From cc23d516a0c8aa64c522fded50b32169976bcbb7 Mon Sep 17 00:00:00 2001 From: Tom Hacohen Date: Wed, 3 Jun 2020 14:35:44 +0300 Subject: [PATCH] Add an endpoint to change password. --- django_etesync/serializers.py | 20 ++++++++++++++++++++ django_etesync/views.py | 9 +++++++++ 2 files changed, 29 insertions(+) diff --git a/django_etesync/serializers.py b/django_etesync/serializers.py index 5925e46..178c914 100644 --- a/django_etesync/serializers.py +++ b/django_etesync/serializers.py @@ -419,3 +419,23 @@ class AuthenticationLoginInnerSerializer(AuthenticationLoginChallengeSerializer) def update(self, instance, validated_data): raise NotImplementedError() + + +class AuthenticationChangePasswordSerializer(serializers.ModelSerializer): + loginPubkey = BinaryBase64Field() + encryptedContent = BinaryBase64Field() + + class Meta: + model = models.UserInfo + fields = ('loginPubkey', 'encryptedContent') + + def create(self, validated_data): + raise NotImplementedError() + + def update(self, instance, validated_data): + with transaction.atomic(): + instance.loginPubkey = validated_data.pop('loginPubkey') + instance.encryptedContent = validated_data.pop('encryptedContent') + instance.save() + + return instance diff --git a/django_etesync/views.py b/django_etesync/views.py index 3233b7b..71ae93f 100644 --- a/django_etesync/views.py +++ b/django_etesync/views.py @@ -48,6 +48,7 @@ from .models import ( ) from .serializers import ( b64encode, + AuthenticationChangePasswordSerializer, AuthenticationSignupSerializer, AuthenticationLoginChallengeSerializer, AuthenticationLoginSerializer, @@ -668,6 +669,14 @@ class AuthenticationViewSet(viewsets.ViewSet): # FIXME: expire the token - we need better token handling - using knox? Something else? return Response({}, status=status.HTTP_200_OK) + @action_decorator(detail=False, methods=['POST'], permission_classes=BaseViewSet.permission_classes) + def change_password(self, request): + serializer = AuthenticationChangePasswordSerializer(request.user.userinfo, data=request.data) + serializer.is_valid(raise_exception=True) + serializer.save() + + return Response(status=status.HTTP_200_OK) + class TestAuthenticationViewSet(viewsets.ViewSet): authentication_classes = BaseViewSet.authentication_classes