Merge pull request 'reset password via tempaltes' (#27) from feature/reset-password-html into master

Reviewed-on: #27
2022-01-27 23:21:45 +01:00 · 2022-01-27 23:21:45 +01:00 · 2c85457a63
commit 2c85457a63
parent 9796b5800c e4efd162c3
5 changed files with 55 additions and 18 deletions
--- a/templates/login.html
+++ b/templates/login.html
@ -1,4 +1,5 @@
 {% extends "authBase.html" %}
+{% load rest_framework %}

 {% block title %}Zaloguj się{% endblock  %}

--- a/templates/resetPasswordConfirm.html
+++ b/templates/resetPasswordConfirm.html
@ -8,8 +8,8 @@
        <input type="text" id="uid" name="uid" class="form-control" placeholder="UID" required><br><br>
        <input type="text" id="token" name="token" class="form-control" placeholder="Token" required><br><br>
        <input type="text" id="code" name="code" class="form-control" placeholder="Kod" required><br><br>
-        <input type="password" id="newPassword" name="newPassword" class="form-control" placeholder="Nowe hasło" required><br><br>
-        <input type="password" id="repeatNewPassword" name="repeatNewPassword" class="form-control" placeholder="Powtórz hasło" required><br><br>
+        <input type="password" id="new_password" name="new_password" class="form-control" placeholder="Nowe hasło" required><br><br>
+        <input type="password" id="repeat_new_password" name="repeat_new_password" class="form-control" placeholder="Powtórz hasło" required><br><br>
        <input type="submit" value="Zapisz nowe hasło"><br><br>
    </form>
 {% endblock  %}
--- a/users/serializers.py
+++ b/users/serializers.py
@ -3,6 +3,7 @@ from rest_framework import serializers
 from users.models import User
 from users import cons
 from tools.tools import decode_uid, encode_uid
+from django.contrib.auth.tokens import default_token_generator


 class RegisterSerializer(serializers.ModelSerializer):
@ -76,8 +77,20 @@ class UserPasswordResetConfirmSerializer(serializers.Serializer):
    uid = serializers.CharField()
    token = serializers.CharField()
    code = serializers.IntegerField()
-    new_password = serializers.CharField(style={"input_type": "password"})
-    repeat_new_password = serializers.CharField(style={"input_type": "password"})
+    new_password = serializers.CharField()
+    repeat_new_password = serializers.CharField()
+
+    def validate(self, attrs):
+        token = attrs["token"]
+        code = attrs["code"]
+        token_generator = default_token_generator
+        if not token_generator.check_token(self.user, token):
+            raise serializers.ValidationError(cons.INVALID_TOKEN)
+        if self.user.reset_code != code:
+            raise serializers.ValidationError(cons.INVALID_CODE)
+        self.validate_new_passwords(attrs)
+        self.do_actions(attrs)
+        return attrs

    def validate_uid(self, value):
        try:
@ -94,16 +107,5 @@ class UserPasswordResetConfirmSerializer(serializers.Serializer):
            raise serializers.ValidationError(cons.PASSWORDS_ARE_NOT_THE_SAME)
        return attrs

-    def validate(self, attrs):
-        token = attrs["token"]
-        code = attrs["code"]
-        if not self.context["view"].token_generator.check_token(self.user, token):
-            raise serializers.ValidationError(cons.INVALID_TOKEN)
-        if self.user.reset_code != code:
-            raise serializers.ValidationError(cons.INVALID_CODE)
-        self.validate_new_passwords(attrs)
-        self.do_actions(attrs)
-        return attrs
-
    def do_actions(self, validated_data):
        return User.objects.confirm_reset_password(**validated_data)
--- a/users/urls.py
+++ b/users/urls.py
@ -5,7 +5,8 @@ from users.views import UserModelViewSet
 from rest_framework_simplejwt.views import TokenObtainPairView
 from rest_framework_simplejwt.views import TokenRefreshView
 from .views import PasswordReset, UserPasswordResetConfirmView, RegisterViewSet, login, logout, register, \
-    register_success, account, changeEmail, changeName, changePassword, resetPassword, resetPasswordConfirm
+    register_success, account, changeEmail, changeName, changePassword, resetPassword, resetPasswordConfirm,ResetPassword, \
+    ResetPasswordConfirm


 router = DefaultRouter(trailing_slash=False)
@ -22,8 +23,8 @@ urlpatterns = [
    path('api/token/refresh', TokenRefreshView.as_view(), name='token_refresh'),
    #path("password/reset", PasswordReset.as_view(), name="resetPassword"),
    #path("password/reset/confirm", UserPasswordResetConfirmView.as_view(), name="resetPasswordConfirm"),
-    path("password/reset", resetPassword, name="resetPassword"),
-    path("password/reset/confirm", resetPasswordConfirm, name="resetPasswordConfirm"),
+    path("password/reset", ResetPassword.as_view(), name="resetPassword"),
+    path("password/reset/confirm", ResetPasswordConfirm.as_view(), name="resetPasswordConfirm"),
    path("email/change", changeEmail, name='changeEmail'),
    path("name/change", changeName, name='changeName'),
    path("password/change", changePassword, name='changePassword'),
--- a/users/views.py
+++ b/users/views.py
@ -16,6 +16,8 @@ from django.contrib.auth import login as auth_login
 from config.authh import SettingsBackend
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth import logout as django_logout
+from rest_framework.renderers import TemplateHTMLRenderer
+from rest_framework.views import APIView


 class UserModelViewSet(viewsets.ModelViewSet):
@ -186,6 +188,37 @@ def resetPassword(request):
    return render(request, 'resetPassword.html')


+class ResetPassword(generics.GenericAPIView):
+    renderer_classes = [TemplateHTMLRenderer]
+    template_name = 'resetPassword.html'
+    serializer_class = UserPasswordResetSerializer
+    permission_classes = (permissions.AllowAny, )
+
+
+    def get(self, request):
+        return render(request, 'resetPassword.html')
+
+    def post(self, request):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid()
+        return redirect('resetPasswordConfirm')
+
+
+class ResetPasswordConfirm(generics.GenericAPIView):
+    renderer_classes = [TemplateHTMLRenderer]
+    template_name = 'resetPasswordConfirm.html'
+    serializer_class = UserPasswordResetConfirmSerializer
+    permission_classes = (permissions.AllowAny, )
+
+    def get(self, request):
+        return render(request, 'resetPasswordConfirm.html')
+
+    def post(self, request):
+        serializer = UserPasswordResetConfirmSerializer(data=request.data)
+        serializer.is_valid()
+        return redirect('/users/login.html')
+
+
 def resetPasswordConfirm(request):
    """
       ```json