diff --git a/apiserver/plane/api/urls.py b/apiserver/plane/api/urls.py index 98c2e87d2..4af139bf5 100644 --- a/apiserver/plane/api/urls.py +++ b/apiserver/plane/api/urls.py @@ -5,7 +5,6 @@ from django.urls import path from plane.api.views import ( # Authentication - SignUpEndpoint, SignInEndpoint, SignOutEndpoint, MagicSignInEndpoint, @@ -95,7 +94,6 @@ urlpatterns = [ path("social-auth/", OauthEndpoint.as_view(), name="oauth"), # Auth path("sign-in/", SignInEndpoint.as_view(), name="sign-in"), - path("sign-up/", SignUpEndpoint.as_view(), name="sign-up"), path("sign-out/", SignOutEndpoint.as_view(), name="sign-out"), # Magic Sign In/Up path( diff --git a/apiserver/plane/api/views/__init__.py b/apiserver/plane/api/views/__init__.py index 1212e0dca..4fb565e8d 100644 --- a/apiserver/plane/api/views/__init__.py +++ b/apiserver/plane/api/views/__init__.py @@ -64,7 +64,6 @@ from .auth_extended import ( from .authentication import ( - SignUpEndpoint, SignInEndpoint, SignOutEndpoint, MagicSignInEndpoint, diff --git a/apiserver/plane/api/views/auth_extended.py b/apiserver/plane/api/views/auth_extended.py index 487d10a22..56dc091f4 100644 --- a/apiserver/plane/api/views/auth_extended.py +++ b/apiserver/plane/api/views/auth_extended.py @@ -84,7 +84,7 @@ class ForgotPasswordEndpoint(BaseAPIView): ) return Response( - {"messgae": "Check your email to reset your password"}, + {"message": "Check your email to reset your password"}, status=status.HTTP_200_OK, ) return Response( diff --git a/apiserver/plane/api/views/authentication.py b/apiserver/plane/api/views/authentication.py index ac218837d..58d75a049 100644 --- a/apiserver/plane/api/views/authentication.py +++ b/apiserver/plane/api/views/authentication.py @@ -35,7 +35,7 @@ def get_tokens_for_user(user): ) -class SignUpEndpoint(BaseAPIView): +class SignInEndpoint(BaseAPIView): permission_classes = (AllowAny,) def post(self, request): @@ -62,114 +62,67 @@ class SignUpEndpoint(BaseAPIView): user = User.objects.filter(email=email).first() - if user is not None: - return Response( - {"error": "Email ID is already taken"}, - status=status.HTTP_400_BAD_REQUEST, - ) + # Sign up Process + if user is None: + user = User.objects.create(email=email, username=uuid.uuid4().hex) + user.set_password(password) - user = User.objects.create(email=email) - user.set_password(password) + # settings last actives for the user + user.last_active = timezone.now() + user.last_login_time = timezone.now() + user.last_login_ip = request.META.get("REMOTE_ADDR") + user.last_login_uagent = request.META.get("HTTP_USER_AGENT") + user.token_updated_at = timezone.now() + user.save() - # settings last actives for the user - user.last_active = timezone.now() - user.last_login_time = timezone.now() - user.last_login_ip = request.META.get("REMOTE_ADDR") - user.last_login_uagent = request.META.get("HTTP_USER_AGENT") - user.token_updated_at = timezone.now() - user.save() + serialized_user = UserSerializer(user).data - serialized_user = UserSerializer(user).data + access_token, refresh_token = get_tokens_for_user(user) - access_token, refresh_token = get_tokens_for_user(user) + data = { + "access_token": access_token, + "refresh_token": refresh_token, + "user": serialized_user, + } - data = { - "access_token": access_token, - "refresh_token": refresh_token, - "user": serialized_user, - } + return Response(data, status=status.HTTP_200_OK) + # Sign in Process + else: + if not user.check_password(password): + return Response( + { + "error": "Sorry, we could not find a user with the provided credentials. Please try again." + }, + status=status.HTTP_403_FORBIDDEN, + ) + if not user.is_active: + return Response( + { + "error": "Your account has been deactivated. Please contact your site administrator." + }, + status=status.HTTP_403_FORBIDDEN, + ) - return Response(data, status=status.HTTP_200_OK) + serialized_user = UserSerializer(user).data - except Exception as e: - capture_exception(e) - return Response( - { - "error": "Something went wrong. Please try again later or contact the support team." - }, - status=status.HTTP_400_BAD_REQUEST, - ) + # settings last active for the user + user.last_active = timezone.now() + user.last_login_time = timezone.now() + user.last_login_ip = request.META.get("REMOTE_ADDR") + user.last_login_uagent = request.META.get("HTTP_USER_AGENT") + user.token_updated_at = timezone.now() + user.save() + access_token, refresh_token = get_tokens_for_user(user) -class SignInEndpoint(BaseAPIView): - permission_classes = (AllowAny,) + data = { + "access_token": access_token, + "refresh_token": refresh_token, + "user": serialized_user, + } - def post(self, request): - try: - email = request.data.get("email", False) - password = request.data.get("password", False) + return Response(data, status=status.HTTP_200_OK) - ## Raise exception if any of the above are missing - if not email or not password: - return Response( - {"error": "Both email and password are required"}, - status=status.HTTP_400_BAD_REQUEST, - ) - - email = email.strip().lower() - - try: - validate_email(email) - except ValidationError as e: - return Response( - {"error": "Please provide a valid email address."}, - status=status.HTTP_400_BAD_REQUEST, - ) - - user = User.objects.get(email=email) - - if not user.check_password(password): - return Response( - { - "error": "Sorry, we could not find a user with the provided credentials. Please try again." - }, - status=status.HTTP_403_FORBIDDEN, - ) - if not user.is_active: - return Response( - { - "error": "Your account has been deactivated. Please contact your site administrator." - }, - status=status.HTTP_403_FORBIDDEN, - ) - - serialized_user = UserSerializer(user).data - - # settings last active for the user - user.last_active = timezone.now() - user.last_login_time = timezone.now() - user.last_login_ip = request.META.get("REMOTE_ADDR") - user.last_login_uagent = request.META.get("HTTP_USER_AGENT") - user.token_updated_at = timezone.now() - user.save() - - access_token, refresh_token = get_tokens_for_user(user) - - data = { - "access_token": access_token, - "refresh_token": refresh_token, - "user": serialized_user, - } - - return Response(data, status=status.HTTP_200_OK) - - except User.DoesNotExist: - return Response( - { - "error": "Sorry, we could not find a user with the provided credentials. Please try again." - }, - status=status.HTTP_403_FORBIDDEN, - ) except Exception as e: capture_exception(e) return Response(