Skip to content

FIX: separate get doctor api to auth and non-auth #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
phobyjun wants to merge 7 commits into
base: main
Choose a base branch
from
Open

FIX: separate get doctor api to auth and non-auth #22

phobyjun wants to merge 7 commits into from

Conversation

@phobyjun
Copy link
Member

@phobyjun phobyjun commented Jan 15, 2022

doctor 모듈 GET API 수정

  • token 없는 경우 GET 요청
    • */doctor/ -> List
    • */doctor/<user_id>/ -> Retrieve
  • token 있는 경우 GET 요청
    • */doctor/info/ -> List (본인 정보)

todo

  • 비로그인 GET 요청 정보 제한

@phobyjun phobyjun requested a review from jshong0907 January 15, 2022 13:21
@phobyjun phobyjun added the enhancement New feature or request label Jan 15, 2022
@phobyjun
Copy link
Member Author

phobyjun commented Jan 19, 2022

token 없는 경우 GET 요청 수정

  • list에서 retrieve로 수정
  • 요청 엔드포인트는 똑같음 -> */doctor/info/
  • token 있는 경우만 response 200, 없으면 401

jshong0907
jshong0907 reviewed Jan 19, 2022
View reviewed changes
doctor/views.py
* GET method만 허용한다.
"""
queryset = Doctor.objects.all()
permission_classes = [IsAuthenticated]
Copy link
Member

@jshong0907 jshong0907 Jan 19, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

permission class IsDoctor를 만들어도 좋을 것 같아요.

doctor/views.py
Comment on lines +73 to +76
if queryset is None:
queryset = self.get_queryset()

return queryset.filter(user=self.request.user).get()
Copy link
Member

@jshong0907 jshong0907 Jan 19, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if queryset is None:
queryset = self.get_queryset()
return queryset.filter(user=self.request.user).get()
return self.request.user.doctor

permission으로 의사 구분할거면 이렇게 해도 될 것 같고 아니라면
get_object_or_404라고 원래 get_object에서 사용하는 없으면 404 not found 바로 리턴하는 거 있는데 그거 써도 좋을 것 같아요.

user/serializers.py
class ReadOnlyUserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ('id', 'email', 'name', )
Copy link
Member

@jshong0907 jshong0907 Jan 19, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

readonly면

read_only_fields = fields

추가하면 좋을듯 합니다.

@phobyjun
Copy link
Member Author

phobyjun commented Jan 19, 2022

확인했습니다. 🙂

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jshong0907 jshong0907 jshong0907 left review comments

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@phobyjun @jshong0907