Feature: update user profile (#4678)

2025-08-14 00:26:21 +00:00 · 2023-12-02 08:26:42 -08:00
parent 6e371ac5ac
commit aff56077a8
23 changed files with 1048 additions and 75 deletions
--- a/src/paperless/views.py
+++ b/src/paperless/views.py
@@ -7,7 +7,9 @@ from django.db.models.functions import Lower
 from django.http import HttpResponse
 from django.views.generic import View
 from django_filters.rest_framework import DjangoFilterBackend
+from rest_framework.authtoken.models import Token
 from rest_framework.filters import OrderingFilter
+from rest_framework.generics import GenericAPIView
 from rest_framework.pagination import PageNumberPagination
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
@@ -17,6 +19,7 @@ from documents.permissions import PaperlessObjectPermissions
 from paperless.filters import GroupFilterSet
 from paperless.filters import UserFilterSet
 from paperless.serialisers import GroupSerializer
+from paperless.serialisers import ProfileSerializer
 from paperless.serialisers import UserSerializer


@@ -106,3 +109,54 @@ class GroupViewSet(ModelViewSet):
    filter_backends = (DjangoFilterBackend, OrderingFilter)
    filterset_class = GroupFilterSet
    ordering_fields = ("name",)
+
+
+class ProfileView(GenericAPIView):
+    """
+    User profile view, only available when logged in
+    """
+
+    permission_classes = [IsAuthenticated]
+    serializer_class = ProfileSerializer
+
+    def get(self, request, *args, **kwargs):
+        user = self.request.user
+
+        serializer = self.get_serializer(data=request.data)
+        return Response(serializer.to_representation(user))
+
+    def patch(self, request, *args, **kwargs):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        user = self.request.user if hasattr(self.request, "user") else None
+
+        if len(serializer.validated_data.get("password").replace("*", "")) > 0:
+            user.set_password(serializer.validated_data.get("password"))
+            user.save()
+        serializer.validated_data.pop("password")
+
+        for key, value in serializer.validated_data.items():
+            setattr(user, key, value)
+        user.save()
+
+        return Response(serializer.to_representation(user))
+
+
+class GenerateAuthTokenView(GenericAPIView):
+    """
+    Generates (or re-generates) an auth token, requires a logged in user
+    unlike the default DRF endpoint
+    """
+
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request, *args, **kwargs):
+        user = self.request.user
+
+        existing_token = Token.objects.filter(user=user).first()
+        if existing_token is not None:
+            existing_token.delete()
+        token = Token.objects.create(user=user)
+        return Response(
+            token.key,
+        )