Small improvements and fixes

2024-03-16 13:15:45 +03:00
parent 65885b3a84
commit 3d7e4aa8bd
4 changed files with 14 additions and 8 deletions
@@ -106,8 +106,9 @@ class LikePostApiView(APIView):
            post = Post.objects.get(id=post_id)
            self.check_object_permissions(request, post)
            request.user.like_post(post)
+            serializer = PostSerializer(post)
            return Response(
-                {"status": "ok"},
+                serializer.data,
                status=status.HTTP_200_OK,
            )
        except Post.DoesNotExist:
@@ -129,8 +130,9 @@ class DislikePostApiView(APIView):
            post = Post.objects.get(id=post_id)
            self.check_object_permissions(request, post)
            request.user.dislike_post(post)
+            serializer = PostSerializer(post)
            return Response(
-                {"status": "ok"},
+                serializer.data,
                status=status.HTTP_200_OK,
            )
        except Post.DoesNotExist:
@@ -32,9 +32,8 @@ class JWTAuthentication(BaseAuthentication):

            user = Profile.objects.get(id=payload["id"])

-            if not bcrypt.checkpw(
-                payload["password"].encode("utf-8"),
-                user.password.encode("utf-8"),
+            if payload["password"].encode("utf-8") != user.password.encode(
+                "utf-8"
            ):
                error = "Token has expired"
                raise AuthenticationFailed(error)
@@ -70,6 +70,11 @@ class SigninUserApiView(APIView):
        password = request.data.get("password")
        user = Profile.objects.filter(login=login).first()

+        if not password:
+            raise NotAuthenticated(
+                {"error": "Invalid credentials"},
+            )
+
        if user is not None:
            if not bcrypt.checkpw(
                password.encode("utf-8"), user.password.encode("utf-8")
@@ -85,7 +90,7 @@ class SigninUserApiView(APIView):
        token = jwt.encode(
            {
                "id": user.id,
-                "password": password,
+                "password": user.password,
                "exp": timezone.now() + timedelta(hours=24),
            },
            settings.SECRET_KEY,
@@ -204,7 +209,7 @@ class FriendsListApiView(ListAPIView):

        return Friendship.objects.order_by("-addedAt").filter(
            from_profile=self.request.user
-        )[offset: offset + limit]
+        )[offset : offset + limit]


 class PasswordChangeApiView(APIView):