├── .gitignore ├── LICENSE ├── README.md ├── api ├── core │ ├── __init__.py │ ├── asgi.py │ ├── settings.py │ ├── urls.py │ └── wsgi.py ├── manage.py ├── status │ ├── __init__.py │ ├── admin.py │ ├── apis.py │ ├── apps.py │ ├── migrations │ │ ├── 0001_initial.py │ │ └── __init__.py │ ├── models.py │ ├── serializer.py │ ├── services.py │ ├── tests.py │ └── urls.py └── user │ ├── __init__.py │ ├── admin.py │ ├── apis.py │ ├── apps.py │ ├── authentication.py │ ├── migrations │ ├── 0001_initial.py │ └── __init__.py │ ├── models.py │ ├── serializer.py │ ├── services.py │ ├── tests.py │ └── urls.py └── requirements.txt /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | pip-wheel-metadata/ 24 | share/python-wheels/ 25 | *.egg-info/ 26 | .installed.cfg 27 | *.egg 28 | MANIFEST 29 | 30 | # PyInstaller 31 | # Usually these files are written by a python script from a template 32 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 33 | *.manifest 34 | *.spec 35 | 36 | # Installer logs 37 | pip-log.txt 38 | pip-delete-this-directory.txt 39 | 40 | # Unit test / coverage reports 41 | htmlcov/ 42 | .tox/ 43 | .nox/ 44 | .coverage 45 | .coverage.* 46 | .cache 47 | nosetests.xml 48 | coverage.xml 49 | *.cover 50 | *.py,cover 51 | .hypothesis/ 52 | .pytest_cache/ 53 | 54 | # Translations 55 | *.mo 56 | *.pot 57 | 58 | # Django stuff: 59 | *.log 60 | local_settings.py 61 | db.sqlite3 62 | db.sqlite3-journal 63 | 64 | # Flask stuff: 65 | instance/ 66 | .webassets-cache 67 | 68 | # Scrapy stuff: 69 | .scrapy 70 | 71 | # Sphinx documentation 72 | docs/_build/ 73 | 74 | # PyBuilder 75 | target/ 76 | 77 | # Jupyter Notebook 78 | .ipynb_checkpoints 79 | 80 | # IPython 81 | profile_default/ 82 | ipython_config.py 83 | 84 | # pyenv 85 | .python-version 86 | 87 | # pipenv 88 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 89 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 90 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 91 | # install all needed dependencies. 92 | #Pipfile.lock 93 | 94 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow 95 | __pypackages__/ 96 | 97 | # Celery stuff 98 | celerybeat-schedule 99 | celerybeat.pid 100 | 101 | # SageMath parsed files 102 | *.sage.py 103 | 104 | # Environments 105 | .env 106 | .venv 107 | env/ 108 | venv/ 109 | ENV/ 110 | env.bak/ 111 | venv.bak/ 112 | 113 | # Spyder project settings 114 | .spyderproject 115 | .spyproject 116 | 117 | # Rope project settings 118 | .ropeproject 119 | 120 | # mkdocs documentation 121 | /site 122 | 123 | # mypy 124 | .mypy_cache/ 125 | .dmypy.json 126 | dmypy.json 127 | 128 | # Pyre type checker 129 | .pyre/ 130 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2022 Francis Ali 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Django Rest Framework 2 | ## Includes 3 | - A custom user model. Rather than using the user model that ships with Django -------------------------------------------------------------------------------- /api/core/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sixfwa/drf-api/6cd29886c7137e89678a283f4860fbf2dda63bb0/api/core/__init__.py -------------------------------------------------------------------------------- /api/core/asgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | ASGI config for api project. 3 | 4 | It exposes the ASGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/4.0/howto/deployment/asgi/ 8 | """ 9 | 10 | import os 11 | 12 | from django.core.asgi import get_asgi_application 13 | 14 | os.environ.setdefault("DJANGO_SETTINGS_MODULE", "core.settings") 15 | 16 | application = get_asgi_application() 17 | -------------------------------------------------------------------------------- /api/core/settings.py: -------------------------------------------------------------------------------- 1 | """ 2 | Django settings for api project. 3 | 4 | Generated by 'django-admin startproject' using Django 4.0.1. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/4.0/topics/settings/ 8 | 9 | For the full list of settings and their values, see 10 | https://docs.djangoproject.com/en/4.0/ref/settings/ 11 | """ 12 | 13 | from pathlib import Path 14 | 15 | # Build paths inside the project like this: BASE_DIR / 'subdir'. 16 | BASE_DIR = Path(__file__).resolve().parent.parent 17 | 18 | 19 | # Quick-start development settings - unsuitable for production 20 | # See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/ 21 | 22 | # SECURITY WARNING: keep the secret key used in production secret! 23 | SECRET_KEY = "django-insecure-u$#0c1o!1!ja2zf9e0bk3k)x8pi2%s61c*n#s6%)q884_mx^38" 24 | JWT_SECRET = "subscribetorithmic" 25 | # SECURITY WARNING: don't run with debug turned on in production! 26 | DEBUG = True 27 | 28 | ALLOWED_HOSTS = [] 29 | 30 | 31 | # Application definition 32 | 33 | INSTALLED_APPS = [ 34 | "django.contrib.admin", 35 | "django.contrib.auth", 36 | "django.contrib.contenttypes", 37 | "django.contrib.sessions", 38 | "django.contrib.messages", 39 | "django.contrib.staticfiles", 40 | "rest_framework", 41 | "user", 42 | "status", 43 | ] 44 | 45 | MIDDLEWARE = [ 46 | "django.middleware.security.SecurityMiddleware", 47 | "django.contrib.sessions.middleware.SessionMiddleware", 48 | "django.middleware.common.CommonMiddleware", 49 | "django.middleware.csrf.CsrfViewMiddleware", 50 | "django.contrib.auth.middleware.AuthenticationMiddleware", 51 | "django.contrib.messages.middleware.MessageMiddleware", 52 | "django.middleware.clickjacking.XFrameOptionsMiddleware", 53 | ] 54 | 55 | ROOT_URLCONF = "core.urls" 56 | 57 | TEMPLATES = [ 58 | { 59 | "BACKEND": "django.template.backends.django.DjangoTemplates", 60 | "DIRS": [], 61 | "APP_DIRS": True, 62 | "OPTIONS": { 63 | "context_processors": [ 64 | "django.template.context_processors.debug", 65 | "django.template.context_processors.request", 66 | "django.contrib.auth.context_processors.auth", 67 | "django.contrib.messages.context_processors.messages", 68 | ], 69 | }, 70 | }, 71 | ] 72 | 73 | WSGI_APPLICATION = "core.wsgi.application" 74 | 75 | 76 | # Database 77 | # https://docs.djangoproject.com/en/4.0/ref/settings/#databases 78 | 79 | DATABASES = { 80 | "default": { 81 | "ENGINE": "django.db.backends.sqlite3", 82 | "NAME": BASE_DIR / "db.sqlite3", 83 | } 84 | } 85 | 86 | 87 | # Password validation 88 | # https://docs.djangoproject.com/en/4.0/ref/settings/#auth-password-validators 89 | 90 | AUTH_PASSWORD_VALIDATORS = [ 91 | { 92 | "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", 93 | }, 94 | { 95 | "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", 96 | }, 97 | { 98 | "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", 99 | }, 100 | { 101 | "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", 102 | }, 103 | ] 104 | 105 | 106 | # Internationalization 107 | # https://docs.djangoproject.com/en/4.0/topics/i18n/ 108 | 109 | LANGUAGE_CODE = "en-us" 110 | 111 | TIME_ZONE = "UTC" 112 | 113 | USE_I18N = True 114 | 115 | USE_TZ = True 116 | 117 | 118 | # Static files (CSS, JavaScript, Images) 119 | # https://docs.djangoproject.com/en/4.0/howto/static-files/ 120 | 121 | STATIC_URL = "static/" 122 | 123 | # Default primary key field type 124 | # https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field 125 | 126 | DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" 127 | 128 | AUTH_USER_MODEL = "user.User" 129 | 130 | CORS_ORIGIN_ALLOW_ALL = True 131 | CORS_ALLOW_CREDENTIALS = True 132 | -------------------------------------------------------------------------------- /api/core/urls.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | from django.urls import path, include 3 | 4 | urlpatterns = [ 5 | path("admin/", admin.site.urls), 6 | path("api/", include("user.urls")), 7 | path("api/", include("status.urls")), 8 | ] 9 | -------------------------------------------------------------------------------- /api/core/wsgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | WSGI config for api project. 3 | 4 | It exposes the WSGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/4.0/howto/deployment/wsgi/ 8 | """ 9 | 10 | import os 11 | 12 | from django.core.wsgi import get_wsgi_application 13 | 14 | os.environ.setdefault("DJANGO_SETTINGS_MODULE", "core.settings") 15 | 16 | application = get_wsgi_application() 17 | -------------------------------------------------------------------------------- /api/manage.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | """Django's command-line utility for administrative tasks.""" 3 | import os 4 | import sys 5 | 6 | 7 | def main(): 8 | """Run administrative tasks.""" 9 | os.environ.setdefault("DJANGO_SETTINGS_MODULE", "core.settings") 10 | try: 11 | from django.core.management import execute_from_command_line 12 | except ImportError as exc: 13 | raise ImportError( 14 | "Couldn't import Django. Are you sure it's installed and " 15 | "available on your PYTHONPATH environment variable? Did you " 16 | "forget to activate a virtual environment?" 17 | ) from exc 18 | execute_from_command_line(sys.argv) 19 | 20 | 21 | if __name__ == "__main__": 22 | main() 23 | -------------------------------------------------------------------------------- /api/status/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sixfwa/drf-api/6cd29886c7137e89678a283f4860fbf2dda63bb0/api/status/__init__.py -------------------------------------------------------------------------------- /api/status/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | 3 | # Register your models here. 4 | -------------------------------------------------------------------------------- /api/status/apis.py: -------------------------------------------------------------------------------- 1 | from rest_framework import views 2 | from rest_framework import permissions 3 | from rest_framework import response 4 | from rest_framework import status as rest_status 5 | 6 | from user import authentication 7 | from . import serializer as status_serializer 8 | from . import services 9 | 10 | 11 | class StatusCreateListApi(views.APIView): 12 | authentication_classes = (authentication.CustomUserAuthentication,) 13 | permission_classes = (permissions.IsAuthenticated,) 14 | 15 | def post(self, request): 16 | serializer = status_serializer.StatusSerializer(data=request.data) 17 | serializer.is_valid(raise_exception=True) 18 | 19 | data = serializer.validated_data 20 | 21 | serializer.instance = services.create_status(user=request.user, status=data) 22 | 23 | return response.Response(data=serializer.data) 24 | 25 | def get(self, request): 26 | status_collection = services.get_user_status(user=request.user) 27 | serializer = status_serializer.StatusSerializer(status_collection, many=True) 28 | return response.Response(data=serializer.data) 29 | 30 | 31 | class StatusRetrieveUpdateDelete(views.APIView): 32 | authentication_classes = (authentication.CustomUserAuthentication,) 33 | permission_classes = (permissions.IsAuthenticated,) 34 | 35 | def get(self, request, status_id): 36 | status = services.get_user_status_detail(status_id=status_id) 37 | serializer = status_serializer.StatusSerializer(status) 38 | return response.Response(data=serializer.data) 39 | 40 | def delete(self, request, status_id): 41 | services.delete_user_status(user=request.user, status_id=status_id) 42 | return response.Response(status=rest_status.HTTP_204_NO_CONTENT) 43 | 44 | def put(self, request, status_id): 45 | serializer = status_serializer.StatusSerializer(data=request.data) 46 | serializer.is_valid(raise_exception=True) 47 | status = serializer.validated_data 48 | serializer.instance = services.update_user_status( 49 | user=request.user, status_id=status_id, status_data=status 50 | ) 51 | 52 | return response.Response(data=serializer.data) 53 | -------------------------------------------------------------------------------- /api/status/apps.py: -------------------------------------------------------------------------------- 1 | from django.apps import AppConfig 2 | 3 | 4 | class StatusConfig(AppConfig): 5 | default_auto_field = "django.db.models.BigAutoField" 6 | name = "status" 7 | -------------------------------------------------------------------------------- /api/status/migrations/0001_initial.py: -------------------------------------------------------------------------------- 1 | # Generated by Django 4.0.1 on 2022-01-27 22:01 2 | 3 | from django.conf import settings 4 | from django.db import migrations, models 5 | import django.db.models.deletion 6 | 7 | 8 | class Migration(migrations.Migration): 9 | 10 | initial = True 11 | 12 | dependencies = [ 13 | migrations.swappable_dependency(settings.AUTH_USER_MODEL), 14 | ] 15 | 16 | operations = [ 17 | migrations.CreateModel( 18 | name="Status", 19 | fields=[ 20 | ( 21 | "id", 22 | models.BigAutoField( 23 | auto_created=True, 24 | primary_key=True, 25 | serialize=False, 26 | verbose_name="ID", 27 | ), 28 | ), 29 | ("content", models.TextField(verbose_name="content")), 30 | ( 31 | "date_published", 32 | models.DateTimeField( 33 | auto_now_add=True, verbose_name="Date Published" 34 | ), 35 | ), 36 | ( 37 | "user", 38 | models.ForeignKey( 39 | on_delete=django.db.models.deletion.CASCADE, 40 | to=settings.AUTH_USER_MODEL, 41 | verbose_name="user", 42 | ), 43 | ), 44 | ], 45 | ), 46 | ] 47 | -------------------------------------------------------------------------------- /api/status/migrations/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sixfwa/drf-api/6cd29886c7137e89678a283f4860fbf2dda63bb0/api/status/migrations/__init__.py -------------------------------------------------------------------------------- /api/status/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | from django.conf import settings 3 | 4 | 5 | class Status(models.Model): 6 | user = models.ForeignKey( 7 | settings.AUTH_USER_MODEL, on_delete=models.CASCADE, verbose_name="user" 8 | ) 9 | 10 | content = models.TextField(verbose_name="content") 11 | 12 | date_published = models.DateTimeField( 13 | auto_now_add=True, verbose_name="Date Published" 14 | ) 15 | -------------------------------------------------------------------------------- /api/status/serializer.py: -------------------------------------------------------------------------------- 1 | from rest_framework import serializers 2 | 3 | from user import serializer as user_serializer 4 | 5 | from . import services 6 | 7 | 8 | class StatusSerializer(serializers.Serializer): 9 | id = serializers.IntegerField(read_only=True) 10 | content = serializers.CharField() 11 | date_published = serializers.DateTimeField(read_only=True) 12 | user = user_serializer.UserSerializer(read_only=True) 13 | 14 | def to_internal_value(self, data): 15 | data = super().to_internal_value(data) 16 | 17 | return services.StatusDataClass(**data) 18 | -------------------------------------------------------------------------------- /api/status/services.py: -------------------------------------------------------------------------------- 1 | import dataclasses 2 | import datetime 3 | from typing import TYPE_CHECKING 4 | 5 | from django.shortcuts import get_object_or_404 6 | from rest_framework import exceptions 7 | 8 | from user import services as user_service 9 | from . import models as status_models 10 | 11 | if TYPE_CHECKING: 12 | from models import Status 13 | from user.models import User 14 | 15 | 16 | @dataclasses.dataclass 17 | class StatusDataClass: 18 | content: str 19 | date_published: datetime.datetime = None 20 | user: user_service.UserDataClass = None 21 | id: int = None 22 | 23 | @classmethod 24 | def from_instance(cls, status_model: "Status") -> "StatusDataClass": 25 | return cls( 26 | content=status_model.content, 27 | date_published=status_model.date_published, 28 | id=status_model.id, 29 | user=status_model.user, 30 | ) 31 | 32 | 33 | def create_status(user, status: "StatusDataClass") -> "StatusDataClass": 34 | status_create = status_models.Status.objects.create( 35 | content=status.content, user=user 36 | ) 37 | return StatusDataClass.from_instance(status_model=status_create) 38 | 39 | 40 | def get_user_status(user: "User") -> list["StatusDataClass"]: 41 | user_status = status_models.Status.objects.filter(user=user) 42 | 43 | return [ 44 | StatusDataClass.from_instance(single_status) for single_status in user_status 45 | ] 46 | 47 | 48 | def get_user_status_detail(status_id: int) -> "StatusDataClass": 49 | status = get_object_or_404(status_models.Status, pk=status_id) 50 | 51 | return StatusDataClass.from_instance(status_model=status) 52 | 53 | 54 | def delete_user_status(user: "User", status_id: int) -> "StatusDataClass": 55 | status = get_object_or_404(status_models.Status, pk=status_id) 56 | if user.id != status.user.id: 57 | raise exceptions.PermissionDenied("You're not the user fool") 58 | status.delete() 59 | 60 | 61 | def update_user_status(user: "User", status_id: int, status_data: "StatusDataClass"): 62 | status = get_object_or_404(status_models.Status, pk=status_id) 63 | if user.id != status.user.id: 64 | raise exceptions.PermissionDenied("You're not the user fool") 65 | 66 | status.content = status_data.content 67 | status.save() 68 | 69 | return StatusDataClass.from_instance(status_model=status) 70 | -------------------------------------------------------------------------------- /api/status/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /api/status/urls.py: -------------------------------------------------------------------------------- 1 | from django.urls import path 2 | 3 | from . import apis 4 | 5 | urlpatterns = [ 6 | path("status/", apis.StatusCreateListApi.as_view(), name="status"), 7 | path( 8 | "status//", 9 | apis.StatusRetrieveUpdateDelete.as_view(), 10 | name="status_detail", 11 | ), 12 | ] 13 | -------------------------------------------------------------------------------- /api/user/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sixfwa/drf-api/6cd29886c7137e89678a283f4860fbf2dda63bb0/api/user/__init__.py -------------------------------------------------------------------------------- /api/user/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | 3 | from . import models 4 | 5 | 6 | class UserAdmin(admin.ModelAdmin): 7 | list_display = ("id", "first_name", "last_name", "email") 8 | 9 | 10 | admin.site.register(models.User, UserAdmin) 11 | -------------------------------------------------------------------------------- /api/user/apis.py: -------------------------------------------------------------------------------- 1 | from rest_framework import views, response, exceptions, permissions 2 | 3 | from . import serializer as user_serializer 4 | from . import services, authentication 5 | 6 | 7 | class RegisterApi(views.APIView): 8 | def post(self, request): 9 | serializer = user_serializer.UserSerializer(data=request.data) 10 | serializer.is_valid(raise_exception=True) 11 | 12 | data = serializer.validated_data 13 | serializer.instance = services.create_user(user_dc=data) 14 | 15 | return response.Response(data=serializer.data) 16 | 17 | 18 | class LoginApi(views.APIView): 19 | def post(self, request): 20 | email = request.data["email"] 21 | password = request.data["password"] 22 | 23 | user = services.user_email_selector(email=email) 24 | 25 | if user is None: 26 | raise exceptions.AuthenticationFailed("Invalid Credentials") 27 | 28 | if not user.check_password(raw_password=password): 29 | raise exceptions.AuthenticationFailed("Invalid Credentials") 30 | 31 | token = services.create_token(user_id=user.id) 32 | 33 | resp = response.Response() 34 | 35 | resp.set_cookie(key="jwt", value=token, httponly=True) 36 | 37 | return resp 38 | 39 | 40 | class UserApi(views.APIView): 41 | """ 42 | This endpoint can only be used 43 | if the user is authenticated 44 | """ 45 | 46 | authentication_classes = (authentication.CustomUserAuthentication,) 47 | permission_classes = (permissions.IsAuthenticated,) 48 | 49 | def get(self, request): 50 | user = request.user 51 | 52 | serializer = user_serializer.UserSerializer(user) 53 | 54 | return response.Response(serializer.data) 55 | 56 | 57 | class LogoutApi(views.APIView): 58 | authentication_classes = (authentication.CustomUserAuthentication,) 59 | permission_classes = (permissions.IsAuthenticated,) 60 | 61 | def post(self, request): 62 | resp = response.Response() 63 | resp.delete_cookie("jwt") 64 | resp.data = {"message": "so long farewell"} 65 | 66 | return resp 67 | -------------------------------------------------------------------------------- /api/user/apps.py: -------------------------------------------------------------------------------- 1 | from django.apps import AppConfig 2 | 3 | 4 | class UserConfig(AppConfig): 5 | default_auto_field = "django.db.models.BigAutoField" 6 | name = "user" 7 | -------------------------------------------------------------------------------- /api/user/authentication.py: -------------------------------------------------------------------------------- 1 | from django.conf import settings 2 | from rest_framework import authentication, exceptions 3 | import jwt 4 | 5 | from . import models 6 | 7 | 8 | class CustomUserAuthentication(authentication.BaseAuthentication): 9 | def authenticate(self, request): 10 | token = request.COOKIES.get("jwt") 11 | 12 | if not token: 13 | return None 14 | 15 | try: 16 | payload = jwt.decode(token, settings.JWT_SECRET, algorithms=["HS256"]) 17 | except: 18 | raise exceptions.AuthenticationFailed("Unauthorized") 19 | 20 | user = models.User.objects.filter(id=payload["id"]).first() 21 | 22 | return (user, None) 23 | -------------------------------------------------------------------------------- /api/user/migrations/0001_initial.py: -------------------------------------------------------------------------------- 1 | # Generated by Django 4.0.1 on 2022-01-22 23:40 2 | 3 | from django.db import migrations, models 4 | import django.utils.timezone 5 | 6 | 7 | class Migration(migrations.Migration): 8 | 9 | initial = True 10 | 11 | dependencies = [ 12 | ("auth", "0012_alter_user_first_name_max_length"), 13 | ] 14 | 15 | operations = [ 16 | migrations.CreateModel( 17 | name="User", 18 | fields=[ 19 | ( 20 | "id", 21 | models.BigAutoField( 22 | auto_created=True, 23 | primary_key=True, 24 | serialize=False, 25 | verbose_name="ID", 26 | ), 27 | ), 28 | ( 29 | "last_login", 30 | models.DateTimeField( 31 | blank=True, null=True, verbose_name="last login" 32 | ), 33 | ), 34 | ( 35 | "is_superuser", 36 | models.BooleanField( 37 | default=False, 38 | help_text="Designates that this user has all permissions without explicitly assigning them.", 39 | verbose_name="superuser status", 40 | ), 41 | ), 42 | ( 43 | "is_staff", 44 | models.BooleanField( 45 | default=False, 46 | help_text="Designates whether the user can log into this admin site.", 47 | verbose_name="staff status", 48 | ), 49 | ), 50 | ( 51 | "is_active", 52 | models.BooleanField( 53 | default=True, 54 | help_text="Designates whether this user should be treated as active. Unselect this instead of deleting accounts.", 55 | verbose_name="active", 56 | ), 57 | ), 58 | ( 59 | "date_joined", 60 | models.DateTimeField( 61 | default=django.utils.timezone.now, verbose_name="date joined" 62 | ), 63 | ), 64 | ( 65 | "first_name", 66 | models.CharField(max_length=255, verbose_name="First Name"), 67 | ), 68 | ( 69 | "last_name", 70 | models.CharField(max_length=255, verbose_name="Last Name"), 71 | ), 72 | ( 73 | "email", 74 | models.EmailField( 75 | max_length=255, unique=True, verbose_name="Email" 76 | ), 77 | ), 78 | ("password", models.CharField(max_length=255)), 79 | ( 80 | "groups", 81 | models.ManyToManyField( 82 | blank=True, 83 | help_text="The groups this user belongs to. A user will get all permissions granted to each of their groups.", 84 | related_name="user_set", 85 | related_query_name="user", 86 | to="auth.Group", 87 | verbose_name="groups", 88 | ), 89 | ), 90 | ( 91 | "user_permissions", 92 | models.ManyToManyField( 93 | blank=True, 94 | help_text="Specific permissions for this user.", 95 | related_name="user_set", 96 | related_query_name="user", 97 | to="auth.Permission", 98 | verbose_name="user permissions", 99 | ), 100 | ), 101 | ], 102 | options={ 103 | "verbose_name": "user", 104 | "verbose_name_plural": "users", 105 | "abstract": False, 106 | }, 107 | ), 108 | ] 109 | -------------------------------------------------------------------------------- /api/user/migrations/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sixfwa/drf-api/6cd29886c7137e89678a283f4860fbf2dda63bb0/api/user/migrations/__init__.py -------------------------------------------------------------------------------- /api/user/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | from django.contrib.auth import models as auth_models 3 | 4 | 5 | class UserManager(auth_models.BaseUserManager): 6 | def create_user( 7 | self, 8 | first_name: str, 9 | last_name: str, 10 | email: str, 11 | password: str = None, 12 | is_staff=False, 13 | is_superuser=False, 14 | ) -> "User": 15 | if not email: 16 | raise ValueError("User must have an email") 17 | if not first_name: 18 | raise ValueError("User must have a first name") 19 | if not last_name: 20 | raise ValueError("User must have a last name") 21 | 22 | user = self.model(email=self.normalize_email(email)) 23 | user.first_name = first_name 24 | user.last_name = last_name 25 | user.set_password(password) 26 | user.is_active = True 27 | user.is_staff = is_staff 28 | user.is_superuser = is_superuser 29 | user.save() 30 | 31 | return user 32 | 33 | def create_superuser( 34 | self, first_name: str, last_name: str, email: str, password: str 35 | ) -> "User": 36 | user = self.create_user( 37 | first_name=first_name, 38 | last_name=last_name, 39 | email=email, 40 | password=password, 41 | is_staff=True, 42 | is_superuser=True, 43 | ) 44 | user.save() 45 | 46 | return user 47 | 48 | 49 | class User(auth_models.AbstractUser): 50 | first_name = models.CharField(verbose_name="First Name", max_length=255) 51 | last_name = models.CharField(verbose_name="Last Name", max_length=255) 52 | email = models.EmailField(verbose_name="Email", max_length=255, unique=True) 53 | password = models.CharField(max_length=255) 54 | username = None 55 | 56 | objects = UserManager() 57 | 58 | USERNAME_FIELD = "email" 59 | REQUIRED_FIELDS = ["first_name", "last_name"] 60 | -------------------------------------------------------------------------------- /api/user/serializer.py: -------------------------------------------------------------------------------- 1 | from rest_framework import serializers 2 | 3 | from . import services 4 | 5 | 6 | class UserSerializer(serializers.Serializer): 7 | id = serializers.IntegerField(read_only=True) 8 | first_name = serializers.CharField() 9 | last_name = serializers.CharField() 10 | email = serializers.CharField() 11 | password = serializers.CharField(write_only=True) 12 | 13 | def to_internal_value(self, data): 14 | data = super().to_internal_value(data) 15 | 16 | return services.UserDataClass(**data) 17 | -------------------------------------------------------------------------------- /api/user/services.py: -------------------------------------------------------------------------------- 1 | import dataclasses 2 | import datetime 3 | import jwt 4 | from typing import TYPE_CHECKING 5 | from django.conf import settings 6 | from . import models 7 | 8 | if TYPE_CHECKING: 9 | from .models import User 10 | 11 | 12 | @dataclasses.dataclass 13 | class UserDataClass: 14 | first_name: str 15 | last_name: str 16 | email: str 17 | password: str = None 18 | id: int = None 19 | 20 | @classmethod 21 | def from_instance(cls, user: "User") -> "UserDataClass": 22 | return cls( 23 | first_name=user.first_name, 24 | last_name=user.last_name, 25 | email=user.email, 26 | id=user.id, 27 | ) 28 | 29 | 30 | def create_user(user_dc: "UserDataClass") -> "UserDataClass": 31 | instance = models.User( 32 | first_name=user_dc.first_name, last_name=user_dc.last_name, email=user_dc.email 33 | ) 34 | if user_dc.password is not None: 35 | instance.set_password(user_dc.password) 36 | 37 | instance.save() 38 | 39 | return UserDataClass.from_instance(instance) 40 | 41 | 42 | def user_email_selector(email: str) -> "User": 43 | user = models.User.objects.filter(email=email).first() 44 | 45 | return user 46 | 47 | 48 | def create_token(user_id: int) -> str: 49 | payload = dict( 50 | id=user_id, 51 | exp=datetime.datetime.utcnow() + datetime.timedelta(hours=24), 52 | iat=datetime.datetime.utcnow(), 53 | ) 54 | token = jwt.encode(payload, settings.JWT_SECRET, algorithm="HS256") 55 | 56 | return token 57 | -------------------------------------------------------------------------------- /api/user/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /api/user/urls.py: -------------------------------------------------------------------------------- 1 | from django.urls import path 2 | 3 | from . import apis 4 | 5 | urlpatterns = [ 6 | path("register/", apis.RegisterApi.as_view(), name="register"), 7 | path("login/", apis.LoginApi.as_view(), name="login"), 8 | path("me/", apis.UserApi.as_view(), name="me"), 9 | path("logout/", apis.LogoutApi.as_view(), name="logout"), 10 | ] 11 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | asgiref==3.5.0 2 | black==21.12b0 3 | click==8.0.3 4 | Django==4.0.1 5 | django-cors-headers==3.11.0 6 | djangorestframework==3.13.1 7 | mypy-extensions==0.4.3 8 | pathspec==0.9.0 9 | platformdirs==2.4.1 10 | PyJWT==2.3.0 11 | pytz==2021.3 12 | sqlparse==0.4.2 13 | tomli==1.2.3 14 | typing_extensions==4.0.1 15 | --------------------------------------------------------------------------------