From 81fbcba642660f7e71afc31b51cf50c9b474c410 Mon Sep 17 00:00:00 2001 From: Mike0001-droid Date: Thu, 20 Jun 2024 11:25:30 +0500 Subject: [PATCH] =?UTF-8?q?=D0=B8=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=B8?= =?UTF-8?q?=D0=BB=20=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD=D0=B5=D0=BD=D0=B8=D1=8F?= =?UTF-8?q?=20=D0=BF=D0=B0=D1=80=D0=BE=D0=BB=D1=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/proj/account/schemas.py | 18 ++++++++++++------ server/proj/account/views.py | 27 +++++++++++++++++---------- 2 files changed, 29 insertions(+), 16 deletions(-) diff --git a/server/proj/account/schemas.py b/server/proj/account/schemas.py index c7a1d96..f5631ae 100644 --- a/server/proj/account/schemas.py +++ b/server/proj/account/schemas.py @@ -3,19 +3,25 @@ import coreapi import coreschema -""" class PlayListSchema(AutoSchema): +class UpdateUserSchema(AutoSchema): def get_serializer_fields(self, path, method): return [ coreapi.Field( - name='playlist_id', + name='email', location='form', required=False, - schema=coreschema.Integer(description='ID плейлиста') + schema=coreschema.String(description='Email пользователя') ), coreapi.Field( - name='songs_id', + name='old_password', location='form', required=False, - schema=coreschema.Array(description='ID треков') + schema=coreschema.String(description='Старый пароль') ), - ] """ \ No newline at end of file + coreapi.Field( + name='password', + location='form', + required=False, + schema=coreschema.String(description='Новый пароль') + ), + ] \ No newline at end of file diff --git a/server/proj/account/views.py b/server/proj/account/views.py index 2f20787..59887c5 100644 --- a/server/proj/account/views.py +++ b/server/proj/account/views.py @@ -5,10 +5,13 @@ from rest_framework_simplejwt.views import TokenObtainPairView from rest_framework.decorators import action from rest_framework import status from django.core.mail import send_mail -from django.contrib.auth.hashers import make_password +from django.contrib.auth.hashers import make_password, check_password from conf import settings from account.serializers import MyUserSerializer, MyTokenObtainPairSerializer from account.models import MyUser +from .schemas import UpdateUserSchema + + PermissionClass = IsAuthenticated if not settings.DEBUG else AllowAny class MyTokenObtainPairView(TokenObtainPairView): @@ -53,17 +56,21 @@ class MyUserViewSet(ViewSet): token_serializer.is_valid(raise_exception=True) return Response(token_serializer.validated_data, status=status.HTTP_201_CREATED) - @action(detail=False, methods=['post']) + @action(detail=False, methods=['post'], schema=UpdateUserSchema()) def update_user(self, request): - if 'email' in request.data: - del request.data['email'] - if 'password' in request.data: - request.data['password'] = make_password(request.data['password']) - serializer = MyUserSerializer(request.user, data=request.data, partial=True) - serializer.is_valid(raise_exception=True) - serializer.save() + password = request.user.password - return Response(serializer.data) + if check_password(request.data['old_password'], password): + if 'email' in request.data: + del request.data['email'] + if 'password' in request.data: + request.data['password'] = make_password(request.data['password']) + serializer = MyUserSerializer(request.user, data=request.data, partial=True) + serializer.is_valid(raise_exception=True) + serializer.save() + return Response(serializer.data) + else: + return Response({'error':'Неверный старый пароль'}, status=status.HTTP_400_BAD_REQUEST) @action(detail=False, methods=['post']) def password_reset_user(self, request):