Skip to content

Commit

Permalink
Merge pull request #134 from HE-Arc/133-update-authentication-methode
Browse files Browse the repository at this point in the history
add permission in method, remove try catch in api_clients and add min…
  • Loading branch information
Strogator authored Apr 17, 2024
2 parents dbad49a + 5519cd8 commit 0652db0
Show file tree
Hide file tree
Showing 5 changed files with 22 additions and 31 deletions.
3 changes: 2 additions & 1 deletion api/masteriqapp/views/AuthenticationView.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,11 @@

masteriq = apps.get_app_config("masteriqapp")


class AuthenticationView(viewsets.ViewSet):
category_model = masteriq.get_model("Category")
iq_model = masteriq.get_model("IQ")

@action(detail=False, methods=['POST'], permission_classes=[AllowAny])
def login(self, request):
username = request.data.get('username')
Expand Down Expand Up @@ -47,4 +49,3 @@ def create_iq_objects_for_new_user(self, user):
already_existing_entry = self.iq_model.objects.get_iq_of_user_in_category(user=user, category=category)
except masteriqapp.models.IQ.DoesNotExist:
self.iq_model.objects.create(user=user, category=category, iq=100)

12 changes: 6 additions & 6 deletions api/masteriqapp/views/QuestionView.py
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ class QuestionView(viewsets.ViewSet):
queryset = category_model.objects.all()
permission_classes = (IsAuthenticated,)

@action(detail=True, methods=["GET"])
@action(detail=True, methods=["GET"], permission_classes=[IsAuthenticated])
def new(self, request, pk):
category = get_object_or_404(self.queryset, pk=pk)
if 'question' in request.session:
Expand All @@ -66,7 +66,7 @@ def new(self, request, pk):
serializer = QuestionSerializer(new_question)
return Response(serializer.data, status=status.HTTP_200_OK)

@action(detail=False, methods=["POST"])
@action(detail=False, methods=["POST"], permission_classes=[IsAuthenticated])
def new_community(self, request):
datas = request.data
if not ('question' in datas and 'answer' in datas and 'options' in datas):
Expand Down Expand Up @@ -102,7 +102,7 @@ def new_community(self, request):

return Response(question_serializer.data, status=status.HTTP_201_CREATED)

@action(detail=False, methods=["GET"])
@action(detail=False, methods=["GET"], permission_classes=[IsAuthenticated])
def options(self, request):
if not 'question' in request.session:
return Response(status=449, data={"error": "No question being answered at the moment"})
Expand All @@ -114,7 +114,7 @@ def options(self, request):
data_to_send['options'][option.id] = option.text
return Response(status=status.HTTP_200_OK, data=data_to_send)

@action(detail=False, methods=["POST"], url_path="answer_text")
@action(detail=False, methods=["POST"], url_path="answer_text", permission_classes=[IsAuthenticated])
def answer_text(self, request):
if not 'answer' in request.data:
return Response(status=status.HTTP_400_BAD_REQUEST, data={"error": "No answer given"})
Expand All @@ -139,7 +139,7 @@ def answer_text(self, request):
del request.session['options_asked']
return Response(status=status.HTTP_200_OK, data=data_to_send)

@action(detail=False, methods=["POST"], url_path="answer_option")
@action(detail=False, methods=["POST"], url_path="answer_option", permission_classes=[IsAuthenticated])
def answer_options(self, request):
if not 'answer' in request.data:
return Response(status=status.HTTP_400_BAD_REQUEST, data={"error": "No answer given"})
Expand Down Expand Up @@ -167,7 +167,7 @@ def answer_options(self, request):
del request.session['options_asked']
return Response(status=status.HTTP_200_OK, data=data_to_send)

@action(detail=False, methods=["GET"])
@action(detail=False, methods=["GET"], permission_classes=[IsAuthenticated])
def options_asked(self, request):
if not 'question' in request.session or not 'options_asked' in request.session:
data_to_send = {"options_asked": False}
Expand Down
36 changes: 12 additions & 24 deletions frontend/src/api_client.js
Original file line number Diff line number Diff line change
Expand Up @@ -174,15 +174,11 @@ export default
*/
static async registerUser(username, password) {
csrftoken = getCookie('csrftoken');
try {
const response = await axios.post('/api/user/register/', {
username,
password
});
return response.data;
} catch (error) {
throw new Error('Error registering user: ' + error.message);
}
const response = await axios.post('/api/user/register/', {
username,
password
});
return response.data;
}

/**
Expand All @@ -193,15 +189,11 @@ export default
*/
static async loginUser(username, password) {
csrftoken = getCookie('csrftoken');
try {
const response = await axios.post('/api/user/login/', {
username,
password
});
return response.data;
} catch (error) {
throw new Error('Error logging in: ' + error.message);
}
const response = await axios.post('/api/user/login/', {
username,
password
});
return response.data;
}

/**
Expand All @@ -227,12 +219,8 @@ export default
*/
static async logOutUser() {
csrftoken = getCookie('csrftoken');
try {
const response = await axios.post('/api/user/logout/',);
return response.data;
} catch (error) {
throw new Error('Error logging out: ' + error.message);
}
const response = await axios.post('/api/user/logout/',);
return response.data;
}
}

1 change: 1 addition & 0 deletions frontend/src/views/Authentication/LoginView.vue
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ const login = async () => {
display: flex;
flex-direction: column;
align-items: center;
min-height: 80vh;
}
.title, .info {
Expand Down
1 change: 1 addition & 0 deletions frontend/src/views/Authentication/RegisterView.vue
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ const register = async () => {
display: flex;
flex-direction: column;
align-items: center;
min-height: 80vh;
}
.title, .info {
Expand Down

0 comments on commit 0652db0

Please sign in to comment.