Added some APIs and fixed some bugs

README.md

@@ -2,7 +2,129 @@
 ## API Endpoints
 A description of all the API endpoints, their URL and request parameters.
 ### Users
-#### View User
+
+#### Login
+```
+url : /users/auth/login/
+method : POST
+parameters = {
+    "username" : "<username>",
+    "password" : "<password>:
+    }
+```
+```
+Successful : 200_OK
+Unsuccessful : 400_BAD_REQUEST / 401_UNAUTHORIZED
+```
+#### Logout
+```
+url : /users/auth/logout/
+method : POST
+parameters = {}
+```
+```
+Successful : 200_OK
+Unsuccessful : 401_UNAUTHORIZED
+```
+#### Update FB link
+```
+url : /users/updatefb/
+method : POST
+parameters = {"fblink" : "<Your fb link>"}
+```
+```
+Successful : 200_OK
+Unsuccessful : 401_UNAUTHORIZED / 400_BAD_REQUEST
+
+Note : User needs to be logged in to use this API
+```
+#### Forgot Password Mailer
+```
+url : /users/forgotpassemail/
+method : POST
+parameters = { "roll" : "<Your IITK roll no>"}
+```
+```
+Successful : 200_OK
+Unsuccessful : 401_UNAUTHORIZED / 400_BAD_REQUEST
+
+Note: If successful, it sends a link at the users e-mail id which is described below.
+```
+#### Forgot Password
+```
+url : /users/forgotpass/code=<str:token>/
+method : POST
+parameters = {}
+```
+```
+Successful :{
+               status : 200_OK
+               message : Account successfully deactivated. Now follow activation process to create new password and activate account.
+}
+Unsuccessful : {
+                status : 401_UNAUTHORIZED
+                message : "Token already used" or "Invalid token or invalid request"
+}
+
+```
+#### Reset Password Mailer
+```
+url : /users/resetpassemail/
+method : POST
+parameters = {"roll" : "<Your IITK roll>"}
+```
+```
+Successful : 202_ACCEPTED
+Unsuccessful : 403_FORBIDDEN / 400_BAD_REQUEST
+
+Note : User needs to be logged in to use this API. This sends an e-mail to reset password.
+```
+#### Reset Password
+```
+url : /users/resetpass/code=<str:token>/
+method : POST
+parameters = {
+            "new_password1" : "<Your new password>" ,
+            "new_password2" : "<Your new password again>",
+            "old_password" : "<Your new password>"
+}
+```
+```
+Successful : 200_OK
+Unsuccessful : 401_UNAUTHORIZED
+
+Note : User needs to be logged in to use this API. 
+```
+
+#### Registration Mailer
+```
+url : /users/register/
+method : POST
+parameters = {
+            "roll" : "<Your IITK roll>"
+}
+```
+```
+Successful : 200_OK
+Unsuccessful : 401_UNAUTHORIZED
+
+Note : This sends an activation mail to the user.
+```
+#### Registration and set password
+```
+url : /users/register/verify/code=<str:token>/
+method : POST
+parameters = {
+            "password" : "<Your password>"
+}
+```
+```
+Successful : 200_OK
+Unsuccessful : 401_UNAUTHORIZED
+
+```
+
+#### View User's Profile
 ```
 url : /users/profile/
 method : GET
@@ -20,29 +142,48 @@ Response : {
 
 Note : User needs to be logged in to use this API.
 ```
-#### Login
+#### View Other's Profile(by name)
 ```
-url : /users/auth/login/
+url : /users/peoplename/
 method : POST
 parameters = {
-    "username" : "<username>",
-    "password" : "<password>:
-    }
-```
-```
+            "username"
+ }
 Successful : 200_OK
-Unsuccessful : 400_BAD_REQUEST / 401_UNAUTHORIZED
+Unsuccessful : 404_BAD_REQUEST / 401_UNAUTHORIZED
+
+Response : {
+            "roll",
+            "username",
+            "name",
+            "email",
+            "fblink"
+}
+
+Note : User needs to be logged in to use this API.
 ```
-#### Logout
+#### View Other's Profile(by roll)
 ```
-url : /users/auth/logout/
+url : /users/peopleroll/
 method : POST
-parameters = {}
-```
-```
+parameters = {
+            "roll"
+ }
 Successful : 200_OK
-Unsuccessful : 401_UNAUTHORIZED
+Unsuccessful : 404_BAD_REQUEST / 401_UNAUTHORIZED
+
+Response : {
+            "roll",
+            "username",
+            "name",
+            "email",
+            "fblink"
+}
+
+Note : User needs to be logged in to use this API.
 ```
+
+
 #### Follow User
 To follow another user.
 ```
@@ -58,7 +199,7 @@ Unsuccessful : 400_BAD_REQUEST / 401_UNAUTHORIZED
 To unfollow a user who is already followed.
 ```
 url : /users/unfollow/
-method : DELETE
+method : POST
 parameters = {"username" : "<username of the user to be unfollowed">}
 ```
 ```
@@ -143,7 +284,7 @@ Unsuccessful : 400_BAD_REQUEST / 401_UNAUTHORIZED
 Allows deletion of a post by its author.
 ```
 url : /posts/delete/
-method : DELETE
+method : POST
 parameters = {"pk" : "<primary key of the post>"}
 ```
 ```
@@ -189,7 +330,7 @@ To follow a stream.
 ```
 url : /streams/follow/
 method : PUT
-parameters = {"title" : "<title of the stream to be followed>"}
+parameters = {"pk" : "<pk of the stream to be followed>"}
 ```
 ```
 Successful : 200_OK
@@ -199,8 +340,8 @@ Unsuccessful : 400_BAD_REQUEST / 401_UNAUTHORIZED
 To unfollow a stream.
 ```
 url : /streams/unfollow/
-method : DELETE
-parameters = {"title" : "<title of the stream to be unfollowed>"}
+method : POST
+parameters = {"pk" : "<pk of the stream to be unfollowed>"}
 ```
 ```
 Successful : 200_OK
@@ -304,7 +445,7 @@ Unsuccessful : 400_BAD_REQUEST / 401_UNAUTHORIZED / 404_NOT_FOUND
 To delete a comment on a post(all sub-comments will be deleted)/delete sub-comments(all of its sub-comments will be deleted).Recursive deletion will be followed
 ```
 url : /comments/delete
-method : DELETE
+method : POST
 parameters = {
     "pk":"<primary key of the comment>"
 }
@@ -336,4 +477,4 @@ Successful : [
     },
 ]
 Unsuccessful : 404_NOT_FOUND
-```
+```

bookmark/views.py

@@ -12,7 +12,7 @@ def post(self,request):
             pk = request.data['pk']
             try:
                 post = Post.objects.get(pk=pk)
-            except post.DoesNotExist:
+            except Post.DoesNotExist:
                 return Response(status=status.HTTP_404_NOT_FOUND)
             user = IsLoggedIn(request)
             if user is None:

campusdiscussbackend/settings.py

@@ -59,6 +59,7 @@ def get_secret(setting, secrets=secrets):
     'bookmark.apps.BookmarkConfig',
     'tokens.apps.TokensConfig',
     'rest_framework',
+    'corsheaders',
 ]
 
 REST_FRAMEWORK = {
@@ -71,14 +72,22 @@ def get_secret(setting, secrets=secrets):
 CSRF_COOKIE_SECURE = True
 
 MIDDLEWARE = [
+
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+
 ]
+CORS_ORIGIN_ALLOW_ALL = True
+
+CORS_ORIGIN_WHITELIST = (
+    'http://localhost:3001',
+)
 
 ROOT_URLCONF = 'campusdiscussbackend.urls'
 
@@ -105,15 +114,17 @@ def get_secret(setting, secrets=secrets):
 # https://docs.djangoproject.com/en/1.11/ref/settings/#databases
 
 DATABASES = {
-    "default": {
-        "ENGINE": "django.db.backends.postgresql_psycopg2",
-        "NAME": "postgres",
-        "USER": "vikrant",
-        "PASSWORD": get_secret("DB_PASSWORD"),
-        'HOST': 'localhost',
+   'default': {
+        'ENGINE': 'django.db.backends.postgresql',
+        'NAME': 'mydb',
+        'USER': 'postgres',
+        'PASSWORD': 'password',
+        'HOST': '127.0.0.1',
+        'PORT': '5432',
     }
 }
 
+#EXPO_SERVER="http://127.0.0.1:8080/"
 EXPO_SERVER="https://server.com"
 
 # Password validation
@@ -162,5 +173,6 @@ def get_secret(setting, secrets=secrets):
 # https://docs.djangoproject.com/en/1.11/howto/static-files/
 
 STATIC_URL = '/static/'
+DEFAULT_AUTO_FIELD='django.db.models.AutoField'
 
-
+#APPEND_SLASH=False

campusdiscussbackend/settings_email.py

@@ -3,7 +3,7 @@
 """
 
 EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
-EMAIL_HOST = 'mmtp.iitk.ac.in'
+EMAIL_HOST = 'smtp.gmail.com'
 EMAIL_USE_TLS = True
 EMAIL_PORT = 25
 EMAIL_HOST_USER = ''
@@ -12,6 +12,7 @@
 EMAIL_SUBJECT = {
         "Activation": "Activation mail for Campus Discuss",
         "PasswordReset": "Password Reset Email For Campus Discuss",
+        "ForgotPass" : "Forgot Password mail for Campus Discuss"
 }
 EMAIL_BODY = {
         "Activation": """Hi {name:s}! 
@@ -20,12 +21,18 @@
         "PasswordReset": """Hi {name:s}! 
                      Click on the followiing link or copy-paste it to continue with the password reset procedure.
                      {link:s}.""",
+        "ForgotPass" : """Hi {name:s}!
+                        Click on the following link or copy-paste it to continue with setting new password for your account.
+                        {link:s}"""
 }
 REDIRECT_LINK = {
         "Activation": "http://127.0.0.1:8000/",
         "PasswordReset": "/",
+        "ForgotPass" : "/"
 }
 EMAIL_LINK = {
-        "Activation":"http://127.0.0.1:8000/users/verify/code={code:s}/",
+        "Activation":"http://127.0.0.1:8000/users/register/verify/code={code:s}/",
         "PasswordReset": "http://127.0.0.1:8000/users/resetpass/code={code:s}/",
+        "ForgotPass" : "http://127.0.0.1:8000/users/forgotpass/code={code:s}/",
 }
+

comments/views.py

@@ -18,7 +18,7 @@ def post(self,request):
             content = request.data['content']
             try:
                 post = Post.objects.get(pk=post_id)
-            except post.DoesNotExist:
+            except Post.DoesNotExist:
                 return Response(status=status.HTTP_404_NOT_FOUND)
             try:
                 parent_id = request.data['parent_id']
@@ -46,7 +46,7 @@ def recursiveDelete(comment):
 
 class DeleteComment(APIView):
 
-    def delete(self, request):
+    def post(self, request):
         try:
             user = IsLoggedIn(request)
             if user is None:

posts/views.py

@@ -38,7 +38,7 @@ def post(self, request):
 
 class DeletePostView(APIView):
 
-    def delete(self, request):
+    def post(self, request):
         user = IsLoggedIn(request)
         if user is not None:
             try: