Version 1.0 refactoring: removed password reset, as this libraries pu…

…rpose was multi token auth and not password reset. password reset will live in its own git project from now on
anexia · Mar 13, 2017 · 6c5ffc6 · 6c5ffc6
1 parent 55961b5
commit 6c5ffc6
Show file tree

Hide file tree

Showing 11 changed files with 12 additions and 587 deletions.
diff --git a/README.md b/README.md
@@ -3,9 +3,6 @@ This django app is an extension for the Django Rest Framework (Version 3.4+).
 It tries to overcome the limitation of Token Authentication, which only uses a single
 token per user. 
 
-In addition, this app provides a password reset strategy, where users can request password 
-reset tokens via their registered e-mail address.
-
 ## How to use
 
 Django settings file:
@@ -53,16 +50,12 @@ The following endpoints are provided:
 
  * `login` - takes username and password; on success an auth token is returned
  * `logout`
- * `reset_password` - request a reset password token 
- * `reset_password/confirm` - using a valid token, reset the password
-
+
 ## Signals
 
-* ``reset_password_token_created(reset_password_token)`` Fired when a reset password token is generated
 * ``pre_auth(username, password)`` - Fired when an authentication (login) is starting
 * ``post_auth(user)`` - Fired on successful auth
 
-
 ## Tests
 
 See folder [tests/](tests/). Basically, all endpoints are covered with multiple

diff --git a/django_rest_multitokenauth/admin.py b/django_rest_multitokenauth/admin.py
@@ -1,13 +1,8 @@
 """ contains basic admin views for MultiToken """
 from django.contrib import admin
-from django_rest_multitokenauth.models import MultiToken, ResetPasswordToken
+from django_rest_multitokenauth.models import MultiToken
 
 
 @admin.register(MultiToken)
 class MultiTokenAdmin(admin.ModelAdmin):
     list_display = ('user', 'key', 'user_agent')
-
-
-@admin.register(ResetPasswordToken)
-class ResetPasswordTokenAdmin(admin.ModelAdmin):
-    list_display = ('user', 'key', 'created_at', 'ip_address', 'user_agent')
diff --git a/django_rest_multitokenauth/migrations/0003_resetpasswordtoken.py b/django_rest_multitokenauth/migrations/0003_resetpasswordtoken.py
diff --git a/django_rest_multitokenauth/models.py b/django_rest_multitokenauth/models.py
@@ -68,50 +68,3 @@ def __str__(self):
         return self.key + " (user " + str(self.user) + " with IP " + self.last_known_ip + \
                " and user agent " + self.user_agent + ")"
 
-
-@python_2_unicode_compatible
-class ResetPasswordToken(models.Model):
-    class Meta:
-        verbose_name = _("Password Reset Token")
-        verbose_name_plural = _("Password Reset Tokens")
-
-    @staticmethod
-    def generate_key():
-        """ generates a pseudo random code using os.urandom and binascii.hexlify """
-        return binascii.hexlify(os.urandom(32)).decode()
-
-    user = models.ForeignKey(
-        AUTH_USER_MODEL,
-        related_name='password_reset_tokens',
-        on_delete=models.CASCADE,
-        verbose_name=_("The User which is associated to this password reset token")
-    )
-
-    created_at = models.DateTimeField(
-        auto_now_add=True,
-        verbose_name=_("When was this token generated")
-    )
-
-    key = models.CharField(
-        _("Key"),
-        max_length=64,
-        primary_key=True
-    )
-
-    ip_address = models.GenericIPAddressField(
-        _("The IP address of this session"),
-        default="127.0.0.1"
-    )
-    user_agent = models.CharField(
-        max_length=256,
-        verbose_name=_("HTTP User Agent"),
-        default=""
-    )
-
-    def save(self, *args, **kwargs):
-        if not self.key:
-            self.key = self.generate_key()
-        return super(ResetPasswordToken, self).save(*args, **kwargs)
-
-    def __str__(self):
-        return "Password reset token for user {user}".format(user=self.user)
diff --git a/django_rest_multitokenauth/serializers.py b/django_rest_multitokenauth/serializers.py
@@ -4,8 +4,3 @@
 
 class EmailSerializer(serializers.Serializer):
     email = serializers.EmailField()
-
-
-class PasswordTokenSerializer(serializers.Serializer):
-    password = serializers.CharField(label=_("Password"), style={'input_type': 'password'})
-    token = serializers.CharField()
diff --git a/django_rest_multitokenauth/signals.py b/django_rest_multitokenauth/signals.py
@@ -1,9 +1,7 @@
 import django.dispatch
 
-reset_password_token_created = django.dispatch.Signal(
-    providing_args=["reset_password_token"],
-)
-
+# pre-auth signal
 pre_auth = django.dispatch.Signal(providing_args=["username", "password"])
 
+# post-auth signal
 post_auth = django.dispatch.Signal(providing_args=["user"])
diff --git a/django_rest_multitokenauth/tests.py b/django_rest_multitokenauth/tests.py
diff --git a/django_rest_multitokenauth/urls.py b/django_rest_multitokenauth/urls.py
@@ -1,11 +1,9 @@
 """ URL Configuration for core auth
 """
 from django.conf.urls import url, include
-from django_rest_multitokenauth.views import login_and_obtain_auth_token, logout_and_delete_auth_token, reset_password_request_token, reset_password_confirm
+from django_rest_multitokenauth.views import login_and_obtain_auth_token, logout_and_delete_auth_token
 
 urlpatterns = [
     url(r'^login', login_and_obtain_auth_token, name="auth-login"),  # normal login with session
-    url(r'^logout', logout_and_delete_auth_token, name="auth-logout"),
-    url(r'^reset_password/confirm', reset_password_confirm, name="auth-reset-password-confirm"),
-    url(r'^reset_password', reset_password_request_token, name="auth-reset-password-request"),
+    url(r'^logout', logout_and_delete_auth_token, name="auth-logout")
 ]