Open BethanyG opened 3 years ago
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
so annoying, stale bot...you are supposed to read my mind!
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Is this still available to work on? If so, is it possible to assign to me to work on?
Now that we'e decided to implement a Registration and Login flow and re-organize our auth endpoints, we'll need to update the "Dev" landing page that displays info at
localhost:8000
for the backend.The HTML file to update is
core/templates/base.html
, and it needs the following information. Thedocker-compose
commands can remain as-is:Django Admin Interface and Login:
/admin/
(to login to the admin interface with superuser credentials)Obtaining JWT tokens:
api/v1/auth/token
(obtain an access & refresh token pair),api/v1/auth/verify
(verify the validity of a refresh or access token),api/v1/refresh
(obtain new access toke by using non-expired refresh token)The length of time
access
andrefresh
tokens remain valid can be configured inconfig/settings/base.py
by adding aSIMPLE_JWT={}
dictionary of values. please note: this project does not currently use SLIDING_TOKEN, only ACCESS_TOKEN and REFRESH_TOKEN current defaults from the library are:Registration/Login/Logout/password reset:
api/v1/auth/registration/
(on submit, triggers a validation email to the email address a user enters)api/v1/auth/verify-email/
(POST a user's HMC email key for validating their email)api/v1/auth/login/
(Requires a validated email in order to sign in)api/v1/auth/logout/
(Clear tokens from currently logged in user)api/v1/auth/password/reset/
(if POST-ed to with an email, will send a password reset email to the POSTED email)api/v1/auth/password/reset/confirm/
(if POST-ed to with the UID & TOKEN from the reset email & new password, will reset the password for the UID POSTED)User Details & current_user:
api/v1/auth/user/
(to view currently logged in User Details)api/v1/auth/current_user
(to view currently logged in User minus their email address)Viewing and Creating Resources:
api/v1/resources/
(GET view a list of resources available. No auth required.)api/v1/resources/
(POST view to create a resource. Requires a valid access or refresh token.)api/v1/resources/
(PATCH view to edit/update a resource. Requires a valid access or refresh token.)ADDITIONALLY
The
Sign Up
&Sing In
links should be changed to point toapi/v1/auth/registration/
(Sign Up) &api/v1/auth/login/
(Sign In) -- not their current forms. Those forms triggerdjango-allauth
, and are not part of the REST API flow.