Solution

mate-academy · Dec 12, 2024 · 9e3d71c · 9e3d71c
1 parent 93c12eb
commit 9e3d71c
Show file tree

Hide file tree

Showing 5 changed files with 86 additions and 4 deletions.
diff --git a/cinema_service/settings.py b/cinema_service/settings.py
@@ -125,7 +125,7 @@
 
 USE_I18N = True
 
-USE_TZ = False
+USE_TZ = True
 
 
 # Static files (CSS, JavaScript, Images)
@@ -137,3 +137,9 @@
 # https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field
 
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
+
+REST_FRAMEWORK = {
+    "DEFAULT_PERMISSION_CLASSES": [
+        "rest_framework.permissions.IsAuthenticated",
+    ]
+}
diff --git a/user/permissions.py b/user/permissions.py
@@ -0,0 +1,12 @@
+from rest_framework.permissions import BasePermission, SAFE_METHODS
+
+
+class IsAdminOrIfAuthenticatedReadOnly(BasePermission):
+    def has_permission(self, request, view):
+        return bool(
+            (request.method in SAFE_METHODS
+            and request.user
+            and request.user.is_authenticated
+        )
+            or (request.user and request.user.is_staff)
+        )
diff --git a/user/serializers.py b/user/serializers.py
@@ -1 +1,23 @@
-# write your code here
+from django.contrib.auth import get_user_model
+from rest_framework import serializers
+
+
+class UserSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = get_user_model()
+        fields = ("id", "username", "email", "is_staff")
+        read_only_fields = ("id", "is_staff")
+        extra_kwargs = {"password": {"write_only": True, "min_length": 5}}
+
+    def create(self, validated_data):
+        return get_user_model().objects.create_user(**validated_data)
+
+    def update(self, instance, validated_data):
+        password = validated_data.pop("password", None)
+        user = super().update(instance, validated_data)
+
+        if password:
+            user.set_password(password)
+            user.save()
+
+        return user
diff --git a/user/urls.py b/user/urls.py
@@ -1 +1,11 @@
-# write your code here
+from django.urls import path
+
+from user.views import CreateUserView, CreateTokenView, ManageUserView, OrderViewSet
+
+urlpatterns = [
+	path("register/", CreateUserView.as_view(), name="create"),
+    path("login/", CreateTokenView.as_view(), name="token"),
+    path("me/", ManageUserView.as_view(), name="manage"),
+    path("order/", OrderViewSet.as_view(), name="order"),
+]
+
diff --git a/user/views.py b/user/views.py
@@ -1 +1,33 @@
-# write your code here
+from rest_framework import generics, viewsets
+from rest_framework.authentication import TokenAuthentication
+from rest_framework.authtoken.views import ObtainAuthToken
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.settings import api_settings
+
+from user.permissions import IsAdminOrIfAuthenticatedReadOnly
+from user.serializers import UserSerializer
+
+
+
+class CreateUserView(generics.CreateAPIView):
+    serializer_class = UserSerializer
+
+class CreateTokenView(ObtainAuthToken):
+    renderer_classes = api_settings.DEFAULT_RENDERER_CLASSES
+
+class ManageUserView(generics.RetrieveUpdateAPIView):
+    serializer_class = UserSerializer
+    authentication_classes = (TokenAuthentication,)
+    permission_classes = (IsAuthenticated,)
+
+    def get_object(self):
+        return self.request.user
+
+class MyView(viewsets.ModelViewSet):
+    authentication_classes = (TokenAuthentication,)
+    permission_classes = (IsAdminOrIfAuthenticatedReadOnly,)
+
+class OrderViewSet(viewsets.ModelViewSet):
+    authentication_classes = (TokenAuthentication,)
+    permission_classes = (IsAuthenticated,)
+