nkey/colio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #54 from plers-org/sm/#53

Browse Source 
Sm/#53
This commit is contained in:
NKEY
2025-05-13 15:24:13 +09:00
committed by GitHub
parent e3f5539fd2 5b55d82917
commit 5e881313ab
3 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/settings.py
View File

@@ -174,7 +174,7 @@ REST_FRAMEWORK = {
REST_USE_JWT = True REST_USE_JWT = True
SIMPLE_JWT = { SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(days=7), # minutes = 15 'ACCESS_TOKEN_LIFETIME': timedelta(minutes= 15),
'REFRESH_TOKEN_LIFETIME': timedelta(days=7), 'REFRESH_TOKEN_LIFETIME': timedelta(days=7),
'ROTATE_REFRESH_TOKENS': True, 'ROTATE_REFRESH_TOKENS': True,
'BLACKLIST_AFTER_ROTATION': True, 'BLACKLIST_AFTER_ROTATION': True,
@@ -213,7 +213,7 @@ SESSION_EXPIRE_AT_BROWSER_CLOSE = True
SESSION_COOKIE_AGE = 86400 SESSION_COOKIE_AGE = 86400
# https에서만 세션 쿠키가 전송 (default false) https 배포 시 true로 # https에서만 세션 쿠키가 전송 (default false) https 배포 시 true로
SESSION_COOKIE_SECURE = False SESSION_COOKIE_SECURE = True
GOOGLE_CLIENT_ID = env('GOOGLE_CLIENT_ID') GOOGLE_CLIENT_ID = env('GOOGLE_CLIENT_ID')

9
users/serializers.py
View File

@@ -30,6 +30,15 @@ class SetPortofolioRequiredInfoSerializer(serializers.ModelSerializer):
model = User model = User
fields = ['custom_url', 'job_and_interests'] fields = ['custom_url', 'job_and_interests']
def validate(self, attrs):
custom_url = attrs.get("custom_url")
if custom_url and (" " in custom_url or "." in custom_url):
raise serializers.ValidationError({
"message": "하지말라면 하지 좀 마"
})
return super().validate(attrs)
class TagUserSerializer(serializers.ModelSerializer): class TagUserSerializer(serializers.ModelSerializer):
class Meta: class Meta:
model = User model = User

8
users/views.py
View File

@@ -42,7 +42,7 @@ class RefreshAPIView(APIView):
serializer = TokenRefreshSerializer(data={'refresh': refresh}) serializer = TokenRefreshSerializer(data={'refresh': refresh})
if serializer.is_valid(): if serializer.is_valid():
res = Response({"access": serializer.validated_data['access']}, status=status.HTTP_200_OK) res = Response({"access": serializer.validated_data['access']}, status=status.HTTP_200_OK)
res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=not settings.DEBUG) res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=True)
return res return res
except TokenError as e: except TokenError as e:
return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED) return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED)
@@ -93,7 +93,7 @@ class GoogleLoginAPIView(APIView):
}, },
status=status.HTTP_200_OK, status=status.HTTP_200_OK,
) )
res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=not settings.DEBUG) res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=True)
return res return res
else: else:
return Response( return Response(
@@ -154,7 +154,7 @@ class LoginAPIView(APIView):
}, },
status=status.HTTP_200_OK, status=status.HTTP_200_OK,
) )
res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=not settings.DEBUG) res.set_cookie("refresh", serializer.validated_data['refresh'], httponly=True, samesite=None, secure=True)
return res return res
else: else:
return Response(serializer.errors) return Response(serializer.errors)
@@ -206,7 +206,7 @@ class SetPortofolioRequiredInfoAPIView(APIView):
def patch(self, request): def patch(self, request):
user = request.user user = request.user
serializer = SetPortofolioRequiredInfoSerializer(user, data=request.data) serializer = SetPortofolioRequiredInfoSerializer(user, data=request.data)
if serializer.is_valid(): if serializer.is_valid(raise_exception=True):
serializer.save() serializer.save()
user.is_custom_url = True user.is_custom_url = True
user.save() user.save()