core: use rest_framework in accounts

accounts/views/change_password.py

@@ -1,29 +1,25 @@
-from django.shortcuts import render
-from django.views import View
-from django.http import JsonResponse, HttpResponse, HttpRequest
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework import permissions, status
+from django.http import HttpRequest
+from django.contrib.auth import login
+from rest_framework.authentication import SessionAuthentication
 from django.contrib.auth.models import User
-from django.utils.decorators import method_decorator
-from django.contrib.auth.decorators import login_required
 
-from ..forms.change_password import ChangePasswordForm
-from ..status_code import *
+from ..serializers.change_password import ChangePasswordSerializer
+
+class ChangePasswordView(APIView):
+
+    permission_classes = (permissions.IsAuthenticated,)
+    authentication_classes = (SessionAuthentication,)
 
-class ChangePasswordView(View):
-    def get(self, request: HttpRequest):
-        return render(request, "change_password.html", ChangePasswordForm)
-    
-    @method_decorator(login_required, name='dispatch') 
     def post(self, request: HttpRequest):
+        data = request.POST
 
-        form: ChangePasswordForm = ChangePasswordForm(request.POST)
-        if not form.is_valid():
-            return JsonResponse(form.errors)
-        
-        new_password: str = form.cleaned_data['new_password']
-        
-        user: User = request.user
-        
-        user.set_password(new_password)
-        user.save()
-        
-        return HttpResponse(USER_PASSWORD_UPDATED)
+        serializer = ChangePasswordSerializer(data=data)
+        if serializer.is_valid(raise_exception=True):
+            user: User = request.user
+            if (user.check_password(data['current_password']) == 0):
+                return Response({'current_password': "The password is not right."}, status=status.HTTP_200_OK)
+            user.set_password(data["new_password"])
+            return Response('password changed', status=status.HTTP_200_OK)

accounts/views/delete.py

@@ -1,19 +1,12 @@
-from django.shortcuts import render
-from django.views import View
-from django.http import HttpResponse, HttpRequest
-from django.utils.decorators import method_decorator
-from django.contrib.auth.decorators import login_required
+from rest_framework.views import APIView
+from rest_framework import permissions, status
+from rest_framework.response import Response
+from django.http import HttpRequest
+from rest_framework.authentication import SessionAuthentication
 
-from ..status_code import *
-
-class DeleteView(View):
-    
-    @method_decorator(login_required, name='dispatch')
-    def get(self, request: HttpRequest):
-        return HttpResponse(METHOD_INVALID)
-    
-    @method_decorator(login_required, name='dispatch')
-    def post(self, request: HttpRequest):
-        request.user.delete()
-        return HttpResponse(USER_DELETED)
-    
+class DeleteView(APIView):
+	permission_classes = (permissions.IsAuthenticated,)
+	authentication_classes = (SessionAuthentication,)
+	def post(self, request: HttpRequest):
+		request.user.delete()
+		return Response("user deleted", status=status.HTTP_200_OK)

accounts/views/login.py

@@ -1,31 +1,24 @@
-from django.shortcuts import render
-from django.views import View
-from django.http import HttpResponse, HttpRequest, JsonResponse
-from django.contrib.auth.models import User
-from django.contrib.auth import authenticate, login, logout
-from django.contrib.auth.decorators import login_required
-from django.db.models.query import QuerySet
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework import permissions, status
+from django.http import HttpRequest
+from django.contrib.auth import login
+from rest_framework.authentication import SessionAuthentication
 
-from ..status_code import *
-from ..forms.login import LoginForm 
+from ..serializers.login import LoginSerializer
 
-class LoginView(View):
+class LoginView(APIView):
     
-    def get(self, request: HttpRequest):
-        if request.user.is_authenticated:
-            logout(request)
-        return render(request, "login.html", {"form": LoginForm})
-    
-    def post(self, request: HttpRequest):
-        if request.user.is_authenticated:
-            logout(request)
-        form: LoginForm = LoginForm(request.POST)
-        if not form.is_valid():
-            return JsonResponse(form.errors)
-        
-        user: User = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password'])
-        if user is None:
-            return JsonResponse({'user': [USER_INVALID]})
-        
-        login(request, user)
-        return HttpResponse(USER_LOGGED)
+	permission_classes = (permissions.AllowAny,)
+	authentication_classes = (SessionAuthentication,)
+
+	def post(self, request: HttpRequest):
+		data = request.POST
+
+		serializer = LoginSerializer(data=data)
+		if serializer.is_valid(raise_exception=True):
+			user = serializer.get_user(data)
+			if user is None:
+				return Response({'user': ['Username or password wrong.']}, status.HTTP_200_OK)
+			login(request, user)
+			return Response('user connected', status=status.HTTP_200_OK)

accounts/views/logout.py

@@ -1,15 +1,13 @@
-from django.shortcuts import render
-from django.views import View
-from django.http import HttpResponse, HttpRequest
+from rest_framework.views import APIView
 from django.contrib.auth import logout
-from django.utils.decorators import method_decorator
-from django.contrib.auth.decorators import login_required
+from rest_framework import permissions, status
+from rest_framework.response import Response
+from django.http import HttpRequest
+from rest_framework.authentication import SessionAuthentication
 
-from ..status_code import *
-
-class LogoutView(View):
-
-    @method_decorator(login_required, name='dispatch')   
-    def get(self, request: HttpRequest):
-        logout(request)
-        return HttpResponse(USER_LOGOUT)
+class LogoutView(APIView):
+	permission_classes = (permissions.IsAuthenticated,)
+	authentication_classes = (SessionAuthentication,)
+	def post(self, request: HttpRequest):
+		logout(request)
+		return Response("user unlogged", status=status.HTTP_200_OK)

accounts/views/register.py

@@ -1,32 +1,15 @@
-from django.shortcuts import render
-from django.views import View
-from django.http import HttpResponse, HttpRequest, JsonResponse
-from django.contrib.auth.models import User
-from django.contrib.auth import authenticate, login, logout
-from django.db.models.query import QuerySet
-from django.contrib.auth.decorators import user_passes_test
+from rest_framework import permissions, status
+from ..serializers.register import RegisterSerialiser
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from django.http import HttpRequest
 
-from ..status_code import *
-from ..forms.register import RegisterForm
-
-
-class RegisterView(View):
-    
-    def get(self, request: HttpRequest):
-        if request.user.is_authenticated:
-            logout(request)
-        return render(request, 'register.html', {'form': RegisterForm})
-
-    def post(self, request: HttpRequest):
-        if request.user.is_authenticated:
-            logout(request)
-
-        form: RegisterForm = RegisterForm(request.POST)
-        if not form.is_valid():
-            return JsonResponse(form.errors)
-        
-        user: User = User.objects.create_user(username=form.cleaned_data['username'], password=form.cleaned_data['password'])
-        
-        login(request, user)
-        
-        return HttpResponse(USER_ADDED)
+class RegisterView(APIView):
+	permission_classes = (permissions.AllowAny,)
+	def post(self, request: HttpRequest):
+		serializer = RegisterSerialiser(data=request.POST)
+		if serializer.is_valid(raise_exception=True):
+			user = serializer.create(request.POST)
+			if user:
+				return Response("user created", status=status.HTTP_201_CREATED)
+		return Response(status=status.HTTP_400_BAD_REQUEST)