Add JWT authentication support on the backend #67
Conversation
| @@ -12,6 +12,8 @@ gunicorn = "*" | |||
| django-heroku = "*" | |||
| djangorestframework = "*" | |||
| pillow = "*" | |||
| djangorestframework-jwt = "*" | |||
There was a problem hiding this comment.
Based on the update here, I think we should pivot to using a newer, active library.
server/api/views/user.py
Outdated
| return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) | ||
|
|
||
|
|
||
| """ |
There was a problem hiding this comment.
You probably don't need this comment to be a docstring.
server/api/serializers.py
Outdated
| from .models import * | ||
|
|
||
| # Serializers to support seralizing User and Group objects | ||
| class UserSerializer(serializers.HyperlinkedModelSerializer): | ||
| class Meta: | ||
| model = User | ||
| fields = ['email', 'first_name', 'last_name', 'groups', 'is_staff'] | ||
| # Should it have the 'username' field? | ||
| fields = ['email', 'first_name', 'last_name', 'groups', 'is_staff', 'username'] |
There was a problem hiding this comment.
I don't think we necessarily need username in addition to email/first/last, but up to you
There was a problem hiding this comment.
I think the "username" field is required?
| """ | ||
| API endpoint that allows users to be viewed or edited. | ||
| Create a new user. It's called 'UserList' because normally we'd have a get | ||
| method here too, for retrieving a list of all User objects. |
There was a problem hiding this comment.
The official convention (just for the future) is that Python docstrings like this one should contain only client-facing descriptions of the functionality, and not include implementation-specific notes that consumers of your class/function won't need to know about. This is the same philosophy behind the "function contracts" we're being asked to write in Comp 15. You don't necessarily need to change it this time, but you should keep this in mind for the future as a best practice.
There was a problem hiding this comment.
I just used the same code that they have in the tutorial.
server/api/views/user.py
Outdated
| return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) | ||
|
|
||
|
|
||
| """ |
There was a problem hiding this comment.
You can go ahead and remove code from previous git revisions instead of commenting it out. If it's needed in the future it will still be in git history
|
Closing in favor of #73 |
Closes #58
Followed a tutorial for adding JWT authentication support on the backend. The user view was changed to use a view instead of a viewset to follow the tutorial (but I kept the viewset commented out for now).