[#140382397] #14 Added login API

core/migrations/0003_auto_20170327_1844.py

+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.5 on 2017-03-27 18:44
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0002_auto_20170320_1650'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='student',
+            name='phone_number',
+            field=models.CharField(blank=True, db_index=True, max_length=100, null=True),
+        ),
+    ]

core/models/accounts.py

@@ -41,7 +41,7 @@ class Student(models.Model):
     user = models.OneToOneField(User)
     npm = models.IntegerField(validators=[MinValueValidator(100000000), MaxValueValidator(9999999999)], unique=True)
     resume = models.FileField(upload_to=get_file_path, null=True, blank=True)
-    phone_number = models.CharField(max_length=100, blank=True, db_index=True)
+    phone_number = models.CharField(max_length=100, blank=True, db_index=True, null=True)
 
     @property
     def name(self):

core/tests/__init__.py

+# __init__.py
+from core.tests.test_login import LoginTests

core/views/accounts.py

+import requests
 from django.contrib.auth.models import User
-from rest_framework import viewsets
+from django.contrib.auth import authenticate, login, logout
+from rest_framework import viewsets, status
 from rest_framework.decorators import list_route
 from rest_framework.response import Response
+from rest_framework.permissions import AllowAny
 
 from core.models.accounts import Student, Company, Supervisor
 from core.serializers.accounts import UserSerializer, StudentSerializer, CompanySerializer, SupervisorSerializer
@@ -17,6 +20,74 @@ class UserViewSet(viewsets.ModelViewSet):
         serializer = UserSerializer(user, context={"request": request})
         return Response(serializer.data)
 
+class LoginViewSet(viewsets.GenericViewSet):
+    permission_classes = (AllowAny, )
+    serializer_class = UserSerializer
+    queryset = User.objects.all()
+
+    def create(self, request):
+        """
+        Authenticate user by logging in
+        ---
+        parameters:
+        - name: body
+          description: JSON object containing three strings: username, password and login-type. login-type should be either 'sso-ui' or 'company'.
+          required: true
+          paramType: body
+          pytype: RequestSerializer
+        """
+        username = request.data.get('username')
+        password = request.data.get('password')
+        login_type = request.data.get('login-type')
+        if username is None or password is None or login_type is None:
+            return Response(status=status.HTTP_400_BAD_REQUEST)
+        if login_type == "sso-ui":
+            r = requests.post('https://api.cs.ui.ac.id/authentication/ldap/v2/',
+                              json={"username": username, "password": password})
+            resp = r.json()
+            if resp.get('state') != 0:
+                # create user
+                name = resp.get('nama').split(" ")
+                first_name = name[0]
+                name.pop(0)
+                last_name = " ".join(name)
+                user, created = User.objects.get_or_create(
+                    username=username,
+                    email=username + "@ui.ac.id",
+                    first_name=first_name,
+                    last_name=last_name
+                )
+                user.set_password(password)
+                user.save()
+                login(request, user)
+                if created:
+                    if resp.get('nama_role') == "mahasiswa":
+                        student = Student.objects.create(
+                            user=user,
+                            npm=resp.get("kodeidentitas"),
+                            resume=None,
+                            phone_number=None
+                        )
+                        user.save()
+                        student.save()
+                    else:
+                        supervisor = Supervisor.objects.create(
+                            user=user,
+                            nip=resp.get("kodeidentitas")
+                        )
+                        user.save()
+                        supervisor.save()
+                    return Response(status=status.HTTP_201_CREATED)
+                return Response(status=status.HTTP_200_OK)
+            else:
+                return Response(status=status.HTTP_401_UNAUTHORIZED)
+        else:
+            user = authenticate(username = username, password = password)
+            if user is not None:
+                login(request, user)
+                return Response(status=status.HTTP_200_OK)
+            else:
+                return Response(status=status.HTTP_401_UNAUTHORIZED)
 
 class StudentViewSet(viewsets.ModelViewSet):
     queryset = Student.objects.all()

kape/urls.py

@@ -22,7 +22,7 @@ from rest_framework import routers
 from rest_framework_swagger.views import get_swagger_view
 
 from core import apps
-from core.views.accounts import StudentViewSet, CompanyViewSet, SupervisorViewSet, UserViewSet
+from core.views.accounts import StudentViewSet, CompanyViewSet, SupervisorViewSet, UserViewSet, LoginViewSet
 
 schema_view = get_swagger_view()
 router = routers.DefaultRouter()
@@ -30,6 +30,7 @@ router.register(r'users', UserViewSet)
 router.register(r'students', StudentViewSet)
 router.register(r'companies', CompanyViewSet)
 router.register(r'supervisors', SupervisorViewSet)
+router.register(r'login', LoginViewSet)
 
 urlpatterns = static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 urlpatterns += [