Comments (8)
Yeah your are right, it is not a big but asap I will provide the enhancement to the approach
from drf-user.
Hi, @smrf1093 thanks for opening the issue.
Please add more details to this issue, like how I can reproduce or which endpoint you're talking about. If possible please add code snippets as well.
This will help me to resolve this issue quickly. Meanwhile, I'll also try to find where this problem is.
from drf-user.
So here is the thing
class RegisterView(CreateAPIView):
"""
Register View
Register a new user to the system.
The data required are username, email, name, password and mobile (optional).
"""
renderer_classes = (JSONRenderer,)
permission_classes = (AllowAny,)
serializer_class = UserSerializer
def perform_create(self, serializer):
"""Override perform_create to create user"""
data = {
"username": serializer.validated_data["username"],
"email": serializer.validated_data["email"],
"name": serializer.validated_data["name"],
"password": serializer.validated_data["password"],
}
try:
data["mobile"] = serializer.validated_data["mobile"]
except KeyError:
if not settings.USER_SETTINGS["MOBILE_OPTIONAL"]:
raise ValidationError({"error": "Mobile is required."})
return User.objects.create_user(**data)
you save the user on the register section, you should not do that, this should be saved in a bridge model, and then when the user is verified, the data from the bridge model can be used to create a user on verification, so this prevents setting up a bot on the register section and other security concerns in this section
from drf-user.
Hey @smrf1093
We're checking for validation here. Please check this serializer UserSerializer
.
def validate_mobile(self, value: str) -> str:
"""
If pre-validated mobile number is required, this function
checks if the mobile is pre-validated using OTP.
Parameters
----------
value: str
Returns
-------
value: str
"""
if not user_settings["MOBILE_VALIDATION"]:
return value
if check_validation(value=value):
return value
else:
raise serializers.ValidationError(
"The mobile must be " "pre-validated via OTP."
)
from drf-user.
No, I mean verification, for example, user with [email protected] registers then its information is stored immediately in the database however we do not know the form sender is x or not so before storing the user data in the main table it is good to first understand that the sender is x
from drf-user.
No, I mean verification, for example, user with [email protected] registers then its information is stored immediately in the database however we do not know the form sender is x or not so before storing the user data in the main table it is good to first understand that the sender is x
@smrf1093 I understand what you are saying here. While that is a possible approach, we are not taking that approach here.
Can you add more insight, on how this approach will improve the overall application?
Also, I am removing the bug
tag, I don't see how this qualifies as a bug. It definitely can be a good enhancement.
from drf-user.
Yeah your are right, it is not a big but asap I will provide the enhancement to the approach
Thanks a lot 🙌 Really appreciate it.
from drf-user.
Closing for now.
from drf-user.
Related Issues (20)
- Automate pypi release based on tag
- Update API docs to document response as well
- Feat: Integrate social authentication (Login using fb/google)
- Remove drf-addons dependency.
- Refactor CheckUniqueView HOT 1
- Change --p to --port in make livehtml setup step in makefile
- Running make install errors out while installing django-sendsms
- Fix makefile in docs section HOT 2
- Pin all dependencies in requirements-dev.txt. HOT 2
- Warnings generated while generating HTML in docs folder HOT 3
- Make file execution failing for windows. HOT 6
- Warnings generated while building linkcheck in docs folder HOT 1
- OTP Based endpoints should only work when user enabled send mail/send message settings
- Add Payment integration HOT 1
- Add webhook HOT 5
- Makefile port command issue HOT 5
- How to send otp on mobile number, rather than email. HOT 5
- Migrate static settings to dynamic settings.
- Status on social auth endpoints HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from drf-user.