user creation api

chat/api.py

@@ -0,0 +1,13 @@
+from rest_framework import permissions
+from rest_framework.generics import CreateAPIView
+#from django.contrib.auth import get_user_model # If used custom user model
+
+from .serializers import UserSerializer
+
+class CreateUserView(CreateAPIView):
+
+    #model = get_user_model()
+    permission_classes = [
+        permissions.AllowAny # Or anon users can't register
+    ]
+    serializer_class = UserSerializer

chat/serializers.py

@@ -3,9 +3,19 @@ from rest_framework import serializers
 from .models import App, Room, Message
 
 class UserSerializer(serializers.HyperlinkedModelSerializer):
+
+    password = serializers.CharField(write_only=True)
+
+    def create(self, validated_data):
+        user = User.objects.create_user(
+            username=validated_data['username'],
+            password=validated_data['password'],
+        )
+        return user
+
     class Meta:
         model = User
-        fields = ['id', 'username']
+        fields = ['id', 'username', 'password']
 
 class AppSerializer(serializers.HyperlinkedModelSerializer):
     class Meta:

enchant_server/settings.py

@@ -130,6 +130,10 @@ REST_FRAMEWORK = {
     # Use Django's standard `django.contrib.auth` permissions,
     # or allow read-only access for unauthenticated users.
     'DEFAULT_PERMISSION_CLASSES': [
-        'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
+        'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly',
+    ],
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework.authentication.BasicAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
     ]
 }