Model.py
class UserProfileInfo(models.Model):
user = models.OneToOneField(User,on_delete=models.CASCADE,default='')
# user = models.OneToOneField(User, on_delete=models.CASCADE)
phone_no = models.CharField(max_length=13,unique=True)
registered = models.BooleanField(default=False)
spam = models.BooleanField(default=False)
def __str__(self):
return self.user.username
Serializer.py
class UserSerializer(serializers.ModelSerializer):
password = serializers.CharField()
class Meta():
model = User
fields = ('username','email','password')
class UserProfileSerializer(serializers.ModelSerializer):
class Meta():
model = UserProfileInfo
fields = ('phone_no',)
views.py
def register(request):
registered = False
if request.method == 'POST':
user_serializer = UserSerializer(data=request.POST)
profile_serializer = UserProfileSerializer(data=request.POST)
if user_serializer.is_valid() and profile_serializer.is_valid():
user = user_serializer.save()
user.set_password(user.password) #saving hash value of password
user.save()
profile = profile_serializer.save(commit=False)
profile.user = user
profile.registered = True
profile.save()
registered = True
else:
print(user_serializer.errors)
else:
user_serializer = UserSerializer
profile_serializer = UserProfileSerializer
return Response(request,'basic_app/registration.html',{
'user_serializer':user_serializer,
'profile_form':profile_form,
'registered':registered
})
def user_login(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
print(username,password)
user = authenticate(username=username, password=password)
print(user)
if user:
if user.is_active:
login(request,user)
return render(request,'basic_app/search.html')
else:
return HttpResponse('Account not active!')
else:
# print(username,password)
return HttpResponse('Login credentials not correct!')
else:
return render(request,'basic_app/login.html')
Now I need to make changes to my views.py such that I can parallely populate the user and the profile model having one to one field. I was using the form which was working well but now I need to convert the code to rest API. Please help how I can keep the same functionality using the above serializer class. My aim is to register and login the user.
First, c method in the serializer like my simple code:
(I used to write this class in my REST project for register student)
class StudentRegistrationSerializer(serializers.ModelSerializer):
password = serializers.CharField(style={'input_type': 'password'}, required=True)
password2 = serializers.CharField(style={'input_type': 'password'}, required=True)
class Meta:
model = Student
fields = ['phone_number', 'password', 'password2', 'name', 'family']
extra_kwargs = {
'password': {'write_only': True}
}
def save(self, **kwargs):
phone_number = self.validated_data.get('phone_number')
name = self.validated_data.get('name')
family = self.validated_data.get('family')
password = self.validated_data.get('password')
password2 = self.validated_data.get('password2')
not_active = User.objects.filter(username=phone_number, is_active=False)
is_active = User.objects.filter(username=phone_number, is_active=True)
if password != password2:
raise serializers.ValidationError({'error': 'password not matched'})
if is_active:
raise serializers.ValidationError({'error': 'username already exist'})
if not_active:
raise serializers.ValidationError({'error': 'username already exist active your account'})
user = User(username=phone_number, password=password, is_active=False)
user.set_password(password)
user.save()
student = Student(phone_number=phone_number, user=user, name=name, family=family)
student.save()
return student
and return the saved object here is student
and I recommend you to use build-in LoginView in the third-party library like "rest_auth" this library handles Token
after installing "rest_auth" using :
pip install django-rest-auth
in the url file just import :
from rest_auth.views import LoginView
and use it without any complexity
Related
I`m wrirting site on Django and I need to make a system for registration and authorization of work peepers, for this I use the Django AbstractUser model, registration works well, but authorization does not work, and the authenticate method returns None
Here is my JobseekerRegsiterInfo model:
class JobseekerRegisterInfo(AbstractUser):
username = first_name = last_name = None
id = models.BigAutoField(primary_key=True)
phone_number = PhoneNumberField()
email = models.EmailField(unique=True)
full_name = models.CharField(max_length=120)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['phone_number', 'full_name', 'hashed_password']
def __str__(self):
return self.full_name
My login form:
class JobseekerLoginForm(forms.Form):
email = forms.EmailField(label='Введіть ваш Email: ',
widget=forms.EmailInput(attrs={'class': 'form-control'}))
password = forms.CharField(label='Ваш пароль: ',
widget=forms.PasswordInput(attrs={'class': 'form-control'}))
def clean_email(self):
email = self.cleaned_data['email']
# if not select_field_value_from_model(JobseekerRegisterInfo, 'email', email):
if not JobseekerRegisterInfo.objects.filter(email=email):
raise forms.ValidationError('Неправильно введені email або пароль')
return email
and view function:
def jobseeker_login_view(request):
title = 'Авторизація'
context = {'title': title}
if request.method == 'POST':
form = JobseekerLoginForm(request.POST)
context['form'] = form
if form.is_valid():
email = form.cleaned_data['email']
password = form.cleaned_data['password']
user = authenticate(request, email=email, password=password)
print(generate_password_hash(password))
if user:
print(user)
else:
print('USER IS NONE')
else:
form_errors = form.errors.as_data()
custom_error = custom_error_service(form_errors)
context['list_first_error'] = custom_error
else:
form = JobseekerLoginForm()
context['form'] = form
return render(request, template_name='jobseeker/jobseeker_login.html', context=context)
But only USER IS NONE is displayed in the console, no matter what I do
Tell me, please, how to use authenticate correctly in my case
I am trying to setup user authentication for the login page using forms and comparing it to my database value but it does not work. I also tried using this particular questions User Login Authentication using forms and Django logic to solve my problem but it didn't help.
Models.py
from django.db import models
from django.contrib.auth.password_validation import validate_password
class student(models.Model):
first_name = models.CharField(max_length=150)
last_name = models.CharField(max_length=150)
matric_number = models.CharField(max_length=9)
email = models.EmailField(max_length=50)
password1 = models.CharField(max_length=255, validators=[validate_password])
password2 = models.CharField(max_length=255)
def __str__(self):
return (self.matric_number)
This view saves user info to database
def student(request):
if request.method == 'POST':
form = studentForm(request.POST)
if form.is_valid():
sign_up = form.save(commit=False)
#sign_up.password1 = make_password(form.cleaned_data['password1'])
#sign_up.password2 = make_password(form.cleaned_data['password2'])
sign_up.status = 1
sign_up.save()
user = form.cleaned_data.get('matric_number')
messages.success(request, "Account was created for "+str(user))
return redirect(signin)
else:
form = studentForm()
return render(request, 'Student.html',{
"form": form
})
This is the signin view
def signin(request):
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data.get('username')
password = form.cleaned_data.get('password')
try:
student = student.object.get(username=username, password=password)
return redirect(files)
except:
messages.success(request, "Error")
else:
form = LoginForm()
return render(request, "SignIn.html",{
"form":form
})
This is my form.py
class studentForm(forms.ModelForm):
class Meta:
model=student
fields="__all__"
widgets={
'first_name':forms.TextInput(attrs={'placeholder': 'Enter Your First Name'}),
'last_name':forms.TextInput(attrs={'placeholder': 'Enter Your Last Name'}),
'matric_number':forms.TextInput(attrs={'placeholder': 'Enter Your Matric Number'}),
'email':forms.EmailInput(attrs={'placeholder': 'abc#example.com'}),
'password1':forms.PasswordInput(attrs={'placeholder': 'Enter Your Preferred Password','id':'password'}),
'password2':forms.PasswordInput(attrs={'placeholder':'Confirm Your Password', 'id':'password1'})
}
def clean(self):
super(studentForm, self).clean()
password1 = self.cleaned_data.get('password1')
password2 = self.cleaned_data.get('password2')
matric_number = self.cleaned_data.get('matric_number')
email = self.cleaned_data.get('email')
try:
if password1 != password2:
self.errors[''] = self.error_class(["The two password fields must match"])
elif len(matric_number) != 9:
self.errors[''] = self.error_class(["You have entered an invalid matric number"])
elif len(matric_number) == 9:
matric_number = int(matric_number)
except ValueError:
self.errors[''] = self.error_class(["You have entered an invalid matric number"])
for instance in student.objects.all():
if instance.matric_number == str(matric_number):
self.errors[''] = self.error_class(["Matric number already exist"])
elif instance.email == email:
self.errors[''] = self.error_class(["E-mail address already exist"])
class LoginForm(forms.Form):
matric_number = forms.CharField(max_length=9, widget=forms.TextInput(attrs={'id': 'username', 'placeholder': 'Enter Your Staff Id Or Matric Number'}))
password1 = forms.CharField(max_length=9, widget=forms.PasswordInput(attrs={'id': 'password', 'placeholder':'Enter Your password'}))
Stop reinventing the wheel. Also, class names are supposed to be named with PascalCase.
Use AbstractUser model:
from django.contrib.auth.models import AbstractUser
class Student(AbstractUser):
...
and in your main urls.py:
from django.contrib.auth import views as auth_views
urlpatterns = [
...
path('login/', auth_views.LoginView.as_view(), name='login'),
...
]
It is much faster and SAFER way to create new user.
So I figured out out how to solve my problem. By using the AbstractUser model,i was able to create a custom user and then create another model which i extended a ForeignKey on the User model therefore allowing me to tie every user to their profile.
Here is my models.py
from django.db import models
from django.contrib.auth.models import AbstractUser
# Create your models here.
class User(AbstractUser):
pass
def __str__(self):
return self.username
class UserProfile(models.Model):
"""
This is the one for model.py
"""
username = models.ForeignKey(User, on_delete=models.CASCADE, null=True, default="")
profile_picture = models.ImageField(blank=True, null=True, default="")
matricno = models.CharField(max_length=9, default="", primary_key=True)
email = models.EmailField(default="")
first_name = models.CharField(max_length=200, default="")
last_name = models.CharField(max_length=255, default="")
class Meta:
verbose_name_plural = "Users Profile"
def __str__(self):
return self.first_name+ " "+self.last_name
And here is my views.py
def signup(request):
if request.method == "POST":
form = Signup(request.POST)
if form.is_valid():
username = request.POST["username"]
email = request.POST["email"]
password = request.POST["password"]
password2 = request.POST["password2"]
user = User.objects.create_user(
username=username,
password=password,
email=email,
)
user.save()
login(request, user)
messages.success(request, "Account Created successfully for " + username)
return redirect(details)
else:
form = Signup()
return render(request, "accounts/register.html", {"form": form})
def details(request, username):
user = User.objects.get(username=username)
form = Details()
if request.method == "POST":
form = Details(request.POST, request.FILES)
if form.is_valid():
detail = form.save(commit=False)
detail.username = request.user
detail.save()
return redirect(success, pk=detail.pk)
else:
form = Details(initial={"matricno":request.user.username})
return render(request, "details.html", {"form":form})
And finally my forms.py that i use in creating a signup form and perfoming validation
class Signup(forms.Form):
username = forms.CharField(
max_length=9,
widget=forms.TextInput(attrs={"placeholder": "Enter Your Matric Number"}),
)
email = forms.EmailField(
max_length=255,
widget=forms.EmailInput(attrs={"placeholder": "Enter Your E-mail Address"}),
)
password = forms.CharField(
max_length=255,
widget=forms.PasswordInput(
attrs={"placeholder": "Enter Your Password", "id": "password"}
),
)
password2 = forms.CharField(
max_length=255,
widget=forms.PasswordInput(
attrs={"placeholder": "Confirm Your Password", "id": "password2"}
),
)
def clean(self):
super(Signup, self).clean()
password = self.cleaned_data.get("password")
password2 = self.cleaned_data.get("password2")
username = self.cleaned_data.get("username")
email = self.cleaned_data.get("email")
if password != password2:
self.errors[""] = self.error_class(["The two password fields must match"])
for instance in User.objects.all():
if instance.username == str(username):
self.errors[""] = self.error_class(["User already exist"])
elif instance.email == email:
self.errors[""] = self.error_class(["E-mail already in use"])
else:
pass
return self.cleaned_data
I am trying to build multi vendor e-commerce using django rest-framework. I stuck at how to authenticate multi-users like i have customers and sellers . i have successfully created API's for sellers but i am unable to give roles to uses. (Basically we are building mobile app and web)
my models are:
from django.db import models
from django.contrib.auth.models import User
from django.db import models
# Create your models here.
class SellerProfile(models.Model):
user = models.OneToOneField(
User, blank=True, null=True, on_delete=models.SET_DEFAULT, default=None)
mobileNo = models.CharField(max_length=40, default=None)
cnic = models.CharField(max_length=30, default=None)
city = models.CharField(max_length=30, default=None)
address = models.CharField(max_length=30, default=None)
state = models.CharField(max_length=30, default=None)
shop_name = models.CharField(max_length=30, default=None)
def __str__(self):
return self.user.username
class ClientProfile(models.Model):
user = models.OneToOneField(User, models.SET_DEFAULT, default=None)
def __str__(self):
return self.user.username
and my serializers :
from profiles.models import SellerProfile, ClientProfile
from rest_framework import serializers, status
# from models import *
from django.contrib.auth.models import User
from django.contrib.auth.hashers import make_password
class UserSerializer(serializers.ModelSerializer):
password = serializers.CharField(
write_only=True,
required=True,
help_text='password',
style={'input_type': 'password', 'placeholder': 'Password'}
)
class Meta:
model = User
fields = ('username', 'first_name', 'last_name', 'email', 'password')
def create(self, validated_data):
user = super().create(validated_data)
user.set_password(validated_data['password'])
user.save()
return user
# def __str__(self):
# return self.user
class ClientSerializer(serializers.ModelSerializer):
user = UserSerializer(required=True)
class Meta:
model = ClientProfile
fields = ['user']
def create(self, validated_data):
user_data = validated_data.pop('user')
user = UserSerializer.create(
UserSerializer(), validated_data=user_data)
buyer, created = ClientProfile.objects.update_or_create(
user=user,
# mobileNo=validated_data.pop('mobileNo'),
# location=validated_data.pop('location'),
# address=validated_data.pop('address'),
)
return buyer
class SellerSerializer(serializers.ModelSerializer):
user = UserSerializer(required=True)
class Meta:
model = SellerProfile
fields = ('user', 'mobileNo', 'cnic',
'city', 'address', 'state', 'shop_name')
def create(self, validated_data):
user_data = validated_data.pop('user')
user = UserSerializer.create(
UserSerializer(), validated_data=user_data)
seller, created = SellerProfile.objects.update_or_create(user=user,
mobileNo=validated_data.pop(
'mobileNo'),
cnic=validated_data.pop(
'cnic'),
city=validated_data.pop(
'city'),
address=validated_data.pop(
'address'),
shop_name=validated_data.pop(
'shop_name'),
)
return seller
here is my view set :
from .serializers import *
from profiles.models import *
from rest_framework import viewsets
from rest_framework.response import Response
from rest_framework import status
class SellerViewSet(viewsets.ModelViewSet):
serializer_class = SellerSerializer
queryset = SellerProfile.objects.all()
def get(self, format=None):
seller = SellerProfile.objects.all()
serializer = SellerSerializer(seller, many=True)
return Response(serializer.data)
def post(self, request):
serializer = SellerSerializer(data=request.data)
if serializer.is_valid(raise_exception=ValueError):
serializer.create(validated_data=request.data)
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.error_messages,
status=status.HTTP_400_BAD_REQUEST)
class BuyerViewSet(viewsets.ModelViewSet):
serializer_class = ClientSerializer
queryset = ClientProfile.objects.all()
def get(self, format=None):
seller = ClientProfile.objects.all()
serializer = UserSerializer(seller, many=True)
return Response(serializer.data)
def post(self, request):
serializer = ClientSerializer(data=request.data)
if serializer.is_valid(raise_exception=ValueError):
serializer.create(validated_data=request.data)
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.error_messages,
status=status.HTTP_400_BAD_REQUEST)
here is views for web registration:
def registration(request):
if request.method == 'POST':
form = UserForm(request.POST)
sellerFrom = SellerFrom(request.POST)
if form.is_valid() and sellerFrom.is_valid():
user = form.save()
seller = sellerFrom.save()
seller.user = user
seller.save()
username = form.cleaned_data.get('username')
password = form.cleaned_data.get('password1')
# user = authentication(username=username, password=password)
# login(request, user)
messages.success(request, 'account was created for' + username)
form = UserForm()
sellerFrom = SellerFrom()
return redirect('login')
else:
form = UserForm()
sellerFrom = SellerFrom()
context = {'form': form, 'sellerForm': sellerFrom}
return render(request, 'gui/signup.html', context)
here is view for login :
def login(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(request, username=username, password=password)
if user is not None:
# if user.role == "seller_profile":
auth_login(request, user)
return redirect('home')
else:
messages.info(request, 'Username or password is incorrect')
context = {}
return render(request, 'gui/login.html', context)
Now what above coding is doing . actually it handling user registration and login but i want to give them role like seller = seller_role and client = client_role. and also want to know how to authenticate user while login whether it is seller or client.
i am looking for answer thank you so much and sorry for my bad english
here is the trouble i try to autheticate the users for my website but authenticate() return alway the None value for the user created with the registration page. I can correctly log user after their user user creation and the entry is in the database. I have a custom user model extended form AbstractBaseUser. So here is the portion of code not working :
from django.contrib.auth import login as authlog
def login(request):
error = False
if request.method == "POST":
form = forms.LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data["username"]
password = form.cleaned_data["password"]
user = authenticate(username=username, password=password)
print("Validated form.")
print(username)
print(password)
print(user)
if user:
print("Logged user.")
authlog(request, user)
return redirect(to='home')
else:
print("Not logged user.")
error = True
else:
form = forms.LoginForm()
return render(request, 'users/login.html', locals())
And in the following block of code the user is sccessfully logged after it's registration.
from django.contrib.auth import login as authlog
def register(request):
form = forms.RegisterForm(request.POST or None)
if form.is_valid():
user = form.save()
authlog(request, user)
return redirect(to='home')
print('Registered new user')
return render(request, 'users/register.html', locals())
What i don't understant is why it the admin account i created with ./manage.py createsuperuser work and not the others.
And also i can't create user in the admin panel and i don't know why.
Thanks :D
EDIT: My forms
class CreateUserForm(forms.ModelForm):
pass1 = forms.CharField(label="Password", widget=forms.PasswordInput)
pass2 = forms.CharField(label="Password Check", widget=forms.PasswordInput)
class Meta:
model = models.User
fields = '__all__'
def clean_pass2(self):
pass1 = self.cleaned_data.get('pass1')
pass2 = self.cleaned_data.get('pass2')
if pass1 and pass2 and pass1 != pass2:
raise forms.ValidationError("Passwords don't match")
return pass2
def save(self, commit=True):
user = super(UserCreationForm, self)
if user.exte:
user.promo = None
user.login = None
user.save(commit=False)
user.set_password(self.cleaned_data["pass1"])
if commit:
user.save()
return user
class RegisterForm(CreateUserForm):
class Meta:
model = models.User
fields = ('email', 'lname', 'fname', 'exte', 'promo', 'login')
class LoginForm(forms.Form):
username = forms.EmailField(label='Email')
password = forms.CharField(label='Mot de passe', widget=forms.PasswordInput)
About the cleaned data i log the data i get for debug purpose and they're right.
EDIT2: My User Model
class User(AbstractBaseUser, PermissionsMixin):
email = models.EmailField(max_length=255, unique=True, verbose_name='e-mail')
fname = models.CharField(max_length=64, verbose_name='first name', null=False, blank=False)
lname = models.CharField(max_length=64, verbose_name='last name', null=False, blank=False)
login = models.CharField(max_length=64, null=True, blank=True, verbose_name="login")
promo = models.CharField(max_length=64, null=True, blank=True, verbose_name="promotion")
exte = models.BooleanField(default=False, verbose_name="externe")
joined = models.DateTimeField(auto_now_add=True)
avatar = models.ImageField(upload_to='avatars/', null=True, blank=True)
is_active = models.BooleanField(default=True, verbose_name='active user')
is_staff = models.BooleanField(default=False, verbose_name='admin user')
objects = UserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['fname', 'lname']
def get_full_name(self):
return "{0} {1}".format(self.fname, self.lname)
def get_short_name(self):
return self.lname
def __str__(self):
return self.get_full_name()
def has_perm(self, perm, obj=None):
# Simplest possible answer: Yes, always
return True
def has_module_perms(self, app_label):
# Simplest possible answer: Yes, always
return True
You have an indentation problem on your form. Your save method (as well as the clean_pass2 method) are wrongly indented inside the inner Meta class, so it won't be seen by the form itself. This means that set_password won't be called when you create the user, so the password will not be hashed.
Move those methods one indent to the left.
I'm using Django 1.7 and am trying to authenticate a user with email instead of the provided Django auth user.
This is my models.py
from django.db import models
from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
class MyUserManager(BaseUserManager):
def create_user(self, email, password=None):
if not email:
raise ValueError('Users must have an email address')
user = self.model(
email=MyUserManager.normalize_email(email),
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, password):
user = self.create_user(email,
password=password,
)
user.is_admin = True
user.save(using=self._db)
return user
class MyUser(AbstractBaseUser):
"""
Custom user class.
"""
email = models.EmailField('email address', unique=True, db_index=True)
joined = models.DateTimeField(auto_now_add=True)
is_active = models.BooleanField(default=True)
is_admin = models.BooleanField(default=False)
USERNAME_FIELD = 'email'
def __unicode__(self):
return self.email
and this is a snippet from my views.py
def auth_view(request):
username = request.POST.get('username', '')
password = request.POST.get('password', '')
user = auth.authenticate(username=username, password=password)
if user is not None:
auth.login(request, user)
return HttpResponseRedirect('/')
else:
return HttpResponseRedirect('/invalid/')
def register_user(request):
if request.method == 'POST':
form = MyRegistrationForm(request.POST)
if form.is_valid():
print "Form is valid"
form.save()
return HttpResponseRedirect('/register_success/')
args = {}
args.update(csrf(request))
args['form'] = MyRegistrationForm()
return render_to_response('register.html', args, context_instance=RequestContext(request))
and finally, my forms.py
from django import forms
from django.contrib.auth.models import User
class MyRegistrationForm(forms.ModelForm):
"""
Form for registering a new account.
"""
email = forms.EmailField(widget=forms.EmailInput,label="Email")
password1 = forms.CharField(widget=forms.PasswordInput,
label="Password")
password2 = forms.CharField(widget=forms.PasswordInput,
label="Password (again)")
class Meta:
model = User
fields = ['email', 'password1', 'password2']
def clean(self):
"""
Verifies that the values entered into the password fields match
NOTE: Errors here will appear in ``non_field_errors()`` because it applies to more than one field.
"""
cleaned_data = super(MyRegistrationForm, self).clean()
if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data:
if self.cleaned_data['password1'] != self.cleaned_data['password2']:
raise forms.ValidationError("Passwords don't match. Please enter both fields again.")
return self.cleaned_data
def save(self, commit=True):
user = super(MyRegistrationForm, self).save(commit=False)
user.set_password(self.cleaned_data['password1'])
if commit:
user.save()
return user
Whenever I try to register an account, I get an error 'NoneType' object has no attribute '_insert' from forms.py calling user.save and views.py calling form.save. I don't really know how to write the user.save, but I'd imagine that would fix both errors.
Can anyone help me?
look at forms.py imports
from django.contrib.auth.models import User
must import MyUser instead of that
same in
class Meta:
model = User
fields = ['email', 'password1', 'password2']
and add to MyUser class
objects = MyUserManage()
change to
class Meta:
model = MyUser
fields = ['email', 'password1', 'password2']
and settings.py must set:
AUTH_USER_MODEL = '<apppath>.MyUser'