diff --git a/user/serializers.py b/user/serializers.py new file mode 100644 index 0000000..297d215 --- /dev/null +++ b/user/serializers.py @@ -0,0 +1,34 @@ +from rest_framework.serializers import ModelSerializer + +from .models import User + + +class UserSerializer(ModelSerializer): + class Meta: + model = User + fields = ( + "id", + "username", + "nickname", + ) + + +class UserCreateSerializer(ModelSerializer): + class Meta: + model = User + fields = ( + "username", + "password", + "nickname", + ) + extra_kwargs = { + "password": {"write_only": True}, + } + + def create(self, validated_data): + user = User.objects.create_user( + username=validated_data["username"], + password=validated_data["password"], + nickname=validated_data["nickname"], + ) + return user diff --git a/user/views.py b/user/views.py new file mode 100644 index 0000000..3df2397 --- /dev/null +++ b/user/views.py @@ -0,0 +1,26 @@ +from django.contrib.auth import authenticate +from django.contrib.auth import login, logout + +from rest_framework.response import Response + +from .serializers import UserSerializer + + +def login_view(request): + if request.method == "POST": + username = request.data["username"] + password = request.data["password"] + user = authenticate(request, username=username, password=password) + if user is not None: + login(request, user) + serializer = UserSerializer(user) + return Response(serializer.data) + else: + return Response(status=401) + else: + return Response(status=405) + + +def logout_view(request): + logout(request) + return Response(status=204) diff --git a/user/viewsets.py b/user/viewsets.py new file mode 100644 index 0000000..b250b6b --- /dev/null +++ b/user/viewsets.py @@ -0,0 +1,52 @@ +from django.contrib.auth import login + +from rest_framework.decorators import action +from rest_framework.permissions import AllowAny, IsAdminUser, IsAuthenticated +from rest_framework.response import Response +from rest_framework.viewsets import ModelViewSet + +from core.mixins import ActionBasedMixin + +from market.serializers import PostSerializer +from .models import User +from .serializers import UserSerializer, UserCreateSerializer + + +class UserViewset(ActionBasedMixin, ModelViewSet): + queryset = User.objects.all() + serializer_class = UserSerializer + serializer_class_map = { + "create": UserCreateSerializer, + "posts": PostSerializer, + } + permission_classes = [IsAdminUser] + permission_classes_map = { + "create": [AllowAny], + "me": [IsAuthenticated], + "posts": [IsAuthenticated], + } + + @action(detail=True, methods=["GET"]) + def posts(self, request, pk): + user = self.get_object() + queryset = user.posts.all() + + page = self.paginate_queryset(queryset) + if page is not None: + serializer = self.get_serializer(page, many=True) + return self.get_paginated_response(serializer.data) + + serializer = self.get_serializer(queryset, many=True) + return Response(serializer.data) + + def create(self, request, *args, **kwargs): + serializer = UserCreateSerializer(data=request.data) + serializer.is_valid(raise_exception=True) + user = self.perform_create(serializer) + login(request, user) + return Response(serializer.data, status=201) + + @action(detail=False, methods=["GET"]) + def me(self, request): + serializer = self.get_serializer(request.user) + return Response(serializer.data)