From 215a2607008b92d8f5fc082fc3a36cc4daf97910 Mon Sep 17 00:00:00 2001 From: Tom Hacohen Date: Sun, 31 May 2020 16:13:43 +0300 Subject: [PATCH] Login: use only the username (not email) for login. We may add support for email in the future. --- django_etesync/serializers.py | 8 +------- django_etesync/views.py | 20 +++++++------------- 2 files changed, 8 insertions(+), 20 deletions(-) diff --git a/django_etesync/serializers.py b/django_etesync/serializers.py index f117b31..337f695 100644 --- a/django_etesync/serializers.py +++ b/django_etesync/serializers.py @@ -381,13 +381,7 @@ class AuthenticationSignupSerializer(serializers.Serializer): class AuthenticationLoginChallengeSerializer(serializers.Serializer): - username = serializers.CharField(required=False) - email = serializers.EmailField(required=False) - - def validate(self, data): - if not data.get('email') and not data.get('username'): - raise serializers.ValidationError('Either email or username must be set') - return data + username = serializers.CharField(required=True) def create(self, validated_data): raise NotImplementedError() diff --git a/django_etesync/views.py b/django_etesync/views.py index 52d3531..ac7a007 100644 --- a/django_etesync/views.py +++ b/django_etesync/views.py @@ -579,17 +579,9 @@ class AuthenticationViewSet(viewsets.ViewSet): data = self.login_response_data(user) return Response(data, status=status.HTTP_201_CREATED) - def get_login_user(self, serializer): - username = serializer.validated_data.get('username') - email = serializer.validated_data.get('email') - if username: - kwargs = {User.USERNAME_FIELD: username} - user = get_object_or_404(self.get_queryset(), **kwargs) - elif email: - kwargs = {User.EMAIL_FIELD: email} - user = get_object_or_404(self.get_queryset(), **kwargs) - - return user + def get_login_user(self, username): + kwargs = {User.USERNAME_FIELD: username} + return get_object_or_404(self.get_queryset(), **kwargs) @action_decorator(detail=False, methods=['POST']) def login_challenge(self, request): @@ -597,7 +589,8 @@ class AuthenticationViewSet(viewsets.ViewSet): serializer = AuthenticationLoginChallengeSerializer(data=request.data) if serializer.is_valid(): - user = self.get_login_user(serializer) + username = serializer.validated_data.get('username') + user = self.get_login_user(username) salt = bytes(user.userinfo.salt) enc_key = self.get_encryption_key(salt) @@ -631,7 +624,8 @@ class AuthenticationViewSet(viewsets.ViewSet): serializer = AuthenticationLoginInnerSerializer(data=response, context={'host': request.get_host()}) if serializer.is_valid(): - user = self.get_login_user(serializer) + username = serializer.validated_data.get('username') + user = self.get_login_user(username) host = serializer.validated_data['host'] challenge = serializer.validated_data['challenge']