import re
def validate_email(email):
return re.match('\w+@\w+\.\w', email)
def validate_password(password):
return re.match('(?=.*[a-zA-Z])(?=.*\d)(?=.*[?!@#$%^&*-]).{8,}', password)
import json, bcrypt, jwt
from django.http import JsonResponse
from django.views import View
from users.models import User
from users.validators import validate_email, validate_password
from my_settings import SECRET_KEY, ALGORITHM
class SignUpView(View):
def post(self, request):
DEFAULT_POINT = 100000
try:
data = json.loads(request.body)
username = data['username']
email = data['email']
password = data['password']
phone_number = data['phone_number']
address = data['address']
hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8')
if not validate_email(email):
return JsonResponse({'message':'INVALID EMAIL'}, status=400)
if not validate_password(password):
return JsonResponse({'message':'INVALID PASSWORD'}, status=400)
if User.objects.filter(email = email).exists():
return JsonResponse({'message':'E-MAIL ALREADY EXISTED'}, status=400)
User.objects.create(
username = username,
email = email,
password = hashed_password,
phone_number = phone_number,
address = address,
point = DEFAULT_POINT,
)
return JsonResponse({'message':'SUCCESS'}, status=201)
except KeyError:
return JsonResponse({'message':'KEY_ERROR'},status=400)
class LogInView(View):
def post(self, request):
data = json.loads(request.body)
try:
email = data['email']
password = data['password']
user = User.objects.get(email = email)
hashed_password = user.password.encode('utf-8')
access_token = jwt.encode({'user_id':user.id}, SECRET_KEY, ALGORITHM)
if not bcrypt.checkpw(password.encode('utf-8'), hashed_password):
return JsonResponse({'message' : 'INVALID_USER'}, status = 401)
return JsonResponse({'message':'SUCCESS', 'access_token':access_token}, status=200)
except KeyError:
return JsonResponse({'message':'KEY_ERROR'}, status=400)
except User.DoesNotExist:
return JsonResponse({'message':'DOES NOT EXIST USER'}, status = 400)
from django.urls import path
from .views import SignUpView, LogInView
urlpatterns = [
path('/signup', SignUpView.as_view()),
path('/login', LogInView.as_view()),
]
import jwt
from django.http import JsonResponse
from users.models import User
from my_settings import SECRET_KEY, ALGORITHM
def login_required(func):
def wrapper(self, request, *args, **kwargs):
if 'Authorization' not in request.headers:
return JsonResponse ({'message' : 'UNAUTHORIZED'}, status=401)
try:
access_token = request.headers.get('Authorization')
payload = jwt.decode(access_token, SECRET_KEY, ALGORITHM)
request.user = User.objects.get(id = payload['user_id'])
except jwt.DecodeError:
return JsonResponse({'message': 'INVALID_TOKEN'}, status = 401)
except User.DoesNotExist:
return JsonResponse({'message': 'USER_DOES_NOT_EXIST'}, status = 400)
return func(self, request, *args, **kwargs)
return wrapper