Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

176 토큰 개선 #177

Merged
merged 4 commits into from
Oct 13, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 10 additions & 8 deletions jwtauth/test/test_authentication.py
Original file line number Diff line number Diff line change
@@ -1,14 +1,16 @@
import pytest
from rest_framework.test import APIClient
from rest_framework import status
from django.utils import timezone
from django.urls import reverse
from datetime import timedelta

import jwt
import pytest
from django.conf import settings
from django.urls import reverse
from django.utils import timezone
from rest_framework import status
from rest_framework.test import APIClient

from accounts.models import CustomUser as User
from jwtauth.models import BlacklistedToken
from jwtauth.utils.token_generator import generate_access_token, generate_refresh_token
from accounts.models import CustomUser as User


@pytest.fixture
Expand Down Expand Up @@ -56,8 +58,8 @@ def test_로그인_성공(api_client, user):
reverse("login"), {"email": "[email protected]", "password": "testpass123"}
)
# Then: 응답 상태 코드가 200이고, 액세스 토큰과 리프레시 토큰이 포함되어 있음
assert response.status_code == status.HTTP_200_OK
assert "access_token" in response.data
assert response.status_code == status.HTTP_302_FOUND
assert "access_token" in response.cookies
assert "refresh_token" in response.cookies


Expand Down
49 changes: 29 additions & 20 deletions jwtauth/views.py
Original file line number Diff line number Diff line change
@@ -1,24 +1,20 @@
from rest_framework.generics import GenericAPIView
from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated, AllowAny
from rest_framework import status
from dj_rest_auth.registration.views import SocialLoginView
import logging

import jwt
from allauth.socialaccount.providers.google.views import GoogleOAuth2Adapter
from allauth.socialaccount.providers.oauth2.client import OAuth2Client
from django.contrib.auth import authenticate, get_user_model
from dj_rest_auth.registration.views import SocialLoginView
from django.conf import settings
from .serializers import (
LoginSerializer,
LogoutSerializer,
RefreshTokenSerializer,
)
from .utils.token_generator import (
generate_access_token,
generate_refresh_token,
)
from .models import BlacklistedToken
import jwt, logging
from django.contrib.auth import authenticate, get_user_model
from django.shortcuts import redirect
from rest_framework import status
from rest_framework.generics import GenericAPIView
from rest_framework.permissions import AllowAny, IsAuthenticated
from rest_framework.response import Response

from .models import BlacklistedToken
from .serializers import LoginSerializer, LogoutSerializer, RefreshTokenSerializer
from .utils.token_generator import generate_access_token, generate_refresh_token

logger = logging.getLogger(__name__)
User = get_user_model()
Expand Down Expand Up @@ -47,21 +43,34 @@ def post(self, request):
access_token = generate_access_token(user)
refresh_token = generate_refresh_token(user)

response = Response({"access_token": access_token})
response = redirect(settings.LOGIN_REDIRECT_URL)
same_site = None if settings.DEBUG else "Lax"
response.set_cookie(
key="refresh_token",
value=refresh_token,
httponly=True,
secure=not settings.DEBUG,
samesite="None",
samesite=same_site,
max_age=60 * 60 * 24 * 14,
)
response.set_cookie(
key="access_token",
value=access_token,
secure=not settings.DEBUG,
samesite=same_site,
max_age=60 * 30,
)
return response
else:
return Response(
{"error": "회원 가입하세요"}, status=status.HTTP_401_UNAUTHORIZED
)
else:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
return Response(
serializer.errors,
status=status.HTTP_400_BAD_REQUEST,
redirect_uri="http://localhost:3000",
)


class LogoutView(GenericAPIView):
Expand Down
20 changes: 10 additions & 10 deletions payments/serializers.py
Original file line number Diff line number Diff line change
Expand Up @@ -99,16 +99,16 @@ class Meta:

def validate(self, data):
# 커리큘럼과 코스 중 하나만 선택되었는지 확인합니다.
curriculum = data.get("curriculum")
course = data.get("course")
if not curriculum and not course:
raise serializers.ValidationError(
"커리큘럼 또는 코스 중 하나를 선택해야 합니다."
)
if curriculum and course:
raise serializers.ValidationError(
"커리큘럼과 코스 중 하나만 선택해야 합니다."
)
# curriculum = data.get("curriculum")
# course = data.get("course")
# if not curriculum and not course:
# raise serializers.ValidationError(
# "커리큘럼 또는 코스 중 하나를 선택해야 합니다."
# )
# if curriculum and course:
# raise serializers.ValidationError(
# "커리큘럼과 코스 중 하나만 선택해야 합니다."
# )
return data


Expand Down
25 changes: 13 additions & 12 deletions payments/tests/test_payments_serializers.py
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
import pytest

from payments.models import CartItem, OrderItem
from payments.serializers import (
CartItemSerializer,
CartSerializer,
OrderItemSerializer,
OrderSerializer,
UserBillingAddressSerializer,
PaymentSerializer,
UserBillingAddressSerializer,
)
from payments.models import CartItem, OrderItem


@pytest.mark.django_db
Expand Down Expand Up @@ -45,16 +46,16 @@ def test_orderitem_serializer_유효성검사(self, order, course):
serializer = OrderItemSerializer(data=data)
assert serializer.is_valid()

def test_orderitem_serializer_유효성검사_실패(self, order, course, curriculum):
data = {
"order": order.id,
"course": course.id,
"curriculum": curriculum.id,
"quantity": 1,
}
serializer = OrderItemSerializer(data=data)
assert not serializer.is_valid()
assert "non_field_errors" in serializer.errors
# def test_orderitem_serializer_유효성검사_실패(self, order, course, curriculum):
# data = {
# "order": order.id,
# "course": course.id,
# "curriculum": curriculum.id,
# "quantity": 1,
# }
# serializer = OrderItemSerializer(data=data)
# assert not serializer.is_valid()
# assert "non_field_errors" in serializer.errors


@pytest.mark.django_db
Expand Down
9 changes: 9 additions & 0 deletions requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ cffi==1.17.1
charset-normalizer==3.3.2
colorama==0.4.6
cryptography==43.0.1
decorator==4.4.2
defusedxml==0.8.0rc2
dj-rest-auth==6.0.0
Django==5.1.1
Expand All @@ -21,15 +22,21 @@ djangorestframework==3.15.2
drf-spectacular==0.27.2
drf-yasg==1.21.7
Faker==30.3.0
ffmpeg==1.4
ffmpeg-python==0.2.0
ffprobe==0.5
future==1.0.0
gunicorn==23.0.0
idna==3.10
imageio==2.35.1
imageio-ffmpeg==0.5.1
inflection==0.5.1
iniconfig==2.0.0
jmespath==1.0.1
jsonschema==4.23.0
jsonschema-specifications==2023.12.1
model-bakery==1.19.5
moviepy==1.0.3
mypy==1.11.2
mypy-extensions==1.0.0
numpy==2.1.2
Expand All @@ -38,6 +45,7 @@ opencv-python==4.10.0.84
packaging==24.1
pillow==10.4.0
pluggy==1.5.0
proglog==0.1.10
psycopg==3.2.2
psycopg-binary==3.2.2
pycparser==2.22
Expand All @@ -60,6 +68,7 @@ social-auth-app-django==5.4.2
social-auth-core==4.5.4
sqlparse==0.5.1
toposort==1.10
tqdm==4.66.5
typing_extensions==4.12.2
tzdata==2024.2
uritemplate==4.1.1
Expand Down
2 changes: 1 addition & 1 deletion weaverse/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,6 @@
SOCIAL_AUTH_KAKAO_KEY = os.getenv("SOCIAL_AUTH_KAKAO_KEY")

REDIRECT_URL = "https://www.weaverse.site"
LOGIN_REDIRECT_URL = "/dashboard/"
LOGIN_REDIRECT_URL = os.getenv("LOGIN_REDIRECT_URL", "/")
LOGOUT_REDIRECT_URL = "/"
MEDIA_URL = f"https://{AWS_S3_CUSTOM_DOMAIN}/"
Loading