feat: user detail by token api

api/auth/serializers.py

-from django.contrib.auth import authenticate
 from rest_framework import serializers
+from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
 
 from users.models import User, Librarian, Member, LibrarianLoginHistory
 
@@ -149,3 +149,11 @@ class MemberSerializer(serializers.ModelSerializer):
         Member.objects.filter(id=instance.id).update(user=user[0])
         instance.save()
         return instance
+
+
+class TokenSerializer(TokenObtainPairSerializer):
+    @classmethod
+    def get_token(cls, user):
+        token = super().get_token(user)
+        token["user_id"] = user.id
+        return token

api/auth/views.py

+import json
 from django.contrib.auth import authenticate
 from django.contrib.auth.tokens import default_token_generator
 
@@ -7,6 +8,7 @@ from rest_framework import views, viewsets, status
 from rest_framework.response import Response
 from rest_framework.filters import SearchFilter
 from rest_framework_simplejwt.views import TokenObtainPairView
+from rest_framework_simplejwt.tokens import AccessToken
 
 from .serializers import (
     User,
@@ -16,6 +18,7 @@ from .serializers import (
     LoginHistorySerializer,
     Member,
     MemberSerializer,
+    TokenSerializer,
 )
 from .permissions import IsStaffUser, IsNotStaffUser
 
@@ -71,7 +74,28 @@ class MemberViewSet(viewsets.ModelViewSet):
         return Response(serializer.data, status=status.HTTP_200_OK)
 
 
+class UserDetailView(views.APIView):
+
+    def get(self, request, *args, **kwargs):
+        header = request.headers.get("Authorization")
+        token = header.replace("Bearer ", "")
+        verified_token = AccessToken(token=token)
+        user_id = verified_token.payload.get("user_id")
+        user = User.objects.get(pk=user_id)
+        data = {
+            "id": user.pk,
+            "username": user.username,
+            "email": user.email,
+            "first_name": user.first_name,
+            "last_name": user.last_name,
+            "is_staff": user.is_staff,
+        }
+
+        return Response(data, status=status.HTTP_200_OK)
+
+
 class LoginBaseView(TokenObtainPairView):
+    serializer_class = TokenSerializer
     user = None
 
     def post(self, request, *args, **kwargs):

api/urls.py

@@ -13,6 +13,7 @@ from .auth.views import (
     LogoutView,
     TokenResetPasswordView,
     ResetPasswordConfirmView,
+    UserDetailView,
 )
 from .book.views import BookViewSet, CategoryViewSet
 from .loans.views import (
@@ -45,6 +46,11 @@ router_member_loan.register(r"loans", MemberLoanViewSet, basename="member_loans"
 urlpatterns = [
     path("", include(router.urls)),
     # auth
+    path(
+        "user",
+        UserDetailView.as_view(),
+        name="user_detail",
+    ),
     path(
         "reset-password/request-token",
         TokenResetPasswordView.as_view(),

config/urls.py

@@ -54,7 +54,7 @@ urlpatterns = [
         name="password_reset_complete",
     ),
     # api
-    path("api/token/refresh/", TokenRefreshView.as_view(), name="token_refresh"),
+    path("api/v1/token/refresh/", TokenRefreshView.as_view(), name="token_refresh"),
     path("api/v1/", include("api.urls"), name="API_V1"),
     # 3rd party
     path("api-auth/", include("rest_framework.urls"), name="api_auth"),