Email COnfigs & setup

2026-01-08 05:41:28 +00:00
parent 7da3334c03
commit 3651ee9ed4
34 changed files with 2418 additions and 77 deletions
--- a/backend/igny8_core/auth/urls.py
+++ b/backend/igny8_core/auth/urls.py
@@ -125,6 +125,20 @@ class RegisterView(APIView):
            # User will complete payment on /account/plans after signup
            # This simplifies the signup flow and consolidates all payment handling
            
+            # Send welcome email (if enabled in settings)
+            try:
+                from igny8_core.modules.system.email_models import EmailSettings
+                from igny8_core.business.billing.services.email_service import send_welcome_email
+                
+                email_settings = EmailSettings.get_settings()
+                if email_settings.send_welcome_emails and account:
+                    send_welcome_email(user, account)
+            except Exception as e:
+                # Don't fail registration if email fails
+                import logging
+                logger = logging.getLogger(__name__)
+                logger.error(f"Failed to send welcome email for user {user.id}: {e}")
+            
            return success_response(
                data=response_data,
                message='Registration successful',
@@ -271,6 +285,128 @@ class LoginView(APIView):
        )


+@extend_schema(
+    tags=['Authentication'],
+    summary='Request Password Reset',
+    description='Request password reset email'
+)
+class PasswordResetRequestView(APIView):
+    """Request password reset endpoint - sends email with reset token."""
+    permission_classes = [permissions.AllowAny]
+    
+    def post(self, request):
+        from .serializers import RequestPasswordResetSerializer
+        from .models import PasswordResetToken
+        
+        serializer = RequestPasswordResetSerializer(data=request.data)
+        if not serializer.is_valid():
+            return error_response(
+                error='Validation failed',
+                errors=serializer.errors,
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        email = serializer.validated_data['email']
+        
+        try:
+            user = User.objects.get(email=email)
+        except User.DoesNotExist:
+            # Don't reveal if email exists - return success anyway
+            return success_response(
+                message='If an account with that email exists, a password reset link has been sent.',
+                request=request
+            )
+        
+        # Generate secure token
+        import secrets
+        token = secrets.token_urlsafe(32)
+        
+        # Create reset token (expires in 1 hour)
+        from django.utils import timezone
+        from datetime import timedelta
+        expires_at = timezone.now() + timedelta(hours=1)
+        
+        PasswordResetToken.objects.create(
+            user=user,
+            token=token,
+            expires_at=expires_at
+        )
+        
+        # Send password reset email
+        import logging
+        logger = logging.getLogger(__name__)
+        logger.info(f"[PASSWORD_RESET] Attempting to send reset email to: {email}")
+        
+        try:
+            from igny8_core.business.billing.services.email_service import send_password_reset_email
+            result = send_password_reset_email(user, token)
+            logger.info(f"[PASSWORD_RESET] Email send result: {result}")
+            print(f"[PASSWORD_RESET] Email send result: {result}")  # Console output
+        except Exception as e:
+            logger.error(f"[PASSWORD_RESET] Failed to send password reset email: {e}", exc_info=True)
+            print(f"[PASSWORD_RESET] ERROR: {e}")  # Console output
+        
+        return success_response(
+            message='If an account with that email exists, a password reset link has been sent.',
+            request=request
+        )
+
+
+@extend_schema(
+    tags=['Authentication'],
+    summary='Reset Password',
+    description='Reset password using token from email'
+)
+class PasswordResetConfirmView(APIView):
+    """Confirm password reset with token."""
+    permission_classes = [permissions.AllowAny]
+    
+    def post(self, request):
+        from .serializers import ResetPasswordSerializer
+        from .models import PasswordResetToken
+        from django.utils import timezone
+        
+        serializer = ResetPasswordSerializer(data=request.data)
+        if not serializer.is_valid():
+            return error_response(
+                error='Validation failed',
+                errors=serializer.errors,
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        token = serializer.validated_data['token']
+        new_password = serializer.validated_data['new_password']
+        
+        try:
+            reset_token = PasswordResetToken.objects.get(
+                token=token,
+                used=False,
+                expires_at__gt=timezone.now()
+            )
+        except PasswordResetToken.DoesNotExist:
+            return error_response(
+                error='Invalid or expired reset token',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        # Reset password
+        user = reset_token.user
+        user.set_password(new_password)
+        user.save()
+        
+        # Mark token as used
+        reset_token.used = True
+        reset_token.save()
+        
+        return success_response(
+            message='Password reset successfully. You can now log in with your new password.',
+            request=request
+        )
+
+
@extend_schema(
    tags=['Authentication'],
    summary='Change Password',
@@ -474,13 +610,86 @@ class MeView(APIView):
        )


+@extend_schema(
+    tags=['Authentication'],
+    summary='Unsubscribe from Emails',
+    description='Unsubscribe a user from marketing, billing, or all email notifications'
+)
+class UnsubscribeView(APIView):
+    """Handle email unsubscribe requests with signed URLs."""
+    permission_classes = [permissions.AllowAny]
+    
+    def post(self, request):
+        """
+        Process unsubscribe request.
+        
+        Expected payload:
+        - email: The email address to unsubscribe
+        - type: Type of emails to unsubscribe from (marketing, billing, all)
+        - ts: Timestamp from signed URL
+        - sig: HMAC signature from signed URL
+        """
+        from igny8_core.business.billing.services.email_service import verify_unsubscribe_signature
+        import logging
+        
+        logger = logging.getLogger(__name__)
+        
+        email = request.data.get('email')
+        email_type = request.data.get('type', 'all')
+        timestamp = request.data.get('ts')
+        signature = request.data.get('sig')
+        
+        # Validate required fields
+        if not email or not timestamp or not signature:
+            return error_response(
+                error='Missing required parameters',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        try:
+            timestamp = int(timestamp)
+        except (ValueError, TypeError):
+            return error_response(
+                error='Invalid timestamp',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        # Verify signature
+        if not verify_unsubscribe_signature(email, email_type, timestamp, signature):
+            return error_response(
+                error='Invalid or expired unsubscribe link',
+                status_code=status.HTTP_400_BAD_REQUEST,
+                request=request
+            )
+        
+        # Log the unsubscribe request
+        # In production, update user preferences or use email provider's suppression list
+        logger.info(f'Unsubscribe request processed: email={email}, type={email_type}')
+        
+        # TODO: Implement preference storage
+        # Options:
+        # 1. Add email preference fields to User model
+        # 2. Use Resend's suppression list API
+        # 3. Create EmailPreferences model
+        
+        return success_response(
+            message=f'Successfully unsubscribed from {email_type} emails',
+            request=request
+        )
+
+
 urlpatterns = [
    path('', include(router.urls)),
    path('register/', csrf_exempt(RegisterView.as_view()), name='auth-register'),
    path('login/', csrf_exempt(LoginView.as_view()), name='auth-login'),
    path('refresh/', csrf_exempt(RefreshTokenView.as_view()), name='auth-refresh'),
    path('change-password/', ChangePasswordView.as_view(), name='auth-change-password'),
+    path('password-reset/', csrf_exempt(PasswordResetRequestView.as_view()), name='auth-password-reset-request'),
+    path('password-reset/confirm/', csrf_exempt(PasswordResetConfirmView.as_view()), name='auth-password-reset-confirm'),
    path('me/', MeView.as_view(), name='auth-me'),
    path('countries/', CountryListView.as_view(), name='auth-countries'),
+    path('unsubscribe/', csrf_exempt(UnsubscribeView.as_view()), name='auth-unsubscribe'),
 ]