[User Registration] JWT Serializer Changes in Support of User Email Validation

[BethanyG]

Background

In talking through the "New User Email" flow on 3/22, we identified multiple pieces of New User Registration & Authentication that need to be implemented/changed. One of those pieces is JWT Token auth.

Currently, a JWT token is issued for any valid POST to the /auth/obtain_token/ endpoint. This needs to change to a 403 - 'E-mail is not verified.' for any POST that contains an unverified and/or missing email address.

Implementing this will require a serializer change similar to the one outlined in This Stack Overflow Post.

Acceptance Criteria

• Changes are made to userauth/serializers.py to require email validation
• Changes are made to userauth/serializers.py change the return message for a POST that doesn't have a validated email
• A JWT token is issued for all valid POSTs
• Unittests are written in support of these changes.
• Existing Unittests for auth/unauthed states are re-written to accommodate the new methods, flows and URLs required for these changes.

This Issue Depends On

#111 - Make email Required on Backend (now closed and invalid) -- see https://github.com/codebuddies/backend/discussions/178for more details.

Open Questions

1. Do we want to stick with userauth/obtain_token as the canonical endpoint for both logging in returning users and registering new ones -- or do we want to create a separate route and URL specifically for new user registration?

UPDATE: The apps we are exploring all use a separate endpoint for registration/validation flow, so we will probably use/follow that convention.