This is my customized User Object in django.
class User(AbstractBaseUser, PermissionsMixin):
mobile = models.CharField(max_length=100, unique=True)
email = models.EmailField(max_length=255, null=True)
username = models.CharField(max_length=255, null=True)
full_name = models.CharField(max_length=255, blank=True, null=True)
is_staff = models.BooleanField(default=False)
is_superuser = models.BooleanField(default=False)
location = models.ForeignKey(Location, on_delete=models.SET_NULL, null=True)
USERNAME_FIELD = 'mobile'
REQUIRED_FIELDS = []
objects = UserManager()
And this is the UserManager,
class UserManager(BaseUserManager):
def create_user(self, mobile, email=None, username=None, full_name=None, password=None, is_staff=False,
is_superuser=False):
if not mobile:
raise ValueError("Can't create User without a mobile number!")
if not password:
raise ValueError("Can't create User without a password!")
user = self.model(
mobile=mobile,
email=self.normalize_email(email),
username=username,
full_name=full_name,
is_staff=is_staff,
is_superuser=is_superuser,
)
user.set_password(password)
user.save(self._db)
return user
This is my UserSerializer Class
class UserSerializer(serializers.ModelSerializer):
password = serializers.CharField(write_only=True)
id = serializers.IntegerField(read_only=True)
class Meta:
model = models.User
fields = (
'id',
'mobile',
'email',
'username',
'full_name',
'password',
)
And this is the view where I'm trying to register a User.
class RegisterView(views.APIView):
def post(self, request):
serialized = UserSerializer(data=request.data)
if serialized.is_valid():
user = UserManager().create_user(mobile=serialized.mobile, email=serialized.email, username=serialized.email, full_name=serialized.full_name, password=serialized.password)
if user:
return Response(serialized.data, status=status.HTTP_201_CREATED)
else:
return Response(serialized.errors, status=status.HTTP_400_BAD_REQUEST)
I end up getting the following error message,
AttributeError at /api/v1/bouncer/register/
'UserSerializer' object has no attribute 'mobile'
But of course I've a mobile attribute. What am I doing wrong here?
.mobile, .email, ... are not on the Serializer object but on the instance. UserSerializer(data=...) returns a Serializer instance. (not a model instance)
If you want to keep your code the solution is to do:
UserManager().create_user(
mobile=serialized.validated_data['mobile'],
email=serialized.validated_data['email'],
...
But this way, you're not taking advantage of the serializer.
Personally, I would get rid of the UserManager. (By the way, the best way to create a manager is to inherit from django.db.models.Queryset and then do object = UserQueryset.as_manager())
I would write a serializer, like yours:
class UserSerializer(serializers.ModelSerializer):
password = serializers.CharField(write_only=True)
id = serializers.IntegerField(read_only=True)
class Meta:
model = models.User
fields = (
'id', 'mobile', 'email', 'username', 'full_name', 'password',
)
def create(self, validated_data):
password = validated_data.pop('password')
user = super().create(validated_data)
user.set_password(password)
return user
Then in your view, you just have to do:
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(...)
else:
return Response(...)
Also, instead of writing a full function, you could use a generic API view. (CreateAPIView is most likely what you want.)
N.B.: Everything is pseudocode, I have not tested it, but the solution should be extremely similar delta some small changes
Related
Unable to add a new customer to the database..
I made a class Named customer that has a one-to-one relationship with a class named User that is an AbstractUser
I want to send the data through rest API so that I can create a new customer in the customer table and a new user that is One To One Related to the customer from the same view.
User Model
class User(AbstractUser):
# Add additional fields here
id = None
email = models.EmailField(max_length=254, primary_key=True)
name = models.CharField(max_length=100)
password = models.CharField(max_length=100)
is_patient = models.BooleanField(default=False)
is_doctor = models.BooleanField(default=False)
is_homesampler = models.BooleanField(default=False)
is_pathologist = models.BooleanField(default=False)
is_admin = models.BooleanField(default=False)
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=False)
date_joined = models.DateTimeField(auto_now_add=True)
last_login = models.DateTimeField(auto_now=True)
first_name = None
last_name = None
username = None
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['name', 'password']
objects = CustomUserManager()
def __str__(self):
return self.email
# Ensure that the password is hashed before saving it to the database
def save(self, *args, **kwargs):
self.password = make_password(self.password)
super(User, self).save(*args, **kwargs)
def has_perm(self, perm, obj=None):
return self.is_superuser
User Serializer
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = get_user_model()
# fields = (['id', 'username', 'email', 'name'])
fields = '__all__'
customer Model
class customer(models.Model):
user = models.OneToOneField(
get_user_model(), on_delete=models.CASCADE, primary_key=True)
real = models.BooleanField(default=False)
def __str__(self):
return self.user.name
Customer Serializer
class CustomerSerializer(serializers.ModelSerializer):
userdata = UserSerializer(read_only=True, source='user')
class Meta:
model = customer
fields = '__all__'
def create(self, validated_data):
user_data = validated_data.pop('user')
user = get_user_model().objects.create(**user_data)
user.is_Patient = True
customer = customer.objects.create(user=user, **validated_data)
return customer
Create Customer View
# Create add customer API
#api_view(['POST'])
def addCustomer(request):
customer_serializer = CustomerSerializer(data=request.data)
if(customer_serializer.is_valid()):
customer_serializer.save()
print(customer_serializer.errors)
return Response({'message': 'okay'})
Body of API Call
{
"email" : "test#test.com",
"password": "Abc"
}
So the question is how can I create a view so that I can create a new user and a customer using just one API Call
Your call body doesn't match CustomerSerializer.
CustomerSerializer fields are "user" and "rest", so you only can pass these two unless you do something like these:
class CustomerSerializer(serializers.ModelSerializer):
userdata = UserSerializer(read_only=True, source='user')
email = serializers.EmailField(write_only=True)
password = serializers.CharField(write_only=True)
class Meta:
model = customer
fields = ["userdata", "email", "password", "id", "real"]
def create(self, validated_data):
email = validated_data.pop("email")
password = validated_data.pop("password")
user = get_user_model().objects.create(**{
"email": email,
"password": password
})
user.is_Patient = True
customer = customer.objects.create(user=user, **validated_data)
return customer
About the create method, it won't function correctly:
Because:
We shouldn't use create to create a new user instead we should use create_user More
I noticed that you removed the username so this method would be useless :)
After user.is_Patient = True, you forgot to save the user
The correct code would be:
class CustomerSerializer(serializers.ModelSerializer):
userdata = UserSerializer(read_only=True, source='user')
email = serializers.EmailField(write_only=True)
password = serializers.CharField(write_only=True)
class Meta:
model = customer
fields = ["userdata", "email", "password", "id", "real"]
def create(self, validated_data):
email = validated_data.pop("email")
password = validated_data.pop("password")
user = get_user_model().objects.create(email=email)
user.set_password(password)
user.is_Patient = True
user.save()
customer = customer.objects.create(user=user, **validated_data)
return customer
NOTE 1:
# Ensure that the password is hashed before saving it to the database
def save(self, *args, **kwargs):
self.password = make_password(self.password)
super(User, self).save(*args, **kwargs)
It is the wrong approach to make_password here because whenever you make a change in your user, it would run.
the ideal approach would be using user.set_password("new_pass") whenever you get a new password from the user.
NOTE 2:
When you pass read_only to a serializer, this means would be ignored if you passed it as data to the serializer.
About write_only, it's the opposite of read_only. It would not be returned if you called serializer.data. For example, we only want to write to the password, and we won't want to read it from the serializer, so we made it write_only.
UPDATE: Adding a name
You have to add a write_only field and then pass it to create method
class CustomerSerializer(serializers.ModelSerializer):
userdata = UserSerializer(read_only=True, source='user')
email = serializers.EmailField(write_only=True)
password = serializers.CharField(write_only=True)
name = serializers.CharField(write_only=True)
class Meta:
model = customer
fields = ["userdata", "email", "password", "id", "real", "name"]
def create(self, validated_data):
email = validated_data.pop("email")
password = validated_data.pop("password")
name = validated_data.pop("name")
user = get_user_model().objects.create(email=email, name=name)
user.set_password(password)
user.is_Patient = True
user.save()
customer = customer.objects.create(user=user, **validated_data)
return customer
I am working on a job portal project. I am using custom user model
class UserManager(BaseUserManager):
def create_user(self, email, name, password=None, **extra_fields):
if not email:
raise ValueError('Users must have an email address')
if not name:
raise ValueError('Users must have a name')
user = self.model(email=self.normalize_email(email), **extra_fields)
user.set_password(password)
user.name = name
user.save(using=self._db)
return user
def create_staffuser(self, email, password, name):
user = self.create_user(
email,
name,
password=password
)
user.is_staff = True
user.save(using=self._db)
return user
def create_superuser(self, name, email, password):
user = self.create_user(email, name, password=password)
user.is_staff = True
user.is_superuser = True
user.save(using=self._db)
return user
class User(AbstractBaseUser, PermissionsMixin):
email = models.EmailField(max_length=255, unique=True)
name = models.CharField(max_length=255)
is_active = models.BooleanField(default=True)
is_staff = models.BooleanField(default=False)
objects = UserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['name']
And I have 2 separate models one for job seekers and other for employers.
class SeekerProfile(models.Model):
"""Seeker profile for job seekers"""
MALE = 'M'
FEMALE = 'F'
OTHERS = 'O'
GENDER_CHOICES = [
(MALE, 'Male'),
(FEMALE, 'Female'),
(OTHERS, 'Others'),
]
first_name = models.CharField(max_length=255)
last_name = models.CharField(max_length=255)
date_of_birth = models.DateField()
gender = models.CharField(
max_length=1,
choices=GENDER_CHOICES
)
address = models.TextField()
city = models.CharField(max_length=100)
pincode = models.CharField(max_length=50)
phone_number = models.CharField(
max_length=50, null=False, blank=False, unique=True)
disabled = models.BooleanField(default=False)
user = models.OneToOneField(
settings.AUTH_USER_MODEL,
limit_choices_to={'is_staff': False},
on_delete=models.CASCADE
)
def __str__(self):
return self.first_name+" "+self.last_name
class BusinessStream(models.Model):
"""Business Stream dataset database"""
business_stream_name = models.CharField(max_length=50)
user = models.ForeignKey(settings.AUTH_USER_MODEL, limit_choices_to={
'is_staff': True}, on_delete=models.CASCADE)
class CompanyProfile(models.Model):
"""company profile"""
user = models.OneToOneField(settings.AUTH_USER_MODEL, limit_choices_to={
'is_staff': True}, on_delete=models.CASCADE)
company_name = models.CharField(max_length=100)
profile_description = models.TextField()
business_stream = models.ManyToManyField(
BusinessStream)
established_date = models.DateTimeField()
company_url = models.URLField()
My doubt is how to restrict one user from creating a profile on other type of user based on is_staff field in User model.
I am new to django, please help me.
views.py
class UserProfileViewSet(ModelViewSet):
queryset = SeekerProfile.objects.all()
serializer_class = serializers.ProfileSerializer
authentication_classes = (JWTAuthentication,)
permission_classes = (permissions.IsAuthenticated,)
def get_queryset(self):
"""Return objects for the current authenticated user only"""
queryset = SeekerProfile.objects.filter(user=self.request.user)
return queryset
def perform_create(self, serializer):
return serializer.save(user=self.request.user)
serializers.py
class ProfileSerializer(serializers.ModelSerializer):
"""Serializer for user Profile"""
class Meta:
model = SeekerProfile
fields = '__all__'
read_only_fields = ('id', 'user')
This allows employer to create seeker profile.
You would have to check the role of the authenticated user in your view and proceed accordingly - s.th. like
class UserProfileViewSet(ModelViewSet):
queryset = SeekerProfile.objects.all()
serializer_class = serializers.ProfileSerializer
authentication_classes = (JWTAuthentication,)
permission_classes = (permissions.IsAuthenticated,)
def get_queryset(self):
"""Return objects for the current authenticated user only"""
queryset = SeekerProfile.objects.filter(user=self.request.user)
return queryset
def perform_create(self, serializer):
# Check here
if self.request.user.is_staff:
# do something if requesting user is staff
else:
# do s.th. else
return serializer.save(user=self.request.user)
I am wrote a serializer for the User model in Django with DRF:
the model:
from django.contrib.auth.models import AbstractBaseUser
from django.contrib.auth.models import BaseUserManager
from django.db import models
from django.utils.translation import ugettext
class BaseModel(models.Model):
# all models should be inheritted from this model
created = models.DateTimeField(auto_now_add=True)
updated = models.DateTimeField(auto_now=True)
class Meta:
abstract = True
class User(AbstractBaseUser, BaseModel):
username = models.CharField(
ugettext('Username'), max_length=255,
db_index=True, unique=True
)
email = models.EmailField(
ugettext('Email'), max_length=255, db_index=True,
blank=True, null=True, unique=True
)
USERNAME_FIELD = 'username'
REQUIRED_FIELDS = ('email', 'password',)
class Meta:
app_label = 'users'
the serializer:
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = models.User
fields = ['email', 'username', 'password']
extra_kwargs = {'password': {'write_only': True}}
def create(self, validated_data):
user = super().create(validated_data)
user.set_password(validated_data['password'])
user.save()
return user
def update(self, user, validated_data):
user = super().update(user, validated_data)
user.set_password(validated_data['password'])
user.save()
return user
It works. But I probably do two calls instead of one on every create/update and the code looks a little bit weird(not DRY).
Is there an idiomatic way to do that?
$python -V
Python 3.7.3
Django==2.2.3
djangorestframework==3.10.1
You can create your own user manager by overriding BaseUserManager and use set_password() method there. There is a full example in django's documentation. So your models.py will be:
# models.py
from django.db import models
from django.contrib.auth.models import (
BaseUserManager, AbstractBaseUser
)
class MyUserManager(BaseUserManager):
def create_user(self, email, username, password=None):
if not email:
raise ValueError('Users must have an email address')
user = self.model(
email=self.normalize_email(email),
username=username,
)
user.set_password(password)
user.save(using=self._db)
return user
class BaseModel(models.Model):
# all models should be inheritted from this model
created = models.DateTimeField(auto_now_add=True)
updated = models.DateTimeField(auto_now=True)
class Meta:
abstract = True
class User(AbstractBaseUser, BaseModel):
username = models.CharField(
ugettext('Username'), max_length=255,
db_index=True, unique=True
)
email = models.EmailField(
ugettext('Email'), max_length=255, db_index=True,
blank=True, null=True, unique=True
)
# don't forget to set your custom manager
objects = MyUserManager()
USERNAME_FIELD = 'username'
REQUIRED_FIELDS = ('email', 'password',)
class Meta:
app_label = 'users'
Then, you can directly call create_user() in your serializer's create() method. You can also add a custom update method in your custom manager.
# serializers.py
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = models.User
fields = ['email', 'username', 'password']
extra_kwargs = {'password': {'write_only': True}}
def create(self, validated_data):
user = models.User.objects.create_user(
username=validated_data['username'],
email=validated_data['email'],
password=validated_data['password']
)
return user
I hope this will solve the issue,
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = models.User
fields = ['email', 'username', 'password']
extra_kwargs = {'password': {'write_only': True}}
def create(self, validated_data):
return models.User.objects.create_user(**validated_data)
def update(self, user, validated_data):
password = validated_data.pop('password', None)
if password is not None:
user.set_password(password)
for field, value in validated_data.items():
setattr(user, field, value)
user.save()
return user
The create_user() method uses the set_password() method to set the hashable password.
I am using Django user model and also extended with my own profile model for some other data.When i want to update user data which is in Profile Model It doesn't get updated because all the user id,username,email,password reside in user model while the fields which are needed to get updated are in profile model.I have used this approach, all it does is takes inputs and displays the response but does not show any change in User Data when viewing it as a whole.
models.py
class Profile(models.Model):
user = models.OneToOneField(User,related_name='profile',on_delete=models.CASCADE)
location = models.CharField(max_length=30,blank=True)
friends_count = models.PositiveIntegerField(default=0)
profile_pic = models.FileField(upload_to='profile_pics/',blank=True,null=True)
def natural_key(self):
return (self.user.username,)
views.py
class UserCreateAPIViewSet(viewsets.ModelViewSet,mixins.UpdateModelMixin):
""""A View which handles Creating and Updating User Profile"""
serializer_class = UserProfileCreateSerializer
queryset = User.objects.all()
authentication_classes = (TokenAuthentication,)
permission_classes = (permissions.UpdateOwnProfile,)
filter_backends = (filters.SearchFilter,)
search_fields = ('username','email',)
class UserUpdateAPI(generics.GenericAPIView,mixins.UpdateModelMixin):
"""Update User Profile Data"""
permission_classes = (permissions.UpdateOwnProfile,)
authentication_classes = (TokenAuthentication,)
queryset = Profile.objects.all()
serializer_class = ProfileUpdateSerializer
def put(self,request,*args,**kwargs):
return self.partial_update(request,*args,**kwargs)
urls.py
url(r'^user-update/(?P<pk>\d+)/$',views.UserUpdateAPI.as_view(),name="user-update"),
router = DefaultRouter()
router.register(r'profile',views.UserCreateAPIViewSet)
serializers.py
class UserProfileCreateSerializer(serializers.ModelSerializer):
""""A serializer for user data request"""
location = serializers.CharField(source='profile.location')
friends_count = serializers.IntegerField(source='profile.friends_count',read_only=True)
profile_pic = serializers.FileField(source='profile.profile_pic',allow_empty_file=True,allow_null=True)
class Meta:
model = User
fields = (
'pk',
'username',
'email',
'password',
'location',
'friends_count',
'profile_pic',
)
extra_kwargs = {
'password':{'write_only':True},
'friends_count':{'read_only':True},
}
def create(self, validated_data):
""""Create and return a new User"""
user = User(
email = validated_data['email'],
username = validated_data['username']
)
user.set_password(validated_data['password'])
user.save()
return user
class ProfileUpdateSerializer(serializers.ModelSerializer):
"""A serializer for updating user data"""
class Meta:
model = Profile
fields = ('location','profile_pic')
Looks like you want to extend from the AbstractBaseUser (see code below), using this as your UserProfileCreateSerializer:
class UserProfileCreateSerializer(serializers.ModelSerializer):
""""A serializer for user data request"""
location = serializers.CharField(source='profile.location')
friends_count = serializers.IntegerField(source='profile.friends_count',read_only=True)
profile_pic = serializers.FileField(source='profile.profile_pic',allow_empty_file=True,allow_null=True)
class Meta:
model = Profile
fields = (
'pk',
'username',
'email',
'password',
'location',
'friends_count',
'profile_pic',
)
extra_kwargs = {
'password':{'write_only':True},
'friends_count':{'read_only':True},
}
def create(self, validated_data):
""""Create and return a new User"""
user = Profile(
email = validated_data['email'],
username = validated_data['username']
)
user.set_password(validated_data['password'])
user.save()
return user
class ProfileUpdateSerializer(serializers.ModelSerializer):
"""A serializer for updating user data"""
class Meta:
model = Profile
fields = ('location','profile_pic')
Then extend from the AbstractBaseUser in models.py:
from __future__ import unicode_literals
from django.db import models
from django.core.mail import send_mail
from django.contrib.auth.models import PermissionsMixin
from django.contrib.auth.base_user import AbstractBaseUser
from django.utils.translation import ugettext_lazy as _
from .managers import ProfileManager
class Profile(AbstractBaseUser, PermissionsMixin):
email = models.EmailField(_('email address'), unique=True)
username = models.CharField(_('first name'), max_length=30, blank=True)
first_name = models.CharField(_('first name'), max_length=30, blank=True)
last_name = models.CharField(_('last name'), max_length=30, blank=True)
date_joined = models.DateTimeField(_('date joined'), auto_now_add=True)
is_active = models.BooleanField(_('active'), default=True)
location = models.CharField(max_length=30,blank=True)
friends_count = models.PositiveIntegerField(default=0)
profile_pic = models.FileField(upload_to='profile_pics/',blank=True,null=True)
objects = UserManager()
USERNAME_FIELD = 'username'
REQUIRED_FIELDS = []
class Meta:
verbose_name = _('user')
verbose_name_plural = _('users')
def get_full_name(self):
'''
Returns the first_name plus the last_name, with a space in between.
'''
full_name = '%s %s' % (self.first_name, self.last_name)
return full_name.strip()
def get_short_name(self):
'''
Returns the short name for the user.
'''
return self.first_name
def natural_key(self):
return (self.username,)
def email_user(self, subject, message, from_email=None, **kwargs):
'''
Sends an email to this User.
'''
send_mail(subject, message, from_email, [self.email], **kwargs)
And then create a file called managers.py in the same directory as models.py:
from django.contrib.auth.base_user import BaseUserManager
class ProfileManager(BaseUserManager):
use_in_migrations = True
def _create_user(self, email, password, **extra_fields):
"""
Creates and saves a User with the given email and password.
"""
if not email:
raise ValueError('The given email must be set')
email = self.normalize_email(email)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save(using=self._db)
return user
def create_user(self, email, password=None, **extra_fields):
extra_fields.setdefault('is_superuser', False)
return self._create_user(email, password, **extra_fields)
def create_superuser(self, email, password, **extra_fields):
extra_fields.setdefault('is_superuser', True)
if extra_fields.get('is_superuser') is not True:
raise ValueError('Superuser must have is_superuser=True.')
return self._create_user(email, password, **extra_fields)
To wrap all this up you need to add this to your settings.py file:
AUTH_USER_MODEL = 'app.Profile'
And also don't forget to re-run all database migrations before using $ python manage.py runserver.
I want to eliminate the concept of a username from the django auth in my app. I want the email of the user to take place of the username. So I extended AbstractBaseUser with the code below
class AuthUserManager(BaseUserManager):
def create_user(self, email, password=None):
if not email:
raise ValueError("Users must have an email address")
user = self.model(email=self.normalize_email(email),)
user.is_active = True
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, password):
user = self.create_user(email=email, password=password)
user.is_staff = True
user.is_superuser = True
user.save(using=self._db)
return user
class AuthUser(AbstractBaseUser, PermissionsMixin):
alphanumeric = RegexValidator(r'^[0-9a-zA-Z]*$', message = "Only alphanumeric characters are allowed")
email = models.EmailField(verbose_name='email address',unique=True, max_length=255)
first_name = models.CharField(unique=True, max_length=20, validators=[alphanumeric])
last_name = models.CharField(unique=True, max_length=20, validators=[alphanumeric])
date_joined = models.DateTimeField(auto_now_add=True)
is_active = models.BooleanField(default=True, null=False)
is_staff = models.BooleanField(default=False, null=False)
#custom fields
company_name = models.CharField(max_length=100)
telephone_number = models.CharField(max_length=100)
website_url = models.CharField(max_length=100)
objects = AuthUserManager()
USERNAME_FIELD = 'email'
#REQUIRED_FIELDS = ['first_name']
def get_full_name(self):
fullname = self.first_name + self.last_name
return fullname
def get_short_name(self):
return self.email
def __unicode__(self):
return self.email
In my serializers.py I have this
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = AuthUser
fields = ('email', 'first_name', 'last_name')
def create(self, validated_data):
user = AuthUser.objects.create(**validated_data)
return user
def update(self, instance, validated_data):
instance.email = validated_data.get('email', instance.email)
instance.first_name = validated_data.get('first_name', instance.first_name)
instance.last_name = validated_data.get('last_name', instance.last_name)
instance.save()
return instance
But when I try to register I get the following error:
{
"username": [
"This field is required."
]
}
What am I doing wrong?
In your serializer, you need to exclude username field, because you are inheriting from AbstractBaseUser and you still have 'username' field, so add this exclude = ('username',)
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = AuthUser
fields = ('email', 'first_name', 'last_name')
exclude = ('username',)
def create(self, validated_data):
user = AuthUser.objects.create(**validated_data)
return user