PlayMan/WrestleDesk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
80897a7a6e8d93a29b33ce51fb33a9fe848d5c3f
WrestleDesk/backend/auth_app/views.py
T
Andrej Spielmann 3fefc550fe Initial commit: WrestleDesk full project 
- Django backend with DRF (clubs, wrestlers, trainers, exercises, templates, trainings, homework, locations, leistungstest)
- Next.js 16 frontend with React, Shadcn UI, Tailwind
- JWT authentication
- Full CRUD for all entities
- Calendar view for trainings
- Homework management system
- Leistungstest tracking
2026-03-26 13:24:57 +01:00

99 lines
3.3 KiB
Python
Raw Blame History

from rest_framework import status
from rest_framework.decorators import api_view, permission_classes, throttle_classes
from rest_framework.permissions import AllowAny, IsAuthenticated
from rest_framework.response import Response
from rest_framework.throttling import AnonRateThrottle
from rest_framework_simplejwt.tokens import RefreshToken
from django.contrib.auth import authenticate
from .models import UserPreferences
from .serializers import LoginSerializer, RegisterSerializer, UserSerializer, UserPreferencesSerializer
class AuthRateThrottle(AnonRateThrottle):
rate = '5/minute'
@api_view(['POST'])
@permission_classes([AllowAny])
@throttle_classes([AuthRateThrottle])
def login(request):
serializer = LoginSerializer(data=request.data)
if serializer.is_valid():
user = authenticate(
username=serializer.validated_data['username'],
password=serializer.validated_data['password']
)
if user:
refresh = RefreshToken.for_user(user)
return Response({
'access': str(refresh.access_token),
'refresh': str(refresh),
'user': UserSerializer(user).data
})
return Response(
{'detail': 'Invalid credentials'},
status=status.HTTP_401_UNAUTHORIZED
)
return Response({'detail': serializer.errors}, status=status.HTTP_400_BAD_REQUEST)
@api_view(['POST'])
@permission_classes([AllowAny])
@throttle_classes([AuthRateThrottle])
def register(request):
serializer = RegisterSerializer(data=request.data)
if serializer.is_valid():
user = serializer.save()
refresh = RefreshToken.for_user(user)
return Response({
'access': str(refresh.access_token),
'refresh': str(refresh),
'user': UserSerializer(user).data
}, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
@api_view(['POST'])
@permission_classes([AllowAny])
@throttle_classes([AuthRateThrottle])
def refresh_token(request):
refresh_token = request.data.get('refresh')
if not refresh_token:
return Response(
{'detail': 'Refresh token required'},
status=status.HTTP_400_BAD_REQUEST
)
try:
refresh = RefreshToken(refresh_token)
return Response({
'access': str(refresh.access_token),
})
except Exception:
return Response(
{'detail': 'Invalid refresh token'},
status=status.HTTP_401_UNAUTHORIZED
)
@api_view(['GET'])
@permission_classes([IsAuthenticated])
def me(request):
return Response(UserSerializer(request.user).data)
@api_view(['GET', 'PATCH'])
@permission_classes([IsAuthenticated])
def user_preferences(request):
if request.method == 'GET':
prefs, _ = UserPreferences.objects.get_or_create(user=request.user)
serializer = UserPreferencesSerializer(prefs)
return Response(serializer.data)
elif request.method == 'PATCH':
prefs, _ = UserPreferences.objects.get_or_create(user=request.user)
serializer = UserPreferencesSerializer(prefs, data=request.data, partial=True)
if serializer.is_valid():
serializer.save()
return Response(serializer.data)
return Response(serializer.errors, status=400)
Reference in New Issue View Git Blame Copy Permalink