diff --git a/wishlist/api/serializers.py b/wishlist/api/serializers.py index 32747ae..4fce35c 100644 --- a/wishlist/api/serializers.py +++ b/wishlist/api/serializers.py @@ -5,6 +5,7 @@ from rest_framework.authtoken.views import Token from rest_framework.exceptions import NotAuthenticated from .models import UserList, Item +import re class UserSerializer(serializers.ModelSerializer): password2 =serializers.CharField(style={'input_type': 'password'}, write_only=True) @@ -25,10 +26,18 @@ def save(self): password = self.validated_data['password'] password2 = self.validated_data['password2'] if password != password2: - raise serializers.ValidationError({'password': "Password must match."}) + raise serializers.ValidationError({"Password must match.": "Password"}) + if len(password) < 6 : + print("password is small") + raise serializers.ValidationError({"Password must be greater than 6 characters.": "Password"}) + if re.match(r"^(?=.*[\d])(?=.*[A-Z])(?=.*[a-z])(?=.*[!?@#$])[\w\d!?@#$]{6,15}$", password) == False: + print("password is not valid") + raise serializers.ValidationError({ "Password must include 1 lower case and 1 upper case lette, as well as a special character !.?,@,#, or $.": "Password"}) + user.set_password(password) user.save() return user + diff --git a/wishlist/api/urls.py b/wishlist/api/urls.py index 3003818..4e1edc6 100644 --- a/wishlist/api/urls.py +++ b/wishlist/api/urls.py @@ -6,16 +6,17 @@ urlpatterns = [ path('create_users/', create_users, name='create_user_view'), - path('create_users2/', create_users2, name='create_user2_view'), path('login/', login, name='login'), path('logout/', logout, name='logout'), path('view_users/', view_users, name='view_users_view'), path('view_user//', view_user, name='view_user_view'), + path('get_ID//', get_id, name='get_ID_view'), path('update_user/', update_user, name='update_user_view'), path('delete_user/', delete_user, name='register_view'), path('view_items/', view_items, name='view_items_view'), path('view_item_by_id/', view_items_by_id, name='view_item_by_id_view'), path('view_userlists/', view_userlists, name='view_userlists_view'), + path('view_userlists_by_userId/', view_userlist_by_userId, name='view_userlists_by_userId_view'), path('view_item_by_userlistID/', view_items_by_userlistID, name='view_item_by_userlistID_view'), path('view_items_by_user_id//', view_items_by_user, name='view_items_by_user_id_view'), path('view_item_by_user_id///', view_item_by_user, name='view_item_by_user_id_view'), diff --git a/wishlist/api/views.py b/wishlist/api/views.py index 2773f82..02edb99 100644 --- a/wishlist/api/views.py +++ b/wishlist/api/views.py @@ -9,6 +9,7 @@ from rest_framework import permissions from rest_framework.parsers import JSONParser from django.http import HttpResponse, JsonResponse +from rest_framework.renderers import JSONRenderer from .serializers import * from .models import UserList, Item from .forms import ItemUpdateForm @@ -19,8 +20,7 @@ from django.contrib.auth import authenticate, get_user_model, update_session_auth_hash from django.contrib.auth.decorators import login_required from rest_framework.authentication import TokenAuthentication -from rest_framework.permissions import IsAuthenticated -from django.db import IntegrityError +import io # from django.db.models import Q # from rest_framework.filters import (SearchFilter, OrderingFilter) @@ -43,21 +43,17 @@ def view_user(request, pk): serializer = UserSerializer(user, many=False) return Response(serializer.data, status=status.HTTP_200_OK) -#[url]/api/create_user/ -@api_view(['POST']) -def create_users2(request): - if request.method == 'POST': - serializer1 = UserSerializer(data=request.data) - if serializer1.is_valid(): - #serializer1.save() - # create_newUserList(request) - #serializer2 = UserListSerializer2(instance=serializer1, data=request.data) - # if serializer2.is_valid(): - # serializer1.save() - # serializer2.save() - # return Response(serializer1.data, status=status.HTTP_201_CREATED) - return Response(serializer1.data, status=status.HTTP_400_BAD_REQUEST) - return Response(serializer1.errors, status=status.HTTP_400_BAD_REQUEST) +#[url]/api/view_user// +@api_view(['GET']) +def get_id(request, pk): + try: + user = User.objects.get(username=pk) + except User.DoesNotExist: + return Response("User not found") + serializer = UserSerializer(user, many=False) + return Response(serializer.data, status=status.HTTP_200_OK) + + #[url]/api/create_user/ @api_view(['POST']) @@ -65,18 +61,41 @@ def create_users(request): if request.method == 'POST': serializer1 = UserSerializer(data=request.data) if serializer1.is_valid(): - # create_newUserList(request) + #Get the data and save it. User Creation serializer1.save() - # newUserList = UserList.objects.create(serializer1) - #newUserList = create_newUserList(serializer1.data) - # if(newUserList == UserList): - return Response(serializer1.data, status=status.HTTP_201_CREATED) - # else: - # return Response(status=status.HTTP_400_BAD_REQUEST) + + #Deserializes the data + json = JSONRenderer().render(serializer1.data) + stream = io.BytesIO(json) + data = JSONParser().parse(stream) + + #Get the username from the deserialized data + username = data["username"] + + #Find the user object that has the username with the inputed username + user = User.objects.get(username=username) + + #Create a serializer2 BUT do not save it + serializer2 = UserSerializer(user, many=False) + + #Deserializes the serializer2 to get the data + json1 = JSONRenderer().render(serializer2.data) + stream1 = io.BytesIO(json1) + data = JSONParser().parse(stream1) + + #Get the id of the user + id = data["id"] + + #Create a user list object with the user_id + newUserList = UserList.objects.create(user_id=id) + + #Save the new user list + newUserList.save() + return Response(serializer1.data, status=status.HTTP_200_OK) errors = [] for key, values in serializer1.errors.items(): errors = [value[:] for value in values] - return Response(errors, status=status.HTTP_400_BAD_REQUEST) + return Response(errors, status=status.HTTP_400_BAD_REQUEST) #[url]/api/login/ @api_view(['POST']) @@ -139,6 +158,14 @@ def view_userlists(request): serializer = UserListSerializer(userlist, many=True) return Response(serializer.data, status=status.HTTP_200_OK) +#[url]/view_userlists/ +@api_view(['GET']) +def view_userlist_by_userId(request, pk): + user = User.objects.get(id=pk) + userlist = UserList.objects.get(user=user) + serializer = UserListSerializer(userlist, many=False) + return Response(serializer.data, status=status.HTTP_200_OK) + #view items by userlist_id in Userlist #[url]/view_items_by_user_id/ @api_view(['GET']) @@ -190,7 +217,7 @@ def create_item_by_user(request, pk1, pk2, pk3): #delete a item in the userlist by user_id, userlist_id, and item_id #[url]/delete_item_by_user/// -@api_view(['DELETE']) +@api_view(['DELETE', 'GET']) def delete_item_by_user(request, pk1, pk2, pk3): try: user = User.objects.get(id=pk1) @@ -203,6 +230,9 @@ def delete_item_by_user(request, pk1, pk2, pk3): #update a item in the userlist by user_id, userlist_id, and item_id #[url]/update_item_by_user/// +from django.views.decorators.csrf import csrf_exempt + +@csrf_exempt @api_view(['PUT']) def update_item_by_user(request, pk1, pk2, pk3): try: diff --git a/wishlist/home/templates/home/base.html b/wishlist/home/templates/home/base.html index 5613ba7..50deedc 100644 --- a/wishlist/home/templates/home/base.html +++ b/wishlist/home/templates/home/base.html @@ -41,6 +41,7 @@
Login Register + Wishlist Shop Account
@@ -71,7 +72,8 @@ - + + \ No newline at end of file diff --git a/wishlist/items/templates/items/userLists.html b/wishlist/items/templates/items/userLists.html index 43aa14d..5eb2d9a 100644 --- a/wishlist/items/templates/items/userLists.html +++ b/wishlist/items/templates/items/userLists.html @@ -1,10 +1,14 @@ {% extends "home/base.html" %} {% block content %} -
+ + - - + - -
- - -
- - -
-
- -

Wishlist: {{userlist.list_name}}

- - {% for items in userlist.user_list %} -
-
-
- Image + + +
+ + +
+ + +
+
+ +

Wishlist: {{userlist.list_name}}

+ + {% for items in userlist.user_list %} +
+
+
+ Image +
-
-
-
-
-
-

{{items.name}}

-

Category: {{items.category}}

-

Description: {{items.description}}

+
+
+
+
+

{{items.name}}

+

ID: {{items.id}}

+

Category: {{items.category}}

+

Description: {{items.description}}

+
-
-
-
-
- Remove item - Edit item +
+
+
+ Remove item + + + + + + +
+

${{items.price}}

-

${{items.price}}

+ {% endfor %} +
- {% endfor %} -
+ +
+ + + +
+
- - - -
- - -
-
- -
The total amount of
- -
    -
  • - Temporary amount - $25.98 -
    • -
  • - Shipping - $6.99 -
    • -
  • -
    - The total amount of -
    - $53.98 -
    • -
+ + +
+ - + {% endblock content %} \ No newline at end of file diff --git a/wishlist/items/urls.py b/wishlist/items/urls.py index 9b46822..07f5f1f 100644 --- a/wishlist/items/urls.py +++ b/wishlist/items/urls.py @@ -9,5 +9,5 @@ path('items/', item_views.ListAllItems), path('items/', item_views.ShowItem, name="specific_item"), path('items/item=user=list=', item_views.AddItem, name="add_item"), - path('userlist//', item_views.ShowUsersList, name="show_user_list") + path('userlist/', item_views.ShowUsersList, name="show_user_list") ] \ No newline at end of file diff --git a/wishlist/items/views.py b/wishlist/items/views.py index ac70d57..f6f8a67 100644 --- a/wishlist/items/views.py +++ b/wishlist/items/views.py @@ -1,6 +1,8 @@ from django.shortcuts import render, redirect from django.http import response, JsonResponse from django.shortcuts import render +from django.shortcuts import redirect +from api.models import User, UserList from django.contrib import messages from api import views as api @@ -14,26 +16,20 @@ def ListAllItems(request): return render(request, 'items/items.html', context) def ShowItem(request, item_id): - user_list_resp = api.view_userlists(request) - - # get user_id from sessions user_id = request.session['user_id'] + user_list_resp = api.view_userlist_by_userId(request, user_id) - # find the user's list - user_list_id = 0 - for data in user_list_resp.data: - if user_id == data['id']: - user_list_id = data['id'] - break - - # get all items + userlist_id = user_list_resp.data['id'] response = api.view_items_by_id(request, item_id) - # pass data into page - context = {'item' : response.data, 'user' : user_id, 'list' : user_list_id} + context = {'item' : response.data, 'user' : user_id, 'list' : userlist_id} return render(request, 'items/item.html', context) def AddItem(request, item_id, user_id, list_id): + print("Item:", item_id) + print("User:", user_id) + print("List:", list_id) + response = api.create_item_by_user(request, user_id, list_id, item_id) if response.status_code == 200: @@ -43,8 +39,22 @@ def AddItem(request, item_id, user_id, list_id): return redirect("/items/{}".format(item_id)) -def ShowUsersList(request, user_id, userlist_id): - response = api.view_items_by_user(request, user_id, userlist_id) +def ShowUsersList(request): + if 'user_id' not in request.session: + return redirect ("/login") + user_id = request.session['user_id'] + user = User.objects.get(id=user_id) + userlist = UserList.objects.get(user=user) + + response = api.view_items_by_user(request, user_id, userlist.id) context = {'userlist':response.data} return render(request, 'items/userLists.html', context) + + +# def ShowUsersList(request, user_id, userlist_id): + +# response = api.view_items_by_user(request, user_id, userlist_id) +# context = {'userlist':response.data} + +# return render(request, 'items/userLists.html', context) \ No newline at end of file diff --git a/wishlist/static/css/style.css b/wishlist/static/css/style.css index faaaa3d..0d2321f 100644 --- a/wishlist/static/css/style.css +++ b/wishlist/static/css/style.css @@ -1,8 +1,12 @@ + body{ + background-color:aquamarine; + } .content { align-items: center; justify-content: center; padding-top: 10%; } + #horizontalSign{ text-align: center; margin: 5% auto;