Merge pull request #31 from tsotetsi/tf-21-setup-mailpit-service

Add mailpit as a docker-service.

Author: tsotetsi

backend/user_service/.coverage

@@ -78,6 +78,20 @@
 
    Visit your localhost om port 8000: [http://127.0.0.1:8000](http://127.0.0.1:8000)
 
+
+### Running tests and test coverage
+
+1. Run tests with pytest.
+   ```bash
+   pytest
+   ```
+2. Run tests, check your test coverage, and generate HTML coverage report.
+   ```bash
+   coverage run --source=. -m pytest
+   coverage html
+   open htmlcov/index.html
+   ```
+
 ### Build User-Service docker image and publish to registry.
 
 1. Tag(e.g. v1, latest) built image from the previous step.

backend/user_service/README.md

@@ -205,6 +205,9 @@
 # Email backend (for development) TODO: Use mailpit
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'  # Use console for testing
 
+ACCOUNT_ADAPTER = 'users.adapters.CustomAccountAdapter'
+FRONTEND_URL = 'http://localhost:8000/api'
+
 # By Default swagger ui is available only to admin user(s). You can change permission classes to change that
 # See more configuration options at https://drf-spectacular.readthedocs.io/en/latest/settings.html#settings
 SPECTACULAR_SETTINGS = {

backend/user_service/config/settings/base.py

@@ -11,6 +11,16 @@
 # TODO: Set static IP address for minikube, minikube start --static=192.168.49.2
 ALLOWED_HOSTS = ["localhost", "0.0.0.0", "127.0.0.1", "user-service"]  # noqa: S104
 
+# EMAIL
+# ------------------------------------------------------------------------------
+# https://docs.djangoproject.com/en/dev/ref/settings/#email-host
+EMAIL_HOST = os.getenv("EMAIL_HOST", default="mailpit")
+# https://docs.djangoproject.com/en/dev/ref/settings/#email-port
+EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
+EMAIL_PORT = 1025         # Mailpit's SMTP port
+EMAIL_USE_TLS = False     # Mailpit does not use TLS by default
+EMAIL_USE_SSL = False     # Mailpit does not use SSL by default
+
 # django-debug-toolbar
 # ------------------------------------------------------------------------------
 # https://django-debug-toolbar.readthedocs.io/en/latest/installation.html#prerequisites

backend/user_service/config/settings/local.py

@@ -1,4 +1,4 @@
-from allauth.account.views import confirm_email, email_verification_sent
+from allauth.account.views import email_verification_sent, PasswordResetFromKeyView
 from django.contrib import admin
 from django.urls import path, include, re_path
 from django.conf import settings
@@ -8,7 +8,7 @@
 from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView
 from drf_spectacular.views import SpectacularAPIView, SpectacularSwaggerView, SpectacularRedocView
 
-from users.api.views import RegisterView, UserProfileView, CustomConfirmEmailView
+from users.api.views import RegisterView, UserProfileView, CustomConfirmEmailView, PasswordResetView, CustomPasswordResetFromKeyView
 
 
 urlpatterns = [
@@ -19,8 +19,10 @@
 urlpatterns += [
     # API BASE URL For Authentication JWT.
     path('api/', include("config.api_router")),
-    path('api/login', RegisterView.as_view(), name='account_login'),
+    #path('api/login', RegisterView.as_view(), name='account_login'), # Delete this.
     path('api/register', RegisterView.as_view(), name='register'),
+    path('api/password/reset/', PasswordResetView.as_view(), name='password_reset'),
+    path('api/password/reset/key/<uidb36>/<key>/', CustomPasswordResetFromKeyView.as_view(), name='account_reset_password_from_key'),
     path('api/account-confirm-email/<str:key>/', CustomConfirmEmailView.as_view() , name='account_confirm_email'),
     path('api/account-email-verification-sent', email_verification_sent, name='account_email_verification_sent'),
     path('api/profile', UserProfileView.as_view(), name='profile'),

backend/user_service/config/urls.py

@@ -58,6 +58,21 @@ services:
     depends_on:
       - prometheus-service
 
+  mailpit-service:
+    image: docker.io/axllent/mailpit:latest
+    container_name: user_service_mailpit
+    restart: unless-stopped
+    volumes:
+      - ./data:/data
+    ports:
+      - "8025:8025"
+      - "1025:1025"
+    environment:
+      MP_MAX_MESSAGES: 5000
+      MP_DATABASE: /data/mailpit.db
+      MP_SMTP_AUTH_ACCEPT_ANY: 1
+      MP_SMTP_AUTH_ALLOW_INSECURE: 1
+
   user-service:
     depends_on:
       - postgres-service

backend/user_service/docker-compose.local.yml

@@ -11,5 +11,5 @@ python_files = [
 # ==== Coverage ====
 [tool.coverage.run]
 include = ["user_service/**"]
-omit = ["*/migrations/*", "*/tests/*"]
+omit = ["*/migrations/*", "*/tests/*", "*/.venv/*", "*/staticfiles/*", "*/requirements/*"]
 plugins = ["django_coverage_plugin"]

backend/user_service/pyproject.toml

@@ -0,0 +1,10 @@
+from allauth.account.adapter import DefaultAccountAdapter
+from django.conf import settings
+
+class CustomAccountAdapter(DefaultAccountAdapter):
+    def send_password_reset_mail(self, user, email, context):
+        # Ensure the context contains the correct uid and key.
+        context['password_reset_url'] = (
+            f"{settings.FRONTEND_URL}/password/reset/key/{context['uid']}/{context['key']}/"
+        )
+        super().send_password_reset_mail(user, email, context)

backend/user_service/users/adapters.py

@@ -1,3 +1,6 @@
+from django.core.exceptions import ValidationError
+from django.contrib.auth.password_validation import validate_password
+from allauth.account.forms import ResetPasswordForm
 from rest_framework import serializers
 
 from users.models import User
@@ -16,11 +19,45 @@ class RegisterSerializer(serializers.ModelSerializer):
 
     class Meta:
         model = User
-        fields = ("name", "email", "phone_number", "password", "is_customer", "is_organizer")
+        fields = ("id", "name", "email", "phone_number", "password", "is_customer", "is_organizer")
 
     def create(self, validated_data):
         password = validated_data.pop('password')
         user = User.objects.create(**validated_data)
         user.set_password(password)
         user.save()
-        return user
+        return user
+
+
+class PasswordResetSerializer(serializers.Serializer):
+    email = serializers.EmailField()
+
+    def validate_email(self, value):
+        # Check if the email exists in the database.
+        if not User.objects.filter(email=value).exists():
+            raise serializers.ValidationError("User with this email address does not exist.")
+        return value
+
+    def save(self, **kwargs):
+        request = self.context.get('request')
+        form = ResetPasswordForm(data=self.validated_data)
+        if form.is_valid():
+            form.save(request=request)
+
+
+class PasswordResetConfirmSerializer(serializers.Serializer):
+    new_password1 = serializers.CharField(required=True, write_only=True)
+    new_password2 = serializers.CharField(required=True, write_only=True)
+
+    def validate_new_password1(self, value):
+        try:
+            # Validate the new password against the validators in base.py.
+            validate_password(value)
+        except ValidationError as e:
+            raise serializers.ValidationError(list(e.messages))
+        return value
+
+    def validate(self, data):
+        if data['new_password1'] != data['new_password2']:
+            raise serializers.ValidationError("The two password fields didn't match.")
+        return data

backend/user_service/users/api/serializers.py

@@ -1,10 +1,11 @@
 import uuid
 
-from allauth.account.views import ConfirmEmailView
-from allauth.account.utils import complete_signup
+from allauth.account.forms import UserTokenForm
+from allauth.account.utils import complete_signup, url_str_to_user_pk
 from allauth.account.internal import flows
 from allauth.account.models import (
     get_emailconfirmation_model,
+    EmailAddress
 )
 
 from django.http import Http404
@@ -16,14 +17,14 @@
 from rest_framework.mixins import RetrieveModelMixin
 from rest_framework.mixins import UpdateModelMixin
 from rest_framework.viewsets import GenericViewSet
-from rest_framework.decorators import action
+from rest_framework.decorators import action, renderer_classes
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from rest_framework import status, permissions
 from rest_framework_simplejwt.tokens import RefreshToken
 
 from users.models import User
-from users.api.serializers import UserSerializer, RegisterSerializer
+from users.api.serializers import UserSerializer, RegisterSerializer, PasswordResetSerializer, PasswordResetConfirmSerializer
 from config.settings.base import CONFIRM_EMAIL_ON_GET
 
 class UserViewSet(RetrieveModelMixin, ListModelMixin, UpdateModelMixin, GenericViewSet):
@@ -95,6 +96,71 @@ def get(self, *args, **kwargs):
         return Response({"detail": "Not accepting GET request on the endpoint"}, status=status.HTTP_400_BAD_REQUEST)
 
 
+class CustomPasswordResetFromKeyView(APIView):
+    permission_classes = [permissions.AllowAny]
+
+    def get_user(self, uidb36):
+        try:
+            uid_int = url_str_to_user_pk(uidb36)
+            user = User.objects.get(pk=uid_int)
+            if not user:
+                return None
+            return user
+        except(ValueError, User.DoesNotExist):
+            return Response({"detail": "Invalid user ID."})
+
+    def get(self, request, uidb36, key, *args, **kwargs):
+        # Check if the reset link is valid
+        user = self.get_user(uidb36)
+        if not user:
+            return Response(
+                {"detail": "Invalid reset link."},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
+        # Return a response indicating the reset link is valid
+        return Response(
+            {"detail": "Please submit your new password."},
+            status=status.HTTP_200_OK,
+        )
+
+    def post(self, request, uidb36, key):
+        serializer = PasswordResetConfirmSerializer(data=request.data)
+
+        if serializer.is_valid(raise_exception=True):
+            # Decode the user ID
+            user = self.get_user(uidb36)
+
+            # Validate the reset key.
+            token_form = UserTokenForm(data={'uidb36': uidb36, 'key': key})
+            if not token_form.is_valid():
+                return Response({"detail": "Invalid or expired reset key."}, status=status.HTTP_400_BAD_REQUEST)
+
+            # Ensure the user email is verified.
+            if not EmailAddress.objects.filter(user=user, verified=True).exists():
+                return Response({"detail": "Email address not verified."}, status=status.HTTP_400_BAD_REQUEST)
+
+            # Get the new password from the request
+            new_password = request.data.get("new_password1")
+
+            # Set the new password
+            user.set_password(new_password)
+            user.save()
+            return Response({"detail": "Password has been reset successfully"}, status=status.HTTP_200_OK)
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+class PasswordResetView(APIView):
+    permission_classes = [permissions.AllowAny]
+
+    def post(self, request):
+        serializer = PasswordResetSerializer(data=request.data, context={'request': request})
+
+        if serializer.is_valid():
+            serializer.save()
+            return Response({"detail": "Password reset email has been sent."}, status=status.HTTP_200_OK)
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+
 class UserProfileView(APIView):
     permission_classes = [permissions.IsAuthenticated]