Commit f120eb42 authored by Michael Fladischer's avatar Michael Fladischer

New upstream version 1.4.0

parent c64e5d92
Metadata-Version: 1.1
Name: djoser
Version: 1.3.2
Version: 1.4.0
Summary: REST version of Django authentication system.
Home-page: https://github.com/sunscrapers/djoser
Author: SUNSCRAPERS
......@@ -44,7 +44,7 @@ Description: ======
- Python (2.7, 3.4, 3.5, 3.6)
- Django (1.11, 2.0, 2.1)
- Django REST Framework (3.7, 3.8)
- Django REST Framework (3.7, 3.8, 3.9)
Bear in mind that for Django-2.x you will need at least Python 3.5
......@@ -120,7 +120,7 @@ Description: ======
List of projects related to Django, REST and authentication:
- `django-rest-framework-jwt <https://github.com/GetBlimp/django-rest-framework-jwt>`_
- `django-rest-framework-simplejwt <https://github.com/davesque/django-rest-framework-simplejwt>`_
- `django-oauth-toolkit <https://github.com/evonove/django-oauth-toolkit>`_
- `django-rest-auth <https://github.com/Tivix/django-rest-auth>`_
- `django-rest-framework-digestauth <https://github.com/juanriaza/django-rest-framework-digestauth>`_ (not maintained)
......
......@@ -36,7 +36,7 @@ To be able to run **djoser** you have to meet following requirements:
- Python (2.7, 3.4, 3.5, 3.6)
- Django (1.11, 2.0, 2.1)
- Django REST Framework (3.7, 3.8)
- Django REST Framework (3.7, 3.8, 3.9)
Bear in mind that for Django-2.x you will need at least Python 3.5
......@@ -112,7 +112,7 @@ Similar projects
List of projects related to Django, REST and authentication:
- `django-rest-framework-jwt <https://github.com/GetBlimp/django-rest-framework-jwt>`_
- `django-rest-framework-simplejwt <https://github.com/davesque/django-rest-framework-simplejwt>`_
- `django-oauth-toolkit <https://github.com/evonove/django-oauth-toolkit>`_
- `django-rest-auth <https://github.com/Tivix/django-rest-auth>`_
- `django-rest-framework-digestauth <https://github.com/juanriaza/django-rest-framework-digestauth>`_ (not maintained)
......
Metadata-Version: 1.1
Name: djoser
Version: 1.3.2
Version: 1.4.0
Summary: REST version of Django authentication system.
Home-page: https://github.com/sunscrapers/djoser
Author: SUNSCRAPERS
......@@ -44,7 +44,7 @@ Description: ======
- Python (2.7, 3.4, 3.5, 3.6)
- Django (1.11, 2.0, 2.1)
- Django REST Framework (3.7, 3.8)
- Django REST Framework (3.7, 3.8, 3.9)
Bear in mind that for Django-2.x you will need at least Python 3.5
......@@ -120,7 +120,7 @@ Description: ======
List of projects related to Django, REST and authentication:
- `django-rest-framework-jwt <https://github.com/GetBlimp/django-rest-framework-jwt>`_
- `django-rest-framework-simplejwt <https://github.com/davesque/django-rest-framework-simplejwt>`_
- `django-oauth-toolkit <https://github.com/evonove/django-oauth-toolkit>`_
- `django-rest-auth <https://github.com/Tivix/django-rest-auth>`_
- `django-rest-framework-digestauth <https://github.com/juanriaza/django-rest-framework-digestauth>`_ (not maintained)
......
__version__ = "1.3.2"
__version__ = "1.4.0"
......@@ -13,13 +13,16 @@ DJOSER_SETTINGS_NAMESPACE = 'DJOSER'
class ObjDict(dict):
def __getattribute__(self, item):
try:
if isinstance(self[item], str):
self[item] = import_string(self[item])
value = self[item]
val = self[item]
if isinstance(val, str):
val = import_string(val)
elif isinstance(val, (list, tuple)):
val = [import_string(v) if type(v) is str else v for v in val]
self[item] = val
except KeyError:
value = super(ObjDict, self).__getattribute__(item)
val = super(ObjDict, self).__getattribute__(item)
return value
return val
default_settings = {
......@@ -71,6 +74,19 @@ default_settings = {
'USER_EMAIL_FIELD_NAME': 'email',
'SOCIAL_AUTH_TOKEN_STRATEGY': 'djoser.social.token.jwt.TokenStrategy',
'SOCIAL_AUTH_ALLOWED_REDIRECT_URIS': [],
'PERMISSIONS': ObjDict({
'activation': ['rest_framework.permissions.AllowAny'],
'password_reset': ['rest_framework.permissions.AllowAny'],
'password_reset_confirm': ['rest_framework.permissions.AllowAny'],
'set_password': ['djoser.permissions.CurrentUserOrAdmin'],
'set_username': ['rest_framework.permissions.IsAuthenticated'],
'user_create': ['rest_framework.permissions.AllowAny'],
'user_delete': ['djoser.permissions.CurrentUserOrAdmin'],
'user': ['djoser.permissions.CurrentUserOrAdminOrReadOnly'],
'user_list': ['djoser.permissions.CurrentUserOrAdminOrReadOnly'],
'token_create': ['rest_framework.permissions.AllowAny'],
'token_destroy': ['rest_framework.permissions.IsAuthenticated'],
}),
}
SETTINGS_TO_IMPORT = ['TOKEN_MODEL', 'SOCIAL_AUTH_TOKEN_STRATEGY']
......
from rest_framework import permissions
from rest_framework.permissions import SAFE_METHODS
class CurrentUserOrAdmin(permissions.IsAuthenticated):
def has_object_permission(self, request, view, obj):
user = request.user
return user.is_staff or obj.pk == user.pk
class CurrentUserOrAdminOrReadOnly(permissions.IsAuthenticated):
def has_object_permission(self, request, view, obj):
user = request.user
if type(obj) == type(user) and obj == user:
return True
return request.method in SAFE_METHODS or user.is_staff
......@@ -8,7 +8,8 @@ from djoser.conf import settings
class ProviderAuthSerializer(serializers.Serializer):
# GET auth token
token = serializers.CharField(read_only=True)
access = serializers.CharField(read_only=True)
refresh = serializers.CharField(read_only=True)
user = serializers.CharField(read_only=True)
def create(self, validated_data):
......
class TokenStrategy:
@classmethod
def obtain(cls, user):
from rest_framework_jwt.settings import api_settings
payload = api_settings.JWT_PAYLOAD_HANDLER(user)
from rest_framework_simplejwt.tokens import RefreshToken
from django.utils.six import text_type
refresh = RefreshToken.for_user(user)
return {
'token': api_settings.JWT_ENCODE_HANDLER(payload),
'user': user
'access': text_type(refresh.access_token),
'refresh': text_type(refresh),
'user': user,
}
......@@ -21,8 +21,8 @@ class ProviderAuthView(generics.CreateAPIView):
backend_name = self.kwargs['provider']
backend = load_backend(
strategy, backend_name, redirect_uri=redirect_uri
)
authorization_url = backend.auth_url()
return Response(data={
'authorization_url': authorization_url,
......
from django.conf.urls import url
from rest_framework_jwt import views
from rest_framework_simplejwt import views
urlpatterns = [
url(r'^jwt/create/?', views.obtain_jwt_token, name='jwt-create'),
url(r'^jwt/refresh/?', views.refresh_jwt_token, name='jwt-refresh'),
url(r'^jwt/verify/?', views.verify_jwt_token, name='jwt-verify'),
url(
r'^jwt/create/?',
views.TokenObtainPairView.as_view(),
name='jwt-create',
),
url(
r'^jwt/refresh/?',
views.TokenRefreshView.as_view(),
name='jwt-refresh',
),
url(
r'^jwt/verify/?',
views.TokenVerifyView.as_view(),
name='jwt-verify',
),
]
......@@ -22,13 +22,13 @@ def login_user(request, user):
def logout_user(request):
if settings.CREATE_SESSION_ON_LOGIN:
logout(request)
if settings.TOKEN_MODEL:
settings.TOKEN_MODEL.objects.filter(user=request.user).delete()
user_logged_out.send(
sender=request.user.__class__, request=request, user=request.user
)
if settings.CREATE_SESSION_ON_LOGIN:
logout(request)
class ActionViewMixin(object):
......
......@@ -10,7 +10,7 @@ from rest_framework.reverse import reverse
from djoser import utils, signals
from djoser.compat import get_user_email, get_user_email_field_name
from djoser.conf import settings
from djoser.permissions import CurrentUserOrAdmin
User = get_user_model()
......@@ -66,7 +66,7 @@ class UserCreateView(generics.CreateAPIView):
Use this endpoint to register new user.
"""
serializer_class = settings.SERIALIZERS.user_create
permission_classes = [permissions.AllowAny]
permission_classes = settings.PERMISSIONS.user_create
def perform_create(self, serializer):
user = serializer.save()
......@@ -87,7 +87,7 @@ class UserDeleteView(generics.CreateAPIView):
Use this endpoint to remove actually authenticated user
"""
serializer_class = settings.SERIALIZERS.user_delete
permission_classes = [permissions.IsAuthenticated]
permission_classes = settings.PERMISSIONS.user_delete
def get_object(self):
return self.request.user
......@@ -108,7 +108,7 @@ class TokenCreateView(utils.ActionViewMixin, generics.GenericAPIView):
Use this endpoint to obtain user authentication token.
"""
serializer_class = settings.SERIALIZERS.token_create
permission_classes = [permissions.AllowAny]
permission_classes = settings.PERMISSIONS.token_create
def _action(self, serializer):
token = utils.login_user(self.request, serializer.user)
......@@ -123,7 +123,7 @@ class TokenDestroyView(views.APIView):
"""
Use this endpoint to logout user (remove user authentication token).
"""
permission_classes = [permissions.IsAuthenticated]
permission_classes = settings.PERMISSIONS.token_destroy
def post(self, request):
utils.logout_user(request)
......@@ -135,7 +135,7 @@ class PasswordResetView(utils.ActionViewMixin, generics.GenericAPIView):
Use this endpoint to send email to user with password reset link.
"""
serializer_class = settings.SERIALIZERS.password_reset
permission_classes = [permissions.AllowAny]
permission_classes = settings.PERMISSIONS.password_reset
_users = None
......@@ -165,7 +165,7 @@ class SetPasswordView(utils.ActionViewMixin, generics.GenericAPIView):
"""
Use this endpoint to change user password.
"""
permission_classes = [permissions.IsAuthenticated]
permission_classes = settings.PERMISSIONS.set_password
def get_serializer_class(self):
if settings.SET_PASSWORD_RETYPE:
......@@ -186,7 +186,7 @@ class PasswordResetConfirmView(utils.ActionViewMixin, generics.GenericAPIView):
"""
Use this endpoint to finish reset password process.
"""
permission_classes = [permissions.AllowAny]
permission_classes = settings.PERMISSIONS.password_reset_confirm
token_generator = default_token_generator
def get_serializer_class(self):
......@@ -207,7 +207,7 @@ class ActivationView(utils.ActionViewMixin, generics.GenericAPIView):
Use this endpoint to activate user account.
"""
serializer_class = settings.SERIALIZERS.activation
permission_classes = [permissions.AllowAny]
permission_classes = settings.PERMISSIONS.activation
token_generator = default_token_generator
def _action(self, serializer):
......@@ -231,7 +231,7 @@ class SetUsernameView(utils.ActionViewMixin, generics.GenericAPIView):
"""
Use this endpoint to change user username.
"""
permission_classes = [permissions.IsAuthenticated]
permission_classes = settings.PERMISSIONS.set_username
def get_serializer_class(self):
if settings.SET_USERNAME_RETYPE:
......@@ -259,7 +259,7 @@ class UserView(generics.RetrieveUpdateAPIView):
"""
queryset = User.objects.all()
serializer_class = settings.SERIALIZERS.user
permission_classes = [permissions.IsAuthenticated]
permission_classes = settings.PERMISSIONS.user
def get_object(self, *args, **kwargs):
return self.request.user
......@@ -276,14 +276,16 @@ class UserView(generics.RetrieveUpdateAPIView):
class UserViewSet(UserCreateView, viewsets.ModelViewSet):
serializer_class = settings.SERIALIZERS.user
queryset = User.objects.all()
permission_classes = [CurrentUserOrAdmin]
permission_classes = settings.PERMISSIONS.user
token_generator = default_token_generator
def get_permissions(self):
if self.action in ['create', 'confirm']:
self.permission_classes = [permissions.AllowAny]
if self.action == 'create':
self.permission_classes = settings.PERMISSIONS.user_create
elif self.action == 'confirm':
self.permission_classes = settings.PERMISSIONS.activation
elif self.action == 'list':
self.permission_classes = [permissions.IsAdminUser]
self.permission_classes = settings.PERMISSIONS.user_list
return super(UserViewSet, self).get_permissions()
def get_serializer_class(self):
......
[egg_info]
tag_build =
tag_date = 0
tag_svn_revision = 0
......@@ -17,7 +17,7 @@ def get_packages(package):
setup(
name='djoser',
version='1.3.2',
version='1.4.0',
packages=get_packages('djoser'),
license='MIT',
author='SUNSCRAPERS',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment