diff --git a/Back-End/Auth/views.py b/Back-End/Auth/views.py index 52536b2..0a79f64 100644 --- a/Back-End/Auth/views.py +++ b/Back-End/Auth/views.py @@ -19,6 +19,7 @@ import json from . import validator from .models import Profile +from rest_framework.decorators import action, api_view from Auth.serializers import ProfileSerializer, ProfilUpdateSerializer from Subscriptions.models import RegistrationForm @@ -28,12 +29,34 @@ import Subscriptions.util as util from N3wtSchool import bdd, error + +@swagger_auto_schema( + method='get', + operation_description="Obtenir un token CSRF", + responses={200: openapi.Response('Token CSRF', schema=openapi.Schema(type=openapi.TYPE_OBJECT, properties={ + 'csrfToken': openapi.Schema(type=openapi.TYPE_STRING) + }))} +) +@api_view(['GET']) def csrf(request): token = get_token(request) return JsonResponse({'csrfToken': token}) class SessionView(APIView): - + @swagger_auto_schema( + operation_description="Vérifier une session utilisateur", + manual_parameters=[openapi.Parameter('Authorization', openapi.IN_HEADER, type=openapi.TYPE_STRING, description='Bearer token')], + responses={ + 200: openapi.Response('Session valide', schema=openapi.Schema(type=openapi.TYPE_OBJECT, properties={ + 'user': openapi.Schema(type=openapi.TYPE_OBJECT, properties={ + 'id': openapi.Schema(type=openapi.TYPE_INTEGER), + 'email': openapi.Schema(type=openapi.TYPE_STRING), + 'role': openapi.Schema(type=openapi.TYPE_STRING) + }) + })), + 401: openapi.Response('Session invalide') + } + ) def post(self, request): token = request.META.get('HTTP_AUTHORIZATION', '').split('Bearer ')[-1] @@ -57,11 +80,23 @@ class SessionView(APIView): return JsonResponse({"error": "Invalid token"}, status=status.HTTP_401_UNAUTHORIZED) class ProfileView(APIView): + @swagger_auto_schema( + operation_description="Obtenir la liste des profils", + responses={200: ProfileSerializer(many=True)} + ) def get(self, request): profilsList = bdd.getAllObjects(_objectName=Profile) profils_serializer = ProfileSerializer(profilsList, many=True) return JsonResponse(profils_serializer.data, safe=False) + @swagger_auto_schema( + operation_description="Créer un nouveau profil", + request_body=ProfileSerializer, + responses={ + 200: ProfileSerializer, + 400: 'Données invalides' + } + ) def post(self, request): profil_data=JSONParser().parse(request) print(f'{profil_data}') @@ -77,11 +112,23 @@ class ProfileView(APIView): @method_decorator(csrf_protect, name='dispatch') @method_decorator(ensure_csrf_cookie, name='dispatch') class ProfileSimpleView(APIView): + @swagger_auto_schema( + operation_description="Obtenir un profil par son ID", + responses={200: ProfileSerializer} + ) def get(self, request, id): profil=bdd.getObject(Profile, "id", id) profil_serializer=ProfileSerializer(profil) return JsonResponse(profil_serializer.data, safe=False) + @swagger_auto_schema( + operation_description="Mettre à jour un profil", + request_body=ProfilUpdateSerializer, + responses={ + 200: 'Mise à jour réussie', + 400: 'Données invalides' + } + ) def put(self, request, id): data=JSONParser().parse(request) profil = Profile.objects.get(id=_id) @@ -92,9 +139,27 @@ class ProfileSimpleView(APIView): return JsonResponse(profil_serializer.errors, safe=False, status=status.HTTP_400_BAD_REQUEST) + @swagger_auto_schema( + operation_description="Supprimer un profil", + responses={200: 'Suppression réussie'} + ) def delete(self, request, id): return bdd.delete_object(Profile, id) + +@swagger_auto_schema( + method='get', + operation_description="Obtenir les informations de session", + responses={200: openapi.Response('Informations de session', schema=openapi.Schema( + type=openapi.TYPE_OBJECT, + properties={ + 'cacheSession': openapi.Schema(type=openapi.TYPE_BOOLEAN), + 'typeProfil': openapi.Schema(type=openapi.TYPE_STRING), + 'username': openapi.Schema(type=openapi.TYPE_STRING) + } + ))} +) +@api_view(['GET']) def infoSession(request): profilCache = cache.get('session_cache') if profilCache: @@ -105,6 +170,28 @@ def infoSession(request): @method_decorator(csrf_protect, name='dispatch') @method_decorator(ensure_csrf_cookie, name='dispatch') class LoginView(APIView): + @swagger_auto_schema( + operation_description="Connexion utilisateur", + request_body=openapi.Schema( + type=openapi.TYPE_OBJECT, + required=['email', 'password'], + properties={ + 'email': openapi.Schema(type=openapi.TYPE_STRING), + 'password': openapi.Schema(type=openapi.TYPE_STRING) + } + ), + responses={ + 200: openapi.Response('Connexion réussie', schema=openapi.Schema( + type=openapi.TYPE_OBJECT, + properties={ + 'errorFields': openapi.Schema(type=openapi.TYPE_OBJECT), + 'errorMessage': openapi.Schema(type=openapi.TYPE_STRING), + 'profil': openapi.Schema(type=openapi.TYPE_INTEGER), + 'droit': openapi.Schema(type=openapi.TYPE_INTEGER) + } + )) + } + ) def post(self, request): data=JSONParser().parse(request) validatorAuthentication = validator.ValidatorAuthentication(data=data) @@ -147,7 +234,29 @@ class LoginView(APIView): @method_decorator(csrf_protect, name='dispatch') @method_decorator(ensure_csrf_cookie, name='dispatch') class SubscribeView(APIView): - + @swagger_auto_schema( + operation_description="Inscription utilisateur", + request_body=openapi.Schema( + type=openapi.TYPE_OBJECT, + required=['email', 'password1', 'password2'], + properties={ + 'email': openapi.Schema(type=openapi.TYPE_STRING), + 'password1': openapi.Schema(type=openapi.TYPE_STRING), + 'password2': openapi.Schema(type=openapi.TYPE_STRING) + } + ), + responses={ + 200: openapi.Response('Inscription réussie', schema=openapi.Schema( + type=openapi.TYPE_OBJECT, + properties={ + 'message': openapi.Schema(type=openapi.TYPE_STRING), + 'errorMessage': openapi.Schema(type=openapi.TYPE_STRING), + 'errorFields': openapi.Schema(type=openapi.TYPE_OBJECT), + 'id': openapi.Schema(type=openapi.TYPE_INTEGER) + } + )) + } + ) def post(self, request): retourErreur = error.returnMessage[error.BAD_URL] retour = '' @@ -183,12 +292,29 @@ class SubscribeView(APIView): return JsonResponse({'message':retour, 'errorMessage':retourErreur, "errorFields":errorFields, "id":-1}, safe=False) - - @method_decorator(csrf_protect, name='dispatch') @method_decorator(ensure_csrf_cookie, name='dispatch') class NewPasswordView(APIView): - + @swagger_auto_schema( + operation_description="Demande de nouveau mot de passe", + request_body=openapi.Schema( + type=openapi.TYPE_OBJECT, + required=['email'], + properties={ + 'email': openapi.Schema(type=openapi.TYPE_STRING) + } + ), + responses={ + 200: openapi.Response('Demande réussie', schema=openapi.Schema( + type=openapi.TYPE_OBJECT, + properties={ + 'message': openapi.Schema(type=openapi.TYPE_STRING), + 'errorMessage': openapi.Schema(type=openapi.TYPE_STRING), + 'errorFields': openapi.Schema(type=openapi.TYPE_OBJECT) + } + )) + } + ) def post(self, request): retourErreur = error.returnMessage[error.BAD_URL] retour = '' @@ -216,6 +342,27 @@ class NewPasswordView(APIView): @method_decorator(csrf_protect, name='dispatch') @method_decorator(ensure_csrf_cookie, name='dispatch') class ResetPasswordView(APIView): + @swagger_auto_schema( + operation_description="Réinitialisation du mot de passe", + request_body=openapi.Schema( + type=openapi.TYPE_OBJECT, + required=['password1', 'password2'], + properties={ + 'password1': openapi.Schema(type=openapi.TYPE_STRING), + 'password2': openapi.Schema(type=openapi.TYPE_STRING) + } + ), + responses={ + 200: openapi.Response('Réinitialisation réussie', schema=openapi.Schema( + type=openapi.TYPE_OBJECT, + properties={ + 'message': openapi.Schema(type=openapi.TYPE_STRING), + 'errorMessage': openapi.Schema(type=openapi.TYPE_STRING), + 'errorFields': openapi.Schema(type=openapi.TYPE_OBJECT) + } + )) + } + ) def post(self, request, code): retourErreur = error.returnMessage[error.BAD_URL] retour = ''