jwt token added login and user create.

2024-10-17 02:47:35 +02:00 · 2024-10-17 02:47:35 +02:00 · 3c18c74280
commit 3c18c74280
parent 477d680530
4 changed files with 31 additions and 19 deletions
--- a/StockSeeker/serializers.py
+++ b/StockSeeker/serializers.py
@ -15,6 +15,13 @@ class UserSerializer(serializers.ModelSerializer):
            raise serializers.ValidationError("Cette adresse e-mail est déjà utilisée.")
        return value

+    def create(self, validated_data):
+        password = validated_data.pop("password")
+        user = User(**validated_data)
+        user.set_password(password)
+        user.save()
+        return user
+

 class ProductSerializer(serializers.ModelSerializer):
    class Meta:
--- a/StockSeeker/settings.py
+++ b/StockSeeker/settings.py
@ -104,11 +104,12 @@ AUTH_PASSWORD_VALIDATORS = [
 ]

 REST_FRAMEWORK = {
-    # Use Django's standard `django.contrib.auth` permissions,
-    # or allow read-only access for unauthenticated users.
-    'DEFAULT_PERMISSION_CLASSES': [
-        'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
-    ]
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework_simplejwt.authentication.JWTAuthentication',
+    ),
+    'DEFAULT_PERMISSION_CLASSES': (
+        'rest_framework.permissions.IsAuthenticated',
+    ),
 }
 # Internationalization
 # https://docs.djangoproject.com/en/5.1/topics/i18n/
--- a/StockSeeker/urls.py
+++ b/StockSeeker/urls.py
@ -3,11 +3,15 @@ from django.urls import include, path
 from rest_framework import routers
 from .views import *
 from . import views
+from rest_framework_simplejwt.views import *
+
+##juge pas les noms d'acces OK ?##

 router = routers.DefaultRouter()
-router.register(r'product', views.ProductViewSet)
 urlpatterns = [
    path('', include(router.urls)),
    path('admin/', admin.site.urls),
-    path("create/", UserCreate.as_view(), name="user-create")
+    path('create/', UserCreate.as_view(), name="user-create"),
+    path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
+    path('api/token/refresh', TokenRefreshView.as_view(), name="token_refresh")
 ]
--- a/StockSeeker/views.py
+++ b/StockSeeker/views.py
@ -4,28 +4,28 @@ from .serializers import *
 from rest_framework.throttling import UserRateThrottle
 from rest_framework.response import Response
 from rest_framework import generics, status
+from rest_framework.permissions import IsAuthenticated, AllowAny
+from rest_framework_simplejwt.tokens import RefreshToken


 class UserCreate(generics.CreateAPIView):
+    permission_classes = [AllowAny]
    throttle_classes = [UserRateThrottle]
    serializer_class = UserSerializer
    queryset = User.objects.all()

    def create(self, request):
+        if request.user.is_authenticated:
+            return Response({"detail:" "Deconnecte toi ??"}, status=status.HTTP_403_FORBIDDEN)
        serializers = self.get_serializer(data=request.data)
        serializers.is_valid(raise_exception=True)
        user = serializers.save()
-        return Response(serializers.data, status=status.HTTP_201_CREATED)

+        refresh = RefreshToken.for_user(user)
+        access_token = refresh.access_token

-class ProductViewSet(viewsets.ModelViewSet):
-    queryset = Product.objects.all()
-    serializer_class = ProductSerializer
-
-
-class CreateProject(viewsets.ModelViewSet):
-    queryset = Product.objects.all()
-    serializer_class = ProductSerializer
-
-    def get_queryset(self):
-        return Product.objects.filter(user=self.request.user)
+        return Response({
+            "user": serializers.data,
+            "refresh": str(refresh),
+            "access": str(access_token)
+        }, status=status.HTTP_201_CREATED)