UPDATE
This commit is contained in:
@@ -19,9 +19,11 @@ class MultiFieldBackend(ModelBackend):
|
||||
user = User.objects.get(
|
||||
Q(username=username) | Q(email=username) | Q(phone_number=username)
|
||||
)
|
||||
print(user)
|
||||
except (User.DoesNotExist, User.MultipleObjectsReturned):
|
||||
User().set_password(password)
|
||||
return None
|
||||
print(user.check_password(password) , self.user_can_authenticate(user))
|
||||
|
||||
if user.check_password(password) and self.user_can_authenticate(user):
|
||||
return user
|
||||
|
||||
+1
-1
@@ -109,7 +109,7 @@ class AccountView(APIView):
|
||||
- DELETE "<uuid>/" → Delete: uuid (path). Returns status "success". No data field.
|
||||
"""
|
||||
|
||||
# permission_classes = [IsAuthenticated]
|
||||
permission_classes = [IsAuthenticated]
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
"""
|
||||
|
||||
+9
-16
@@ -1,13 +1,13 @@
|
||||
import secrets
|
||||
|
||||
from django.contrib.auth import authenticate, get_user_model
|
||||
from django.db.models import Q
|
||||
from django.contrib.auth import authenticate
|
||||
from django.conf import settings
|
||||
from django.core.cache import cache
|
||||
from django.core.signing import BadSignature, SignatureExpired, TimestampSigner
|
||||
from django.db import IntegrityError
|
||||
from rest_framework import serializers
|
||||
from rest_framework import status
|
||||
from rest_framework.permissions import AllowAny
|
||||
from rest_framework.response import Response
|
||||
from rest_framework.views import APIView
|
||||
from drf_spectacular.utils import extend_schema, extend_schema_view
|
||||
@@ -61,6 +61,8 @@ class RegisterView(APIView):
|
||||
Returns JWT tokens and user data on success.
|
||||
"""
|
||||
|
||||
permission_classes = [AllowAny]
|
||||
|
||||
def post(self, request):
|
||||
serializer = RegisterSerializer(data=request.data)
|
||||
serializer.is_valid(raise_exception=True)
|
||||
@@ -124,6 +126,8 @@ class LoginView(APIView):
|
||||
Returns JWT tokens and user data on success.
|
||||
"""
|
||||
|
||||
permission_classes = [AllowAny]
|
||||
|
||||
def post(self, request):
|
||||
serializer = LoginSerializer(data=request.data)
|
||||
serializer.is_valid(raise_exception=True)
|
||||
@@ -131,21 +135,8 @@ class LoginView(APIView):
|
||||
identifier = serializer.validated_data["identifier"]
|
||||
password = serializer.validated_data["password"]
|
||||
|
||||
User = get_user_model()
|
||||
user = authenticate(request, username=identifier, password=password)
|
||||
|
||||
identifier = serializer.validated_data["identifier"]
|
||||
password = serializer.validated_data["password"]
|
||||
|
||||
user_obj = User.objects.filter(
|
||||
Q(username=identifier) | Q(email=identifier) | Q(phone_number=identifier)
|
||||
).first()
|
||||
|
||||
|
||||
|
||||
if user_obj:
|
||||
user = authenticate(request, username=user_obj.username, password=password)
|
||||
else:
|
||||
user = None
|
||||
if user is None:
|
||||
return Response(
|
||||
{"code": 401, "msg": "Invalid credentials."},
|
||||
@@ -193,6 +184,8 @@ class AuthenticationView(APIView):
|
||||
Response format: RequestOTPResponse / VerifyOTPResponse (code, msg, token, data when applicable).
|
||||
"""
|
||||
|
||||
permission_classes = [AllowAny]
|
||||
|
||||
def post(self, request):
|
||||
if "verify-otp" in request.path:
|
||||
return self._verify_otp(request)
|
||||
|
||||
+2
-1
@@ -111,7 +111,7 @@ CACHES = {
|
||||
|
||||
REST_FRAMEWORK = {
|
||||
"DEFAULT_PERMISSION_CLASSES": [
|
||||
"rest_framework.permissions.AllowAny",
|
||||
"rest_framework.permissions.IsAuthenticated",
|
||||
],
|
||||
"DEFAULT_AUTHENTICATION_CLASSES": [
|
||||
"rest_framework_simplejwt.authentication.JWTAuthentication",
|
||||
@@ -128,6 +128,7 @@ SPECTACULAR_SETTINGS = {
|
||||
"SWAGGER_UI_FAVICON_HREF": "SIDECAR",
|
||||
"REDOC_DIST": "SIDECAR",
|
||||
"SCHEMA_PATH_PREFIX": r"/api/",
|
||||
"SERVE_PERMISSIONS": ["rest_framework.permissions.AllowAny"],
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -33,9 +33,6 @@ class FarmDashboardConfigView(APIView):
|
||||
PATCH accepts body but returns same static config; no processing or validation.
|
||||
No database. No input values used in response.
|
||||
"""
|
||||
authentication_classes = [] # No authentication
|
||||
permission_classes = []
|
||||
|
||||
def get(self, request):
|
||||
return Response({"code": 200, "msg": "OK", "data": CONFIG}, status=status.HTTP_200_OK)
|
||||
|
||||
@@ -55,9 +52,6 @@ class FarmDashboardCardsView(APIView):
|
||||
Returns unified response with all 15 card payloads.
|
||||
No database. Static mock data only.
|
||||
"""
|
||||
authentication_classes = [] # No authentication
|
||||
permission_classes = []
|
||||
|
||||
def get(self, request):
|
||||
adapter_response = external_api_request("ai", "/dashboard-data/status", method="GET")
|
||||
return Response(adapter_response.data, status=adapter_response.status_code)
|
||||
|
||||
Reference in New Issue
Block a user