Skip to content

Commit

Permalink
added user-profile-update api
Browse files Browse the repository at this point in the history
  • Loading branch information
@kumarvivek1752
kumarvivek1752 committed Apr 10, 2023
1 parent aee37ea commit 81b2709
Show file tree
Hide file tree
Showing 4 changed files with 76 additions and 5 deletions.
14 changes: 13 additions & 1 deletion app/user/serializers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,4 +47,16 @@ def validate(self, attrs):
raise serializers.ValidationError(msg, code='authorization')

attrs['user'] = user
return attrs
return attrs


def update(self, instance, validated_data):
"""Update and return user."""
password = validated_data.pop('password', None)
user = super().update(instance, validated_data)

if password:
user.set_password(password)
user.save()

return user
50 changes: 49 additions & 1 deletion app/user/tests/test_user_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@

CREATE_USER_URL = reverse('user:create')
TOKEN_URL = reverse('user:token')
ME_URL = reverse('user:me')



Expand Down Expand Up @@ -109,4 +110,51 @@ def test_create_token_blank_password(self):
res = self.client.post(TOKEN_URL, payload)

self.assertNotIn('token', res.data)
self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(res.status_code, status.HTTP_400_BAD_REQUEST)


def test_retrieve_user_unauthorized(self):
"""Test authentication is required for users."""
res = self.client.get(ME_URL)

self.assertEqual(res.status_code, status.HTTP_401_UNAUTHORIZED)


class PrivateUserApiTests(TestCase):
"""Test API requests that require authentication."""

def setUp(self):
self.user = create_user(
email='test@example.com',
password='testpass123',
name='Test Name',
)
self.client = APIClient()
self.client.force_authenticate(user=self.user)

def test_retrieve_profile_success(self):
"""Test retrieving profile for logged in user."""
res = self.client.get(ME_URL)

self.assertEqual(res.status_code, status.HTTP_200_OK)
self.assertEqual(res.data, {
'name': self.user.name,
'email': self.user.email,
})

def test_post_me_not_allowed(self):
"""Test POST is not allowed for the me endpoint."""
res = self.client.post(ME_URL, {})

self.assertEqual(res.status_code, status.HTTP_405_METHOD_NOT_ALLOWED)

def test_update_user_profile(self):
"""Test updating the user profile for the authenticated user."""
payload = {'name': 'Updated name', 'password': 'newpassword123'}

res = self.client.patch(ME_URL, payload)

self.user.refresh_from_db()
self.assertEqual(self.user.name, payload['name'])
self.assertTrue(self.user.check_password(payload['password']))
self.assertEqual(res.status_code, status.HTTP_200_OK)
2 changes: 2 additions & 0 deletions app/user/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,7 @@
urlpatterns = [
path('create/', views.CreateUserView.as_view(), name='create'),
path('token/', views.CreateTokenView.as_view(), name='token'),
path('me/', views.ManageUserView.as_view(), name='me'),


]
15 changes: 12 additions & 3 deletions app/user/views.py
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
from django.shortcuts import render
"""
Views for the user API.
"""
from rest_framework import generics
from rest_framework import generics, authentication, permissions
from rest_framework.authtoken.views import ObtainAuthToken
from rest_framework.settings import api_settings

Expand All @@ -19,4 +18,14 @@ class CreateUserView(generics.CreateAPIView):
class CreateTokenView(ObtainAuthToken):
"""Create a new auth token for user."""
serializer_class = AuthTokenSerializer
renderer_classes = api_settings.DEFAULT_RENDERER_CLASSES
renderer_classes = api_settings.DEFAULT_RENDERER_CLASSES

class ManageUserView(generics.RetrieveUpdateAPIView):
"""Manage the authenticated user."""
serializer_class = UserSerializer
authentication_classes = [authentication.TokenAuthentication]
permission_classes = [permissions.IsAuthenticated]

def get_object(self):
"""Retrieve and return the authenticated user."""
return self.request.user

0 comments on commit 81b2709

Please sign in to comment.