Separate api_info out of user_update

Changes to be committed:
	new file:   core/migrations/.DS_Store
	modified:   core/urls.py
	modified:   core/views.py
	modified:   portalusers/settings.py
	modified:   portalusers/urls.py

Author: HadleyKing

core/migrations/.DS_Store

@@ -1,15 +1,18 @@
 from django.urls import path
-from .views import current_user, add_api, remove_api, UserList, update_user, index
+from .views import current_user, add_api, remove_api, CreateUser, update_user
 # For favicon and any other static files
 from django.contrib.staticfiles.storage import staticfiles_storage
 from django.views.generic.base import RedirectView
+from rest_framework_jwt.views import obtain_jwt_token, refresh_jwt_token, verify_jwt_token
 
 urlpatterns = [
     path('favicon.ico', RedirectView.as_view(url=staticfiles_storage.url('img/favicon.ico'))),
     path('users/current_user/', current_user),
     path('users/add_api/', add_api),
     path('users/remove_api/', remove_api),
-    path('users/list/', UserList.as_view()),
+    path('users/list/', CreateUser.as_view()),
     path('users/update_user/', update_user),
-    path('users/', index, name='index')
+    path('users/token-auth/', obtain_jwt_token),
+    path('users/token-refresh/', refresh_jwt_token),
+    path('users/token-verify/', verify_jwt_token)
 ]

core/urls.py

@@ -1,29 +1,104 @@
-from django.http import HttpResponseRedirect, HttpResponse
-from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
-from django.contrib.auth.models import User
-from .models import ApiInfo, Profile
+import json
+from drf_yasg import openapi
+from drf_yasg.utils import swagger_auto_schema
 from rest_framework import permissions, status
 from rest_framework.decorators import api_view
 from rest_framework.response import Response
 from rest_framework.views import APIView
+from django.http import HttpResponseRedirect, HttpResponse
+from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
+from django.contrib.auth.models import User
+from .models import ApiInfo, Profile
 from .serializers import ApiSerializer, UserSerializer, UserSerializerWithToken
 
 from django.db.models.signals import post_save
 from django.dispatch import receiver
 
-# POST body parsing.
-import json
+class CreateUser(APIView):
+    """
+    Create a new user
+    
+    Create a new user
+    """
 
+    permission_classes = (permissions.AllowAny,)
+    request_body = openapi.Schema(
+            type=openapi.TYPE_OBJECT,
+            title="Account Creation Schema",
+            description="Account creation schema description.",
+            required=['username', 'email', 'password'],
+            properties={
+                    'username': openapi.Schema(type=openapi.TYPE_STRING,
+                        description='Hostname of the User Database.'),
+                    'email'   : openapi.Schema(type=openapi.TYPE_STRING,
+                        description='Email address of user.'),
+                    'password': openapi.Schema(type=openapi.TYPE_STRING,
+                        description='Token returned with new user being '),
+                    'profile' : openapi.Schema(
+                        type=openapi.TYPE_OBJECT,
+                        description='Token returned with new user being ', 
+                        required=['username'],
+                        properties={
+                            'username': openapi.Schema(type=openapi.TYPE_STRING,
+                                description='Username for the profile user object. Should be the same as above.'),
+                            'public' : openapi.Schema(type=openapi.TYPE_BOOLEAN,
+                                description='Boolean to indicate if this users profile is publicly viewable.'),
+                            'affiliation': openapi.Schema(type=openapi.TYPE_STRING,
+                                description='Affiliation of the User.'),
+                            'orcid': openapi.Schema(type=openapi.TYPE_STRING,
+                                description='ORCID for the User.')
+                        } ),
+            })
+
+    @swagger_auto_schema(request_body=request_body, responses={
+            200: "Account creation is successful.",
+            400: "Bad request.",
+            403: "Invalid token.",
+            409: "Account has already been authenticated or requested.",
+            500: "Unable to save the new account or send authentication email."
+            }, tags=["Account Management"])
+
+    def post(self, request, format=None):
+        
+        print('request.data: ')
+        print(request.data)
+        print('===============')
 
-def index(request):
-    return HttpResponse("Hello, world. You're at the polls index.")
+        # Does this user already exist?
+        if User.objects.filter(username = request.data['username']).exists():
 
+            # Bad request because the user already exists.
+            return Response(status=status.HTTP_409_CONFLICT)
+        
+        else:
+            profile_object = request.data['profile']
+            del request.data['profile'] 
+            serializer = UserSerializerWithToken(data=request.data)
+            
+            if serializer.is_valid():
+                serializer.save()
 
+                user_object = User.objects.get(username=request.data['username'])
+                Profile.objects.create(
+                        username=user_object,
+                        public=profile_object['public'],
+                        affiliation=profile_object['affiliation'],
+                        orcid=profile_object['orcid'])
+                
+                return Response(serializer.data, status=status.HTTP_201_CREATED)
+            
+            else:
+
+                # The request didn't provide what we needed.
+                return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+@swagger_auto_schema(method="get", tags=["Account Management"])
 @api_view(['GET'])
 def current_user(request):
     """
     Determine the current user by their token, and return their data
     """
+
     print('HERE')
     serializer = UserSerializer(request.user)
 
@@ -33,45 +108,8 @@ def current_user(request):
 
     return Response(serializer.data)
 
-
-@api_view(['POST'])
-def add_api(request):
-    """
-    Update a user's information based on their token.
-    """
-    
-    # Get the user.
-    print('U check')
-    print(UserSerializer(request.user).data)
-    user = UserSerializer(request.user).data['username']
-
-    # TODO: right way to do this?
-    # Get the user ID so that we can link across tables.
-    user_object = User.objects.get(username = user)
-
-    # Get the bulk information.
-    bulk = json.loads(request.body)
-
-    # Add the key for the user.
-    updated = ApiInfo(
-    	local_username = user_object,
-        username = bulk['username'], 
-    	hostname = bulk['hostname'], 
-    	human_readable_hostname = bulk['human_readable_hostname'], 
-        public_hostname = bulk['public_hostname'],
-    	token = bulk['token'],
-        other_info = bulk['other_info']
-    )
-    updated.save()
-
-    print('========')
-    print(user)
-    print(updated)
-    print('=========')
-    return(Response(UserSerializer(request.user).data, status=status.HTTP_201_CREATED))
-
-
-@api_view(['POST', 'DELETE'])
+@swagger_auto_schema(method="delete", tags=["API Management"])
+@api_view(['DELETE'])
 def remove_api(request):
     """
     Remove API information
@@ -107,50 +145,46 @@ def remove_api(request):
     print('=========')
     return (Response(UserSerializer(request.user).data, status=status.HTTP_200_OK))
 
-
-class UserList(APIView):
+@swagger_auto_schema(method="post", tags=["API Management"])
+@api_view(['POST'])
+def add_api(request):
     """
-    Create a new user. It's called 'UserList' because normally we'd have a get
-    method here too, for retrieving a list of all User objects.
+    Update a user's information based on their token.
     """
+    
+    # Get the user.
+    print('U check')
+    print(UserSerializer(request.user).data)
+    user = UserSerializer(request.user).data['username']
 
-    permission_classes = (permissions.AllowAny,)
-
-    def post(self, request, format=None):
-        
-        print('request.data: ')
-        print(request.data)
-        print('===============')
-
-        # Does this user already exist?
-        if User.objects.filter(username = request.data['username']).exists():
+    # TODO: right way to do this?
+    # Get the user ID so that we can link across tables.
+    user_object = User.objects.get(username = user)
 
-            # Bad request because the user already exists.
-            return Response(status=status.HTTP_409_CONFLICT)
-        
-        else:
-            profile_object = request.data['profile']
-            del request.data['profile'] 
-            serializer = UserSerializerWithToken(data=request.data)
-            
-            if serializer.is_valid():
-                serializer.save()
+    # Get the bulk information.
+    bulk = json.loads(request.body)
 
-                user_object = User.objects.get(username=request.data['username'])
-                Profile.objects.create(
-                        username=user_object,
-                        public=profile_object['public'],
-                        affiliation=profile_object['affiliation'],
-                        orcid=profile_object['orcid'])
-                
-                return Response(serializer.data, status=status.HTTP_201_CREATED)
-            
-            else:
+    # Add the key for the user.
+    api_object = ApiInfo(
+    	local_username = user_object,
+        username = bulk['username'], 
+    	hostname = bulk['hostname'], 
+    	human_readable_hostname = bulk['human_readable_hostname'], 
+        public_hostname = bulk['public_hostname'],
+    	token = bulk['token'],
+        other_info = bulk['other_info']
+    )
+    
+    api_object.save()
 
-                # The request didn't provide what we needed.
-                return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+    print('========')
+    print(user)
+    print(api_object)
+    print('=========')
+    return(Response(UserSerializer(request.user).data, status=status.HTTP_201_CREATED))
 
 
+@swagger_auto_schema(method="post", tags=["Account Management"])
 @api_view(['POST'])
 def update_user(request):
     """
@@ -163,9 +197,6 @@ def update_user(request):
     # Get the user with associated username
     user_object = User.objects.get(username=user)
 
-    # Get ApiInfo associated with user
-    api_object = ApiInfo.objects.get(local_username=user_object)
-
     try:
         profile_object = Profile.objects.get(username=user_object)
     except:
@@ -184,16 +215,9 @@ def update_user(request):
             setattr(user_object, key, value)
         elif (key == 'orcid') or (key == 'affiliation') or (key == 'public'):
             setattr(profile_object, key, value)
-        else:
-            old_info = api_object.other_info
-            old_info[key] = value
-
-            setattr(api_object, 'other_info', old_info)
 
     user_object.save()
 
-    api_object.save()
-
     profile_object.save()
 
     # properly formatted response
@@ -210,4 +234,4 @@ def update_user(request):
 
 # So, write to the table, then change the token.
 # We could have gone with a temporary token here, but
-# that may be too much too worry about.
+# that may be too much too worry about.

core/views.py

@@ -172,7 +172,8 @@
 JWT_AUTH = {
     'JWT_RESPONSE_PAYLOAD_HANDLER': 'portalusers.utils.my_jwt_response_handler',
     'JWT_EXPIRATION_DELTA': timedelta(seconds=604800),
-    'JWT_REFRESH_EXPIRATION_DELTA': timedelta(days=7),
+    'JWT_REFRESH_EXPIRATION_DELTA': timedelta(days=14),
+    'JWT_ALLOW_REFRESH': True,
 }
 
 # LOGGING

portalusers/settings.py

@@ -16,8 +16,6 @@
 from django.contrib import admin
 from django.urls import path, include, re_path
 
-from rest_framework_jwt.views import obtain_jwt_token, refresh_jwt_token, verify_jwt_token
-
 # drf_yasg code starts here 
 # https://www.jasonmars.org/2020/04/22/add-swagger-to-django-rest-api-quickly-4-mins-without-hiccups/
 
@@ -46,8 +44,5 @@
     path('users/redoc/', schema_view.with_ui('redoc', cache_timeout=0),
          name='schema-redoc'),  # Here
     path('users/admin/', admin.site.urls),
-    path('users/token-auth/', obtain_jwt_token),
-    path('users/token-refresh/', refresh_jwt_token),
-    path('users/token-verify/', verify_jwt_token),
     path('', include('core.urls'))
 ]