From 3322b3765f77bcd7b4514075383635fb373edcc5 Mon Sep 17 00:00:00 2001 From: KX3simsimsimPXR Date: Mon, 8 Nov 2021 10:54:50 +0300 Subject: [PATCH 1/2] auth --- commerce/controllers.py | 129 ++++++++++++++++++++++++++++++++++------ commerce/schemas.py | 23 +++++++ config/urls.py | 4 +- 3 files changed, 135 insertions(+), 21 deletions(-) diff --git a/commerce/controllers.py b/commerce/controllers.py index a8a551a..61d5c0c 100644 --- a/commerce/controllers.py +++ b/commerce/controllers.py @@ -4,28 +4,35 @@ from django.contrib.auth import get_user_model from django.db.models import Q +from django.http.response import JsonResponse from django.shortcuts import get_object_or_404 from ninja import Router from pydantic import UUID4 from account.authorization import GlobalAuth -from commerce.models import Product, Category, City, Vendor, Item, Order, OrderStatus -from commerce.schemas import ProductOut, CitiesOut, CitySchema, VendorOut, ItemOut, ItemSchema, ItemCreate +from commerce.models import Address, Product, Category, City, Vendor, Item, Order, OrderStatus +from commerce.schemas import AddressSchema, AddressesOut, CheckoutSchema, ProductOut, CitiesOut, CitySchema, VendorOut, ItemOut, ItemSchema, ItemCreate from config.utils.schemas import MessageOut products_controller = Router(tags=['products']) address_controller = Router(tags=['addresses']) vendor_controller = Router(tags=['vendors']) order_controller = Router(tags=['orders']) +user_controller = Router(tags=['users']) User = get_user_model() -@vendor_controller.get('', response=List[VendorOut]) +@user_controller.get('/users') +def list_users(request): + user = User.objects.all().values() + return JsonResponse({"Users": list(user)}) + +@vendor_controller.get('', auth=GlobalAuth(),response=List[VendorOut]) def list_vendors(request): return Vendor.objects.all() -@products_controller.get('', response={ +@products_controller.get('', auth=GlobalAuth(),response={ 200: List[ProductOut], 404: MessageOut }) @@ -114,7 +121,7 @@ def list_products( """ -@address_controller.get('') +@address_controller.get('' ,auth=GlobalAuth()) def list_addresses(request): pass @@ -124,7 +131,7 @@ def list_addresses(request): # return Category.objects.all() -@address_controller.get('cities', response={ +@address_controller.get('cities',auth=GlobalAuth(), response={ 200: List[CitiesOut], 404: MessageOut }) @@ -137,7 +144,7 @@ def list_cities(request): return 404, {'detail': 'No cities found'} -@address_controller.get('cities/{id}', response={ +@address_controller.get('cities/{id}', auth=GlobalAuth(),response={ 200: CitiesOut, 404: MessageOut }) @@ -145,7 +152,7 @@ def retrieve_city(request, id: UUID4): return get_object_or_404(City, id=id) -@address_controller.post('cities', response={ +@address_controller.post('cities', auth=GlobalAuth(),response={ 201: CitiesOut, 400: MessageOut }) @@ -155,7 +162,7 @@ def create_city(request, city_in: CitySchema): return 201, city -@address_controller.put('cities/{id}', response={ +@address_controller.put('cities/{id}', auth=GlobalAuth(),response={ 200: CitiesOut, 400: MessageOut }) @@ -166,7 +173,7 @@ def update_city(request, id: UUID4, city_in: CitySchema): return 200, city -@address_controller.delete('cities/{id}', response={ +@address_controller.delete('cities/{id}', auth=GlobalAuth(),response={ 204: MessageOut }) def delete_city(request, id: UUID4): @@ -175,12 +182,13 @@ def delete_city(request, id: UUID4): return 204, {'detail': ''} -@order_controller.get('cart', response={ +@order_controller.get('cart',auth=GlobalAuth(), response={ 200: List[ItemOut], 404: MessageOut }) def view_cart(request): - cart_items = Item.objects.filter(user=User.objects.first(), ordered=False) + user = get_object_or_404(User, id=request.auth['pk']) + cart_items = Item.objects.filter(user=user, ordered=False) if cart_items: return cart_items @@ -188,13 +196,15 @@ def view_cart(request): return 404, {'detail': 'Your cart is empty, go shop like crazy!'} -@order_controller.post('add-to-cart', response={ +@order_controller.post('add-to-cart',auth=GlobalAuth(), response={ 200: MessageOut, # 400: MessageOut }) def add_update_cart(request, item_in: ItemCreate): try: - item = Item.objects.get(product_id=item_in.product_id, user=User.objects.first()) + user = get_object_or_404(User, id=request.auth['pk']) + + item = Item.objects.get(product_id=item_in.product_id, user=user) item.item_qty += 1 item.save() except Item.DoesNotExist: @@ -203,11 +213,13 @@ def add_update_cart(request, item_in: ItemCreate): return 200, {'detail': 'Added to cart successfully'} -@order_controller.post('item/{id}/reduce-quantity', response={ +@order_controller.post('item/{id}/reduce-quantity',auth=GlobalAuth(), response={ 200: MessageOut, }) def reduce_item_quantity(request, id: UUID4): - item = get_object_or_404(Item, id=id, user=User.objects.first()) + user = get_object_or_404(User, id=request.auth['pk']) + + item = get_object_or_404(Item, id=id, user=user) if item.item_qty <= 1: item.delete() return 200, {'detail': 'Item deleted!'} @@ -217,11 +229,13 @@ def reduce_item_quantity(request, id: UUID4): return 200, {'detail': 'Item quantity reduced successfully!'} -@order_controller.delete('item/{id}', response={ +@order_controller.delete('item/{id}',auth=GlobalAuth(), response={ 204: MessageOut }) def delete_item(request, id: UUID4): - item = get_object_or_404(Item, id=id, user=User.objects.first()) + user = get_object_or_404(User, id=request.auth['pk']) + + item = get_object_or_404(Item, id=id, user=user) item.delete() return 204, {'detail': 'Item deleted!'} @@ -239,9 +253,10 @@ def create_order(request): * add NEW status * calculate the total ''' + user = get_object_or_404(User, id=request.auth['pk']) order_qs = Order.objects.create( - user=User.objects.first(), + user=user, status=OrderStatus.objects.get(is_default=True), ref_code=generate_ref_code(), ordered=False, @@ -255,3 +270,79 @@ def create_order(request): order_qs.save() return {'detail': 'order created successfully'} + + +############ Adresses CRUD +@order_controller.post('/orders/item/{id}/increase-quantity',auth=GlobalAuth(), response={ + 200: MessageOut, +}) +def increase_item_quantity(request, id: UUID4): + user = get_object_or_404(User, id=request.auth['pk']) + + item = get_object_or_404(Item, id=id, user=user) + item.item_qty += 1 + item.save() + + return 200, {'detail': 'Item quantity increased successfully!'} + + + +@address_controller.get('addresses', auth=GlobalAuth(),response={ + 200: List[AddressesOut], + 404: MessageOut +}) +def list_addresses(request): + addresses_qs = Address.objects.all() + + if addresses_qs: + return addresses_qs + + return 404, {'detail': 'No addresses found'} + + +@address_controller.get('addresses/{id}',auth=GlobalAuth(), response={ + 200: AddressesOut, + 404: MessageOut +}) +def retrieve_address(request, id: UUID4): + return get_object_or_404(Address, id=id) + + +@address_controller.post('addresses', auth=GlobalAuth(),response={ + 200: MessageOut, + 400: MessageOut +}) +def create_address(request, address_in: AddressSchema): + user = get_object_or_404(User, id=request.auth['pk']) + + Address.objects.create(**address_in.dict() , user=user) + return 200, {'detail': 'Added successfully'} + + +@address_controller.put('addresses/{id}',auth=GlobalAuth(), response={ + 200: AddressSchema, + 400: MessageOut +}) +def update_address(request, id: UUID4, address_in: AddressSchema): + address = get_object_or_404(Address, id=id) + for key, value in address_in.items(): + setattr(address, key, value) + return 200, address + + +@address_controller.delete('addresses/{id}', auth=GlobalAuth(),response={ + 204: MessageOut +}) +def delete_address(request, id: UUID4): + address = get_object_or_404(Address, id=id) + address.delete() + return 204, {'detail': ''} + + +@order_controller.put('/api/orders/checkout/{id}',auth=GlobalAuth(), response=MessageOut) + +def checkout(request, id: UUID4, checkout_in: CheckoutSchema): + order = get_object_or_404(Order, id=id) + for key, value in checkout_in.items(): + setattr(order, key, value) + return {'detail': 'order checkout successfully'} diff --git a/commerce/schemas.py b/commerce/schemas.py index 5d68396..890733f 100644 --- a/commerce/schemas.py +++ b/commerce/schemas.py @@ -91,3 +91,26 @@ class ItemOut(UUIDSchema, ItemSchema): pass +class UserOut(UUIDSchema): + username:str + last_name:str + email:str + is_staff:str + is_active:str + + +class AddressSchema(Schema): + city_id:UUID4 + work_address:bool + address1:str + address2:str + phone:str + + +class AddressesOut(UUIDSchema , AddressSchema): + pass + + +class CheckoutSchema(Schema): + note: str = None + address: UUID4 diff --git a/config/urls.py b/config/urls.py index 3851026..533d839 100644 --- a/config/urls.py +++ b/config/urls.py @@ -19,11 +19,11 @@ from ninja import NinjaAPI from account.controllers import account_controller -from commerce.controllers import products_controller, address_controller, vendor_controller, order_controller +from commerce.controllers import products_controller,user_controller,address_controller, vendor_controller, order_controller from config import settings api = NinjaAPI() - +api.add_router('users', user_controller) api.add_router('products', products_controller) api.add_router('addresses', address_controller) api.add_router('vendors', vendor_controller) From f09530f07a4bc701f481f42cc108f9750b93b36d Mon Sep 17 00:00:00 2001 From: KX3simsimsimPXR Date: Mon, 8 Nov 2021 11:03:46 +0300 Subject: [PATCH 2/2] auth --- commerce/controllers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/commerce/controllers.py b/commerce/controllers.py index 61d5c0c..6fe1e3b 100644 --- a/commerce/controllers.py +++ b/commerce/controllers.py @@ -325,7 +325,7 @@ def create_address(request, address_in: AddressSchema): }) def update_address(request, id: UUID4, address_in: AddressSchema): address = get_object_or_404(Address, id=id) - for key, value in address_in.items(): + for key, value in address_in: setattr(address, key, value) return 200, address @@ -343,6 +343,6 @@ def delete_address(request, id: UUID4): def checkout(request, id: UUID4, checkout_in: CheckoutSchema): order = get_object_or_404(Order, id=id) - for key, value in checkout_in.items(): + for key, value in checkout_in: setattr(order, key, value) return {'detail': 'order checkout successfully'}