Mirror/robosats
1
0
Fork 0
mirror of https://github.com/RoboSats/robosats.git synced 2025-01-18 20:21:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add login/logout, validates 1 order max, delete method for user

Browse Source
This commit is contained in:
Reckless_Satoshi 2022-01-02 17:31:28 -08:00
parent 225c142cd9
commit 80e0ca46fb
No known key found for this signature in database
GPG Key ID: 9C4585B561315571
3 changed files with 81 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
api/views.py
View File

@ -1,7 +1,7 @@
from rest_framework import status from rest_framework import status
from rest_framework.views import APIView from rest_framework.views import APIView
from rest_framework.response import Response from rest_framework.response import Response
from django.contrib.auth.backends import BaseBackend from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.models import User from django.contrib.auth.models import User
from .serializers import OrderSerializer, MakeOrderSerializer from .serializers import OrderSerializer, MakeOrderSerializer
@ -31,9 +31,15 @@ class MakeOrder(APIView):
premium = serializer.data.get('premium') premium = serializer.data.get('premium')
satoshis = serializer.data.get('satoshis') satoshis = serializer.data.get('satoshis')
################# user = User.objects.get(id=request.user.id)
# TODO
# query if the user is already a maker or taker, return error # query if the user is already a maker or taker, return error
queryset = Order.objects.filter(maker=request.user.id)
if queryset.exists():
return Response({'Bad Request':'You are already maker of an order'},status=status.HTTP_400_BAD_REQUEST)
queryset = Order.objects.filter(taker=request.user.id)
if queryset.exists():
return Response({'Bad Request':'You are already taker of an order'},status=status.HTTP_400_BAD_REQUEST)
# Creates a new order in db # Creates a new order in db
order = Order( order = Order(
@ -42,7 +48,8 @@ class MakeOrder(APIView):
amount=amount, amount=amount,
payment_method=payment_method, payment_method=payment_method,
premium=premium, premium=premium,
satoshis=satoshis) satoshis=satoshis,
maker=user)
order.save() order.save()
if not serializer.is_valid(): if not serializer.is_valid():
@ -66,21 +73,17 @@ class OrderView(APIView):
print("It is only one!") print("It is only one!")
order = order[0] order = order[0]
data = self.serializer_class(order).data data = self.serializer_class(order).data
nickname = request.user.username
# TODO
# # Check if requester is participant in the order and add boolean to response
# user = authenticate(username=username, password=password)
# data['is_participant'] = any(user.id == order.maker, user.id == order.taker)
# if data['is_participant']: # Check if requester is participant in the order and add boolean to response
# return Response(data, status=status.HTTP_200_OK) data['is_participant'] = (str(order.maker) == nickname or str(order.taker) == nickname)
# else:
# # Non participants can't get access to the status or who is the taker
# data.pop(['status'],['taker'])
# return Response(data, status=status.HTTP_200_OK)
return Response(data, status=status.HTTP_200_OK) if data['is_participant']:
return Response(data, status=status.HTTP_200_OK)
else:
# Non participants should not see the status or who is the taker
data.pop('status','taker')
return Response(data, status=status.HTTP_200_OK)
return Response({'Order Not Found':'Invalid Order Id'},status=status.HTTP_404_NOT_FOUND) return Response({'Order Not Found':'Invalid Order Id'},status=status.HTTP_404_NOT_FOUND)
@ -150,9 +153,19 @@ class UserGenerator(APIView):
# why? It is unlikely but there is only 20 billion names # why? It is unlikely but there is only 20 billion names
# but if the token is not exact # but if the token is not exact
# TODO Keep user authenticated. user = authenticate(request, username=nickname, password=token)
# BaseBackend.authenticate(self, request=None,username=nickname, password=token) if user is not None:
login(request, user)
return Response(context, status=status.HTTP_201_CREATED) return Response(context, status=status.HTTP_201_CREATED)
def delete(self,request):
user = User.objects.get(id = request.user.id)
if user is not None:
logout(request)
user.delete()
return Response(status=status.HTTP_301_MOVED_PERMANENTLY)
return Response(status=status.HTTP_403_FORBIDDEN)

40
frontend/src/components/UserGenPage.js
View File

@ -3,13 +3,30 @@ import { Button , Grid, Typography, TextField, Select, FormHelperText, MenuItem,
import { Link } from 'react-router-dom' import { Link } from 'react-router-dom'
import Image from 'material-ui-image' import Image from 'material-ui-image'
function getCookie(name) {
let cookieValue = null;
if (document.cookie && document.cookie !== '') {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
const csrftoken = getCookie('csrftoken');
export default class UserGenPage extends Component { export default class UserGenPage extends Component {
constructor(props) { constructor(props) {
super(props); super(props);
this.state = { this.state = {
token: this.genBase62Token(32), token: this.genBase62Token(32),
}; };
this.getGenerateUser(); this.getGeneratedUser();
} }
// sort of cryptographically strong function to generate Base62 token client-side // sort of cryptographically strong function to generate Base62 token client-side
@ -23,7 +40,7 @@ export default class UserGenPage extends Component {
.substring(0, length); .substring(0, length);
} }
getGenerateUser() { getGeneratedUser() {
fetch('/api/usergen' + '?token=' + this.state.token) fetch('/api/usergen' + '?token=' + this.state.token)
.then((response) => response.json()) .then((response) => response.json())
.then((data) => { .then((data) => {
@ -38,22 +55,34 @@ export default class UserGenPage extends Component {
}); });
} }
delGeneratedUser() {
const requestOptions = {
method: 'DELETE',
headers: {'Content-Type':'application/json', 'X-CSRFToken': csrftoken},
};
fetch("/api/usergen", requestOptions)
.then((response) => response.json())
.then((data) => console.log(data));
}
// Fix next two handler functions so they work sequentially // Fix next two handler functions so they work sequentially
// at the moment they make the request generate a new user in parallel // at the moment they make the request generate a new user in parallel
// to updating the token in the state. So the it works a bit weird. // to updating the token in the state. So the it works a bit weird.
handleAnotherButtonPressed=(e)=>{ handleAnotherButtonPressed=(e)=>{
this.delGeneratedUser()
this.setState({ this.setState({
token: this.genBase62Token(32), token: this.genBase62Token(32),
}) })
this.getGenerateUser(); this.getGeneratedUser();
} }
handleChangeToken=(e)=>{ handleChangeToken=(e)=>{
this.delGeneratedUser()
this.setState({ this.setState({
token: e.target.value, token: e.target.value,
}) })
this.getGenerateUser(); this.getGeneratedUser();
} }
render() { render() {
@ -76,8 +105,8 @@ export default class UserGenPage extends Component {
<div style={{ maxWidth: 200, maxHeight: 200 }}> <div style={{ maxWidth: 200, maxHeight: 200 }}>
<Image className='newAvatar' <Image className='newAvatar'
disableError='true' disableError='true'
animationDuration='1500'
cover='true' cover='true'
color='null'
src={this.state.avatar_url} src={this.state.avatar_url}
/> />
</div> </div>
@ -107,5 +136,4 @@ export default class UserGenPage extends Component {
</Grid> </Grid>
); );
} }
} }

15
frontend/src/components/getCookieToken.js Normal file
View File

@ -0,0 +1,15 @@
function getCookie(name) {
let cookieValue = null;
if (document.cookie && document.cookie !== '') {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}