From b121c2413bb8edb6e9ee86f70e98f5239491ee29 Mon Sep 17 00:00:00 2001 From: Joseba S Date: Wed, 22 May 2024 23:45:39 +0200 Subject: [PATCH] #140 - added api endpoint to reset password --- api/urls.py | 3 ++- api/views/auth.py | 41 ++++++++++++++++++++--------------------- 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/api/urls.py b/api/urls.py index e7fc752..bb12d62 100644 --- a/api/urls.py +++ b/api/urls.py @@ -3,7 +3,7 @@ from fcm_django.api.rest_framework import FCMDeviceAuthorizedViewSet from api.views import NodeViewSet, ProviderViewSet, CategoryViewSet -from api.views.auth import LoginView, LogoutView +from api.views.auth import LoginView, LogoutView, ResetPasswordView from api.views.benefits import BenefitsViewSet from api.views.consumer import ConsumerViewSet from api.views.member_status import MemberStatusViewSet @@ -24,6 +24,7 @@ path("v2/", include(router.urls)), path("v2/login/", LoginView.as_view()), path("v2/logout/", LogoutView.as_view()), + path("v2/reset_password/", ResetPasswordView.as_view()), path("v2/member_status/", MemberStatusViewSet.as_view()), re_path(r"v2/nodes/(?P\d+)/consumer/", ConsumerViewSet.as_view()), diff --git a/api/views/auth.py b/api/views/auth.py index 97dcca2..024fe63 100644 --- a/api/views/auth.py +++ b/api/views/auth.py @@ -9,6 +9,7 @@ from rest_framework.views import APIView from django.utils.translation import gettext_lazy as _ +from authentication.forms.password import PasswordReset from authentication.models.api_token import APIToken from market.models import Account, Provider @@ -121,24 +122,22 @@ def delete(self, request, format=None): user = APIToken.objects.get(pk=request.user.auth_token).user user.delete() logout(request) - return Response( - status=status.HTTP_200_OK, - data={'response': _('Usuario eliminado con éxito.')} - ) - -# -# class ResetPasswordView(APIView): -# permission_classes = (AllowAny,) -# -# def post(self, request, *args, **kwargs): -# user_email = request.data['email'] -# logger.info(f"Starting reset password process for user [{user_email}]") -# try: -# user = User.objects.get(email=user_email) -# reset_password_token, created = ResetPasswordToken.objects.update_or_create(user=user) -# except User.DoesNotExist: -# return Response(status=status.HTTP_404_NOT_FOUND) -# -# email.send_email(user, email.RESET_PASSWORD_EMAIL, {"reset_password_token": reset_password_token.key}) -# return Response(status=status.HTTP_200_OK) -# + return Response(status=status.HTTP_200_OK, data={'response': _('Usuario eliminado con éxito.')} ) + + +class ResetPasswordView(APIView): + permission_classes = (AllowAny,) + + def post(self, request, *args, **kwargs): + email = request.data.get('email') + logger.info(f"Starting reset password process for email [{email}]") + try: + User.objects.get(email=email) + reset_form = PasswordReset(request.data) + if reset_form.is_valid(): + reset_form.save() + return Response(status=status.HTTP_200_OK) + else: + return Response(status=status.HTTP_400_BAD_REQUEST, data=reset_form.errors) + except User.DoesNotExist: + return Response(status=status.HTTP_404_NOT_FOUND)