('Notificar', default=False, null=True) notify = models.BooleanField('Notificar', default=False, null=True)
provider = models.CharField('Proveedor', max_length=1000, blank=True, null=True) # red social de registro provider = models.CharField('Proveedor', max_length=1000, blank=True, null=True) # red social de registro
email_verified = models.BooleanField('Email verificado', default=False, null=True) email_verified = models.BooleanField('Email verificado', default=False, null=True)
company = None # models.ForeignKey(Empresa, null=True, on_delete=models.DO_NOTHING) company = models.ForeignKey(Company, null=True, on_delete=models.DO_NOTHING, related_name='custom_user')
is_active = models.BooleanField('Activo', default=True) is_active = models.BooleanField('Activo', default=True)
is_staff = models.BooleanField('Empleado',default=False ) is_staff = models.BooleanField('Empleado',default=False )
@@ -51,7 +53,7 @@ class CustomUser(AbstractBaseUser, PermissionsMixin):
created = models.DateTimeField(auto_now_add=True, null=True, blank=True) created = models.DateTimeField(auto_now_add=True, null=True, blank=True)
last_visit = models.DateTimeField(auto_now=True) last_visit = models.DateTimeField(auto_now=True)
objects = UserManager() objects = CustomUserManager()
USERNAME_FIELD = 'email' USERNAME_FIELD = 'email'
REQUIRED_FIELDS = [] REQUIRED_FIELDS = []

19
core/serializers.py
View File

@@ -1,17 +1,28 @@
from django.contrib.auth import get_user_model
from rest_framework import serializers from rest_framework import serializers
from . import models from . import models
User = get_user_model()
class CustomUserSerializer(serializers.ModelSerializer):
class CustomUserReadSerializer(serializers.ModelSerializer):
class Meta: class Meta:
model = models.CustomUser model = User
fields = ('email', 'full_name', 'role', 'is_active') fields = ('email', 'full_name', 'role', 'is_active',)
class CustomUserWriteSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ('email', 'full_name', 'role', 'is_active', 'password')
class CreatorSerializer(serializers.ModelSerializer): class CreatorSerializer(serializers.ModelSerializer):
class Meta: class Meta:
model = models.CustomUser model = User
fields = ('email',) fields = ('email',)

35
core/tests.py
View File

@@ -1,6 +1,8 @@
import random import random
import string import string
import json import json
import hashlib
import base64
from django.test import TestCase from django.test import TestCase
@@ -13,6 +15,7 @@ from . import models
from . import factories from . import factories
# Create your tests here. # Create your tests here.
class CustomUserViewSetTest(APITestCase): class CustomUserViewSetTest(APITestCase):
"""CustomUser viewset tests """CustomUser viewset tests
""" """
@@ -35,13 +38,11 @@ class CustomUserViewSetTest(APITestCase):
# anon user # anon user
def test_anon_user_can_create_inactive_instance(self): def test_anon_user_can_create_inactive_instance(self):
"""Not logged-in user can create new instance of User but it's inactive """Not logged-in user can create new instance of User but it's inactive
TODO: should create inactive user
""" """
data = { data = {
'email': 'test@email.com', 'email': 'test@email.com',
'full_name': 'TEST NAME', 'full_name': 'TEST NAME',
'password1': 'VENTILADORES1234499.89', 'password': 'VENTILADORES1234499.89',
'password2': 'VENTILADORES1234499.89',
} }
# Query endpoint # Query endpoint
@@ -49,8 +50,14 @@ class CustomUserViewSetTest(APITestCase):
# Assert creation is successful # Assert creation is successful
self.assertEqual(response.status_code, status.HTTP_201_CREATED) self.assertEqual(response.status_code, status.HTTP_201_CREATED)
# check for new user instance created
self.assertEquals(1, self.model.objects.filter(email=data['email']).count())
# assert password has been set
new_user = self.model.objects.get(email=data['email'])
self.assertNotEqual('', new_user.password)
# assert instance is inactive # assert instance is inactive
info = json.loads(response.content) info = json.loads(response.content)
self.assertFalse(info['is_active']) self.assertFalse(info['is_active'])
def test_anon_user_cannot_modify_existing_instance(self): def test_anon_user_cannot_modify_existing_instance(self):
@@ -151,6 +158,25 @@ class CustomUserViewSetTest(APITestCase):
# Assert access is forbidden # Assert access is forbidden
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_user_update_password(self):
'''Test the modification of PASSWORD field value for an instance of User '''
# modify values of alert instance
new_password = "updated_super secret password"
self.user.set_password(new_password)
self.user.save()
# get updated intance using PK
updated_user = self.model.objects.get(pk=self.user.pk)
# assert fields exist, and data matches
stored_value = updated_user.__dict__['password']
hash_type, iteration, salt, stored_password_hash = stored_value.split('$')
new_password_hash = hashlib.pbkdf2_hmac(
hash_name='sha256',
password=new_password.encode(),
salt=salt.encode(),
iterations=int(iteration),
)
self.assertEqual(stored_password_hash, base64.b64encode(new_password_hash).decode())
# admin user # admin user
def test_admin_user_can_create_instance(self): def test_admin_user_can_create_instance(self):
"""Admin user can create new instance """Admin user can create new instance
@@ -163,8 +189,7 @@ class CustomUserViewSetTest(APITestCase):
data = { data = {
'email': 'test@email.com', 'email': 'test@email.com',
'full_name': 'TEST NAME', 'full_name': 'TEST NAME',
'password1': 'VENTILADORES1234499.89', 'password': 'VENTILADORES1234499.89',
'password2': 'VENTILADORES1234499.89',
} }
# Authenticate user # Authenticate user

27
core/views.py
View File

@@ -15,7 +15,32 @@ from back_latienda.permissions import CustomUserPermissions
class CustomUserViewSet(viewsets.ModelViewSet): class CustomUserViewSet(viewsets.ModelViewSet):
model = models.CustomUser model = models.CustomUser
serializer_class = serializers.CustomUserSerializer serializer_class = serializers.CustomUserReadSerializer
write_serializer_class =serializers.CustomUserWriteSerializer
model_name = 'custom_user' model_name = 'custom_user'
queryset = models.CustomUser.objects.all() queryset = models.CustomUser.objects.all()
permission_classes = [CustomUserPermissions,] permission_classes = [CustomUserPermissions,]
def create(self, request):
"""
Create Instance
"""
try:
serializer = self.write_serializer_class(
data=request.data,
)
if serializer.is_valid():
# save model instance data
password = serializer.validated_data.pop('password')
instance = self.model(**serializer.validated_data)
instance.set_password(password)
instance.save()
return Response(self.serializer_class(
instance, many=False, context={'request': request}).data,
status=status.HTTP_201_CREATED)
else:
return Response(
serializer.errors, status=status.HTTP_406_NOT_ACCEPTABLE)
except Exception as e:
return Response(str(e), status=status.HTTP_500_INTERNAL_SERVER_ERROR)