[WEB-1309] fix: auth fixes (#4456)

* dev: magic link login and email password disable * dev: user account deactivation * dev: change nginx conf routes * feat: changemod space * fix: space app dir fixes * dev: invalidate cache for instances when creating workspace * dev: update email templates for test email * dev: fix build errors * fix: auth fixes and improvement (#4452) * chore: change password api updated and missing password error code added * chore: auth helper updated * chore: disable send code input suggestion * chore: change password function updated * fix: application error on sign in page * chore: change password validation added and enhancement * dev: space base path in web * dev: admin user deactivated * dev: user and instance admin session endpoint * fix: last_workspace_id endpoint updated * fix: magic sign in and email password check added --------- Co-authored-by: pablohashescobar <nikhilschacko@gmail.com> Co-authored-by: sriram veeraghanta <veeraghanta.sriram@gmail.com> Co-authored-by: guru_sainath <gurusainath007@gmail.com>
2024-05-14 20:53:51 +05:30 · 2024-05-14 20:53:51 +05:30 · 9b7b23f5a2
commit 9b7b23f5a2
parent ab6f1ef780
44 changed files with 1114 additions and 319 deletions
--- a/apiserver/plane/app/views/init.py
+++ b/apiserver/plane/app/views/init.py
@ -222,4 +222,4 @@ from .error_404 import custom_404_view

 from .exporter.base import ExportIssuesEndpoint
 from .notification.base import MarkAllReadNotificationViewSet
-from .user.base import AccountEndpoint, ProfileEndpoint
+from .user.base import AccountEndpoint, ProfileEndpoint, UserSessionEndpoint
--- a/apiserver/plane/app/views/user/base.py
+++ b/apiserver/plane/app/views/user/base.py
@ -6,6 +6,7 @@ from django.utils import timezone
 # Third party imports
 from rest_framework import status
 from rest_framework.response import Response
+from rest_framework.permissions import AllowAny

 # Module imports
 from plane.app.serializers import (
@ -180,6 +181,25 @@ class UserEndpoint(BaseViewSet):
        return Response(status=status.HTTP_204_NO_CONTENT)


+class UserSessionEndpoint(BaseAPIView):
+
+    permission_classes = [
+        AllowAny,
+    ]
+
+    def get(self, request):
+        if request.user.is_authenticated:
+            user = User.objects.get(pk=request.user.id)
+            serializer = UserMeSerializer(user)
+            data = {"is_authenticated": True}
+            data["user"] = serializer.data
+            return Response(data, status=status.HTTP_200_OK)
+        else:
+            return Response(
+                {"is_authenticated": False}, status=status.HTTP_200_OK
+            )
+
+
 class UpdateUserOnBoardedEndpoint(BaseAPIView):

    @invalidate_cache(path="/api/users/me/")
--- a/apiserver/plane/app/views/workspace/base.py
+++ b/apiserver/plane/app/views/workspace/base.py
@ -96,6 +96,7 @@ class WorkSpaceViewSet(BaseViewSet):

    @invalidate_cache(path="/api/workspaces/", user=False)
    @invalidate_cache(path="/api/users/me/workspaces/")
+    @invalidate_cache(path="/api/instances/", user=False)
    def create(self, request):
        try:
            serializer = WorkSpaceSerializer(data=request.data)
@ -151,8 +152,12 @@ class WorkSpaceViewSet(BaseViewSet):
        return super().partial_update(request, *args, **kwargs)

    @invalidate_cache(path="/api/workspaces/", user=False)
-    @invalidate_cache(path="/api/users/me/workspaces/", multiple=True, user=False)
-    @invalidate_cache(path="/api/users/me/settings/", multiple=True, user=False)
+    @invalidate_cache(
+        path="/api/users/me/workspaces/", multiple=True, user=False
+    )
+    @invalidate_cache(
+        path="/api/users/me/settings/", multiple=True, user=False
+    )
    def destroy(self, request, *args, **kwargs):
        return super().destroy(request, *args, **kwargs)