[QRTR-78] Fixed Email validation

connection/views.py

@@ -16,7 +16,7 @@ import json
 class ConnectionViewSet(viewsets.ModelViewSet):
     """API endpoint that allows connections to be seen or created
     """
-    # permission_classes = [IsAuthenticated]
+    permission_classes = [IsAuthenticated]
     queryset = Connection.objects.all()
     serializer_class = ConnectionSerializer
     # Make connections somewhat immutable from the users perspective
@@ -62,6 +62,16 @@ class ConnectionViewSet(viewsets.ModelViewSet):
         conn.save()
         return Response(plaid_client.get_accounts())
     
-    @action(detail=True, methods=['get'], url_path='accounts')
-    def get_accounts(self):
-        pass
+    @action(detail=False, methods=['get'], url_path='accounts')
+    def get_accounts(self,request):
+        print("GETTING ACCOUNTS!")
+        print(request.user)
+        connections = []
+        user_qrtr_accounts = request.user.owned_accounts.all() | \
+            request.user.admin_accounts.all() | \
+            request.user.view_accounts.all()
+        for qrtr_account in user_qrtr_accounts:
+            connections = qrtr_account.connection__set.all()
+            for connection in connections:
+                connections.append(connection.get_accounts())
+        return Response(200)

core/settings/__init__.py

@@ -46,6 +46,7 @@ INSTALLED_APPS = [
     'connection',
     'qrtr_account',
     'corsheaders',
+    'rest_framework_simplejwt.token_blacklist',
 ]
 
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
@@ -95,7 +96,16 @@ WSGI_APPLICATION = 'core.wsgi.application'
 # Database
 # https://docs.djangoproject.com/en/2.2/ref/settings/#databases
 
+REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework.authentication.BasicAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+        'rest_framework.authentication.TokenAuthentication',
+        'dj_rest_auth.jwt_auth.JWTCookieAuthentication'
+    ]
+}
 
+REST_USE_JWT = True
 
 AUTH_USER_MODEL = 'user.User'
 

core/urls.py

@@ -20,10 +20,12 @@ from allauth.account.views import confirm_email
 import allauth
 from dj_rest_auth.registration.views import VerifyEmailView
 
+
 from user.views import (UserViewSet,
                         GroupViewSet,
-                        CustomConfirmEmailView,
+                        ConfirmEmailSuccessView
                         )
+
 from qrtr_account.views import (AccountViewSet,
                                 BankViewSet,
                                 InstitutionViewSet,
@@ -38,13 +40,13 @@ from qrtr_account.views import (AccountViewSet,
 router = routers.DefaultRouter()
 router.register(r'users', UserViewSet)
 router.register(r'groups', GroupViewSet)
-router.register(r'accounts',AccountViewSet)
-router.register(r'banks',BankViewSet)
-router.register(r'institutions',InstitutionViewSet)
-router.register(r'transactions',TransactionViewSet)
-router.register(r'slices',SliceViewSet)
+router.register(r'accounts', AccountViewSet)
+router.register(r'banks', BankViewSet)
+router.register(r'institutions', InstitutionViewSet)
+router.register(r'transactions', TransactionViewSet)
+router.register(r'slices', SliceViewSet)
 #router.register(r'connections',ConnectionViewSet)
-router.register(r'connectiontypes',ConnectionTypeViewSet)
+router.register(r'connectiontypes', ConnectionTypeViewSet)
 
 # Wire up our API using automatic URL routing.
 # Additionally, we include login URLs for the browsable API.
@@ -54,7 +56,7 @@ apipatterns = [
     path('auth/', include('dj_rest_auth.urls'), name='auth'),
     path('auth/registration/', include('dj_rest_auth.registration.urls')),
     re_path('rest-auth/registration/account-confirm-email/(?P<key>.+)/',
-            VerifyEmailView.as_view(), name='account_email_verification_sent'),
+            confirm_email, name='account_confirm_email'),
     path('auth/facebook/', FacebookLogin.as_view(), name='fb_login'),
     path('auth/twitter/', TwitterLogin.as_view(), name='twitter_login'),
     path('connection/', include('connection.urls'), name='Connection Settings'),
@@ -63,5 +65,6 @@ apipatterns = [
 urlpatterns = [
     path('admin/', admin.site.urls),
     path('api/v1/', include(apipatterns), name='api'),
-    #path('accounts/', include('allauth.urls')),
+    path('accounts/', include('allauth.urls')),
+    path('accounts/profile/', ConfirmEmailSuccessView.as_view()),
 ]

core/views.py

@@ -0,0 +1,7 @@
+from rest_framework.authentication import SessionAuthentication, BasicAuthentication 
+
+
+class CsrfExemptSessionAuthentication(SessionAuthentication):
+
+    def enforce_csrf(self, request):
+        return  # To not perform the csrf check previously happening

user/admin.py

@@ -1,3 +1,7 @@
 from django.contrib import admin
+from .models import User
 
 # Register your models here.
+@admin.register(User)
+class UserAdmin(admin.ModelAdmin):
+    pass

user/confirm_email.html

@@ -0,0 +1,5 @@
+{% if user.is_authenticated %}
+<div>{{user.email}} is successfully confirmed. You may close this window</div>
+{% else %}
+<h1>An Error Occurred, please try again later.</h1>
+{% endif %}

user/templates/confirm_email.html

@@ -0,0 +1,5 @@
+{% if user.is_authenticated %}
+<h1>{{user.email}} is successfully confirmed. You may close this window</h1>
+{% else %}
+<h1>An Error Occurred, please try again later.</h1>
+{% endif %}

user/views.py

@@ -3,9 +3,11 @@ from django.contrib.auth import get_user_model
 from rest_framework import viewsets
 from api.serializers import UserSerializer, GroupSerializer
 from allauth.account.views import ConfirmEmailView
-from django.urls import reverse
-from django.shortcuts import redirect
+
+from django.shortcuts import redirect, render
 from django.http import Http404
+from django.views.generic.base import TemplateView
+
 
 
 class UserViewSet(viewsets.ModelViewSet):
@@ -24,12 +26,5 @@ class GroupViewSet(viewsets.ReadOnlyModelViewSet):
     serializer_class = GroupSerializer
 
 
-class CustomConfirmEmailView(ConfirmEmailView):
-    def get(self, *args, **kwargs):
-        try:
-            self.object = self.get_object()
-        except Http404:
-            self.object = None
-        user = get_user_model().objects.get(email=self.object.email_address.email)
-        redirect_url = reverse('user', args=(user.id,))
-        return redirect(redirect_url)
+class ConfirmEmailSuccessView(TemplateView):
+    template_name = 'confirm_email.html'