salman/igny8
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

section 2

Browse Source
This commit is contained in:
IGNY8 VPS (Salman)
2025-11-14 16:15:18 +00:00
parent 66b1868672
commit d14d6093e0
2 changed files with 129 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

158
backend/igny8_core/auth/views.py
View File

@@ -11,6 +11,7 @@ from django.db import transaction
from django_filters.rest_framework import DjangoFilterBackend
from igny8_core.api.base import AccountModelViewSet
from igny8_core.api.authentication import JWTAuthentication, CSRFExemptSessionAuthentication
from igny8_core.api.response import success_response, error_response
from .models import User, Account, Plan, Subscription, Site, Sector, SiteUserAccess, Industry, IndustrySector, SeedKeyword
from .serializers import (
UserSerializer, AccountSerializer, PlanSerializer, SubscriptionSerializer,
@@ -680,21 +681,24 @@ class AuthViewSet(viewsets.GenericViewSet):
refresh_expires_at = get_token_expiry('refresh')
user_serializer = UserSerializer(user)
return Response({
'success': True,
'message': 'Registration successful',
'user': user_serializer.data,
'tokens': {
'access': access_token,
'refresh': refresh_token,
'access_expires_at': access_expires_at.isoformat(),
'refresh_expires_at': refresh_expires_at.isoformat(),
}
}, status=status.HTTP_201_CREATED)
return Response({
'success': False,
'errors': serializer.errors
}, status=status.HTTP_400_BAD_REQUEST)
return success_response(
data={
'user': user_serializer.data,
'tokens': {
'access': access_token,
'refresh': refresh_token,
'access_expires_at': access_expires_at.isoformat(),
'refresh_expires_at': refresh_expires_at.isoformat(),
}
},
message='Registration successful',
status_code=status.HTTP_201_CREATED
)
return error_response(
error='Validation failed',
errors=serializer.errors,
status_code=status.HTTP_400_BAD_REQUEST
)
@action(detail=False, methods=['post'])
def login(self, request):
@@ -707,10 +711,10 @@ class AuthViewSet(viewsets.GenericViewSet):
try:
user = User.objects.select_related('account', 'account__plan').get(email=email)
except User.DoesNotExist:
return Response({
'success': False,
'message': 'Invalid credentials'
}, status=status.HTTP_401_UNAUTHORIZED)
return error_response(
error='Invalid credentials',
status_code=status.HTTP_401_UNAUTHORIZED
)
if user.check_password(password):
# Log the user in (create session for session authentication)
@@ -727,27 +731,29 @@ class AuthViewSet(viewsets.GenericViewSet):
refresh_expires_at = get_token_expiry('refresh')
user_serializer = UserSerializer(user)
return Response({
'success': True,
'message': 'Login successful',
'user': user_serializer.data,
'tokens': {
'access': access_token,
'refresh': refresh_token,
'access_expires_at': access_expires_at.isoformat(),
'refresh_expires_at': refresh_expires_at.isoformat(),
}
})
return success_response(
data={
'user': user_serializer.data,
'tokens': {
'access': access_token,
'refresh': refresh_token,
'access_expires_at': access_expires_at.isoformat(),
'refresh_expires_at': refresh_expires_at.isoformat(),
}
},
message='Login successful'
)
return Response({
'success': False,
'message': 'Invalid credentials'
}, status=status.HTTP_401_UNAUTHORIZED)
return error_response(
error='Invalid credentials',
status_code=status.HTTP_401_UNAUTHORIZED
)
return Response({
'success': False,
'errors': serializer.errors
}, status=status.HTTP_400_BAD_REQUEST)
return error_response(
error='Validation failed',
errors=serializer.errors,
status_code=status.HTTP_400_BAD_REQUEST
)
@action(detail=False, methods=['post'], permission_classes=[permissions.IsAuthenticated])
def change_password(self, request):
@@ -756,23 +762,23 @@ class AuthViewSet(viewsets.GenericViewSet):
if serializer.is_valid():
user = request.user
if not user.check_password(serializer.validated_data['old_password']):
return Response({
'success': False,
'message': 'Current password is incorrect'
}, status=status.HTTP_400_BAD_REQUEST)
return error_response(
error='Current password is incorrect',
status_code=status.HTTP_400_BAD_REQUEST
)
user.set_password(serializer.validated_data['new_password'])
user.save()
return Response({
'success': True,
'message': 'Password changed successfully'
})
return success_response(
message='Password changed successfully'
)
return Response({
'success': False,
'errors': serializer.errors
}, status=status.HTTP_400_BAD_REQUEST)
return error_response(
error='Validation failed',
errors=serializer.errors,
status_code=status.HTTP_400_BAD_REQUEST
)
@action(detail=False, methods=['get'], permission_classes=[permissions.IsAuthenticated])
def me(self, request):
@@ -781,20 +787,20 @@ class AuthViewSet(viewsets.GenericViewSet):
# This ensures account/plan changes are reflected immediately
user = User.objects.select_related('account', 'account__plan').get(id=request.user.id)
serializer = UserSerializer(user)
return Response({
'success': True,
'user': serializer.data
})
return success_response(
data={'user': serializer.data}
)
@action(detail=False, methods=['post'], permission_classes=[permissions.AllowAny])
def refresh(self, request):
"""Refresh access token using refresh token."""
serializer = RefreshTokenSerializer(data=request.data)
if not serializer.is_valid():
return Response({
'success': False,
'errors': serializer.errors
}, status=status.HTTP_400_BAD_REQUEST)
return error_response(
error='Validation failed',
errors=serializer.errors,
status_code=status.HTTP_400_BAD_REQUEST
)
refresh_token = serializer.validated_data['refresh']
@@ -804,10 +810,10 @@ class AuthViewSet(viewsets.GenericViewSet):
# Verify it's a refresh token
if payload.get('type') != 'refresh':
return Response({
'success': False,
'message': 'Invalid token type'
}, status=status.HTTP_400_BAD_REQUEST)
return error_response(
error='Invalid token type',
status_code=status.HTTP_400_BAD_REQUEST
)
# Get user
user_id = payload.get('user_id')
@@ -816,10 +822,10 @@ class AuthViewSet(viewsets.GenericViewSet):
try:
user = User.objects.get(id=user_id)
except User.DoesNotExist:
return Response({
'success': False,
'message': 'User not found'
}, status=status.HTTP_404_NOT_FOUND)
return error_response(
error='User not found',
status_code=status.HTTP_404_NOT_FOUND
)
# Get account
account_id = payload.get('account_id')
@@ -837,17 +843,19 @@ class AuthViewSet(viewsets.GenericViewSet):
access_token = generate_access_token(user, account)
access_expires_at = get_token_expiry('access')
return Response({
'success': True,
'access': access_token,
'access_expires_at': access_expires_at.isoformat()
})
return success_response(
data={
'access': access_token,
'access_expires_at': access_expires_at.isoformat()
},
message='Token refreshed successfully'
)
except jwt.InvalidTokenError as e:
return Response({
'success': False,
'message': 'Invalid or expired refresh token'
}, status=status.HTTP_401_UNAUTHORIZED)
return error_response(
error='Invalid or expired refresh token',
status_code=status.HTTP_401_UNAUTHORIZED
)
@action(detail=False, methods=['post'], permission_classes=[permissions.AllowAny])
def request_reset(self, request):