# finish emai/username login api

2018-07-16 17:40:32 +08:00 · 2018-07-16 17:40:32 +08:00 · 5d6983cffb
parent 8536e99eb7
commit 5d6983cffb
3 changed files with 31 additions and 8 deletions
--- a/apps/accounts/api/serializers.py
+++ b/apps/accounts/api/serializers.py
@ -15,13 +15,13 @@ class UserDetailSerializer(serializers.ModelSerializer):
 class UserLoginSerializer(serializers.ModelSerializer):
    token = serializers.CharField(allow_blank=True, read_only=True)
    username = serializers.CharField(required=False, allow_blank=True)
-    email = serializers.EmailField(required=False, allow_blank=True)
+    # email = serializers.EmailField(required=False, allow_blank=True)

    class Meta:
        model = User
        fields = [
            'username',
-            'email',
+            # 'email',
            'password',
            'token'
        ]
@ -35,15 +35,21 @@ class UserLoginSerializer(serializers.ModelSerializer):
    def validate(self, data):
        user_obj = None
        username = data.get('username', None)
-        email = data.get('email', None)
+        # email = data.get('email', None)
        password = data.get('password', None)

-        if not email and not username:
+        # if not email and not username:
+        #     raise serializers.ValidationError('username or email is required to login.')
+        # user = User.objects.filter(
+        #     Q(username=username) |
+        #     Q(email=email)
+        # ).distinct()
+        if not username:
            raise serializers.ValidationError('username or email is required to login.')
        user = User.objects.filter(
-            Q(username=username) |
-            Q(email=email)
-        ).distinct()
+                Q(username=username) |
+                Q(email=username)
+            ).distinct()
        user = user.exclude(email__isnull=True).exclude(email__iexact='')
        if user.exists() and user.count() == 1:
            user_obj = user.first()
--- a/apps/accounts/api/views.py
+++ b/apps/accounts/api/views.py
@ -1,13 +1,25 @@
 from django.contrib.auth import get_user_model
+from django.db.models import Q
 from rest_framework.response import Response
 from rest_framework.status import HTTP_201_CREATED, HTTP_400_BAD_REQUEST
 from rest_framework.views import APIView
 from rest_framework.permissions import AllowAny
 from .serializers import UserLoginSerializer
+from django.contrib.auth.backends import ModelBackend

 User = get_user_model()


+class CustomBackend(ModelBackend):
+    def authenticate(self, request, username=None, password=None, **kwargs):
+        try:
+            user = User.objects.get(Q(username=username)|Q(email=username))
+            if user.check_password(password):
+                return user
+        except Exception as e:
+            return None
+
+
 class UserLoginAPIView(APIView):
    permission_classes = [AllowAny]
    serializer_class = UserLoginSerializer
--- a/mosqkiller/settings.py
+++ b/mosqkiller/settings.py
@ -153,3 +153,8 @@ REST_FRAMEWORK = {
 JWT_AUTH = {
    'JWT_EXPIRATION_DELTA': datetime.timedelta(seconds=600),
 }
+
+# Custom auth backend
+# AUTHENTICATION_BACKENDS = (
+#     'accounts.api.views.CustomBackend',
+# )