From 48f70d1b238d0a3dc64eaadef960ddaac4984260 Mon Sep 17 00:00:00 2001
From: AayushAnand39 <aayushanand737@gmail.com>
Date: Sun, 21 Dec 2025 13:21:18 +0530
Subject: [PATCH] Made a few backend changes to facilitate registration and
 user creation

---
 .gitignore                              |  1 +
 website/user_profile/api/serializers.py | 64 +++++++++++++++++++------
 website/user_profile/views.py           |  2 +-
 website/website/settings.py             |  8 +++-
 4 files changed, 59 insertions(+), 16 deletions(-)

diff --git a/.gitignore b/.gitignore
index 4c99b8a..427d933 100644
--- a/.gitignore
+++ b/.gitignore
@@ -61,6 +61,7 @@ website/db.sqlit
 .venv
 env/
 myEnv/
+myenv/
 venv/
 ENV/
 env.bak/
diff --git a/website/user_profile/api/serializers.py b/website/user_profile/api/serializers.py
index 698ba00..b3c74d7 100644
--- a/website/user_profile/api/serializers.py
+++ b/website/user_profile/api/serializers.py
@@ -6,12 +6,43 @@
 from user_profile.utils import LowerEmailField
 
 
+# class RegistrationSerializer(serializers.ModelSerializer):
+#     password2 = serializers.CharField(style={'input_type': 'password'}, write_only=True)
+#     email = LowerEmailField(
+#         required=True,
+#         allow_blank=False,
+#         label='Email address',
+#         max_length=30,
+#         validators=[UniqueValidator(queryset=User.objects.all())],
+#     )
+
+#     class Meta:
+#         model = User
+#         fields = ['username', 'email', 'password', 'password2']
+#         extra_kwargs = {
+#             'password': {'write_only': True}
+#         }
+
+#     def save(self):
+#         password = self.validated_data['password']
+#         password2 = self.validated_data['password2']
+#         if password != password2:
+#             raise serializers.ValidationError({'confirm_password': 'Passwords must match!'})
+#         account = User(
+#             username=self.validated_data['username'],
+#             email=self.validated_data['email'].lower(),
+#             is_active=False  # TO BE CHANGED TO FALSE
+#         )
+#         account.set_password(password)
+#         account.save()
+#         return account
+
 class RegistrationSerializer(serializers.ModelSerializer):
-    password2 = serializers.CharField(style={'input_type': 'password'}, write_only=True)
+    password2 = serializers.CharField(write_only=True)
+
     email = LowerEmailField(
         required=True,
         allow_blank=False,
-        label='Email address',
         max_length=30,
         validators=[UniqueValidator(queryset=User.objects.all())],
     )
@@ -23,19 +54,24 @@ class Meta:
             'password': {'write_only': True}
         }
 
-    def save(self):
-        password = self.validated_data['password']
-        password2 = self.validated_data['password2']
-        if password != password2:
-            raise serializers.ValidationError({'confirm_password': 'Passwords must match!'})
-        account = User(
-            username=self.validated_data['username'],
-            email=self.validated_data['email'].lower(),
-            is_active=False  # TO BE CHANGED TO FALSE
+    def validate(self, attrs):
+        if attrs['password'] != attrs['password2']:
+            raise serializers.ValidationError({
+                'password2': 'Passwords must match!'
+            })
+        return attrs
+
+    def create(self, validated_data):
+        validated_data.pop('password2')
+
+        user = User.objects.create_user(
+            username=validated_data['username'],
+            email=validated_data['email'].lower(),
+            password=validated_data['password'],
+            is_active=False
         )
-        account.set_password(password)
-        account.save()
-        return account
+        return user
+
 
 
 class UserSerializer(serializers.ModelSerializer):
diff --git a/website/user_profile/views.py b/website/user_profile/views.py
index 6f3f048..8a6a1e2 100644
--- a/website/user_profile/views.py
+++ b/website/user_profile/views.py
@@ -177,7 +177,7 @@ def activate(request, uidb64, token, backend='django.contrib.auth.backends.Model
             profile.save()
 
         if profile.user == request.user:
-            return redirect('user_profile:edit_profile')
+            return redirect('http://localhost:3000/login')
         return redirect('user_profile:edit_profile')
     else:
         return render(request, 'account_activation_invalid.html')
diff --git a/website/website/settings.py b/website/website/settings.py
index 58e599a..6bc31d5 100644
--- a/website/website/settings.py
+++ b/website/website/settings.py
@@ -32,7 +32,13 @@
 
 ALLOWED_HOSTS = config('ALLOWED_HOSTS', default='127.0.0.1,localhost', cast=Csv())
 
-CORS_ALLOW_ALL_ORIGINS = True
+# CORS_ALLOW_ALL_ORIGINS = True
+
+CORS_ALLOWED_ORIGINS = [
+    "http://localhost:3000"
+]
+
+CORS_ALLOW_CREDENTIALS = True
 
 # Application definition