tubearchivist/backend/user/views.py

"""all user api views"""

from common.serializers import ErrorResponseSerializer
from common.views import ApiBaseView
from django.contrib.auth import authenticate, login, logout
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt
from drf_spectacular.utils import OpenApiResponse, extend_schema
from rest_framework.permissions import AllowAny
from rest_framework.response import Response
from rest_framework.views import APIView
from user.models import Account
from user.serializers import (
    AccountSerializer,
    LoginSerializer,
    UserMeConfigSerializer,
)
from user.src.user_config import UserConfig


class UserAccountView(ApiBaseView):
    """resolves to /api/user/account/
    GET: return current user account
    """

    @extend_schema(
        responses=AccountSerializer(),
    )
    def get(self, request):
        """get user account"""
        user_id = request.user.id
        account = Account.objects.get(id=user_id)
        account_serializer = AccountSerializer(account)
        return Response(account_serializer.data)


class UserConfigView(ApiBaseView):
    """resolves to /api/user/me/
    GET: return current user config
    POST: update user config
    """

    @extend_schema(responses=UserMeConfigSerializer())
    def get(self, request):
        """get user config"""
        config = UserConfig(request.user.id).get_config()
        serializer = UserMeConfigSerializer(config)

        return Response(serializer.data)

    @extend_schema(
        request=UserMeConfigSerializer(required=False),
        responses={
            200: UserMeConfigSerializer(),
            400: OpenApiResponse(
                ErrorResponseSerializer(), description="Bad request"
            ),
        },
    )
    def post(self, request):
        """update config, allows partial update"""

        data_serializer = UserMeConfigSerializer(
            data=request.data, partial=True
        )
        data_serializer.is_valid(raise_exception=True)
        validated_data = data_serializer.validated_data
        UserConfig(request.user.id).update_config(to_update=validated_data)
        config = UserConfig(request.user.id).get_config()
        serializer = UserMeConfigSerializer(config)

        return Response(serializer.data)


@method_decorator(csrf_exempt, name="dispatch")
class LoginApiView(APIView):
    """resolves to /api/user/login/
    POST: return token and username after successful login
    """

    permission_classes = [AllowAny]
    SEC_IN_DAY = 60 * 60 * 24

    @extend_schema(
        request=LoginSerializer(),
        responses={204: OpenApiResponse(description="login successful")},
    )
    def post(self, request, *args, **kwargs):
        """login with username and password"""
        # pylint: disable=no-member
        data_serializer = LoginSerializer(data=request.data)
        data_serializer.is_valid(raise_exception=True)
        validated_data = data_serializer.validated_data

        username = validated_data["username"]
        password = validated_data["password"]
        remember_me = validated_data.get("remember_me")

        user = authenticate(request, username=username, password=password)
        if user is None:
            error = ErrorResponseSerializer({"error": "Invalid credentials"})
            return Response(error.data, status=400)

        if remember_me == "on":
            request.session.set_expiry(self.SEC_IN_DAY * 365)
        else:
            request.session.set_expiry(self.SEC_IN_DAY * 2)

        print(f"expire session in {request.session.get_expiry_age()} secs")

        login(request, user)  # Creates a session for the user
        return Response(status=204)


class LogoutApiView(ApiBaseView):
    """resolves to /api/user/logout/
    POST: handle logout
    """

    @extend_schema(
        responses={204: OpenApiResponse(description="logout successful")}
    )
    def post(self, request, *args, **kwargs):
        """logout user from session"""
        logout(request)
        return Response(status=204)
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`"""all user api views"""`

serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`from common.serializers import ErrorResponseSerializer`
consolidate in common app 2024-07-22 22:37:49 +02:00			`from common.views import ApiBaseView`
handle logout, #855 2025-01-01 15:26:23 +07:00			`from django.contrib.auth import authenticate, login, logout`
ignore csrf on login view 2024-08-10 17:18:00 +02:00			`from django.utils.decorators import method_decorator`
			`from django.views.decorators.csrf import csrf_exempt`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`from drf_spectacular.utils import OpenApiResponse, extend_schema`
session login 2024-08-10 18:19:58 +02:00			`from rest_framework.permissions import AllowAny`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`from rest_framework.response import Response`
session login 2024-08-10 18:19:58 +02:00			`from rest_framework.views import APIView`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`from user.models import Account`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`from user.serializers import (`
			`AccountSerializer,`
			`LoginSerializer,`
			`UserMeConfigSerializer,`
			`)`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`from user.src.user_config import UserConfig`


serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`class UserAccountView(ApiBaseView):`
			`"""resolves to /api/user/account/`
			`GET: return current user account`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`"""`

serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`@extend_schema(`
			`responses=AccountSerializer(),`
			`)`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`def get(self, request):`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`"""get user account"""`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`user_id = request.user.id`
			`account = Account.objects.get(id=user_id)`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`account_serializer = AccountSerializer(account)`
			`return Response(account_serializer.data)`
reset migrations, split user app 2024-07-22 21:34:03 +02:00

serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`class UserConfigView(ApiBaseView):`
			`"""resolves to /api/user/me/`
			`GET: return current user config`
			`POST: update user config`
			`"""`
reset migrations, split user app 2024-07-22 21:34:03 +02:00
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`@extend_schema(responses=UserMeConfigSerializer())`
			`def get(self, request):`
			`"""get user config"""`
			`config = UserConfig(request.user.id).get_config()`
			`serializer = UserMeConfigSerializer(config)`

			`return Response(serializer.data)`

			`@extend_schema(`
			`request=UserMeConfigSerializer(required=False),`
			`responses={`
			`200: UserMeConfigSerializer(),`
			`400: OpenApiResponse(`
			`ErrorResponseSerializer(), description="Bad request"`
			`),`
			`},`
			`)`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`def post(self, request):`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`"""update config, allows partial update"""`
reset migrations, split user app 2024-07-22 21:34:03 +02:00
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`data_serializer = UserMeConfigSerializer(`
better partial config update 2025-02-14 16:31:12 +07:00			`data=request.data, partial=True`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`)`
			`data_serializer.is_valid(raise_exception=True)`
			`validated_data = data_serializer.validated_data`
			`UserConfig(request.user.id).update_config(to_update=validated_data)`
			`config = UserConfig(request.user.id).get_config()`
			`serializer = UserMeConfigSerializer(config)`
align post datatype with get 2024-08-10 18:55:50 +02:00
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`return Response(serializer.data)`
reset migrations, split user app 2024-07-22 21:34:03 +02:00

session login 2024-08-10 18:19:58 +02:00			`@method_decorator(csrf_exempt, name="dispatch")`
			`class LoginApiView(APIView):`
fix doc string 2024-08-02 15:34:08 +02:00			`"""resolves to /api/user/login/`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`POST: return token and username after successful login`
			`"""`

session login 2024-08-10 18:19:58 +02:00			`permission_classes = [AllowAny]`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`SEC_IN_DAY = 60 * 60 * 24`
session login 2024-08-10 18:19:58 +02:00
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`@extend_schema(`
			`request=LoginSerializer(),`
			`responses={204: OpenApiResponse(description="login successful")},`
			`)`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`def post(self, request, args, *kwargs):`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`"""login with username and password"""`
reset migrations, split user app 2024-07-22 21:34:03 +02:00			`# pylint: disable=no-member`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`data_serializer = LoginSerializer(data=request.data)`
			`data_serializer.is_valid(raise_exception=True)`
			`validated_data = data_serializer.validated_data`
session login 2024-08-10 18:19:58 +02:00
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`username = validated_data["username"]`
			`password = validated_data["password"]`
			`remember_me = validated_data.get("remember_me")`
session login 2024-08-10 18:19:58 +02:00
			`user = authenticate(request, username=username, password=password)`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`if user is None:`
			`error = ErrorResponseSerializer({"error": "Invalid credentials"})`
			`return Response(error.data, status=400)`

			`if remember_me == "on":`
			`request.session.set_expiry(self.SEC_IN_DAY * 365)`
			`else:`
			`request.session.set_expiry(self.SEC_IN_DAY * 2)`
session login 2024-08-10 18:19:58 +02:00
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`print(f"expire session in {request.session.get_expiry_age()} secs")`
session login 2024-08-10 18:19:58 +02:00
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`login(request, user) # Creates a session for the user`
			`return Response(status=204)`
handle logout, #855 2025-01-01 15:26:23 +07:00

			`class LogoutApiView(ApiBaseView):`
			`"""resolves to /api/user/logout/`
			`POST: handle logout`
			`"""`

serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`@extend_schema(`
			`responses={204: OpenApiResponse(description="logout successful")}`
			`)`
handle logout, #855 2025-01-01 15:26:23 +07:00			`def post(self, request, args, *kwargs):`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`"""logout user from session"""`
handle logout, #855 2025-01-01 15:26:23 +07:00			`logout(request)`
serialize user, add account endpoint 2025-02-12 17:31:59 +07:00			`return Response(status=204)`