Remove user endpoints in Django rest auth - django

I am using Django rest auth for user account handling. For updating user info i have created custom endpoints, So i don't need the djnago-rest-auth generated endpoints /rest-auth/user/ (GET, PUT, PATCH). How can i remove these endpoints?
urls.py
urlpatterns = [
path('', include("rest_auth.urls"), name="user-auth"),
path('register', include('rest_auth.registration.urls'), name="user-auth-registration"),
path('<uid>/', views.UserProfileView.as_view(), name="user-profile"),
]
Edit
I want to use all other urls of rest-auth like login, register, etc. But i just dont want the /rest-auth/user/ as described here.

#bodoubleu 's answer didn't work, So i added them manually.
from rest_auth.views import (
LoginView, LogoutView, PasswordChangeView,
PasswordResetView, PasswordResetConfirmView
)
urlpatterns = [
path('register', include('rest_auth.registration.urls'), name="user-auth-registration"),
path('login', LoginView.as_view(), name="user-login"),
path('logout', LogoutView.as_view(), name='user-logout'),
path('password/change/', PasswordChangeView.as_view(), name='rest_password_change'),
path('password/reset', PasswordResetView.as_view(), name='rest_password_reset'),
path('password/reset/confirm/', PasswordResetConfirmView.as_view(), name='rest_password_reset_confirm'),
path('<uid>/', views.UserProfileView.as_view(), name="user-profile"),
]

Untested but this should work.
urlpatterns = [
path('user/', django.views.defaults.page_not_found),
path('', include("rest_auth.urls"), name="user-auth"),
path('register', include('rest_auth.registration.urls'), name="user-auth-registration"),
path('<uid>/', views.UserProfileView.as_view(), name="user-profile"),
]
If not you can manually define all the rest_auth.urls in your url patterns

Related

How to fix dj-rest-auth sending invalid password rest links

In my Django Rest Framework, the users request to reset the password and when the email is received everytime the link is clicked it shows a message Password reset unsuccessful The password reset link was invalid, possibly because it has already been used. Please request a new password reset.
here is what I have tried API urls.py
app_name = 'api'
router = routers.DefaultRouter()
router.register(r'users', UserViewSet, basename='user')
urlpatterns = [
path('', include(router.urls)),
path('dj-rest-auth/', include('dj_rest_auth.urls')),
path('dj-rest-auth/registration/', include('dj_rest_auth.registration.urls')),
path('token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
path('token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
# path('password_reset/',PasswordResetView.as_view(), name='password_reset'),
# path('password_reset_confirm/<uidb64>/<token>/', PasswordResetConfirmView.as_view(), name='password_reset_confirm'),
]
here is the users app urls.py if required:
app_name = 'users'
urlpatterns = [
path('password-reset/', auth_views.PasswordResetView.as_view(template_name='users/password_reset.html', success_url=reverse_lazy('users:password_reset_done')), name='password_reset'),
path('password-reset/done/', auth_views.PasswordResetDoneView.as_view(template_name='users/password_reset_done.html'),name='password_reset_done'),
path('password-reset-confirm/<uidb64>/<token>/',auth_views.PasswordResetConfirmView.as_view(template_name='users/password_reset_confirm.html',success_url=reverse_lazy('users:password_reset_done'),post_reset_login=True),name='password_reset_confirm',),
path('password-reset-complete/', auth_views.PasswordResetCompleteView.as_view(template_name='users/password_reset_complete.html'),name='password_reset_complete'),
]
My question is: Why do I keep receiving invalid links and how can I fix it?
In different questions I got answers to add the commented paths but still did not work. Any suggestions on how to fix it ?

Is It possible to add permissions to specific url in Django

I am using IsAuthenticated permission by default and let's say I do not want to change the default permission. Is it possible to give permission of AllowAny to a specific URL?
urlpatterns = [
path('admin/', admin.site.urls),
path('api/', include('user.urls')),
path('api/section/', include('section.urls')),
path('docs/', include_docs_urls(title='Great Soft Uz')) # I want this url to be public
]
Thanks in Advance
include_docs_urls function has a parameter with a default value like this
permission_classes=api_settings.DEFAULT_PERMISSION_CLASSES
def include_docs_urls(
title=None, description=None, schema_url=None, urlconf=None,
public=True, patterns=None, generator_class=SchemaGenerator,
authentication_classes=api_settings.DEFAULT_AUTHENTICATION_CLASSES,
permission_classes=api_settings.DEFAULT_PERMISSION_CLASSES,
renderer_classes=None):
# this is the declaration of the function
the default behavior is to extend the value of DEFAULT_PERMISSION_CLASSES from you settings but you can override it like this
from rest_framework.permissions import AllowAny
urlpatterns = [
path('docs/', include_docs_urls(title='Great Soft Uz', permission_classes=[AllowAny, ], authentication_classes=[]))
]

Django-rest-auth: Reverse for 'password_reset_confirm' not found. 'password_reset_confirm' is not a valid view function or pattern name

I'm trying to use django-rest-auth password reset feature but after a post request at /rest-auth/password/reset/ i get the error stated in the title (Traceback) and i don't understand why. I followed the installation procedure from the documentation page. My urls.py is:
from django.urls import include, path
urlpatterns = [
path('users/', include('users.urls')),
path('rest-auth/', include('rest_auth.urls')),
path('rest-auth/registration/', include('rest_auth.registration.urls')),
I also added the required apps in settings.py
I solved by adding
from django.urls import include, path, re_path
from rest_auth.views import PasswordResetConfirmView
re_path(r'^rest-auth/password/reset/confirm/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$', PasswordResetConfirmView.as_view(),
name='password_reset_confirm'),
to urlpatterns in urls.py . This way you will obtain a reset link in the mail like: ../password/reset/confirm/uid/token. In order to complete the procedure you must send a POST request to ../password/reset/confirm/ with this body:
{
"new_password1": "",
"new_password2": "",
"uid": "",
"token": ""
}
from django.views.generic import TemplateView
urlpatterns += [
path('rest-auth/', include('rest_auth.urls')),
path('rest-auth/registration/', include('rest_auth.registration.urls')),
url(r'^', include('django.contrib.auth.urls')),
url(r'^rest-auth/password-reset/confirm/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$',
TemplateView.as_view(template_name="password_reset_confirm.html"),
name='password_reset_confirm'),
]

Reverse for 'account_email_verification_sent' not found. 'account_email_verification_sent' is not a valid view function or pattern name

I'm trying to use allauth and rest-auth in my project and try to use the built-in function in allauth to do email verification but this what I get :
and here is my code
settings.py
ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
ACCOUNT_EMAIL_REQUIRED = True
urls.py
urlpatterns = [
re_path(r'^', include('rest_auth.urls')),
re_path(r'^registration/', include('rest_auth.registration.urls')),
]
I found the solution, that I have to add URL to be able to make a post request to the backend to send email then URL with regex which has the token that will verify the account and URLs and add URL for login with name account_login and URL for register with name account_signup and be like this :
from rest_auth.registration.views import VerifyEmailView, RegisterView
urlpatterns = [
path('', include('rest_auth.urls')),
path('login/', LoginView.as_view(), name='account_login'),
path('registration/', include('rest_auth.registration.urls')),
path('registration/', RegisterView.as_view(), name='account_signup'),
re_path(r'^account-confirm-email/', VerifyEmailView.as_view(),
name='account_email_verification_sent'),
re_path(r'^account-confirm-email/(?P<key>[-:\w]+)/$', VerifyEmailView.as_view(),
name='account_confirm_email'),
]
I had the same issue but I already had set up the URL for the email confirmation but I forgot about the name parameter it is mandatory
from django.conf.urls import url, include
from dj_rest_auth.registration.views import VerifyEmailView
urlpatterns = [
url('auth/', include('dj_rest_auth.urls')),
url('auth/registration/', include('dj_rest_auth.registration.urls')),
url('auth/account-confirm-email/', VerifyEmailView.as_view(), name='account_email_verification_sent'),
]
ยดยดยด

Django can't find redirect url when authenticating user

I am trying to login protect some of my pages, including my dashboard. Here is the view for my dashboard at the root of my site: sitename.com/
#login_required
def index(request):
print(request.session['user_email'])
context_dict = {}
return render(request, 'dashboard/index.html', context_dict)
My project url file:
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^job/', include('job.urls')),
url(r'^welcome/', include('welcome.urls')), //the app for logging in
url(r'^$', include('dashboard.urls')), //main dashboard app
# s
]
My dashboard app url file:
urlpatterns = [
url(r'$', views.index, name='index'),
url(r'^signup/$', views.signup, name='signup'),
url(r'^login/$', views.auth_login, name='login'),
url(r'^logout/$', views.user_logout, name='logout'),
]
When I try and logout and then go to / I get a message saying that http://127.0.0.1:8000/welcome?next=/ doesn't match any urls in my project urls file. So the login check is working, it just can't figure out the url when the GET variable next is set.
As you are using django's default login from contrib.auth, try passing next as an extra_context dict.
url(r'^login/$', 'django.contrib.auth.views.login',
{'template_name': 'login.html', 'extra_context': {'next':'/'}})
Another solution is to specify login url in login_required decorator itself
#login_required(login_url='/login/')
def index(request):
print(request.session['user_email'])
context_dict = {}
return render(request, 'dashboard/index.html', context_dict)
Let know if this solve your issue. HTH :)
I finally got it to work. This is my routes:
Welcome app routes (app for logging in/out)
urlpatterns = [
url(r'^$', views.index, name='index'),
url(r'^signup/$', views.signup, name='signup'),
url(r'^/login/$', views.auth_login, name='login'),
url(r'^/logout', views.user_logout, name='logout'),
]
Main routes for the entire project:
urlpatterns = [
url(r'^welcome', include('welcome.urls')),
url(r'^', include('dashboard.urls')),
]
Now I don't get any errors with the next variable in the url:
http://127.0.0.1:8000/welcome?next=/
I have a javascript file grabbing the value of next and redirecting to it if the user logs in successfully. *I use ajax to authenticate the user.