From ef85b948c469a34731ceeef29f7ad1d7a55a88ec Mon Sep 17 00:00:00 2001
From: Zambom <erikzambom@hotmail.com>
Date: Sat, 17 Jun 2017 00:40:39 -0300
Subject: [PATCH] Adjusts in api login process

---
 api/views.py | 41 ++++++++++++++++++++++++-----------------
 1 file changed, 24 insertions(+), 17 deletions(-)

diff --git a/api/views.py b/api/views.py
index e2c6b02..92dbc3c 100644
--- a/api/views.py
+++ b/api/views.py
@@ -1,6 +1,7 @@
-import requests
+import requests, json
 from django.shortcuts import get_object_or_404, reverse
 from django.contrib.auth import authenticate
+from django.views.decorators.csrf import csrf_exempt
 from rest_framework import viewsets
 from rest_framework.response import Response
 from rest_framework.decorators import detail_route
@@ -17,7 +18,6 @@ from django.http import HttpResponse
 
 class LoginViewset(viewsets.ReadOnlyModelViewSet):
 	queryset = User.objects.all()
-	security = Security.objects.get(id = 1)
 	permissions_classes = (IsAuthenticatedOrReadOnly,)
 
 	@detail_route(methods = ['post'])
@@ -30,30 +30,37 @@ class LoginViewset(viewsets.ReadOnlyModelViewSet):
 					
 		return Response(serializer.data)
 
+@csrf_exempt
 def getToken(request):
 	oauth = Application.objects.filter(name = "amadeus-droid")
+	security = Security.objects.get(id = 1)
 
 	response = ""
 
-	if request.POST:
-		username = request.POST['email']
-		password = request.POST['password']
+	if request.method == "POST":
+		json_data = json.loads(request.body.decode('utf-8'))
+
+		try:
+			username = json_data['email']
+			password = json_data['password']
 
-		user = authenticate(username = username, password = password)
+			user = authenticate(username = username, password = password)
 
-		if user is not None:
-			if not security.maintence or user.is_staff:
-				if oauth.count() > 0:
-					oauth = oauth[0]
+			if user is not None:
+				if not security.maintence or user.is_staff:
+					if oauth.count() > 0:
+						oauth = oauth[0]
 
-					data = {
-						"grant_type": "password",
-						"username": username,
-						"password": password
-					}
+						data = {
+							"grant_type": "password",
+							"username": username,
+							"password": password
+						}
 
-					auth = (oauth.client_id, oauth.client_secret)
+						auth = (oauth.client_id, oauth.client_secret)
 
-					response = requests.post(request.build_absolute_uri(reverse('oauth2_provider:token')), data = data, auth = auth)
+						response = requests.post(request.build_absolute_uri(reverse('oauth2_provider:token')), data = data, auth = auth)
+		except KeyError:
+			response = "Error"
 		
 	return HttpResponse(response)
\ No newline at end of file
--
libgit2 0.21.2