Merge pull request #2 from soufianechalouh/develop

Authentication

Author: soufianechalouh

django_drf_auth_plus/authentication/__init__.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.

django_drf_auth_plus/authentication/admin.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class AuthenticationConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'authentication'

django_drf_auth_plus/authentication/apps.py

@@ -0,0 +1,60 @@
+from django.db import models
+
+from django.contrib.auth.models import AbstractBaseUser, BaseUserManager, PermissionsMixin
+
+from django.db import models
+from rest_framework_simplejwt.tokens import RefreshToken
+
+
+class UserManager(BaseUserManager):
+    """Custom user manager"""
+
+    def create_user(self, username, email, password=None):
+
+        if username is None:
+            raise TypeError("User should have Username")
+
+        if email is None:
+            raise TypeError("User should have email")
+
+        user = self.model(username=username, email=self.normalize_email(email))
+        user.set_password(password)
+        user.save()
+        return user
+
+    def create_superuser(self, username, email, password=None):
+
+        if password is None:
+            raise TypeError("User should have Password")
+
+
+        user = self.create_user(username, email, password)
+        user.is_superuser = True
+        user.is_staff = True
+        user.save()
+        return user
+
+
+class User(AbstractBaseUser, PermissionsMixin):
+    username = models.CharField(max_length=255, unique=True, db_index=True)
+    email = models.EmailField(max_length=255, unique=True, db_index=True)
+    is_verified = models.BooleanField(default=False)
+    is_active = models.BooleanField(default=True)
+    is_staff = models.BooleanField(default=False)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+
+    USERNAME_FIELD = "email"
+    REQUIRED_FIELDS = ["username"]
+
+    object = UserManager()
+
+    def __str__(self):
+        return self.email
+
+    def tokens(self):
+        refresh = RefreshToken.for_user(self)
+        return {
+            "refresh": str(refresh),
+            "access": str(refresh.access_token)
+        }

django_drf_auth_plus/authentication/migrations/__init__.py

@@ -0,0 +1,65 @@
+from rest_framework import serializers
+from .models import User
+from django.contrib import auth
+from rest_framework.exceptions import AuthenticationFailed
+
+
+class RegisterSerializer(serializers.ModelSerializer):
+    password = serializers.CharField(max_length=68, min_length=6, write_only=True)
+
+    class Meta:
+        model = User
+        fields = ["email", "username", "password"]
+
+    def validate(self, attrs):
+        username = attrs.get("username", "")
+
+        if not str(username).isalnum():
+            raise serializers.ValidationError("username should be alphanumeric")
+        return super().validate(attrs)
+
+    def create(self, validated_data):
+        return User.object.create_user(**validated_data)
+
+
+class EmailValidationSerializer(serializers.ModelSerializer):
+    token = serializers.CharField(max_length=555)
+
+    class Meta:
+        model = User
+        fields = ["token"]
+
+
+class LoginSerializer(serializers.ModelSerializer):
+    email = serializers.EmailField(max_length=255, min_length=3)
+    password = serializers.CharField(max_length=68, min_length=6, write_only=True)
+    username = serializers.CharField(max_length=68, min_length=6, read_only=True)
+    tokens = serializers.SerializerMethodField()
+
+    def get_tokens(self, obj):
+        user = User.object.get(email=obj['email'])
+
+        return user.tokens()
+
+    class Meta:
+        model = User
+        fields = ["email", "password", "username", "tokens"]
+
+    def validate(self, attrs):
+        email = attrs.get("email", "")
+        password = attrs.get("password", "")
+        user = auth.authenticate(email=email, password=password)
+
+        if not user:
+            raise AuthenticationFailed("Invalid credentials, try again")
+
+        if not user.is_active:
+            raise AuthenticationFailed("Account disabled, contact admin")
+
+        if not user.is_verified:
+            raise AuthenticationFailed("Email not verified")
+        return {
+            "email": user.email,
+            "username": user.username,
+            "token": user.tokens,
+        }

django_drf_auth_plus/authentication/models.py

@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.

django_drf_auth_plus/authentication/serializers.py

@@ -0,0 +1,8 @@
+from django.urls import path
+from .views import RegisterView, VerifyEmail, LoginAPIView
+
+urlpatterns = [
+    path("register/", RegisterView.as_view(), name="register"),
+    path("login/", LoginAPIView.as_view(), name="login"),
+    path("email-verify/", VerifyEmail.as_view(), name="email-verify"),
+]

django_drf_auth_plus/authentication/tests.py

@@ -0,0 +1,8 @@
+from django.core.mail import EmailMessage
+
+
+class Util:
+    @staticmethod
+    def send_email(data):
+        email = EmailMessage(data["email_subject"], data["email_body"], from_email="[email protected]", to=[data["to"]])
+        email.send()

django_drf_auth_plus/authentication/urls.py

@@ -0,0 +1,72 @@
+from rest_framework.generics import GenericAPIView
+from rest_framework.response import Response
+from rest_framework import status, views
+from .serializers import RegisterSerializer, EmailValidationSerializer, LoginSerializer
+from rest_framework_simplejwt.tokens import RefreshToken
+from .models import User
+from .utils import Util
+from django.contrib.sites.shortcuts import get_current_site
+from django.urls import reverse
+import jwt
+from django.conf import settings
+from drf_yasg.utils import swagger_auto_schema
+from drf_yasg import openapi
+
+
+class RegisterView(GenericAPIView):
+    serializer_class = RegisterSerializer
+
+    def post(self, request):
+        user = self.serializer_class(data=request.data)
+        user.is_valid(raise_exception=True)
+        user.save()
+
+        user_data = user.data
+        user = User.object.get(email=user_data["email"])
+
+        token = RefreshToken.for_user(user).access_token
+
+        current_site = get_current_site(request).domain
+        relative_link = reverse("email-verify")
+        abs_url = "http://" + current_site + relative_link + "?token=" + str(token)
+        email_body = "Hi " + user.username + ", Use link bellow to verify your emai \n" + abs_url
+        data = {"email_body": email_body, "to": user.email, "email_subject": "Verify your account", "domain": current_site}
+
+        Util.send_email(data)
+        return Response(user_data, status=status.HTTP_201_CREATED)
+
+
+class VerifyEmail(views.APIView):
+    serializer_class = EmailValidationSerializer
+    token_param_config = openapi.Parameter("token", in_=openapi.IN_QUERY, description="Desc", type=openapi.TYPE_STRING)
+
+    @swagger_auto_schema(manual_parameters=[token_param_config])
+    def get(self, request):
+        token = request.GET.get("token")
+
+        try:
+
+            payload = jwt.decode(token, settings.SECRET_KEY)
+            user = User.object.get(id=payload["user_id"])
+            if not user.is_verified:
+                user.is_verified = True
+                user.save()
+            return Response({"email": "Successfully activated"}, status=status.HTTP_201_CREATED)
+
+        except jwt.ExpiredSignatureError as expired:
+            return Response({"error": "Activation expired"}, status=status.HTTP_400_BAD_REQUEST)
+        except jwt.exceptions.DecodeError:
+            return Response({"error": "Invalid token, request a new one"}, status=status.HTTP_400_BAD_REQUEST)
+        except Exception as e:
+            return Response({"error", f"Unexpected error {str(e)}"}, status=status.HTTP_400_BAD_REQUEST)
+
+
+class LoginAPIView(GenericAPIView):
+    serializer_class = LoginSerializer
+
+    def post(self, request):
+        serializer = self.serializer_class(data=request.data)
+        serializer.is_valid(raise_exception=True)
+
+        return Response(serializer.data, status=status.HTTP_200_OK)
+

django_drf_auth_plus/authentication/utils.py

@@ -0,0 +1,16 @@
+"""
+ASGI config for django_drf_auth_plus project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/3.2/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'django_drf_auth_plus.settings')
+
+application = get_asgi_application()

django_drf_auth_plus/authentication/views.py

@@ -0,0 +1,136 @@
+"""
+Django settings for django_drf_auth_plus project.
+
+Generated by 'django-admin startproject' using Django 3.2.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/3.2/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/3.2/ref/settings/
+"""
+import os
+from pathlib import Path
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = 'django-insecure-h(-f!xtv1&ax2*dr=&tzm59-+j_s_6^g=9y3g2batpsj5v1l2f'
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = []
+
+AUTH_USER_MODEL = "authentication.User"
+
+# Application definition
+
+INSTALLED_APPS = [
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    'rest_framework',
+    'authentication',
+    'drf_yasg',
+]
+
+REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework_simplejwt.authentication.JWTAuthentication',
+    )
+}
+
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'django_drf_auth_plus.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'django_drf_auth_plus.wsgi.application'
+
+# Database
+# https://docs.djangoproject.com/en/3.2/ref/settings/#databases
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': BASE_DIR / 'db.sqlite3',
+    }
+}
+
+# Password validation
+# https://docs.djangoproject.com/en/3.2/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+    },
+]
+
+# Internationalization
+# https://docs.djangoproject.com/en/3.2/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/3.2/howto/static-files/
+
+STATIC_URL = '/static/'
+
+# Default primary key field type
+# https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field
+
+DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+EMAIL_USE_TLS = True
+EMAIL_HOST = "smtp.gmail.com"
+EMAIL_PORT = 587
+EMAIL_HOST_USER = os.getenv("EMAIL_HOST_USER", "[email protected]")
+EMAIL_HOST_PASSWORD = os.getenv("EMAIL_HOST_PASSWORD", "******")