Andréas, but in this case what is the PUT url for example, with profile / {id}? And in the id parameter you pass the userid or token of OAuth2?
Thank you
Em domingo, 29 de julho de 2018 04:50:25 UTC-3, Andréas Kühne escreveu:
-- Thank you
Em domingo, 29 de julho de 2018 04:50:25 UTC-3, Andréas Kühne escreveu:
If you are using DRF with normal URLs you just create a view that inherits from the delete, update and retrieve mixins. Something like this should work:from rest_framework import generics, mixins, permissions
User = get_user_model()
class UserProfileChangeAPIView(generics.RetrieveAPIView,
mixins.DestroyModelMixin,
mixins.UpdateModelMixin):
permission_classes = (
permissions.IsAuthenticated,
)
serializer_class = UserProfileChangeSerializer
def get_object(self):
return self.request.user
def delete(self, request, *args, **kwargs):
return self.destroy(request, *args, **kwargs)
def put(self, request, *args, **kwargs):
return self.update(request, *args, **kwargs)You need to import the get_user_model and the UserProdilfChangeSerializer (or whatever you called your serializer for the profile).Regards,Andréas2018-07-27 19:49 GMT+02:00 Fernando Miranda <fndmi...@gmail.com>:Hi Andrea,--
So, I'm getting the user that way, I'm in doubt is how to mount the routes to an account view, where you have the retrieve, update and delete of the current user.
Em sexta-feira, 27 de julho de 2018 12:23:24 UTC-3, Andréas Kühne escreveu:Hi Fernando,In DRF even with token authentication you will be able to get the currently logged in user via the user object on the request. So request.user will be the user doing the request.If you for example want to have an endpoint that is for the current user you could just check the request.user to see which user is doing the request. Then you don't need to use the id from the url.Regards,Andréas2018-07-27 16:36 GMT+02:00 Fernando Miranda <fndmi...@gmail.com>:I think I understood about the rest, the right one to edit for example would be to have the route of type PUT passing the token OAuth2 in the route and there I look for the user owner of the token? Or the user ID and check if the authenticated user is the same as the last ID?--
Em sexta-feira, 27 de julho de 2018 08:10:19 UTC-3, Jason escreveu:you can probably do this with overriding a few things, but for me, your use case has some major problems. you're effectively breaking away from the basics of REST.If you want to implement some sort of non-sequential identifiers for users/resources, use UUIDs. Any token passed in the headers should be used for auth only, not contain explicit routing values.
On Thursday, July 26, 2018 at 4:10:55 PM UTC-4, Fernando Miranda wrote:Hello, I'm using Django Rest Framework, I was wondering if you have how to change the default url of an endpoint in a view? In case it is a view of account where I wanted the retrieve method to be without / {id} this also for the delete and edit because I will identify the user by the token passed in the header.
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com .
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users .
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/875eb467- .9cd2-492b-9aea-e311bb3da022% 40googlegroups.com
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com .
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users .
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/554e0c24- .29d7-474a-982b-cb40838b2b14% 40googlegroups.com
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/b75dd86c-baf0-4cfc-8eca-21610849033b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment