-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Account activation has been enabled.
On branch account_authorization Changes to be committed: modified: api/urls.py modified: api/views.py modified: authentication/apis.py modified: authentication/selectors.py modified: authentication/services.py modified: authentication/urls.py
- Loading branch information
1 parent
448b1e9
commit 7f04cfd
Showing
6 changed files
with
105 additions
and
94 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,7 +18,7 @@ | |
create_bcodb_user, | ||
send_bcodb, | ||
validate_auth_service, | ||
new_user_email | ||
send_new_user_email | ||
) | ||
|
||
class NewAccountApi(APIView): | ||
|
@@ -33,14 +33,6 @@ class NewAccountApi(APIView): | |
The account create depends on creation of an account in the associated | ||
user database. The authentication as well as the user database host | ||
information is used to make this request. | ||
```JSON | ||
{ | ||
"hostname": "http://localhost:8000", | ||
"email": "[email protected]", | ||
"token": "eyJ1c2VyX2lkIjoyNCwidXNlcm5hbWUiOiJoYWRsZXlraW5nIiwiZXhwIjoxNjQwNzE5NTUwLCJlbWFpbCI6ImhhZGxleV9raW5nQGd3dS5lZHUiLCJvcmlnX2lhdCI6MTY0MDExNDc1MH0.7G3VPmxUBOWFfu-fMt1_UsWAcH_Gd1DfpQa83EwFwYY" | ||
} | ||
``` | ||
""" | ||
|
||
class InputSerializer(serializers.Serializer): | ||
|
@@ -109,6 +101,7 @@ def post(self, request) -> Response: | |
status=status.HTTP_201_CREATED, | ||
data={"message":"Testing account request successful!!"} | ||
) | ||
|
||
if check_user_email(email) is True: | ||
return Response( | ||
status=status.HTTP_409_CONFLICT, | ||
|
@@ -129,14 +122,84 @@ def post(self, request) -> Response: | |
) | ||
|
||
try: | ||
new_user_email(serializer.validated_data) | ||
return Response(status=status.HTTP_201_CREATED, data={"message":""}) | ||
send_new_user_email(serializer.validated_data) | ||
return Response( | ||
status=status.HTTP_201_CREATED, | ||
data={"message":"Account request granted. Check your email"\ | ||
+ " for an activation link."} | ||
) | ||
except Exception as error: | ||
return Response( | ||
status=status.HTTP_500_INTERNAL_SERVER_ERROR, | ||
data={"message": str(error)} | ||
) | ||
|
||
class AccountActivateApi(APIView): | ||
""" | ||
Activate an account | ||
-------------------- | ||
This endpoint is a GET request to activate a new account. | ||
To activate an account during registration the userwill receive an email | ||
or a temporary identifier to authenticate and activate account. This | ||
endpoint will check the validity of the provided temporary identifier for | ||
a specific user account. This is open to anyone to activate a new account, | ||
as long as they have a valid token generated by this host. This can allow | ||
other users to act as the verification layer in addition to the system. | ||
""" | ||
|
||
authentication_classes = [] | ||
permission_classes = [] | ||
|
||
auth = [] | ||
auth.append( | ||
openapi.Parameter( | ||
"username", | ||
openapi.IN_PATH, | ||
description="Username to be authenticated.", | ||
type=openapi.TYPE_STRING, | ||
default="[email protected]" | ||
) | ||
) | ||
auth.append( | ||
openapi.Parameter( | ||
"temp_identifier", | ||
openapi.IN_PATH, | ||
description="The temporary identifier sent", | ||
type=openapi.TYPE_STRING, | ||
default="testTempIdentifier123456789" | ||
) | ||
) | ||
|
||
@swagger_auto_schema( | ||
manual_parameters=auth, | ||
responses={ | ||
200: "Account has been activated.", | ||
403: "Requestor's credentials were rejected.", | ||
}, | ||
tags=["Authentication and Account Management"], | ||
) | ||
|
||
def get(self, request, username: str, temp_identifier: str) -> Response: | ||
if check_user_email(username) is True: | ||
return Response( | ||
status=status.HTTP_409_CONFLICT, | ||
data={ | ||
"message":f"CONFLICT: That account, {username}, has already "\ | ||
+ "been activated." | ||
} | ||
) | ||
new_user = check_new_user(username, temp_identifier) | ||
print(new_user) | ||
create_bcodb_user(new_user.email) | ||
new_user.delete() | ||
return Response( | ||
status=status.HTTP_200_OK, | ||
data={"message":f"Account for {username} has been activated"} | ||
) | ||
|
||
|
||
class RegisterUserNoVerificationAPI(APIView): | ||
"""Register BCODB | ||
API View to register a new BCODB user with out an email verification step. | ||
|
@@ -181,14 +244,15 @@ def post(self, request): | |
user_info.is_valid(raise_exception=True) | ||
token = user_info.validated_data['token'] | ||
url = user_info.validated_data['hostname'] | ||
email = user_info.validated_data['email'] | ||
if validate_token(token, url) is False: | ||
return Response(status=status.HTTP_401_UNAUTHORIZED, data={"message": "portal authentication was invalid"}) | ||
if check_user_email(user_info.validated_data['email']) is True: | ||
if check_user_email(email) is True: | ||
return Response( | ||
status=status.HTTP_409_CONFLICT, | ||
data={"message": "A BCODB account with that email already exists"} | ||
) | ||
user = create_bcodb_user(user_info=user_info.validated_data) | ||
user = create_bcodb_user(email) | ||
data = json.dumps(get_user_info(user), default=str) | ||
response = send_bcodb( | ||
data=data, request_info=user_info.validated_data | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -153,7 +153,7 @@ def validate_token(token: str, url: str)-> bool: | |
return True | ||
|
||
@transaction.atomic | ||
def new_user_email(user_info: dict) -> 0: | ||
def send_new_user_email(user_info: dict) -> 0: | ||
"""Send New User Email | ||
New BCODB user authentication email | ||
|
@@ -171,7 +171,7 @@ def new_user_email(user_info: dict) -> 0: | |
subject="Registration for BioCompute Portal", | ||
message="Testing.", | ||
html_message='<html><body><p>Please click this link within the next' \ | ||
+ ' 10 minutes to activate your BioCompute Portal account: ' \ | ||
+ ' 24 hours to activate your BioCompute Portal account: ' \ | ||
+ f'<a href={activation_link} target="_blank">{activation_link}' \ | ||
+ '</a>.</p></body></html>', | ||
from_email="[email protected]", | ||
|
@@ -182,13 +182,13 @@ def new_user_email(user_info: dict) -> 0: | |
print("Email signal sent") | ||
return 0 | ||
|
||
def create_bcodb_user(user_info: dict) -> User: | ||
def create_bcodb_user(email: str) -> User: | ||
"""Create BCODB user | ||
""" | ||
|
||
username = user_info["email"].split("@")[0] | ||
username = email.split("@")[0] | ||
user = User.objects.create_user( | ||
username=username, email=user_info["email"] | ||
username=username, email=email | ||
) | ||
user.set_unusable_password() | ||
user.full_clean() | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters