Merge pull request 'Cambiando autenticación de api a JWT #29' (#33) from add_jwt_authentication_#29 into main

Reviewed-on: #33

doc/requests.org

@@ -0,0 +1,76 @@
+* Requests
+Ejemplo de request contra la api usando [[https://github.com/federicotdn/verb][verb]]
+
+** Autenticación :verb:
+template http://localhost:7000/api
+Content-Type: application/json;
+*** Solicitar token
+post /token/
+
+{
+    "username": "admin",
+    "password": "123"
+}
+**** respuesta
+#+begin_src json
+{
+  "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTc3MTE4NzYxOSwiaWF0IjoxNzcxMTAxMjE5LCJqdGkiOiI5ZTgzNGRlM2QzMmQ0NmQyODEwZGQ2MjI2ODUwNjgzNyIsInVzZXJfaWQiOiIyIn0.JaUOqEAZ2T8vVT36mXfweMmYjEWsP7toD07jeeyrl1k",
+  "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzMDE5LCJpYXQiOjE3NzExMDEyMTksImp0aSI6ImFmOWFjNGM1MzBiZjQ4ZGE4Yzg2MWFjYzIzNjQ3NjU3IiwidXNlcl9pZCI6IjIifQ.6wH5sx1fyFn3Wt3DVZGYbiYi79rGthUZkgGmTqzebXc"
+}
+#+end_src
+*** Perfil de usuario
+get /users/me/
+Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzMDE5LCJpYXQiOjE3NzExMDEyMTksImp0aSI6ImFmOWFjNGM1MzBiZjQ4ZGE4Yzg2MWFjYzIzNjQ3NjU3IiwidXNlcl9pZCI6IjIifQ.6wH5sx1fyFn3Wt3DVZGYbiYi79rGthUZkgGmTqzebXc
+**** Respuesta
+#+begin_src json
+{
+  "id": 2,
+  "username": "admin",
+  "email": "correo@example.com",
+  "first_name": "",
+  "last_name": ""
+}
+#+end_src
+*** Renovar token
+post /token/refresh/
+
+{
+   "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTc3MTE4NzYxOSwiaWF0IjoxNzcxMTAxMjE5LCJqdGkiOiI5ZTgzNGRlM2QzMmQ0NmQyODEwZGQ2MjI2ODUwNjgzNyIsInVzZXJfaWQiOiIyIn0.JaUOqEAZ2T8vVT36mXfweMmYjEWsP7toD07jeeyrl1k"
+}
+**** response
+#+begin_src json
+{
+  "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzNjA1LCJpYXQiOjE3NzExMDE4MDUsImp0aSI6ImJjZTY5ZTA3MTIyOTQxMTg5NmFjYzk1ZDNiOThhMTI0IiwidXNlcl9pZCI6IjIifQ.b4Z1c_Yi5tsLZ-7F0KZcM2tai-f1VeaE881j2pKDwYA"
+}
+#+end_src
+** Don confiao :verb:
+template http://localhost:7000/don_confiao/api/
+Content-Type: application/json;
+Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzNjA1LCJpYXQiOjE3NzExMDE4MDUsImp0aSI6ImJjZTY5ZTA3MTIyOTQxMTg5NmFjYzk1ZDNiOThhMTI0IiwidXNlcl9pZCI6IjIifQ.b4Z1c_Yi5tsLZ-7F0KZcM2tai-f1VeaE881j2pKDwYA
+*** todas las rutas
+get
+**** response
+#+begin_src json
+{
+  "sales": "http://localhost:7000/don_confiao/api/sales/",
+  "customers": "http://localhost:7000/don_confiao/api/customers/",
+  "products": "http://localhost:7000/don_confiao/api/products/",
+  "reconciliate_jar": "http://localhost:7000/don_confiao/api/reconciliate_jar/"
+}
+#+end_src
+*** customers
+get customers/
+**** response
+#+begin_src json
+[
+  {
+    "id": 1,
+    "name": "Consumidor Final",
+    "address": "",
+    "email": "",
+    "phone": "",
+    "external_id": "2753"
+  },
+  ...
+]
+#+end_src

requirements.txt

@@ -1,4 +1,5 @@
 Django==5.0.6
 djangorestframework
 django-cors-headers
+djangorestframework-simplejwt
 sabatron-tryton-rpc-client==7.4.0

tienda_ilusion/don_confiao/tests/Mixins.py

@@ -1,10 +1,19 @@
 from django.contrib.auth.models import User
+from rest_framework_simplejwt.tokens import RefreshToken
+from rest_framework.test import APIClient
 
 
 class LoginMixin:
     def login(self):
-        username = 'nombre_usuario'
+        self.user = User.objects.create_superuser(
-        password = 'contraseña'
+            username='admin',
-        email = 'correo@example.com'
+            email='admin@example.com',
-        self.user = User.objects.create_user(username, email, password)
+            password='adminpass'
-        self.client.login(username=username, password=password)
+        )
+
+        refresh = RefreshToken.for_user(self.user)
+        self.access_token = str(refresh.access_token)
+
+        self.client = APIClient()
+        self.client.credentials(
+            HTTP_AUTHORIZATION=f'Bearer {self.access_token}')

tienda_ilusion/tienda_ilusion/settings.py

@@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/5.0/ref/settings/
 """
 import os
 
+from datetime import timedelta
 from pathlib import Path
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
@@ -44,7 +45,9 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'rest_framework',
+    'rest_framework.authtoken',
     'corsheaders',
+    'users',
     # 'don_confiao'
 ]
 
@@ -57,7 +60,6 @@ MIDDLEWARE = [
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'corsheaders.middleware.CorsMiddleware',
-    'django.middleware.common.CommonMiddleware',
 ]
 
 ROOT_URLCONF = 'tienda_ilusion.urls'
@@ -137,11 +139,19 @@ FIXTURE_DIRS = ['don_confiao/tests/Fixtures']
 
 REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': [
-        'rest_framework.authentication.SessionAuthentication',
+        "rest_framework_simplejwt.authentication.JWTAuthentication",
     ],
     'DEFAULT_PERMISSION_CLASSES': [
         'rest_framework.permissions.IsAuthenticated',
     ],
 }
 
-LOGOUT_REDIRECT_URL = '/start/'
+SIMPLE_JWT = {
+    "ACCESS_TOKEN_LIFETIME": timedelta(minutes=30),
+    "REFRESH_TOKEN_LIFETIME": timedelta(days=1),
+    "AUTH_HEADER_TYPES": ("Bearer",),
+}
+
+# CORS_ALLOWED_ORIGINS = [
+#     "http://localhost:5173",
+# ]

tienda_ilusion/tienda_ilusion/templates/registration/login.html

@@ -1,5 +0,0 @@
-<form method="post">
-    {% csrf_token %}
-    {{ form.as_p }}
-    <button type="submit">Iniciar sesión</button>
-</form>

tienda_ilusion/tienda_ilusion/templates/registration/profile.html

@@ -1,27 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <title>Perfil de usuario</title>
-    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css">
-    <style>
-        body {
-            font-family: Arial, sans-serif;
-        }
-    </style>
-</head>
-<body>
-    <div class="container">
-        <div class="row justify-content-center">
-            <div class="col-md-8">
-                <h1>Perfil de usuario</h1>
-                <p>Nombre de usuario: {{ user.username }}</p>
-                <p>Email: {{ user.email }}</p>
-                <form action="{% url 'logout' %}" method="post" style="display: inline-block;">
-                    {% csrf_token %}
-                    <button type="submit" class="btn btn-danger">Cerrar sesión</button>
-                </form>
-            </div>
-        </div>
-    </div>
-</body>
-</html>

tienda_ilusion/tienda_ilusion/templates/start.html

@@ -1,22 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <title>Bienvenido a la tienda la ilusión</title>
-    <style>
-        body {
-            font-family: Arial, sans-serif;
-        }
-    </style>
-</head>
-<body>
-    <div class="container">
-        <div class="row justify-content-center">
-            <div class="col-md-8">
-                <h1>Bienvenido a la tienda la ilusion</h1>
-
-                <a href="{% url 'login' %}">Login</a>
-            </div>
-        </div>
-    </div>
-</body>
-</html>

tienda_ilusion/tienda_ilusion/urls.py

@@ -16,15 +16,19 @@ Including another URLconf
 """
 from django.contrib import admin
 from django.urls import include, path
-from . import views
+from rest_framework_simplejwt.views import (
-
+    TokenObtainPairView,
+    TokenRefreshView,
+)
 
 app_name = "don_confiao"
 
 urlpatterns = [
     path("don_confiao/", include("don_confiao.urls")),
-    path("accounts/", include("django.contrib.auth.urls")),
-    path('accounts/profile/', views.ProfileView.as_view(), name='profile'),
-    path('start/', views.StartView.as_view(), name='start'),
     path('admin/', admin.site.urls),
+    path('api/token/', TokenObtainPairView.as_view(),
+         name='token_obtain_pair'),
+    path('api/token/refresh/', TokenRefreshView.as_view(),
+         name='token_refresh'),
+    path('api/users/', include('users.urls')),
 ]

tienda_ilusion/tienda_ilusion/views.py

@@ -1,15 +0,0 @@
-from django.views.generic import TemplateView
-from django.contrib.auth.mixins import LoginRequiredMixin
-
-
-class ProfileView(LoginRequiredMixin, TemplateView):
-    template_name = 'registration/profile.html'
-
-    def get_context_data(self, **kwargs):
-        context = super().get_context_data(**kwargs)
-        context['user'] = self.request.user
-        return context
-
-
-class StartView(TemplateView):
-    template_name = 'start.html'

tienda_ilusion/users/admin.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.

tienda_ilusion/users/apps.py

@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class UsersConfig(AppConfig):
+    name = 'users'

tienda_ilusion/users/models.py

@@ -0,0 +1,3 @@
+from django.db import models
+
+# Create your models here.

tienda_ilusion/users/serializers.py

@@ -0,0 +1,8 @@
+from django.contrib.auth.models import User
+from rest_framework import serializers
+
+
+class UserSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = User
+        fields = ('id', 'username', 'email', 'first_name', 'last_name')

tienda_ilusion/users/tests.py

@@ -0,0 +1,51 @@
+from django.test import TestCase
+from django.urls import reverse
+from django.contrib.auth.models import User
+from rest_framework.test import APIClient
+from rest_framework_simplejwt.tokens import RefreshToken
+
+
+class MeEndpointTests(TestCase):
+    def setUp(self):
+        self.user = User.objects.create_superuser(
+            username='admin',
+            email='admin@example.com',
+            password='adminpass'
+        )
+
+        refresh = RefreshToken.for_user(self.user)
+        self.access_token = str(refresh.access_token)
+
+        self.client = APIClient()
+        self.client.credentials(
+            HTTP_AUTHORIZATION=f'Bearer {self.access_token}')
+
+    def test_me_endpoint_returns_correct_user_data(self):
+        """
+        Verifica que GET /api/users/me/ devuelve los datos del usuario
+        autenticado.
+        """
+        url = reverse('current-user')
+        response = self.client.get(url)
+
+        self.assertEqual(response.status_code, 200)
+
+        expected_fields = {'id', 'username', 'email',
+                           'first_name', 'last_name'}
+        self.assertTrue(expected_fields.issubset(response.json().keys()))
+
+        data = response.json()
+        self.assertEqual(data['username'], self.user.username)
+        self.assertEqual(data['email'], self.user.email)
+        self.assertEqual(data['first_name'], self.user.first_name)
+        self.assertEqual(data['last_name'], self.user.last_name)
+
+    def test_me_endpoint_requires_authentication(self):
+        """
+        Sin token el endpoint debe devolver 401 Unauthorized.
+        """
+        client_no_auth = APIClient()
+        url = reverse('current-user')
+        response = client_no_auth.get(url)
+
+        self.assertEqual(response.status_code, 401)

tienda_ilusion/users/urls.py

@@ -0,0 +1,6 @@
+from django.urls import path
+from .views import CurrentUserView
+
+urlpatterns = [
+    path('me/', CurrentUserView.as_view(), name='current-user'),
+]

tienda_ilusion/users/views.py

@@ -0,0 +1,12 @@
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated
+from .serializers import UserSerializer
+
+
+class CurrentUserView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        serializer = UserSerializer(request.user)
+        return Response(serializer.data)