From fdd20042c1c98f1f740d01d83002f787688c413b Mon Sep 17 00:00:00 2001
From: Hafiyyan <hafiyyan94@gmail.com>
Date: Mon, 30 Sep 2019 14:36:11 +0700
Subject: [PATCH 1/5] Login sso fix
---
core/tests/test_accounts.py | 7 ++++--
core/tests/test_vacancies.py | 12 ++++++---
core/views/accounts.py | 19 ++++++--------
core/views/sso_login.py | 48 ++++++++++++++++++++++++++++++++++++
4 files changed, 69 insertions(+), 17 deletions(-)
create mode 100644 core/views/sso_login.py
diff --git a/core/tests/test_accounts.py b/core/tests/test_accounts.py
index 35458deb..25281a7c 100644
--- a/core/tests/test_accounts.py
+++ b/core/tests/test_accounts.py
@@ -8,6 +8,7 @@ from core.models.accounts import Company, Supervisor, Student
class LoginTests(APITestCase):
@requests_mock.Mocker()
def test_succesful_student_login_relogin(self, m):
+ m.get('https://akun.cs.ui.ac.id/oauth/token/verify/?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={"username": 'dummy.mahasiswa', "role": 'mahasiswa', "identity_number": '1234567890'}, status_code=200)
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
"username": "dummy.mahasiswa",
"nama": "Dummy Mahasiswa",
@@ -16,7 +17,7 @@ class LoginTests(APITestCase):
"kodeidentitas": "1234567890",
"nama_role": "mahasiswa"
}, status_code=200)
- m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890/', json={
+ m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={
"kota_lahir": "kota_kota",
"tgl_lahir": "2017-12-31",
"program": [{
@@ -35,6 +36,7 @@ class LoginTests(APITestCase):
@requests_mock.Mocker()
def test_successful_supervisor_login_relogin(self, m):
+ m.get('https://akun.cs.ui.ac.id/oauth/token/verify/?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={"username": 'dummy.mahasiswa', "role": 'mahasiswa', "identity_number": '1234567890'}, status_code=200)
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
"username": "dummy.dosen",
"nama": "Dummy Dosen",
@@ -106,6 +108,7 @@ class ProfileUpdateTests(APITestCase):
@requests_mock.Mocker()
def test_student_profile_update(self, m):
+ m.get('https://akun.cs.ui.ac.id/oauth/token/verify/?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={"username": 'dummy.mahasiswa', "role": 'mahasiswa', "identity_number": '1234567890'}, status_code=200)
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
"username": "dummy.mahasiswa",
"nama": "Dummy Mahasiswa",
@@ -114,7 +117,7 @@ class ProfileUpdateTests(APITestCase):
"kodeidentitas": "1234567890",
"nama_role": "mahasiswa"
}, status_code=200)
- m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890/', json={
+ m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={
"kota_lahir": "kota_kota",
"tgl_lahir": "2017-12-31",
"program": [{
diff --git a/core/tests/test_vacancies.py b/core/tests/test_vacancies.py
index 78cdc5a2..1667ac14 100644
--- a/core/tests/test_vacancies.py
+++ b/core/tests/test_vacancies.py
@@ -12,6 +12,7 @@ from core.models.vacancies import Vacancy, Application
class ApplicationTests(APITestCase):
@requests_mock.Mocker()
def test_application_list(self, m):
+ m.get('https://akun.cs.ui.ac.id/oauth/token/verify/?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={"username": 'dummy.mahasiswa', "role": 'mahasiswa', "identity_number": '1234567890'}, status_code=200)
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
"username": "dummy.mahasiswa",
"nama": "Dummy Mahasiswa",
@@ -20,7 +21,7 @@ class ApplicationTests(APITestCase):
"kodeidentitas": "1234567890",
"nama_role": "mahasiswa"
}, status_code=200)
- m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890/', json={
+ m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={
"kota_lahir": "kota_kota",
"tgl_lahir": "2017-12-31",
"program": [{
@@ -42,6 +43,7 @@ class ApplicationTests(APITestCase):
@requests_mock.Mocker()
def test_application_create_and_delete(self, m):
+ m.get('https://akun.cs.ui.ac.id/oauth/token/verify/?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={"username": 'dummy.mahasiswa', "role": 'mahasiswa', "identity_number": '1234567890'}, status_code=200)
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
"username": "dummy.mahasiswa",
"nama": "Dummy Mahasiswa",
@@ -50,7 +52,7 @@ class ApplicationTests(APITestCase):
"kodeidentitas": "1234567890",
"nama_role": "mahasiswa"
}, status_code=200)
- m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890/', json={
+ m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={
"kota_lahir": "kota_kota",
"tgl_lahir": "2017-12-31",
"program": [{
@@ -84,6 +86,7 @@ class ApplicationTests(APITestCase):
class BookmarkApplicationTests(APITestCase):
@requests_mock.Mocker()
def test_application_list(self, m):
+ m.get('https://akun.cs.ui.ac.id/oauth/token/verify/?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={"username": 'dummy.mahasiswa', "role": 'mahasiswa', "identity_number": '1234567890'}, status_code=200)
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
"username": "dummy.mahasiswa",
"nama": "Dummy Mahasiswa",
@@ -92,7 +95,7 @@ class BookmarkApplicationTests(APITestCase):
"kodeidentitas": "1234567890",
"nama_role": "mahasiswa"
}, status_code=200)
- m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890/', json={
+ m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={
"kota_lahir": "kota_kota",
"tgl_lahir": "2017-12-31",
"program": [{
@@ -114,6 +117,7 @@ class BookmarkApplicationTests(APITestCase):
@requests_mock.Mocker()
def test_application_create_and_delete(self, m):
+ m.get('https://akun.cs.ui.ac.id/oauth/token/verify/?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={"username": 'dummy.mahasiswa', "role": 'mahasiswa', "identity_number": '1234567890'}, status_code=200)
m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
"username": "dummy.mahasiswa",
"nama": "Dummy Mahasiswa",
@@ -122,7 +126,7 @@ class BookmarkApplicationTests(APITestCase):
"kodeidentitas": "1234567890",
"nama_role": "mahasiswa"
}, status_code=200)
- m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890/', json={
+ m.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/1234567890?client_id=X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG', json={
"kota_lahir": "kota_kota",
"tgl_lahir": "2017-12-31",
"program": [{
diff --git a/core/views/accounts.py b/core/views/accounts.py
index 0b74350f..9ea10d86 100644
--- a/core/views/accounts.py
+++ b/core/views/accounts.py
@@ -9,6 +9,7 @@ from rest_framework.parsers import FormParser,MultiPartParser
from rest_framework.permissions import AllowAny
from rest_framework.permissions import IsAdminUser, IsAuthenticated
from rest_framework.response import Response
+from .sso_login import get_access_token, verify_user, get_riwayat_user, get_summary_user
from core.lib.permissions import IsAdminOrStudent, IsAdminOrSelfOrReadOnly, IsAdminOrCompany, IsAdminOrSupervisor, \
IsAdminOrSupervisorOrCompanyOrSelf
@@ -81,14 +82,9 @@ class StudentViewSet(viewsets.ModelViewSet):
raise PermissionDenied("You are not allowed to see other student's transcript")
if student.show_transcript:
- s = requests.Session()
- credentials = settings.API_CS_CREDENTIALS
- s.get('https://api.cs.ui.ac.id/api-auth/login/')
- csrf = s.cookies['csrftoken']
- resp = s.post('https://api.cs.ui.ac.id/api-auth/login/',
- data={'username': credentials["user"], 'password': credentials["password"],
- 'csrfmiddlewaretoken': csrf})
- response = s.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/' + str(student.npm) + '/riwayat/')
+ access_token = get_access_token(credentials["user"], credentials["password"])
+ ver_user = verify_user(access_token)
+ response = get_riwayat_user(access_token, ver_user['identity_number'])
return Response({'name': student.full_name, 'transcript': response.json()}, status=status.HTTP_200_OK)
else:
return Response({'name': student.full_name, 'error': 'student does not allow transcript to be shown'},
@@ -146,7 +142,7 @@ class LoginViewSet(viewsets.GenericViewSet):
return Response(status=status.HTTP_400_BAD_REQUEST)
if login_type == "sso-ui":
r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
- json={"username": username, "password": password})
+ data={"username": username, "password": password})
resp = r.json()
if resp.get('state') != 0:
# create user
@@ -167,8 +163,9 @@ class LoginViewSet(viewsets.GenericViewSet):
login(request, user)
if created:
if resp.get('nama_role') == "mahasiswa":
- student_detail = requests.get('https://api.cs.ui.ac.id/siakngcs/mahasiswa/{}/'.format(resp.get("kodeidentitas")))
- resp_student_detail = student_detail.json()
+ access_token = get_access_token(username, password)
+ ver_user = verify_user(access_token)
+ resp_student_detail = get_summary_user(access_token, ver_user['identity_number'])
student = Student.objects.create(
user=user,
npm=resp.get("kodeidentitas"),
diff --git a/core/views/sso_login.py b/core/views/sso_login.py
new file mode 100644
index 00000000..669bf2be
--- /dev/null
+++ b/core/views/sso_login.py
@@ -0,0 +1,48 @@
+import requests
+
+API_MAHASISWA = "https://api.cs.ui.ac.id/siakngcs/mahasiswa/"
+API_RIWAYAT_MAHASISWA = API_MAHASISWA+'{npm}/riwayat/'
+API_VERIFY_USER = "https://akun.cs.ui.ac.id/oauth/token/verify/"
+def get_access_token(username, password):
+ try:
+ url = "https://akun.cs.ui.ac.id/oauth/token/"
+
+ payload = "username=" + username + "&password=" + password + "&grant_type=password"
+ headers = {
+ 'authorization': "Basic WDN6TmtGbWVwa2RBNDdBU05NRFpSWDNaOWdxU1UxTHd5d3U1V2VwRzpCRVFXQW43RDl6a2k3NEZ0bkNpWVhIRk50Ymg3eXlNWmFuNnlvMU1uaUdSVWNGWnhkQnBobUU5TUxuVHZiTTEzM1dsUnBwTHJoTXBkYktqTjBxcU9OaHlTNGl2Z0doczB0OVhlQ3M0Ym1JeUJLMldwbnZYTXE4VU5yTEFEMDNZeA==",
+ 'cache-control': "no-cache",
+ 'content-type': "application/x-www-form-urlencoded"
+ }
+ response = requests.request("POST", url, data=payload, headers=headers)
+
+ return response.json()["access_token"]
+ except Exception as e:
+ return None
+ # raise Exception("username atau password sso salah, input : [{}, {}]".format(username, password,))
+
+def get_client_id():
+ client_id = 'X3zNkFmepkdA47ASNMDZRX3Z9gqSU1Lwywu5WepG'
+ return client_id
+
+def verify_user(access_token):
+ print ("#get identity number")
+ parameters = {"access_token": access_token, "client_id": get_client_id()}
+ response = requests.get(API_VERIFY_USER, params=parameters)
+ print ("response => ", response.json())
+ return response.json()
+
+def get_summary_user(access_token, npm):
+ print ("#get summary user => ", npm)
+ parameters = {"access_token": access_token, "client_id": get_client_id()}
+ response = requests.get(API_MAHASISWA+str(npm), params=parameters)
+ print ("response => ", response.text)
+ print ("response => ", response.json())
+ return response.json()
+
+def get_riwayat_user(access_token, npm):
+ print ("#get riwayat user => ", npm)
+ parameters = {"access_token": access_token, "client_id": get_client_id()}
+ response = requests.get(API_RIWAYAT_MAHASISWA.format(npm=npm), params=parameters)
+ print ("response => ", response.text)
+ print ("response => ", response.json())
+ return response.json()
--
GitLab
From 467b2072416ed12ddad8113d0e78c4c7a536e5a4 Mon Sep 17 00:00:00 2001
From: muh riansyah <mriansyah93@gmail.com>
Date: Wed, 2 Oct 2019 13:20:15 +0700
Subject: [PATCH 2/5] start with merging my code from 1606887352-06 branch
---
assets/js/ProfilePage.jsx | 27 ++++++++++++++++++++++-----
core/serializers/accounts.py | 13 +++++++++++--
core/tests/test_accounts.py | 21 +++++++++++++++++++++
core/views/accounts.py | 8 +-------
4 files changed, 55 insertions(+), 14 deletions(-)
diff --git a/assets/js/ProfilePage.jsx b/assets/js/ProfilePage.jsx
index a9c0fc9f..3c1226f8 100644
--- a/assets/js/ProfilePage.jsx
+++ b/assets/js/ProfilePage.jsx
@@ -23,8 +23,8 @@ export default class ProfilePage extends React.Component {
major: '',
batch: '',
email: '',
- cityOfBirth: '',
- dateOfBirth: '',
+ birth_place: '',
+ birth_date: '',
resume: '',
phone_number: '',
show_transcript: '',
@@ -63,8 +63,8 @@ export default class ProfilePage extends React.Component {
major: data.major,
batch: data.batch,
email: data.user.email,
- cityOfBirth: data.birth_place,
- dateOfBirth: data.birth_date,
+ birth_place: data.birth_place,
+ birth_date: data.birth_date,
phone_number: data.phone_number,
photo: data.photo,
show_transcript: data.show_transcript,
@@ -92,6 +92,7 @@ export default class ProfilePage extends React.Component {
submitForm[key] = this.state.form[key];
}
});
+ console.log(submitForm)
this.setState({ loading: true });
Server.submit(`/students/${this.state.id}/profile/`, submitForm, 'PATCH').then(() => {
this.setState({ loading: false });
@@ -146,6 +147,22 @@ export default class ProfilePage extends React.Component {
<label htmlFor="photo">Profile Picture</label>
<input onChange={this.handleFile} placeholder="Profile Photo.jpg" name="photo" type="File" />
</Form.Field>
+ <Form.Field>
+ <label htmlFor="photo">Date of Birth (YYYY-MM-DD)</label>
+ <input onChange={this.handleChange} placeholder="1999-01-01" name="birth_date" />
+ </Form.Field>
+ <Form.Field>
+ <label htmlFor="photo">Birth Place</label>
+ <input onChange={this.handleChange} placeholder="Semarang" name="birth_place" />
+ </Form.Field>
+ <Form.Field>
+ <label htmlFor="photo">Major</label>
+ <input onChange={this.handleChange} placeholder="Ilmu Komputer" name="major" />
+ </Form.Field>
+ <Form.Field>
+ <label htmlFor="photo">Batch</label>
+ <input onChange={this.handleChange} placeholder="2016" name="batch" />
+ </Form.Field>
<Form.Field>
<label htmlFor="email">Email</label>
<input onChange={this.handleChange} placeholder="jojon@email.com" name="email" />
@@ -235,7 +252,7 @@ export default class ProfilePage extends React.Component {
<Icon name="gift" size="big" />
</Grid.Column>
<Grid.Column width={13}>
- <p> { this.state.cityOfBirth || 'N/A' }, { this.state.dateOfBirth || 'N/A' } </p>
+ <p> { this.state.birth_place || 'N/A' }, { this.state.birth_date || 'N/A' } </p>
</Grid.Column>
</Grid>
</Segment>
diff --git a/core/serializers/accounts.py b/core/serializers/accounts.py
index e57747ce..66b1717c 100644
--- a/core/serializers/accounts.py
+++ b/core/serializers/accounts.py
@@ -42,22 +42,31 @@ class StudentUpdateSerializer(serializers.ModelSerializer):
'email': instance.user.email,
'phone_number': instance.phone_number,
'photo': photo,
- 'show_transcript': instance.show_transcript
+ 'show_transcript': instance.show_transcript,
+ 'birth_date': instance.birth_date,
+ 'birth_place': instance.birth_place,
+ 'major': instance.major,
+ 'batch': instance.batch
}
def update(self, instance, validated_data):
+ print(validated_data)
instance.resume = validated_data.get('resume', instance.resume)
instance.show_transcript = validated_data.get('show_transcript', instance.show_transcript)
instance.phone_number = validated_data.get('phone_number', instance.phone_number)
instance.photo = validated_data.get('photo', instance.photo)
instance.user.email = validated_data.get('email', instance.user.email)
+ instance.birth_date = validated_data.get('birth_date', instance.birth_date)
+ instance.birth_place = validated_data.get('birth_place', instance.birth_place)
+ instance.major = validated_data.get('major', instance.major)
+ instance.batch = validated_data.get('batch', instance.batch)
instance.save()
instance.user.save()
return instance
class Meta:
model = Student
- fields = ['resume', 'email', 'phone_number', 'photo', 'show_transcript']
+ fields = ['resume', 'email', 'phone_number', 'photo', 'show_transcript', 'birth_date', 'birth_place','major', 'batch']
class CompanyUpdateSerializer(serializers.ModelSerializer):
diff --git a/core/tests/test_accounts.py b/core/tests/test_accounts.py
index 25281a7c..3e1f2033 100644
--- a/core/tests/test_accounts.py
+++ b/core/tests/test_accounts.py
@@ -97,6 +97,27 @@ class RegisterTests(APITestCase):
response = self.client.post(url, tc_post, format='multipart')
self.assertEqual(response.status_code, status.HTTP_409_CONFLICT)
+
+ @requests_mock.Mocker()
+ def test_register_student_also_create_student_object(self, m):
+ m.post('https://api.cs.ui.ac.id/authentication/ldap/v2/', json={
+ "username": "dummy.mahasiswa",
+ "nama": "Dummy Mahasiswa",
+ "state": 1,
+ "kode_org": "01.00.12.01:mahasiswa",
+ "kodeidentitas": "1234567890",
+ "nama_role": "mahasiswa"
+ }, status_code=200)
+
+ url='/api/login/'
+
+ response = self.client.post(url, { 'username' : 'dummy.mahasiswa', 'password' : 'lalala', 'login-type' : 'sso-ui'}, format='json')
+ self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+
+ user_object = User.objects.filter(username="dummy.mahasiswa").first()
+ self.assertTrue(user_object)
+ student_object = Student.objects.filter(user=user_object).first()
+ self.assertTrue(student_object)
def test_bad_request(self):
url = '/api/register/'
diff --git a/core/views/accounts.py b/core/views/accounts.py
index 9ea10d86..09b536be 100644
--- a/core/views/accounts.py
+++ b/core/views/accounts.py
@@ -163,16 +163,10 @@ class LoginViewSet(viewsets.GenericViewSet):
login(request, user)
if created:
if resp.get('nama_role') == "mahasiswa":
- access_token = get_access_token(username, password)
- ver_user = verify_user(access_token)
- resp_student_detail = get_summary_user(access_token, ver_user['identity_number'])
+
student = Student.objects.create(
user=user,
npm=resp.get("kodeidentitas"),
- birth_place=resp_student_detail.get('kota_lahir'),
- birth_date=resp_student_detail.get('tgl_lahir'),
- major=resp_student_detail.get('program')[0].get('nm_org'),
- batch=resp_student_detail.get('program')[0].get('angkatan')
)
student.save()
else:
--
GitLab
From 773d08dac7feedbb99d7377361c0ef4b9df1f372 Mon Sep 17 00:00:00 2001
From: muh riansyah <mriansyah93@gmail.com>
Date: Wed, 2 Oct 2019 14:02:27 +0700
Subject: [PATCH 3/5] extract method "sso_ui_login"
---
core/views/accounts.py | 71 ++++++++++++++++++------------------------
1 file changed, 31 insertions(+), 40 deletions(-)
diff --git a/core/views/accounts.py b/core/views/accounts.py
index 09b536be..a1e8b13b 100644
--- a/core/views/accounts.py
+++ b/core/views/accounts.py
@@ -141,46 +141,7 @@ class LoginViewSet(viewsets.GenericViewSet):
if username is None or password is None or login_type is None:
return Response(status=status.HTTP_400_BAD_REQUEST)
if login_type == "sso-ui":
- r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
- data={"username": username, "password": password})
- resp = r.json()
- if resp.get('state') != 0:
- # create user
- name = resp.get('nama').split(" ")
- first_name = name[0]
- name.pop(0)
- last_name = " ".join(name)
- user, created = User.objects.get_or_create(
- username=username,
- defaults={
- 'email' : username + "@ui.ac.id",
- 'first_name' : first_name,
- 'last_name' : last_name
- }
- )
- user.set_password(password)
- user.save()
- login(request, user)
- if created:
- if resp.get('nama_role') == "mahasiswa":
-
- student = Student.objects.create(
- user=user,
- npm=resp.get("kodeidentitas"),
- )
- student.save()
- else:
- supervisor = Supervisor.objects.create(
- user=user,
- nip=resp.get("kodeidentitas")
- )
- supervisor.save()
- serializer = UserSerializer(user, context={'request': request})
- return Response(serializer.data, status=status.HTTP_201_CREATED)
- serializer = UserSerializer(user, context={'request': request})
- return Response(serializer.data, status=status.HTTP_200_OK)
- else:
- return Response(status=status.HTTP_401_UNAUTHORIZED)
+ return self.sso_ui_login(password, request, username)
elif login_type == "company":
user = authenticate(username = username, password = password)
if user is not None:
@@ -192,6 +153,36 @@ class LoginViewSet(viewsets.GenericViewSet):
else:
return Response(status=status.HTTP_400_BAD_REQUEST)
+ def sso_ui_login(self, password, request, username):
+ r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
+ data={"username": username, "password": password})
+ resp = r.json()
+ if resp.get('state') != 0:
+ created, user = self.create_user(password, resp, username)
+
+ login(request, user)
+
+ if created:
+ if resp.get('nama_role') == "mahasiswa":
+
+ student = Student.objects.create(
+ user=user,
+ npm=resp.get("kodeidentitas"),
+ )
+ student.save()
+ else:
+ supervisor = Supervisor.objects.create(
+ user=user,
+ nip=resp.get("kodeidentitas")
+ )
+ supervisor.save()
+ serializer = UserSerializer(user, context={'request': request})
+ return Response(serializer.data, status=status.HTTP_201_CREATED)
+
+ serializer = UserSerializer(user, context={'request': request})
+ return Response(serializer.data, status=status.HTTP_200_OK)
+ else:
+ return Response(status=status.HTTP_401_UNAUTHORIZED)
class CompanyRegisterViewSet(viewsets.GenericViewSet):
permission_classes = (AllowAny,)
--
GitLab
From f2def1b3f8c96d36333f3f55ea8a21dfa1986689 Mon Sep 17 00:00:00 2001
From: muh riansyah <mriansyah93@gmail.com>
Date: Wed, 2 Oct 2019 14:04:06 +0700
Subject: [PATCH 4/5] extract method company_login
---
core/views/accounts.py | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/core/views/accounts.py b/core/views/accounts.py
index a1e8b13b..cb6bba4a 100644
--- a/core/views/accounts.py
+++ b/core/views/accounts.py
@@ -143,16 +143,18 @@ class LoginViewSet(viewsets.GenericViewSet):
if login_type == "sso-ui":
return self.sso_ui_login(password, request, username)
elif login_type == "company":
- user = authenticate(username = username, password = password)
- if user is not None:
- login(request, user)
- serializer = UserSerializer(user, context={'request': request})
- return Response(serializer.data, status=status.HTTP_200_OK)
- else:
- return Response(status=status.HTTP_401_UNAUTHORIZED)
+ return self.company_login(password, request, username)
else:
return Response(status=status.HTTP_400_BAD_REQUEST)
+ def company_login(self, password, request, username):
+ user = authenticate(username=username, password=password)
+ if user is not None:
+ login(request, user)
+ serializer = UserSerializer(user, context={'request': request})
+ return Response(serializer.data, status=status.HTTP_200_OK)
+ else:
+ return Response(status=status.HTTP_401_UNAUTHORIZED)
def sso_ui_login(self, password, request, username):
r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
data={"username": username, "password": password})
--
GitLab
From 67aa9e856d4db9988df035c248b4595b83080eaf Mon Sep 17 00:00:00 2001
From: muh riansyah <mriansyah93@gmail.com>
Date: Wed, 2 Oct 2019 14:05:06 +0700
Subject: [PATCH 5/5] extract method create_user
---
core/views/accounts.py | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/core/views/accounts.py b/core/views/accounts.py
index cb6bba4a..a609d38d 100644
--- a/core/views/accounts.py
+++ b/core/views/accounts.py
@@ -138,8 +138,10 @@ class LoginViewSet(viewsets.GenericViewSet):
username = request.data.get('username')
password = request.data.get('password')
login_type = request.data.get('login-type')
+
if username is None or password is None or login_type is None:
return Response(status=status.HTTP_400_BAD_REQUEST)
+
if login_type == "sso-ui":
return self.sso_ui_login(password, request, username)
elif login_type == "company":
@@ -155,6 +157,7 @@ class LoginViewSet(viewsets.GenericViewSet):
return Response(serializer.data, status=status.HTTP_200_OK)
else:
return Response(status=status.HTTP_401_UNAUTHORIZED)
+
def sso_ui_login(self, password, request, username):
r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
data={"username": username, "password": password})
@@ -186,6 +189,24 @@ class LoginViewSet(viewsets.GenericViewSet):
else:
return Response(status=status.HTTP_401_UNAUTHORIZED)
+ def create_user(self, password, resp, username):
+ name = resp.get('nama').split(" ")
+ first_name = name[0]
+ name.pop(0)
+ last_name = " ".join(name)
+ user, created = User.objects.get_or_create(
+ username=username,
+ defaults={
+ 'email': username + "@ui.ac.id",
+ 'first_name': first_name,
+ 'last_name': last_name
+ }
+ )
+ user.set_password(password)
+ user.save()
+ return created, user
+
+
class CompanyRegisterViewSet(viewsets.GenericViewSet):
permission_classes = (AllowAny,)
serializer_class = RegisterSerializer
@@ -198,7 +219,7 @@ class CompanyRegisterViewSet(viewsets.GenericViewSet):
---
parameters:
- name: username
- description: username of the new account
+ description: username of the new account
required: true
type: string
- name: password
--
GitLab