jwt token added login and user create.

StockSeeker/serializers.py

@@ -15,6 +15,13 @@ class UserSerializer(serializers.ModelSerializer):
             raise serializers.ValidationError("Cette adresse e-mail est déjà utilisée.")
         return value
 
+    def create(self, validated_data):
+        password = validated_data.pop("password")
+        user = User(**validated_data)
+        user.set_password(password)
+        user.save()
+        return user
+
 
 class ProductSerializer(serializers.ModelSerializer):
     class Meta:

StockSeeker/settings.py

@@ -104,11 +104,12 @@ AUTH_PASSWORD_VALIDATORS = [
 ]
 
 REST_FRAMEWORK = {
-    # Use Django's standard `django.contrib.auth` permissions,
-    # or allow read-only access for unauthenticated users.
-    'DEFAULT_PERMISSION_CLASSES': [
-        'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
-    ]
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework_simplejwt.authentication.JWTAuthentication',
+    ),
+    'DEFAULT_PERMISSION_CLASSES': (
+        'rest_framework.permissions.IsAuthenticated',
+    ),
 }
 # Internationalization
 # https://docs.djangoproject.com/en/5.1/topics/i18n/

StockSeeker/urls.py

@@ -3,11 +3,15 @@ from django.urls import include, path
 from rest_framework import routers
 from .views import *
 from . import views
+from rest_framework_simplejwt.views import *
+
+##juge pas les noms d'acces OK ?##
 
 router = routers.DefaultRouter()
-router.register(r'product', views.ProductViewSet)
 urlpatterns = [
     path('', include(router.urls)),
     path('admin/', admin.site.urls),
-    path("create/", UserCreate.as_view(), name="user-create")
+    path('create/', UserCreate.as_view(), name="user-create"),
+    path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
+    path('api/token/refresh', TokenRefreshView.as_view(), name="token_refresh")
 ]

StockSeeker/views.py

@@ -4,28 +4,28 @@ from .serializers import *
 from rest_framework.throttling import UserRateThrottle
 from rest_framework.response import Response
 from rest_framework import generics, status
+from rest_framework.permissions import IsAuthenticated, AllowAny
+from rest_framework_simplejwt.tokens import RefreshToken
 
 
 class UserCreate(generics.CreateAPIView):
+    permission_classes = [AllowAny]
     throttle_classes = [UserRateThrottle]
     serializer_class = UserSerializer
     queryset = User.objects.all()
 
     def create(self, request):
+        if request.user.is_authenticated:
+            return Response({"detail:" "Deconnecte toi ??"}, status=status.HTTP_403_FORBIDDEN)
         serializers = self.get_serializer(data=request.data)
         serializers.is_valid(raise_exception=True)
         user = serializers.save()
-        return Response(serializers.data, status=status.HTTP_201_CREATED)
 
+        refresh = RefreshToken.for_user(user)
+        access_token = refresh.access_token
 
-class ProductViewSet(viewsets.ModelViewSet):
-    queryset = Product.objects.all()
-    serializer_class = ProductSerializer
-
-
-class CreateProject(viewsets.ModelViewSet):
-    queryset = Product.objects.all()
-    serializer_class = ProductSerializer
-
-    def get_queryset(self):
-        return Product.objects.filter(user=self.request.user)
+        return Response({
+            "user": serializers.data,
+            "refresh": str(refresh),
+            "access": str(access_token)
+        }, status=status.HTTP_201_CREATED)