✨Feat : Login API 구현 및 confirm 관련 오류 수정

- login serializer, view, url 구현 - token refresh 생성 - JWT setting - user confirm관련 테스트 코드 오류 수정
Django-Wanted-Internship-3-Team · Oct 30, 2023 · 9738e8d · 9738e8d
1 parent 552caf0
commit 9738e8d
Show file tree

Hide file tree

Showing 6 changed files with 161 additions and 7 deletions.
diff --git a/config/settings.py b/config/settings.py
@@ -1,6 +1,8 @@
 from pathlib import Path
 import environ
 import os
+from datetime import timedelta
+
 
 BASE_DIR = Path(__file__).resolve().parent.parent
 
@@ -185,3 +187,19 @@
         }
     },
 }
+
+SIMPLE_JWT = {
+    "ACCESS_TOKEN_LIFETIME": timedelta(minutes=30),
+    "REFRESH_TOKEN_LIFETIME": timedelta(days=7),
+    "ROTATE_REFRESH_TOKENS": False,
+    "BLACKLIST_AFTER_ROTATION": True,
+    "ALGORITHM": "HS256",
+    "SIGNING_KEY": SECRET_KEY,
+    "VERIFYING_KEY": None,
+    "AUTH_HEADER_TYPES": ("Bearer",),
+    "USER_ID_FIELD": "id",
+    "USER_ID_CLAIM": "user_id",
+    "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
+    "TOKEN_TYPE_CLAIM": "token_type",
+    "JTI_CLAIM": "jti",
+}
diff --git a/users/serializers.py b/users/serializers.py
@@ -1,5 +1,6 @@
-from django.contrib.auth import get_user_model, password_validation
+from django.contrib.auth import authenticate, get_user_model, password_validation
 from rest_framework import serializers
+from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
 
 from common.utils import get_random_string
 from users.models import UserConfirmCode
@@ -52,3 +53,35 @@ def update(self, user, validated_data):
         user.is_confirmed = True
         user.save()
         return user
+
+
+class UserLoginSerializer(serializers.Serializer):
+    username = serializers.CharField(required=True)
+    password = serializers.CharField(required=True, write_only=True)
+    token = serializers.SerializerMethodField(read_only=True)
+
+    def get_token(self, user):
+        if user is not None:
+            refresh = TokenObtainPairSerializer.get_token(user)
+            refresh["username"] = user.username
+            data = {
+                "refresh": str(refresh),
+                "access": str(refresh.access_token),
+            }
+            return data
+        return None
+
+    def validate(self, data):
+        user = authenticate(username=data["username"], password=data["password"])
+        if user is None:
+            raise serializers.ValidationError("Username or Password is Incorrect")
+        if not user.is_confirmed:
+            raise serializers.ValidationError("User is not confirmed yet")
+        return data
+
+    def create(self, validated_data):
+        user = authenticate(username=validated_data["username"], password=validated_data["password"])
+        if user is not None:
+            user.is_active = True
+            user.save()
+        return user
diff --git a/users/tests/views/test_confirm_user_view.py b/users/tests/views/test_confirm_user_view.py
@@ -51,7 +51,7 @@ def test_post_signup_fail_user_not_found(self):
 
     def test_post_signup_fail_invalid_password(self):
         response = self.client.post(
-            path=reverse("signup"),
+            path=reverse("confirm"),
             data=json.dumps(
                 {
                     "username": "testusername1",
@@ -65,7 +65,7 @@ def test_post_signup_fail_invalid_password(self):
 
     def test_post_signup_fail_invalid_code(self):
         response = self.client.post(
-            path=reverse("signup"),
+            path=reverse("confirm"),
             data=json.dumps(
                 {
                     "username": "testusername1",
@@ -79,8 +79,9 @@ def test_post_signup_fail_invalid_code(self):
 
     def test_post_signup_fail_already_confirmed(self):
         self.user.is_confirmed = True
+        self.user.save()
         response = self.client.post(
-            path=reverse("signup"),
+            path=reverse("confirm"),
             data=json.dumps(
                 {
                     "username": "testusername1",

diff --git a/users/tests/views/test_login_view.py b/users/tests/views/test_login_view.py
@@ -0,0 +1,71 @@
+import json
+
+from django.urls import reverse
+from rest_framework import status
+from rest_framework.test import APITestCase
+
+from users.models import User
+
+
+class SignupViewTest(APITestCase):
+    @classmethod
+    def setUpTestData(cls):
+        cls.confirmed_user = User.objects.create_user(
+            email="testuser1@example.com", username="testusername1", password="testpassword", is_confirmed=True
+        )
+        cls.not_confirmed_user = User.objects.create_user(
+            email="testuser2@example.com", username="testusername2", password="testpassword", is_confirmed=False
+        )
+
+    def test_post_login_success(self):
+        response = self.client.post(
+            path=reverse("login"),
+            data=json.dumps(
+                {
+                    "username": "testusername1",
+                    "password": "testpassword",
+                }
+            ),
+            content_type="application/json",
+        )
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(self.confirmed_user.is_active, True)
+
+    def test_post_login_fail_user_not_found(self):
+        response = self.client.post(
+            path=reverse("login"),
+            data=json.dumps(
+                {
+                    "username": "testusername3",
+                    "password": "testpassword",
+                }
+            ),
+            content_type="application/json",
+        )
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+
+    def test_post_login_fail_invalid_password(self):
+        response = self.client.post(
+            path=reverse("login"),
+            data=json.dumps(
+                {
+                    "username": "testusername1",
+                    "password": "testpassword2",
+                }
+            ),
+            content_type="application/json",
+        )
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+
+    def test_post_login_fail_not_confirmed_user(self):
+        response = self.client.post(
+            path=reverse("login"),
+            data=json.dumps(
+                {
+                    "username": "testusername2",
+                    "password": "testpassword",
+                }
+            ),
+            content_type="application/json",
+        )
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
diff --git a/users/urls.py b/users/urls.py
@@ -1,5 +1,11 @@
 from django.urls import path
+from rest_framework_simplejwt.views import TokenRefreshView
 
-from users.views import ConfirmUserView, SignupView
+from users.views import ConfirmUserView, LoginView, SignupView
 
-urlpatterns = [path("signup/", SignupView.as_view(), name="signup"), path("confirm/", ConfirmUserView.as_view(), name="confirm")]
+urlpatterns = [
+    path("signup/", SignupView.as_view(), name="signup"),
+    path("confirm/", ConfirmUserView.as_view(), name="confirm"),
+    path("login/", LoginView.as_view(), name="login"),
+    path("token/refresh/", TokenRefreshView.as_view(), name="token_refresh"),
+]
diff --git a/users/views.py b/users/views.py
@@ -9,6 +9,7 @@
 from users.serializers import (
     UserConfirmCodeSerializer,
     UserConfirmSerializer,
+    UserLoginSerializer,
     UserSerializer,
 )
 
@@ -56,7 +57,6 @@ def post(self, request: Request) -> Response:
         Args:
             username: 이름
             password: 비밀번호
-            code: 인증 코드
         Returns:
             username: 이름
             is_confirmed: 인증 여부
@@ -71,3 +71,28 @@ def post(self, request: Request) -> Response:
         response_data["is_confirmed"] = user.is_confirmed
 
         return Response(response_data, status=status.HTTP_200_OK)
+
+
+class LoginView(APIView):
+    @swagger_auto_schema(
+        operation_summary="유저 로그인",
+        request_body=UserLoginSerializer,
+        responses={
+            status.HTTP_200_OK: UserLoginSerializer,
+        },
+    )
+    def post(self, request: Request) -> Response:
+        """
+        username, paswword를 받아 유저 계정을 활성화하고 JWT 토큰을 발급합니다.
+        Args:
+            username: 이름
+            password: 비밀번호
+        Returns:
+            username: 이름
+            token: access token과 refresh token
+        """
+        serializer = UserLoginSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        serializer.save()
+
+        return Response(serializer.data, status=status.HTTP_200_OK)