2023-05-04 11:03:35 +09:00
|
|
|
from django.contrib.auth import authenticate, login, logout
|
2023-05-03 14:44:25 +09:00
|
|
|
|
|
|
|
from rest_framework.decorators import action
|
|
|
|
from rest_framework.permissions import AllowAny, IsAdminUser, IsAuthenticated
|
|
|
|
from rest_framework.response import Response
|
|
|
|
from rest_framework.viewsets import ModelViewSet
|
|
|
|
|
|
|
|
from core.mixins import ActionBasedMixin
|
|
|
|
|
|
|
|
from market.serializers import PostSerializer
|
|
|
|
from .models import User
|
2023-10-31 14:25:16 +09:00
|
|
|
from .serializers import (
|
|
|
|
UserSerializer,
|
|
|
|
UserCreateSerializer,
|
|
|
|
PasswordSerializer,
|
|
|
|
)
|
2023-05-03 14:44:25 +09:00
|
|
|
|
|
|
|
|
|
|
|
class UserViewset(ActionBasedMixin, ModelViewSet):
|
|
|
|
queryset = User.objects.all()
|
|
|
|
serializer_class = UserSerializer
|
|
|
|
serializer_class_map = {
|
|
|
|
"create": UserCreateSerializer,
|
|
|
|
"posts": PostSerializer,
|
2023-10-31 14:25:16 +09:00
|
|
|
"password": PasswordSerializer,
|
2023-05-03 14:44:25 +09:00
|
|
|
}
|
|
|
|
permission_classes = [IsAdminUser]
|
|
|
|
permission_classes_map = {
|
|
|
|
"create": [AllowAny],
|
2023-06-23 02:09:57 +09:00
|
|
|
"login": [AllowAny],
|
|
|
|
"logout": [IsAuthenticated],
|
2023-05-03 14:44:25 +09:00
|
|
|
"me": [IsAuthenticated],
|
|
|
|
"posts": [IsAuthenticated],
|
2023-10-31 14:25:16 +09:00
|
|
|
"password": [IsAuthenticated],
|
2023-05-03 14:44:25 +09:00
|
|
|
}
|
|
|
|
|
2023-10-31 14:25:16 +09:00
|
|
|
@action(detail=False, methods=["GET"])
|
|
|
|
def posts(self, request):
|
|
|
|
user = request.user
|
2023-05-03 14:44:25 +09:00
|
|
|
queryset = user.posts.all()
|
|
|
|
|
|
|
|
page = self.paginate_queryset(queryset)
|
|
|
|
if page is not None:
|
|
|
|
serializer = self.get_serializer(page, many=True)
|
|
|
|
return self.get_paginated_response(serializer.data)
|
|
|
|
|
|
|
|
serializer = self.get_serializer(queryset, many=True)
|
|
|
|
return Response(serializer.data)
|
|
|
|
|
2023-10-31 14:25:16 +09:00
|
|
|
@action(detail=False, methods=["PATCH"])
|
|
|
|
def password(self, request):
|
|
|
|
user = request.user
|
|
|
|
if user.is_anonymous:
|
|
|
|
return Response(status=401)
|
|
|
|
oldPassword = request.data["oldPassword"]
|
|
|
|
newPassword = request.data["newPassword"]
|
|
|
|
if not user.check_password(oldPassword):
|
|
|
|
return Response(status=400, data={"msg": "현재 비밀번호가 일치하지 않습니다"})
|
|
|
|
serializer = self.get_serializer(data=request.data)
|
|
|
|
if not serializer.is_valid():
|
|
|
|
msg = " ".join(serializer.errors["newPassword"])
|
|
|
|
return Response(status=400, data={"msg": msg})
|
|
|
|
user.set_password(newPassword)
|
|
|
|
user.save()
|
|
|
|
return Response(status=204)
|
|
|
|
|
2023-05-03 14:44:25 +09:00
|
|
|
def create(self, request, *args, **kwargs):
|
|
|
|
serializer = UserCreateSerializer(data=request.data)
|
|
|
|
serializer.is_valid(raise_exception=True)
|
2023-06-23 02:09:57 +09:00
|
|
|
user = serializer.save()
|
2023-05-03 14:44:25 +09:00
|
|
|
login(request, user)
|
|
|
|
return Response(serializer.data, status=201)
|
|
|
|
|
|
|
|
@action(detail=False, methods=["GET"])
|
|
|
|
def me(self, request):
|
|
|
|
serializer = self.get_serializer(request.user)
|
|
|
|
return Response(serializer.data)
|
2023-05-04 11:03:35 +09:00
|
|
|
|
|
|
|
@action(detail=False, methods=["POST"])
|
|
|
|
def login(self, request):
|
|
|
|
username = request.data["username"]
|
|
|
|
password = request.data["password"]
|
|
|
|
user = authenticate(request, username=username, password=password)
|
|
|
|
if user is not None:
|
|
|
|
login(request, user)
|
2023-06-23 02:09:57 +09:00
|
|
|
return Response({"msg": "success"})
|
2023-05-04 11:03:35 +09:00
|
|
|
return Response(status=401)
|
|
|
|
|
|
|
|
@action(detail=False, methods=["POST"])
|
|
|
|
def logout(self, request):
|
|
|
|
logout(request)
|
|
|
|
return Response(status=204)
|