Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- models.py
- from __future__ import unicode_literals
- import uuid
- from django.utils import timezone
- from django.db import models
- from django.conf import settings
- from django.db.models.signals import post_save
- from django.dispatch import receiver
- from rest_framework.authtoken.models import Token
- from django.contrib.auth.models import AbstractBaseUser, PermissionsMixin
- from django.contrib.auth.models import BaseUserManager
- from django.utils import timezone
- class CustomUserManager(BaseUserManager):
- def _create_user(self, email, password, is_staff, is_superuser, **extra_fields):
- """
- Creates and saves a User with the given email and password.
- """
- now = timezone.now()
- if not email:
- raise ValueError('The given email must be set')
- email = self.normalize_email(email)
- user = self.model(email=email,
- is_staff=is_staff, is_active=True,
- is_superuser=is_superuser, last_login=now,
- date_joined=now, **extra_fields)
- user.set_password(password)
- user.save(using=self._db)
- return user
- def create_user(self, email, password=None, **extra_fields):
- return self._create_user(email, password, False, False,
- **extra_fields)
- def create_superuser(self, email, password, **extra_fields):
- return self._create_user(email, password, True, True,
- **extra_fields)
- class CustomUser(AbstractBaseUser):
- GENDER_TYPES = (
- ('M', 'Male'),
- ('F', 'Female'),
- ('O', 'Other')
- )
- MEMBER_TYPES = (
- ('F', 'Free'),
- ('P', 'Paid')
- )
- email = models.EmailField(max_length=254, unique=True)
- first_name = models.CharField(max_length=30, blank=True)
- last_name = models.CharField(max_length=30, blank=True)
- is_staff = models.BooleanField(default=False)
- is_superuser = models.BooleanField(default=False)
- is_active = models.BooleanField(default=True)
- date_joined = models.DateTimeField(default=timezone.now)
- profile_picture = models.CharField(max_length=36, null=True)
- primary_num = models.CharField(max_length=100, unique=True, blank=True, null=True)
- secondary_num = models.CharField(max_length=100, unique=True, null=True)
- gender = models.CharField(max_length=1, choices=GENDER_TYPES, blank=True, null=True)
- birth_date = models.DateField(null=True)
- account_type = models.CharField(max_length=1, choices=MEMBER_TYPES, null=True)
- bio = models.TextField(null=True)
- modified_at = models.DateTimeField()
- objects = CustomUserManager()
- USERNAME_FIELD = 'email'
- REQUIRED_FIELDS = []
- class Meta:
- verbose_name = 'CustomUserProfile'
- verbose_name_plural = 'CustomUserProfiles'
- def save(self, *args, **kwargs):
- #On save, update timestamps
- self.modified_at = timezone.now()
- return super(CustomUser, self).save(*args, **kwargs)
- def get_absolute_url(self):
- return "/users/%s/" % urlquote(self.email)
- def has_perm(self, perm, obj=None):
- return self.is_superuser
- def has_module_perms(self, app_label):
- return self.is_superuser
- def get_short_name(self):
- "Returns the short name for the user."
- return self.first_name
- #Create a token for each User created
- @receiver(post_save, sender=settings.AUTH_USER_MODEL)
- def create_auth_token(sender, instance=None, created=False, **kwargs):
- if created:
- Token.objects.create(user=instance)
- permissions.py
- from rest_framework import permissions
- from rest_framework.permissions import SAFE_METHODS
- class IsSuperUserOrTargetUser(permissions.BasePermission):
- def has_object_permission(self, request, view, obj):
- # Read permissions are allowed to any request,
- # so we'll always allow GET, HEAD or OPTIONS requests.
- if request.method in permissions.SAFE_METHODS:
- return True
- # Write permissions are only allowed to the owner of the snippet.
- return request.user.is_superuser or request.user == obj
- serializer.py
- from rest_framework import serializers
- from .models import CustomUser
- # Serializers define the API representation.
- class UserSerializer(serializers.ModelSerializer):
- class Meta:
- model = CustomUser
- fields = ('password', 'first_name', 'last_name', 'bio', 'email')
- write_only_fields = ('password',)
- read_only_fields = ('is_staff', 'is_superuser', 'is_active', 'date_joined',)
- def create(self, attrs, instance=None):
- # call set_password on user object. Without this
- # the password will be stored in plain text.
- user = super(UserSerializer, self).create(attrs)
- user.set_password(attrs['password'])
- user.save()
- return user
- def update(self, instance, validated_data):
- for attr, value in validated_data.items():
- if attr == 'password':
- instance.set_password(value)
- else:
- setattr(instance, attr, value)
- instance.save()
- return instance
- def __unicode__(self):
- return 'user_serializer'
- urls.py
- from django.conf.urls import url, include
- from rest_framework import routers, serializers, viewsets
- from rest_framework.authtoken import views as authviews
- from . import views
- from . import permissions
- # Routers provide an easy way of automatically determining the URL conf.
- router = routers.DefaultRouter()
- router.register(r'users', views.UserView, 'list')
- # Wire up our API using automatic URL routing.
- # Additionally, we include login URLs for the browsable API.
- urlpatterns = [
- url(r'^', include(router.urls)),
- url(r'^token-auth/', authviews.obtain_auth_token),
- ]
- views.py\from django.shortcuts import render
- from django.contrib.auth.models import User
- from rest_framework import status, serializers
- from rest_framework.decorators import api_view
- from rest_framework.views import APIView
- from rest_framework.response import Response
- from rest_framework import authentication, permissions
- from users.serializers import UserSerializer
- from rest_framework import viewsets
- from .permissions import IsSuperUserOrTargetUser
- from .models import CustomUser
- class UserView(viewsets.ModelViewSet):
- serializer_class = UserSerializer
- queryset = CustomUser.objects.all()
- model = CustomUser
- permission_classes = (IsSuperUserOrTargetUser,)
- def put(self, request, *args, **kwargs):
- return self.update(request, *args, **kwargs)
Add Comment
Please, Sign In to add comment