Merge pull request #21 from akirachix/feature/fixes

Authentication changes

Author: Ndichu-shee

.github/workflows/postman.yml

@@ -0,0 +1,37 @@
+name: Automated API tests using Postman CLI
+on:
+  push:
+    branches:
+      - main
+      - develop
+  pull_request:
+    branches:
+      - main
+      - develop
+  workflow_dispatch:
+jobs:
+  automated-api-tests:
+    runs-on: ubuntu-latest
+    env:
+      COL_UID: ${{ secrets.COL_UID }}
+      ENV_UID: ${{ secrets.ENV_UID }}
+      POSTMAN_API_KEY: ${{ secrets.POSTMAN_API_KEY }}
+  
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install Postman CLI
+        run: |
+          curl -o- "https://dl-cli.pstmn.io/install/linux64.sh" | sh
+      - name: Login to Postman CLI
+        run: postman login --with-api-key "$POSTMAN_API_KEY"
+      - name: Run API tests
+        run: |
+          mkdir -p reports
+          postman collection run "$COL_UID" -e "$ENV_UID" \
+            --reporters cli,junit \
+            --reporter-junit-export reports/junit.xml
+      - name: Upload JUnit report
+        uses: actions/upload-artifact@v4
+        with:
+          name: postman-junit
+          path: reports/junit.xml

api/serializers.py

@@ -166,10 +166,7 @@ def validate(self, data):
 class SetPasswordSerializer(serializers.Serializer):
     email = serializers.EmailField()
     password = serializers.CharField(write_only=True, min_length=8)
-    confirm_password = serializers.CharField(write_only=True, min_length=8)
     def validate(self, data):
-        if data["password"] != data["confirm_password"]:
-            raise serializers.ValidationError("Passwords do not match")
         try:
             user = User.objects.get(email=data["email"])
         except User.DoesNotExist:
@@ -182,6 +179,7 @@ def save(self, **kwargs):
         user.set_password(self.validated_data["password"])
         user.save()
         return user
+    
 class ForgotPasswordSerializer(serializers.Serializer):
     email = serializers.EmailField()
     def validate_email(self, value):
@@ -192,6 +190,7 @@ def validate_email(self, value):
         otp = random.randint(1000, 9999)
         cache.set(f"otp_{user.id}", otp, timeout=600)
         return value
+    
 class VerifyCodeSerializer(serializers.Serializer):
     email = serializers.EmailField()
     otp = serializers.CharField(max_length=4)
@@ -205,13 +204,11 @@ def validate(self, data):
             raise serializers.ValidationError("Invalid or expired OTP")
         cache.set(f"otp_verified_{user.id}", True, timeout=600)
         return data
+    
 class ResetPasswordSerializer(serializers.Serializer):
     email = serializers.EmailField()
     password = serializers.CharField(write_only=True, min_length=8)
-    confirm_password = serializers.CharField(write_only=True, min_length=8)
     def validate(self, data):
-        if data["password"] != data["confirm_password"]:
-            raise serializers.ValidationError("Passwords do not match")
         try:
             user = User.objects.get(email=data["email"])
         except User.DoesNotExist:
@@ -227,6 +224,7 @@ def save(self, **kwargs):
         cache.delete(f"otp_{user.id}")
         cache.delete(f"otp_verified_{user.id}")
         return user
+    
 class ThresholdSerializer(serializers.ModelSerializer):
     class Meta:
         model = MCU

api/views.py

@@ -85,10 +85,12 @@ def post(self, request, *args, **kwargs):
         serializer.is_valid(raise_exception=True)
         serializer.save()
         return Response(serializer.data, status=status.HTTP_201_CREATED)
+    
 class UserDetailView(generics.RetrieveUpdateDestroyAPIView):
     queryset = User.objects.all()
     serializer_class = UserSerializer
     permission_classes = [AllowAny]
+
 class SetPasswordView(generics.GenericAPIView):
     serializer_class = SetPasswordSerializer
     permission_classes = [AllowAny]
@@ -97,6 +99,7 @@ def post(self, request, *args, **kwargs):
         serializer.is_valid(raise_exception=True)
         serializer.save()
         return Response({"message": "Password set successfully."})
+    
 class SignupView(generics.CreateAPIView):
     serializer_class = SignupSerializer
     permission_classes = [AllowAny]
@@ -105,6 +108,7 @@ def create(self, request, *args, **kwargs):
         serializer.is_valid(raise_exception=True)
         user = serializer.save()
         return Response({"message": "Registration successful."}, status=status.HTTP_201_CREATED)
+    
 class LoginView(generics.GenericAPIView):
     serializer_class = LoginSerializer
     permission_classes = [AllowAny]
@@ -113,9 +117,12 @@ def post(self, request, *args, **kwargs):
         serializer.is_valid(raise_exception=True)
         user = serializer.validated_data["user"]
         access = AccessToken.for_user(user)
+        user_data = UserSerializer(user).data
         return Response({
-            "token": str(access)
+            "token": str(access),
+            "user": user_data
         })
+    
 class ForgotPasswordView(generics.GenericAPIView):
     serializer_class = ForgotPasswordSerializer
     permission_classes = [AllowAny]
@@ -134,13 +141,15 @@ def post(self, request, *args, **kwargs):
             fail_silently=False,
         )
         return Response({"message": "OTP sent to your email"})
+    
 class VerifyCodeView(generics.GenericAPIView):
     serializer_class = VerifyCodeSerializer
     permission_classes = [AllowAny]
     def post(self, request, *args, **kwargs):
         serializer = self.get_serializer(data=request.data)
         serializer.is_valid(raise_exception=True)
         return Response({"message": "OTP verified successfully"})
+    
 class ResetPasswordView(generics.GenericAPIView):
     serializer_class = ResetPasswordSerializer
     permission_classes = [AllowAny]

db.sqlite3

@@ -145,10 +145,10 @@
     'DESCRIPTION': 'API documentation for the KukuKonnect project',
     'VERSION': '1.0.0',
     'SERVE_INCLUDE_SCHEMA': True,
-    'SWAGGER_UI_DIST': 'SIDECAR',  # shorthand to use the sidecar instead
+    'SWAGGER_UI_DIST': 'SIDECAR',  
     'SWAGGER_UI_FAVICON_HREF': 'SIDECAR',
     'REDOC_DIST': 'SIDECAR',
-    # OTHER SETTINGS
+   
 
 
 }