legacy/pairent_backend/pairent_app/views.py

238 lines
8.5 KiB
Python

from rest_framework import viewsets
from rest_framework.response import Response
from rest_framework.views import APIView, View
from rest_framework.request import Request
from django.views.decorators.csrf import csrf_exempt
from django.http import HttpResponseBadRequest, HttpResponse, JsonResponse, HttpRequest
from django.db.models.query import QuerySet
from django.core.validators import validate_email
from django.core.exceptions import ValidationError
from .models import Apartament, User, PsychTestAnswers
from .serializer import (ApartamentListSerializer,
ApartamentDetailSerializer,
PsychTestAddResultSerializer,
PublicUserSerializer)
import json, math, random, re, requests, oidc_client, base64, hashlib
class ApartamentViewSet(viewsets.ReadOnlyModelViewSet):
"""Вывод списка квартир или отдельной квартиры"""
def get_queryset(self):
apartaments = Apartament.objects.all()
return apartaments
def get_serializer_class(self):
if self.action == 'list':
return ApartamentListSerializer
elif self.action == "retrieve":
return ApartamentDetailSerializer
class ApartamentGetManyViewSet(viewsets.ReadOnlyModelViewSet):
"""Вывод отдельных квартир для сравнения"""
def get_queryset(self): # получение id квартир для избранного или сравнения
pk = self.request.query_params.get("pk", None) # получение id пользователя
if self.action == "retrieve": # если для страницы сравнения
apartaments_id = User.objects.get(pk=pk).apartaments_for_comparison.split(',') # получение id квартир
elif self.action == "list": # если для страницы избранного
apartaments_id = User.objects.get(pk=pk).favorites_apartaments.split(',') # получение id квартир
queryset = []
for i in apartaments_id:
queryset.append(Apartament.objects.get(pk=i))
return queryset
def retrieve(self, request, *args, **kwargs):
queryset = self.get_queryset()
apartaments = []
for i in queryset:
apartaments.append(ApartamentDetailSerializer(i).data)
return Response({'results': apartaments})
def list(self, request, *args, **kwargs):
queryset = self.get_queryset()
apartaments = []
for i in queryset:
apartaments.append(ApartamentListSerializer(i).data)
return Response({'results': apartaments})
class ApartmentFilter(viewsets.ViewSet):
"""Вывод списка квартир или отдельной квартиры"""
def list(self, req: Request):
filters = dict(req.data);
unfiltered = Apartament.objects.all();
filtered = [];
# TODO: Some better converting practice?
filters['price_range']['from'] = int(filters['price_range']['from']);
filters['price_range']['to'] = int(filters['price_range']['to']);
filters['area_range']['from'] = int(filters['area_range']['from']);
filters['area_range']['to'] = int(filters['area_range']['to']);
filters['rooms'] = int(filters['rooms'])
for entry in unfiltered:
if (filters['price_range']['from'] >= entry.price and (filters['price_range']['to'] != -1 and filters['price_range']['to'] <= entry.price)):
continue;
if (filters['area_range']['from'] >= entry.perimetrs and (filters['area_range']['to'] != -1 and filters['area_range']['to'] <= entry.perimetrs)):
continue;
if (filters['rooms'] != -1 and entry.rooms != filters['rooms']):
continue;
filtered.append(entry);
return Response(ApartamentListSerializer(filtered, many=True).data);
class PsychTestAddResultViewSet(viewsets.ViewSet):
def get_object(self, pk):
return User.objects.get(pk=pk)
def create(self, request, pk):
user = self.get_object(pk)
results = request.data
PsychTestAnswers.objects.create(
user=user,
first_question=results['first'],
second_question=results['second'],
third_question=results['third'],
fourth_question=results['fourth'],
fifth_question=results['fifth'],
sixth_question=results['sixth'],
seventh_question=results['seventh'],
eighth_question=results['eighth'],
nineth_question=results['nineth'],
tenth_question=results['tenth'],
eleventh_question=results['eleventh'],
twelfth_question=results['twelfth'],
thirteenth_question=results['thirteenth']
)
return Response({'successfully': 'results post'})
class CompatibleUsersView(viewsets.ViewSet):
def list(self, req: Request):
user_data = dict(req.data);
# TODO: Verify auth
vvsu_login = user_data['openid'];
# Exclude already viewed users
exclude = [];
if ('exclude' in user_data.keys()):
exclude = user_data['exclude'];
try:
validate_email(vvsu_login);
except ValidationError:
return Request({'error': 'bad login'}, 400);
try:
this_user = User.objects.get(openid_addr=vvsu_login);
except User.DoesNotExist:
return Response({'error': 'user not found'}, 404);
score = this_user.psych_test_result;
users_query = User.objects.all();
users = [];
for user in users_query:
if (abs(user.psych_test_result - score) < 20):
users.append(PublicUserSerializer(user).data);
random.shuffle(users);
users = users[:7];
for i in range(3):
users.append(PublicUserSerializer(random.choice(users_query)).data);
random.shuffle(users);
return Response(users);
def VVSUAuthProxy(req: Request):
proxy = 'https://vvsu.ru/connect' + req.path[len('/api/auth/vvsu'):];
preq = requests.request(req.method, proxy, headers={
'User-Agent': 'OIDC Client / Pairent',
'Origin': 'http://pairent.vvsu.ru',
'Referer': 'http://pairent.vvsu.ru'
});
resp = HttpResponse(preq.content);
resp.headers['Content-Type'] = preq.headers['Content-Type'];
return resp;
class UserLogin(APIView):
# TODO: Remove csrf exempt when index.html is loaded through django
@csrf_exempt
def post(self, req: HttpRequest):
if (req.content_type != 'application/json'):
res = HttpResponse({'error': 'bad content type'});
res.status_code = 400;
return res;
data = json.loads(req.body.decode('utf8'));
if not ('code' in data and 'code_verifier' in data):
res = JsonResponse({'error': 'no code'});
res.status_code = 400;
return res
print(data);
cb = requests.post('https://vvsu.ru/connect/oauth2/token', {
'grant_type': 'authorization_code',
'redirect_uri': 'https://pairent.vvsu.ru/sign-in/',
'code': data['code'],
'code_verifier': data['code_verifier'],
'client_id': 'it-hub-client',
'client_secret': 'U8y@uPVee6Q^*729esHTo4Vd'
}, headers={
'Origin': 'https://pairent.vvsu.ru',
'Referer': 'https://pairent.vvsu.ru'
});
resp = HttpResponse(cb.content);
resp.headers['Content-Type'] = cb.headers['Content-Type'];
return resp;
class UserGet(APIView):
def get(self, req: HttpRequest):
if not ('id' in req.GET.keys() or 'login' in req.GET.keys()):
res = JsonResponse({'error': 'no id or login'});
res.status_code = 400;
return res;
id_type = 'id' if 'id' in req.GET.keys() else 'login';
id = req.GET.get(id_type);
if (id_type == 'login'):
if not id.endswith('@vvsu.ru'):
id += '@vvsu.ru';
id_type = 'openid_addr';
user = None;
try:
user = User.objects.get(**{id_type: id});
except User.DoesNotExist:
res = JsonResponse({'error': 'not found'});
res.status_code = 404;
return res;
return JsonResponse(PublicUserSerializer(user).data);