How to autologin after signup using Django Rest Framework?

Question

I'm using Django 1.9 and DRF 3.0, here is my view:

class UserList(generics.ListCreateAPIView):
    queryset = MyUser.objects.all()
    serializer_class = UserSerializer
    permission_classes = (IsAuthenticatedOrCreate,)

    def create(request, *args, **kwargs):
        user = MyUser.objects.create(
            user_name=request['user_name'],
            email=request['email'],
        )
        user.set_password(request['password'])
        user.save()
        login(request, user)
        return user

and my serializers

class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = MyUser
        fields = ("id", "email", "user_name", "password", "user_avatar", "user_gender", "user_point", "user_details", "user_register_time")
        write_only_fields = ("password",)
        read_only_fields = ("id", "user_avatar", "user_gender", "user_point", "user_details", "user_register_time")

and Traceback:

Traceback (most recent call last):
  File "/usr/local/lib/python3.4/site-packages/django/core/handlers/base.py", line 149, in get_response
    response = self.process_exception_by_middleware(e, request)
  File "/usr/local/lib/python3.4/site-packages/django/core/handlers/base.py", line 147, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.4/site-packages/django/views/decorators/csrf.py", line 58, in wrapped_view
    return view_func(*args, **kwargs)
  File "/usr/local/lib/python3.4/site-packages/django/views/generic/base.py", line 68, in view
    return self.dispatch(request, *args, **kwargs)
  File "/usr/local/lib/python3.4/site-packages/rest_framework/views.py", line 466, in dispatch
    response = self.handle_exception(exc)
  File "/usr/local/lib/python3.4/site-packages/rest_framework/views.py", line 463, in dispatch
    response = handler(request, *args, **kwargs)
  File "/usr/local/lib/python3.4/site-packages/rest_framework/generics.py", line 246, in post
    return self.create(request, *args, **kwargs)
  File "/Users/windson/uni/srv/unicooo/www/api/views.py", line 105, in create
    user_name=request['user_name'],
TypeError: 'UserList' object is not subscriptable

And my perious version is like this:

class UserList(generics.ListCreateAPIView):
    queryset = MyUser.objects.all()
    serializer_class = UserSerializer
    permission_classes = (IsAuthenticatedOrCreate,)

and my serializers

class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = MyUser
        fields = ("id", "email", "user_name", "password", "user_avatar", "user_gender", "user_point", "user_details", "user_register_time")
        write_only_fields = ("password",)
        read_only_fields = ("id", "user_avatar", "user_gender", "user_point", "user_details", "user_register_time")

    def create(request, *args, **kwargs):
        user = MyUser.objects.create(
            user_name=request['user_name'],
            email=request['email'],
        )
        user.set_password(request['password'])
        user.save()
        return user

I want to login user after they sign up, so I rewrite the create method and using login() method, and the error message is "'UserList' object is not subscriptable", how to fix it? Thanks.

Answer 1

I think the problem is that you are returning a user object directly, I think it should be as follows:

 from rest_framework import status
 class UserList(generics.ListCreateAPIView):
    queryset = MyUser.objects.all()
    serializer_class = UserSerializer
    permission_classes = (IsAuthenticatedOrCreate,)

    def create(request, *args, **kwargs):
        user = MyUser.objects.create(
            user_name=request.POST.get('user_name'),
            email=request.POST.get('email'),
        )
        user.set_password(request.POST.get('password'))
        user.save()
        user = authenticate(user_name=request.POST.get('user_name'), password=request.POST.get('password'))
        login(request, user)
        serializer = UserSerializer(user)
        return Response(serializer.data, status=status.HTTP_201_CREATED)

Update I've updated the code above regarding this from the documentation.

Calling authenticate() first

When you’re manually logging a user in, you must successfully authenticate the user with authenticate() before you call login(). authenticate() sets an attribute on the User noting which authentication backend successfully authenticated that user (see the backends documentation for details), and this information is needed later during the login process. An error will be raised if you try to login a user object retrieved from the database directly. https://docs.djangoproject.com/en/1.9/topics/auth/default/#how-to-log-a-user-in

Answer 2

This finally work:

class UserList(generics.ListCreateAPIView):
    queryset = MyUser.objects.all()
    serializer_class = UserSerializer
    permission_classes = (IsAuthenticatedOrCreate,)

    def create(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        self.perform_create(serializer)
        headers = self.get_success_headers(serializer.data)
        new_user = authenticate(email=request.POST.get('email'),
            password=request.POST.get('password'),
            )
        if new_user is not None:
            if new_user.is_active:
                django_login(request, new_user)
        return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)