Fakultas Ilmu Komputer UI

accounts.py 5.26 KB
Newer Older
1
import requests
2
from django.contrib.auth import authenticate, login
3
from django.contrib.auth.models import User
4
from rest_framework import viewsets, status
5
from rest_framework.decorators import list_route
6
from rest_framework.permissions import AllowAny
7
from rest_framework.permissions import IsAdminUser, IsAuthenticated
8
9
from rest_framework.response import Response

10
11
from core.lib.permissions import IsAdminOrStudent, IsAdminOrSelfOrReadOnly, IsAdminOrCompany, IsAdminOrSupervisor
from core.models.accounts import Student, Company, Supervisor
12
13
from core.serializers.accounts import UserSerializer, StudentSerializer, CompanySerializer, SupervisorSerializer, \
    LoginSerializer
14

15

16
17
18
class UserViewSet(viewsets.ModelViewSet):
    queryset = User.objects.all()
    serializer_class = UserSerializer
19
    permission_classes = [IsAdminUser]
20

21
    @list_route(methods=['get'], permission_classes=[IsAuthenticated])
22
    def me(self, request):
23
24
25
        """
        Get current user's details
        """
26
27
28
29
        user = self.request.user
        serializer = UserSerializer(user, context={"request": request})
        return Response(serializer.data)

30
31
32
33
34
35
36
    def get_permissions(self):
        if self.action == "update":
            return [IsAdminOrSelfOrReadOnly(), IsAuthenticated()]
        if self.action == "create":
            return [AllowAny()]
        return super(UserViewSet, self).get_permissions()

37

38
39
40
class StudentViewSet(viewsets.ModelViewSet):
    queryset = Student.objects.all()
    serializer_class = StudentSerializer
41
42
43
44
45
46
    permission_classes = [IsAdminUser]

    def get_permissions(self):
        if self.action == "update":
            return [IsAdminOrSelfOrReadOnly(), IsAdminOrStudent()]
        return super(StudentViewSet, self).get_permissions()
47

48
49
50
51

class CompanyViewSet(viewsets.ModelViewSet):
    queryset = Company.objects.all()
    serializer_class = CompanySerializer
52
    permission_classes = [IsAdminOrSelfOrReadOnly, IsAdminOrCompany]
53
54
55
56
57


class SupervisorViewSet(viewsets.ModelViewSet):
    queryset = Supervisor.objects.all()
    serializer_class = SupervisorSerializer
58
    permission_classes = [IsAdminOrSelfOrReadOnly, IsAdminOrSupervisor]
59

60

61
62
class LoginViewSet(viewsets.GenericViewSet):
    permission_classes = (AllowAny, )
63
    serializer_class = LoginSerializer
64
65
66
67
    queryset = User.objects.all()

    def create(self, request):
        """
68
        Authentication for user by means of logging in
69
70
        ---
        parameters:
71
72
73
74
75
            - name: body
              description: JSON object containing three strings: username, password and login-type. login-type should be either 'sso-ui' or 'company'.
              required: true
              type: string
              paramType: body
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
        """
        username = request.data.get('username')
        password = request.data.get('password')
        login_type = request.data.get('login-type')
        if username is None or password is None or login_type is None:
            return Response(status=status.HTTP_400_BAD_REQUEST)
        if login_type == "sso-ui":
            r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
                              json={"username": username, "password": password})
            resp = r.json()
            if resp.get('state') != 0:
                # create user
                name = resp.get('nama').split(" ")
                first_name = name[0]
                name.pop(0)
                last_name = " ".join(name)
                user, created = User.objects.get_or_create(
                    username=username,
                    email=username + "@ui.ac.id",
                    first_name=first_name,
                    last_name=last_name
                )
                user.set_password(password)
                user.save()
                login(request, user)
                if created:
                    if resp.get('nama_role') == "mahasiswa":
                        student = Student.objects.create(
                            user=user,
                            npm=resp.get("kodeidentitas"),
                            resume=None,
                            phone_number=None
                        )
                        student.save()
                    else:
                        supervisor = Supervisor.objects.create(
                            user=user,
                            nip=resp.get("kodeidentitas")
                        )
                        supervisor.save()
116
117
118
119
                    serializer = LoginSerializer(user, context={'request': request})
                    return Response(serializer.data, status=status.HTTP_201_CREATED)
                serializer = LoginSerializer(user, context={'request': request})
                return Response(serializer.data, status=status.HTTP_200_OK)
120
121
            else:
                return Response(status=status.HTTP_401_UNAUTHORIZED)
122
        elif login_type == "company":
123
124
125
            user = authenticate(username = username, password = password)
            if user is not None:
                login(request, user)
126
127
                serializer = LoginSerializer(user, context={'request': request})
                return Response(serializer.data, status=status.HTTP_200_OK)
128
129
            else:
                return Response(status=status.HTTP_401_UNAUTHORIZED)
130
131
        else:
            return Response(status=status.HTTP_400_BAD_REQUEST)