Merge pull request #20 from SELab-2/authentication

Authentication
SELab-2 · Mar 4, 2024 · 0c55080 · 0c55080
2 parents 8ede0ea + c3bf63d
commit 0c55080
Show file tree

Hide file tree

Showing 25 changed files with 26 additions and 29 deletions.
diff --git a/api/__pycache__/__init__.cpython-311.pyc b/api/__pycache__/__init__.cpython-311.pyc
diff --git a/api/__pycache__/admin.cpython-311.pyc b/api/__pycache__/admin.cpython-311.pyc
diff --git a/api/__pycache__/middleware.cpython-311.pyc b/api/__pycache__/middleware.cpython-311.pyc
diff --git a/api/__pycache__/models.cpython-311.pyc b/api/__pycache__/models.cpython-311.pyc
diff --git a/api/__pycache__/serializers.cpython-311.pyc b/api/__pycache__/serializers.cpython-311.pyc
diff --git a/api/__pycache__/settings.cpython-311.pyc b/api/__pycache__/settings.cpython-311.pyc
diff --git a/api/__pycache__/urls.cpython-311.pyc b/api/__pycache__/urls.cpython-311.pyc
diff --git a/api/__pycache__/utils.cpython-311.pyc b/api/__pycache__/utils.cpython-311.pyc
diff --git a/api/__pycache__/wsgi.cpython-311.pyc b/api/__pycache__/wsgi.cpython-311.pyc
diff --git a/api/migrations/__pycache__/0001_initial.cpython-311.pyc b/api/migrations/__pycache__/0001_initial.cpython-311.pyc
diff --git a/...igrations/__pycache__/0002_remove_student_id_remove_student_name_and_more.cpython-311.pyc b/...igrations/__pycache__/0002_remove_student_id_remove_student_name_and_more.cpython-311.pyc
diff --git a/api/migrations/__pycache__/0003_alter_student_subjects.cpython-311.pyc b/api/migrations/__pycache__/0003_alter_student_subjects.cpython-311.pyc
diff --git a/api/migrations/__pycache__/0004_alter_student_subjects.cpython-311.pyc b/api/migrations/__pycache__/0004_alter_student_subjects.cpython-311.pyc
diff --git a/api/migrations/__pycache__/0005_alter_vak_teachers.cpython-311.pyc b/api/migrations/__pycache__/0005_alter_vak_teachers.cpython-311.pyc
diff --git a/...migrations/__pycache__/0006_remove_lesgever_id_alter_lesgever_lesgever_id.cpython-311.pyc b/...migrations/__pycache__/0006_remove_lesgever_id_alter_lesgever_lesgever_id.cpython-311.pyc
diff --git a/api/migrations/__pycache__/0007_alter_lesgever_subjects_alter_vak_teachers.cpython-311.pyc b/api/migrations/__pycache__/0007_alter_lesgever_subjects_alter_vak_teachers.cpython-311.pyc
diff --git a/api/migrations/__pycache__/__init__.cpython-311.pyc b/api/migrations/__pycache__/__init__.cpython-311.pyc
diff --git a/api/models.py b/api/models.py
@@ -12,7 +12,7 @@ def __str__(self):
 class Lesgever(models.Model):
     lesgever_id = models.AutoField(primary_key=True)
     name = models.CharField(max_length=100)
-    email = models.EmailField()
+    email = models.EmailField(default=False)
     subjects = models.ManyToManyField('Vak', related_name='lesgevers_enrolled', blank=True)
     is_admin = models.BooleanField(default=False)
 

diff --git a/api/serializers.py b/api/serializers.py
@@ -15,9 +15,6 @@ def create(self, validated_data):
         return Student.objects.create(**validated_data)
 
     def update(self, instance, validated_data):
-        # Update the regular fields
-        instance.name = validated_data.get('name', instance.name)
-        instance.email = validated_data.get('email', instance.email)
         # Update the subjects list
         subjects_data = validated_data.pop('subjects', None)
         if subjects_data is not None:

diff --git a/api/settings.py b/api/settings.py
@@ -54,7 +54,7 @@
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
-    'api.middleware.RedirectAnonymousUserMiddleware',
+    #'api.middleware.RedirectAnonymousUserMiddleware',
 ]
 
 ROOT_URLCONF = 'api.urls'

diff --git a/api/urls.py b/api/urls.py
@@ -18,12 +18,13 @@
 from django.urls import path, include
 
 from .views.views import microsoft_association, login_redirect
-from .views.student import student_list
+from .views.student import student_list, student_detail
 
 urlpatterns = [
     path('.well-known/microsoft-identity-association.json', microsoft_association),
     path('admin/', admin.site.urls),
     path('oauth2/', include('django_auth_adfs.urls')),
     path('login_redirect', login_redirect),
-    path('api/studenten', student_list)
+    path('api/studenten', student_list),
+    path('api/studenten/<int:id>', student_detail)
 ]
diff --git a/api/utils.py b/api/utils.py
@@ -2,11 +2,6 @@
 from django.http import JsonResponse
 import requests
 
-ERRORS = {
-    'no_perm': 'You do not have permission to view this data',
-    'generic': 'There was an error'
-}
-
 
 def get_graph_token():
     """
@@ -27,9 +22,4 @@ def get_graph_token():
         response = requests.post(url=url, headers=headers, data=data)
         return response.json()
     except:
-        return None
-
-
-
-def json_error(error_code):
-    return JsonResponse({'error': {'message': ERRORS.get(error_code, ERRORS['generic'])}})
+        return None
diff --git a/api/views/__pycache__/student.cpython-311.pyc b/api/views/__pycache__/student.cpython-311.pyc
diff --git a/api/views/__pycache__/views.cpython-311.pyc b/api/views/__pycache__/views.cpython-311.pyc
diff --git a/api/views/student.py b/api/views/student.py
@@ -5,27 +5,36 @@
 
 
 from ..models import Student
-from ..serializers import StudentSerializer
-from ..utils import json_error
+from ..serializers.student import StudentSerializer
 
 
 @api_view(['GET', 'POST'])
 def student_list(request):
     if request.method == 'GET':
         students = Student.objects.all()
         serializer = StudentSerializer(students, many=True)
-        return JsonResponse({'studenten': serializer.data})
+        return Response(serializer.data)
     elif request.method == 'POST':
         serializer = StudentSerializer(data=request.data)
         if serializer.is_valid():
             serializer.save()
             return Response(serializer.data, status=status.HTTP_201_CREATED)
-
-
-    """if request.user.is_superuser:
-        students = Student.objects.all()
-        serializer = StudentSerializer(students, many=True)
-        return JsonResponse({'studenten': serializer.data})
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
 
-    else:
-        return json_error('no_perm')"""
+@api_view(['GET', 'PUT'])
+def student_detail(request, id):
+    try:
+        student = Student.objects.get(pk=id)
+    except Student.DoesNotExist:
+        return Response(status=status.HTTP_404_NOT_FOUND)
+
+    if request.method == 'GET':
+        serializer = StudentSerializer(student)
+        return Response(serializer.data)
+    elif request.method == 'PUT':
+        serializer = StudentSerializer(student, data=request.data)
+        if serializer.is_valid():
+            serializer.save()
+            return Response(serializer.data)
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)