Untitled

avatar
unknown
plain_text
a year ago
1.2 kB
28
Indexable
class LoginView(generics.GenericAPIView):
    serializer_class = UserLoginSerializer

    def post(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)

        user = serializer.validated_data["user"]
        refresh = RefreshToken.for_user(user)
        access = refresh.access_token

        response = Response(
            {
                "user": {"email": user.email, "name": user.get_full_name()},
                "tokens": {"access": str(access)},
                
            }
        )

        response.set_cookie(
            key="refresh_token",
            value=str(refresh),
            httponly=True,
            secure=False,  # Use True in production
            samesite="None",
            max_age=60 * 60 * 24 * 7,
        )
        return response

class LogoutView(APIView):
    def post(self, request):
        if "refresh_token" not in request.COOKIES:
            raise AuthenticationFailed("You are not logged in or session is invalid.")
        response.delete_cookie("refresh_token")
        response = Response({"message": "Logged out successfully"})
        response.delete_cookie("refresh_token") 

        return response
Editor is loading...
Leave a Comment