Open Locations in Maps and new API Routes

Author: seanmorley15

backend/server/adventures/middleware.py

@@ -1,31 +1,6 @@
-class AppVersionMiddleware:
-    def __init__(self, get_response):
-        self.get_response = get_response
-
-    def __call__(self, request):
-        # Process request (if needed)
-        response = self.get_response(request)
-
-        # Add custom header to response
-        # Replace with your app version
-        response['X-AdventureLog-Version'] = '1.0.0'
-
-        return response
-
-# make a middlewra that prints all of the request cookies
-class PrintCookiesMiddleware:
-    def __init__(self, get_response):
-        self.get_response = get_response
-
-    def __call__(self, request):
-        print(request.COOKIES)
-        response = self.get_response(request)
-        return response
-    
-# middlewares.py
-
+from django.conf import settings
+from django.utils.deprecation import MiddlewareMixin
 import os
-from django.http import HttpRequest
 
 class OverrideHostMiddleware:
     def __init__(self, get_response):
@@ -44,3 +19,14 @@ def __call__(self, request):
 
         response = self.get_response(request)
         return response
+
+class XSessionTokenMiddleware(MiddlewareMixin):
+    def process_request(self, request):
+        session_token = request.headers.get('X-Session-Token')
+        if session_token:
+            request.COOKIES[settings.SESSION_COOKIE_NAME] = session_token
+
+class DisableCSRFForSessionTokenMiddleware(MiddlewareMixin):
+    def process_request(self, request):
+        if 'X-Session-Token' in request.headers:
+            setattr(request, '_dont_enforce_csrf_checks', True)

backend/server/adventures/views/adventure_view.py

@@ -133,35 +133,6 @@ def all(self, request):
         serializer = self.get_serializer(queryset, many=True)
         return Response(serializer.data)
 
-    @action(detail=False, methods=['get'])
-    def search(self, request):
-        query = request.query_params.get('query', '')
-        property = request.query_params.get('property', 'all')
-
-        if len(query) < 2:
-            return Response({"error": "Query must be at least 2 characters long"}, status=400)
-
-        valid_properties = ['name', 'location', 'description', 'activity_types']
-        if property not in valid_properties:
-            property = 'all'
-
-        filters = {
-            'name': Q(name__icontains=query),
-            'location': Q(location__icontains=query),
-            'description': Q(description__icontains=query),
-            'activity_types': Q(activity_types__icontains=query),
-            'all': Q(name__icontains=query) | Q(description__icontains=query) |
-                   Q(location__icontains=query) | Q(activity_types__icontains=query)
-        }
-
-        queryset = Adventure.objects.filter(
-            filters[property] & (Q(user_id=request.user.id) | Q(is_public=True))
-        )
-
-        queryset = self.apply_sorting(queryset)
-        serializer = self.get_serializer(queryset, many=True)
-        return Response(serializer.data)
-
     def update(self, request, *args, **kwargs):
         instance = self.get_object()
         serializer = self.get_serializer(instance, data=request.data, partial=True)

backend/server/adventures/views/stats_view.py

@@ -14,13 +14,13 @@ class StatsViewSet(viewsets.ViewSet):
     """
     A simple ViewSet for listing the stats of a user.
     """
-    @action(detail=False, methods=['get'], url_path='counts/(?P<username>[^/]+)')
+    @action(detail=False, methods=['get'], url_path='counts/(?P<username>[\w.@+-]+)')
     def counts(self, request, username):
         if request.user.username == username:
             user = get_object_or_404(User, username=username)
         else:
             user = get_object_or_404(User, username=username, public_profile=True)
-        serializer = PublicUserSerializer(user)
+        # serializer = PublicUserSerializer(user)
 
         # remove the email address from the response
         user.email = None

backend/server/main/settings.py

@@ -69,6 +69,8 @@
 
 MIDDLEWARE = (
     'whitenoise.middleware.WhiteNoiseMiddleware',
+    'adventures.middleware.XSessionTokenMiddleware',
+    'adventures.middleware.DisableCSRFForSessionTokenMiddleware',
     'corsheaders.middleware.CorsMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
@@ -133,6 +135,8 @@
 
 SESSION_COOKIE_SAMESITE = 'Lax'
 
+SESSION_COOKIE_NAME = 'sessionid'
+
 SESSION_COOKIE_SECURE = FRONTEND_URL.startswith('https')
 
 hostname = urlparse(FRONTEND_URL).hostname

backend/server/main/urls.py

@@ -15,7 +15,7 @@
 urlpatterns = [
     path('api/', include('adventures.urls')),
     path('api/', include('worldtravel.urls')),
-    path("_allauth/", include("allauth.headless.urls")),
+    path("auth/", include("allauth.headless.urls")),
 
     # Serve protected media files
     re_path(r'^media/(?P<path>.*)$', serve_protected_media, name='serve-protected-media'),

backend/server/users/tests.py

@@ -8,7 +8,7 @@ class UserAPITestCase(APITestCase):
 
     def setUp(self):
         # Signup a new user
-        response = self.client.post('/_allauth/browser/v1/auth/signup', {
+        response = self.client.post('/auth/browser/v1/auth/signup', {
             'username': 'testuser',
             'email': 'testuser@example.com',
             'password': 'testpassword',
@@ -63,7 +63,7 @@ def test_002_user_update(self):
 
     def test_003_user_add_email(self):
         # Update user email
-        response = self.client.post('/_allauth/browser/v1/account/email', {
+        response = self.client.post('/auth/browser/v1/account/email', {
             'email': 'testuser2@example.com',
         }, format='json')
         self.assertEqual(response.status_code, 200)

frontend/src/lib/components/LocationDropdown.svelte

@@ -49,9 +49,9 @@
 			reverseGeocode();
 		}
 
-		if (!item.name) {
-			item.name = markers[0].name;
-		}
+		// if (!item.name) {
+		// 	item.name = markers[0].name;
+		// }
 	}
 
 	$: if (triggerMarkVisted && willBeMarkedVisited) {
@@ -193,7 +193,7 @@
 		) {
 			old_display_name = reverseGeocodePlace.display_name;
 			item.location = reverseGeocodePlace.display_name;
-			if (reverseGeocodePlace.location_name) {
+			if (reverseGeocodePlace.location_name && !item.name) {
 				item.name = reverseGeocodePlace.location_name;
 			}
 		}
@@ -270,6 +270,8 @@
 										activity_type: place.type
 									}
 								];
+
+								item.name = place.name;
 							}}
 						>
 							{place.display_name}

frontend/src/lib/components/TOTPModal.svelte

@@ -37,7 +37,7 @@
 	}
 
 	async function fetchSetupInfo() {
-		const res = await fetch('/_allauth/browser/v1/account/authenticators/totp', {
+		const res = await fetch('/auth/browser/v1/account/authenticators/totp', {
 			method: 'GET'
 		});
 		const data = await res.json();
@@ -53,7 +53,7 @@
 	}
 
 	async function sendTotp() {
-		const res = await fetch('/_allauth/browser/v1/account/authenticators/totp', {
+		const res = await fetch('/auth/browser/v1/account/authenticators/totp', {
 			method: 'POST',
 			headers: {
 				'Content-Type': 'application/json'
@@ -78,7 +78,7 @@
 
 	async function getRecoveryCodes() {
 		console.log('getting recovery codes');
-		const res = await fetch('/_allauth/browser/v1/account/authenticators/recovery-codes', {
+		const res = await fetch('/auth/browser/v1/account/authenticators/recovery-codes', {
 			method: 'GET'
 		});
 		if (res.ok) {

frontend/src/locales/de.json

@@ -246,7 +246,8 @@
     "lodging_information": "Unterkunftsinformationen",
     "price": "Preis",
     "reservation_number": "Reservierungsnummer",
-    "welcome_map_info": "Öffentliche Abenteuer auf diesem Server"
+    "welcome_map_info": "Öffentliche Abenteuer auf diesem Server",
+    "open_in_maps": "In Karten geöffnet"
   },
   "home": {
     "desc_1": "Entdecken, planen und erkunden Sie mit Leichtigkeit",

frontend/src/locales/en.json

@@ -113,6 +113,7 @@
 		"copy_link": "Copy Link",
 		"image": "Image",
 		"upload_image": "Upload Image",
+		"open_in_maps": "Open in Maps",
 		"url": "URL",
 		"fetch_image": "Fetch Image",
 		"wikipedia": "Wikipedia",