Skip to content

Authorization Endpoints

/accounts/signup/

Creates a new user in the Users table of the database.

Parameters:

Name Type Description Default
username str

The username.

 required
email str

The email address of the user.

 required
phone str

The user's phone number.

 required
password str

The user's password.

 required

Returns:

Name Type Description
Bool User

True if the user was created successfully, False otherwise.
Source code in apps\accounts\views.py 
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
def create_user(self, username: str, email: str, password: str, phone) -> User:
    """
    Creates a new user in the Users table of the database.

    Args:
        username (str): The username.
        email (str): The email address of the user.
        phone (str): The user's phone number.
        password (str): The user's password.

    Returns:
        Bool: True if the user was created successfully, False otherwise.
    """
    if User.objects.filter(phone=phone).exists():
        print("Phone already exists")
        return False

    user = User.objects.create_user(
        username=username, email=email, password=password, phone=phone
    )
    user.save()
    return True

/accounts/confirm-email/

Handled by Django's allauth module.

Parameters:

  • code: str a confirmation code sent to the user's email to confirm signup

Response: HTML confirmation page

/accounts/login/

Handled by Django's allauth module.

Parameters:

  • email: str
  • remember_me: bool

Response: HTML login page, redirect to confirmation page, failure message upon failed login.

/accounts/login/code/confirm/

Handled by Django's allauth module.

Parameters:

  • code: str

Response: Redirect to home page / after successful confirmation, failure message upon failed confirmation.

/accounts/logout

Handled by Django's allauth module.

Parameters:

Response: Redirect to home page / after successful logout.

/accounts/password/reset/

Handled by Django's allauth module.

Parameters:

  • email: str

Response: HTML password reset page, sends an email to the user upon form submit.

/accounts/delete_account

Deletes the user's account.

Parameters:

Name Type Description Default
request HttpRequest

The HTTP request object.

 required
password str

The password of the user to confirm account deletion.

 required

Returns:

Name Type Description
HttpResponse HttpResponse

Redirect to goodbye page on success, error message on failure
Source code in apps\accounts\views.py 
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
def delete_account(request: HttpRequest) -> HttpResponse:
    """
    Deletes the user's account.

    Args:
        request (HttpRequest): The HTTP request object.
        password (str): The password of the user to confirm account deletion.

    Returns:
        HttpResponse: Redirect to goodbye page on success, error message on failure
    """

    if not request.user.is_authenticated:
        return redirect("account_login")

    if request.method == "POST":
        user = request.user
        password = request.POST.get("password")

        if not user.check_password(password):
            messages.error(request, "Incorrect password.")
            return redirect("delete_account")

        try:
            # We need to log out the user in order to delete them
            logout(request)
            user.delete()
            return redirect("account_goodbye")

        except Exception:
            messages.error(request, "An error occurred while deleting your account.")

    return render(request, "account/delete_account.html")

/accounts/account_goodbye

Renders a page to notify the user that their account has been deleted.

Parameters:

Name Type Description Default
request HttpRequest

The HTTP request object.

 required

Returns:

Name Type Description
HttpResponse HttpResponse

The rendered goodbye page.
Source code in apps\accounts\views.py 
115
116
117
118
119
120
121
122
123
124
125
126
def account_goodbye(request: HttpRequest) -> HttpResponse:
    """
    Renders a page to notify the user that their account has been deleted.

    Args:
        request (HttpRequest): The HTTP request object.

    Returns:
        HttpResponse: The rendered goodbye page.
    """

    return render(request, "account/account_goodbye.html")

/accounts/unsubscribe/

Renders the unsubscribe view.

Parameters:

Name Type Description Default
request HttpRequest

The HTTP request object.

 required

Returns:

Name Type Description
HttpResponse HttpResponse

Redirects to the account page with a success message.
Source code in apps\accounts\views.py 
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
def unsubscribe(request: HttpRequest) -> HttpResponse:
    """
    Renders the unsubscribe view.

    Args:
        request (HttpRequest): The HTTP request object.

    Returns:
        HttpResponse: Redirects to the account page with a success message.
    """

    if request.method == "POST":
        user = request.user

        if user.is_subscribed:
            user.is_subscribed = False

            messages.success(request, "You have successfully unsubscribed from updates.")

        else:
            user.is_subscribed = True

            messages.success(request, "You have successfully subscribed to updates.")
        user.save()

        return redirect(request.META.get("HTTP_REFERER", "favorites"))