In my application powered by django-rest-framework I use django-rest-auth and allauth to handle the user registration, etc. Everything works fine.
I have one API endpoint that handles users' testimonials. The idea is that if someone who has no account at my website is adding a testimonial, I want to automatically create an account for him/her (in case if an email was entered) and the welcome email should be sent, profile created, etc.
So from the viewset that handles adding a testimonial, I am calling RegisterView like this; this is POST:
from rest_auth.registration.views import RegisterView
class AddTestimonialView(viewsets.ModelViewSet):
serializer_class = TestimonialSerializer
queryset = Testimonial.objects.all()
permission_classes = [permissions.AllowAny, ]
def create(self, request, *args, **kwargs):
................
RegisterView.as_view()(self.request)
But I am getting an error:
AssertionError at /api/auth/testimonial/add/
sensitive_post_parameters didn't receive an HttpRequest. If you are decorating a classmethod, be sure to use @method_decorator.
Seems that I should create a custom class and override some method(s) of RegisterView, dispatch likely. But can't figure out what exactly should I do. In fact the request has no sensitive data at all, just email, name, testimonial text, etc. No passwords or tokens.
This is an original code from RegisterView @ rest_auth.registration.views:
sensitive_post_parameters_m = method_decorator(
sensitive_post_parameters('password1', 'password2')
)
class RegisterView(CreateAPIView):
serializer_class = RegisterSerializer
permission_classes = register_permission_classes()
token_model = TokenModel
@sensitive_post_parameters_m
def dispatch(self, *args, **kwargs):
return super(RegisterView, self).dispatch(*args, **kwargs)
def get_response_data(self, user):
if allauth_settings.EMAIL_VERIFICATION == \
allauth_settings.EmailVerificationMethod.MANDATORY:
return {"detail": _("Verification e-mail sent.")}
if getattr(settings, 'REST_USE_JWT', False):
data = {
'user': user,
'token': self.token
}
return JWTSerializer(data).data
else:
return TokenSerializer(user.auth_token).data
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = self.perform_create(serializer)
headers = self.get_success_headers(serializer.data)
return Response(self.get_response_data(user),
status=status.HTTP_201_CREATED,
headers=headers)
def perform_create(self, serializer):
user = serializer.save(self.request)
if getattr(settings, 'REST_USE_JWT', False):
self.token = jwt_encode(user)
else:
create_token(self.token_model, user, serializer)
complete_signup(self.request._request, user,
allauth_settings.EMAIL_VERIFICATION,
None)
return user
Any ideas? Thanks
Can you just replace:
RegisterView.as_view()(self.request)
with
serializer = RegisterSerializer(data=self.request.data)
serializer.is_valid(raise_exception=True)
user = self.perform_create(serializer)
?