admin/WerkoutAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c80c66c2e5b6c04967a5064de9c55c14c69627f6
WerkoutAPI/registered_user/serializers.py
Trey t c80c66c2e5 Codebase hardening: 102 fixes across 35+ files 
Deep audit identified 106 findings; 102 fixed, 4 deferred. Covers 8 areas:

- Settings & deploy: env-gated DEBUG/SECRET_KEY, HTTPS headers, gunicorn, celery worker
- Auth (registered_user): password write_only, request.data fixes, transaction safety, proper HTTP status codes
- Workout app: IDOR protection, get_object_or_404, prefetch_related N+1 fixes, transaction.atomic
- Video/scripts: path traversal sanitization, HLS trigger guard, auth on cache wipe
- Models (exercise/equipment/muscle/superset): null-safe __str__, stable IDs, prefetch support
- Generator views: helper for registered_user lookup, logger.exception, bulk_update, transaction wrapping
- Generator core (rules/selector/generator): push-pull ratio, type affinity normalization, modality checks, side-pair exact match, word-boundary regex, equipment cache clearing
- Generator services (plan_builder/analyzer/normalizer): transaction.atomic, muscle cache, bulk_update, glutes classification fix

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-27 22:29:14 -06:00

53 lines
1.7 KiB
Python
Raw Blame History

from rest_framework import serializers
from .models import RegisteredUser
from django.contrib.auth.models import User
from rest_framework.authtoken.models import Token
from django.db import transaction
class RegisteredUserSerializer(serializers.ModelSerializer):
email_address = serializers.SerializerMethodField()
def get_email_address(self, obj):
return obj.user.email
class Meta:
model = RegisteredUser
exclude = ('user',)
class GetRegisteredUserSerializer(serializers.ModelSerializer):
class Meta:
model = RegisteredUser
exclude = ('user','created_at', 'updated_at', 'has_nsfw_toggle')
class CreateRegisteredUserSerializer(serializers.ModelSerializer):
class Meta:
model = RegisteredUser
exclude = ('user', )
class CreateRegisteredUserThroughUserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ('id', 'password', 'email', 'first_name', 'last_name')
extra_kwargs = {'password': {'write_only': True}}
read_only_fields = ('id',)
def create(self, validated_data):
with transaction.atomic():
user = User.objects.create(
username=validated_data['email'],
email=validated_data['email'],
first_name=validated_data['first_name'],
last_name=validated_data['last_name']
)
user.set_password(validated_data['password'])
user.save()
reg_user = RegisteredUser.objects.create(
user=user,
first_name=validated_data['first_name'],
last_name=validated_data['last_name']
)
Token.objects.create(user=user)
return reg_user
Reference in New Issue View Git Blame Copy Permalink