From 455cbf921da4ac008975ccfce4784bf28bde1403 Mon Sep 17 00:00:00 2001 From: b1ek Date: Wed, 17 May 2023 05:25:15 +1000 Subject: [PATCH] half baked tinder view --- pairent_backend/pairent_app/authlib.py | 43 +++++++++++-------- .../migrations/0006_psychtestanswers.py | 3 +- pairent_backend/pairent_app/serializer.py | 6 ++- pairent_backend/pairent_app/views.py | 40 ++++++++--------- pairent_frontend_react/src/API/Tinder.js | 18 ++++++++ pairent_frontend_react/src/API/User.js | 1 + 6 files changed, 69 insertions(+), 42 deletions(-) create mode 100644 pairent_frontend_react/src/API/Tinder.js diff --git a/pairent_backend/pairent_app/authlib.py b/pairent_backend/pairent_app/authlib.py index cb281d8..9cf6c72 100644 --- a/pairent_backend/pairent_app/authlib.py +++ b/pairent_backend/pairent_app/authlib.py @@ -2,25 +2,13 @@ from rest_framework.request import Request from django.http import HttpResponseBadRequest, HttpResponse, JsonResponse, HttpRequest -import ipware as iplib +from .models import User, AuthToken + +import ipware as iplib, time, requests, uuid ipware = iplib.IpWare(); def client_ip(req: HttpRequest): - return ipware.get_client_ip(req)[0].exploded; - -def VVSUAuthProxy(req: HttpRequest): - proxy = 'https://vvsu.ru/connect' + req.path[len('/api/auth/vvsu'):]; - - preq = requests.request(req.method, proxy, headers={ - 'User-Agent': 'OIDC Client / Pairent', - 'Origin': 'http://pairent.vvsu.ru', - 'Referer': 'http://pairent.vvsu.ru' - }); - - resp = HttpResponse(preq.content); - resp.headers['Content-Type'] = preq.headers['Content-Type']; - - return resp; + return ipware.get_client_ip(req.META)[0].exploded; def register(oid, provider_id, name): user = User( @@ -82,7 +70,7 @@ def verify_auth_token(key, ip): token.delete(); return False; - if (token.expires > time.time()): + if (token.expires < time.time()): token.delete(); return False; @@ -92,9 +80,26 @@ def auth_required(func): """ Use authorization for this route. """ - def inner(req: HttpRequest): + def inner(req: HttpRequest, *args, **kwargs): + if ('Authorization' not in req.headers.keys()): return JsonResponse({'error': 'no auth token'}); if (not verify_auth_token(req.headers['Authorization'], client_ip(req))): return JsonResponse({'error': 'auth token invalid or expired'}); - func(); \ No newline at end of file + func(req, *args, **kwargs); + + return inner; + +def rest_auth_required(func): + """ + Use authorization for this restframework view. + """ + def inner(self, req: HttpRequest, *args, **kwargs): + + if ('Authorization' not in req.headers.keys()): + return JsonResponse({'error': 'no auth token'}); + if (not verify_auth_token(req.headers['Authorization'], client_ip(req))): + return JsonResponse({'error': 'auth token invalid or expired'}); + func(self, req, *args, **kwargs); + + return inner; \ No newline at end of file diff --git a/pairent_backend/pairent_app/migrations/0006_psychtestanswers.py b/pairent_backend/pairent_app/migrations/0006_psychtestanswers.py index 533007c..e6dbdb6 100644 --- a/pairent_backend/pairent_app/migrations/0006_psychtestanswers.py +++ b/pairent_backend/pairent_app/migrations/0006_psychtestanswers.py @@ -27,7 +27,8 @@ class Migration(migrations.Migration): ('tenth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на десятый вопрос')), ('eleventh_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на одиннадцатый вопрос')), ('twelfth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на двенадцатый вопрос')), - ('users', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='pairent_app.user', verbose_name='Пользователь')), + # ('users', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='pairent_app.user', verbose_name='Пользователь')), + ('user', models.BigIntegerField(verbose_name='ID Пользователя')), ], ) ] diff --git a/pairent_backend/pairent_app/serializer.py b/pairent_backend/pairent_app/serializer.py index fe05f1e..6a738db 100644 --- a/pairent_backend/pairent_app/serializer.py +++ b/pairent_backend/pairent_app/serializer.py @@ -28,7 +28,11 @@ class PsychTestAddResultSerializer(serializers.ModelSerializer): class PublicUserSerializer(serializers.ModelSerializer): class Meta: model = User - exclude = ('favorites_apartments', 'comparison_apartments') + exclude = ( + 'favorites_apartments', + 'comparison_apartments', + 'openid_id', + ) class PsychTestReultsSerializer(serializers.ModelSerializer): class Meta: diff --git a/pairent_backend/pairent_app/views.py b/pairent_backend/pairent_app/views.py index 348a55f..840307c 100644 --- a/pairent_backend/pairent_app/views.py +++ b/pairent_backend/pairent_app/views.py @@ -122,29 +122,17 @@ class PsychTestAddResultViewSet(viewsets.ViewSet): class CompatibleUsersView(viewsets.ViewSet): + @rest_auth_required def list(self, req: Request): user_data = dict(req.data); - # TODO: Verify auth - vvsu_login = user_data['openid']; - - # Exclude already viewed users - exclude = []; - if ('exclude' in user_data.keys()): - exclude = user_data['exclude']; + token = AuthToken.objects.get(key=req.headers['authorization']); - try: - validate_email(vvsu_login); - except ValidationError: - return Request({'error': 'bad login'}, 400); - - try: - this_user = User.objects.get(openid_addr=vvsu_login); - except User.DoesNotExist: - return Response({'error': 'user not found'}, 404); + this_user = User.objects.get(pk=token.user); + answers_this_user = None; try: - answers_this_user = PsychTestReultsSerializer(PsychTestAnswers.objects.get(user=this_user)).dict; + answers_this_user = PsychTestReultsSerializer(PsychTestAnswers.objects.get(user=this_user.id)).dict; except PsychTestAnswers.DoesNotExist: return Response({'error': 'answers not found'}, 404); @@ -160,10 +148,6 @@ class CompatibleUsersView(viewsets.ViewSet): if score / 12 * 100 > 30: users.append(UserSerializer(User.objects.get(pk=user_answers[0])).data) - # for user in users_query: - # if (abs(user.psych_test_result - score) < 20): - # users.append(PublicUserSerializer(user).data); - return Response(users); @@ -257,3 +241,17 @@ class UserGet(APIView): return JsonResponse(PublicUserSerializer(user).data); + +def VVSUAuthProxy(req: HttpRequest): + proxy = 'https://vvsu.ru/connect' + req.path[len('/api/auth/vvsu'):]; + + preq = requests.request(req.method, proxy, headers={ + 'User-Agent': 'OIDC Client / Pairent', + 'Origin': 'http://pairent.vvsu.ru', + 'Referer': 'http://pairent.vvsu.ru' + }); + + resp = HttpResponse(preq.content); + resp.headers['Content-Type'] = preq.headers['Content-Type']; + + return resp; \ No newline at end of file diff --git a/pairent_frontend_react/src/API/Tinder.js b/pairent_frontend_react/src/API/Tinder.js new file mode 100644 index 0000000..1efca8c --- /dev/null +++ b/pairent_frontend_react/src/API/Tinder.js @@ -0,0 +1,18 @@ +import { IAPIObject } from "./IAPIObject"; +import { Client } from './Client'; + +class Tinder extends IAPIObject { + /** + * + * @param {Client} client Client to use to create requests + */ + constructor(client) { + super(); + this.client = client; + this.viewed = []; + } + + getCompatible() { + + } +} \ No newline at end of file diff --git a/pairent_frontend_react/src/API/User.js b/pairent_frontend_react/src/API/User.js index d62bb42..067670e 100644 --- a/pairent_frontend_react/src/API/User.js +++ b/pairent_frontend_react/src/API/User.js @@ -2,6 +2,7 @@ import axios from 'axios'; import constants from '../constants'; import { IAPIObject } from './IAPIObject'; +import { APIToken } from './APIToken'; const { API_ROOT, api_path } = constants;