diff --git a/adventurers_inventory/settings.py b/adventurers_inventory/settings.py index dc7f1b1..70a4033 100644 --- a/adventurers_inventory/settings.py +++ b/adventurers_inventory/settings.py @@ -44,7 +44,9 @@ 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', - 'main' + 'main', + 'authentication', + 'corsheaders', ] MIDDLEWARE = [ @@ -55,6 +57,7 @@ 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'corsheaders.middleware.CorsMiddleware', ] ROOT_URLCONF = 'adventurers_inventory.urls' @@ -127,6 +130,13 @@ USE_TZ = True +CORS_ALLOW_ALL_ORIGINS = True +CORS_ALLOW_CREDENTIALS = True +CSRF_COOKIE_SECURE = True +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SAMESITE = 'None' +SESSION_COOKIE_SAMESITE = 'None' + # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/4.2/howto/static-files/ diff --git a/adventurers_inventory/urls.py b/adventurers_inventory/urls.py index 0471e26..678f349 100644 --- a/adventurers_inventory/urls.py +++ b/adventurers_inventory/urls.py @@ -19,5 +19,6 @@ urlpatterns = [ path('admin/', admin.site.urls), - path('', include('main.urls')) + path('', include('main.urls')), + path('auth/', include('authentication.urls')), ] diff --git a/authentication/__init__.py b/authentication/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/authentication/admin.py b/authentication/admin.py new file mode 100644 index 0000000..8c38f3f --- /dev/null +++ b/authentication/admin.py @@ -0,0 +1,3 @@ +from django.contrib import admin + +# Register your models here. diff --git a/authentication/apps.py b/authentication/apps.py new file mode 100644 index 0000000..8bab8df --- /dev/null +++ b/authentication/apps.py @@ -0,0 +1,6 @@ +from django.apps import AppConfig + + +class AuthenticationConfig(AppConfig): + default_auto_field = 'django.db.models.BigAutoField' + name = 'authentication' diff --git a/authentication/migrations/__init__.py b/authentication/migrations/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/authentication/models.py b/authentication/models.py new file mode 100644 index 0000000..71a8362 --- /dev/null +++ b/authentication/models.py @@ -0,0 +1,3 @@ +from django.db import models + +# Create your models here. diff --git a/authentication/tests.py b/authentication/tests.py new file mode 100644 index 0000000..7ce503c --- /dev/null +++ b/authentication/tests.py @@ -0,0 +1,3 @@ +from django.test import TestCase + +# Create your tests here. diff --git a/authentication/urls.py b/authentication/urls.py new file mode 100644 index 0000000..d3273e7 --- /dev/null +++ b/authentication/urls.py @@ -0,0 +1,9 @@ +from django.urls import path +from authentication.views import * + +app_name = 'authentication' + +urlpatterns = [ + path('login/', login, name='login'), + path('logout/', logout, name='logout'), +] \ No newline at end of file diff --git a/authentication/views.py b/authentication/views.py new file mode 100644 index 0000000..90f01af --- /dev/null +++ b/authentication/views.py @@ -0,0 +1,48 @@ +from django.shortcuts import render +from django.contrib.auth import authenticate, login as auth_login, logout as auth_logout +from django.http import JsonResponse +from django.views.decorators.csrf import csrf_exempt + +@csrf_exempt +def login(request): + username = request.POST['username'] + password = request.POST['password'] + user = authenticate(username=username, password=password) + if user is not None: + if user.is_active: + auth_login(request, user) + # Status login sukses. + return JsonResponse({ + "username": user.username, + "status": True, + "message": "Login sukses!" + # Tambahkan data lainnya jika ingin mengirim data ke Flutter. + }, status=200) + else: + return JsonResponse({ + "status": False, + "message": "Login gagal, akun dinonaktifkan." + }, status=401) + + else: + return JsonResponse({ + "status": False, + "message": "Login gagal, periksa kembali email atau kata sandi." + }, status=401) + +@csrf_exempt +def logout(request): + username = request.user.username + + try: + auth_logout(request) + return JsonResponse({ + "username": username, + "status": True, + "message": "Logout berhasil!" + }, status=200) + except: + return JsonResponse({ + "status": False, + "message": "Logout gagal." + }, status=401) \ No newline at end of file diff --git a/main/urls.py b/main/urls.py index fe78445..49e14d3 100644 --- a/main/urls.py +++ b/main/urls.py @@ -1,5 +1,5 @@ from django.urls import path, include -from main.views import show_main, create_item, show_xml, show_json, show_xml_by_id, show_json_by_id, register, login_user, logout_user, increment_item, decrement_item, trash_item, get_item_json, add_item_ajax, delete_item_ajax +from main.views import create_item_flutter, show_main, create_item, show_xml, show_json, show_xml_by_id, show_json_by_id, register, login_user, logout_user, increment_item, decrement_item, trash_item, get_item_json, add_item_ajax, delete_item_ajax app_name = 'main' @@ -19,5 +19,6 @@ path('trash_item/', trash_item, name='trash_item'), path('get-item/', get_item_json, name='get_item_json'), path('create-item-ajax/', add_item_ajax, name='add_item_ajax'), - path('delete_item_ajax//', delete_item_ajax, name='delete_item_ajax') + path('delete_item_ajax//', delete_item_ajax, name='delete_item_ajax'), + path('create-flutter/', create_item_flutter, name='create_item_flutter'), ] \ No newline at end of file diff --git a/main/views.py b/main/views.py index e54041b..24bfb99 100644 --- a/main/views.py +++ b/main/views.py @@ -1,6 +1,7 @@ import datetime +import json from django.shortcuts import render -from django.http import HttpResponseRedirect +from django.http import HttpResponseRedirect, JsonResponse from main.forms import ItemForm from django.urls import reverse from main.models import Item @@ -150,4 +151,27 @@ def delete_item_ajax(request, item_id): item.delete() return HttpResponse(b"DELETED", status=200) - return HttpResponseNotFound() \ No newline at end of file + return HttpResponseNotFound() + +@csrf_exempt +def create_item_flutter(request): + if request.method == 'POST': + + data = json.loads(request.body) + + new_item = Item.objects.create( + user = request.user, + name = data["name"], + amount = int(data["amount"]), + price = int(data["price"]), + description = data["description"], + link_image = data["link_image"], + item_level = int(data["item_level"]), + + ) + + new_item.save() + + return JsonResponse({"status": "success"}, status=200) + else: + return JsonResponse({"status": "error"}, status=401) \ No newline at end of file