Move user list serializer and view to accounts app and restrict all endpoints to logged in users only

ivy/accounts/serializers.py

@@ -0,0 +1,9 @@
+
+from rest_framework import serializers
+from django.contrib.auth.models import User
+
+
+class UserSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = User
+        fields = ('id', 'username', 'email', 'date_joined')

ivy/accounts/urls.py

@@ -1,7 +1,13 @@
 from django.contrib import admin
 from django.urls import path, include
+from rest_framework import routers
+from . import views
+
+router = routers.DefaultRouter()
+router.register(r'user_list', views.UserListViewSet)
 
 urlpatterns = [
     path('', include('djoser.urls')),
-    path('', include('djoser.urls.authtoken'))
+    path('', include('djoser.urls.authtoken')),
+    path('', include(router.urls)),
 ]

ivy/accounts/views.py

@@ -1,3 +1,13 @@
-from django.shortcuts import render
+from rest_framework import viewsets
+from .serializers import UserSerializer
+from django.contrib.auth.models import User
+from rest_framework.permissions import IsAuthenticated
 
 # Create your views here.
+
+
+class UserListViewSet(viewsets.ModelViewSet):
+    permission_classes = [IsAuthenticated]
+    http_method_names = ['get']
+    serializer_class = UserSerializer
+    queryset = User.objects.all()