digest_app/module_auth/api/views.py

import datetime
from rest_framework import status
from rest_framework.views import APIView
from rest_framework.permissions import IsAuthenticated
from rest_framework_simplejwt.authentication import JWTAuthentication
from module_project import constants
from module_project.service import SMSService, EmailService
from module_project.utils import ApiResponse
from .utils import AuthService
from module_iam.models import IAmPrincipal, IAmPrincipalOtp
from .serializers import RegistrationSerializer, LoginSerializer, OtpVerificationSerializer, PasswordResetSerializer
from django.conf import settings
from rest_framework.response import Response

from .utils import (
    generate_token_and_user_data, get_principal_by_email, authticate_with_otp_and_passsword
)


class RegistrationView(APIView):
    authentication_classes = []
    permission_classes = []
    model = IAmPrincipal
    serializer_class = RegistrationSerializer

    def post(self, request):
        serializer = self.serializer_class(data=request.data)
        print(f"request data is {request.data}")
        if not serializer.is_valid():
            error_response = {
                "status": status.HTTP_403_FORBIDDEN,
                "message": constants.REGISTRATION_FAIL,
                "errors": serializer.errors,
            }
            return ApiResponse.error(**error_response)

        try:
            instance = serializer.save()
            principal = instance
            token_data = generate_token_and_user_data(principal)
        except Exception as e:
            return ApiResponse.error(
                status=status.HTTP_403_FORBIDDEN, message=str(e), errors=str(e)
            )

        return ApiResponse.success(message=constants.REGISTRATION_SUCCESS, data=token_data)


class LoginView(APIView):
    authentication_classes = []
    permission_classes = []
    model = IAmPrincipal
    serializer_class = LoginSerializer

    def post(self, request):
        serializer = self.serializer_class(data=request.data)
        if not serializer.is_valid():
            error_response = {
                "status": status.HTTP_403_FORBIDDEN,
                "message": constants.LOGIN_FAIL,
                "errors": serializer.errors,
            }
            return ApiResponse.error(**error_response)

        email = request.data.get("email")
        otp = request.data.get("otp")
        password = request.data.get("password")
        player_id = request.data.get("player_id")

        principal = get_principal_by_email(email=email)

        if isinstance(principal, Response):
            return principal

        validation_result = authticate_with_otp_and_passsword(
            principal, otp=otp, password=password
        )
        print("pasword instance ", validation_result)

        if isinstance(validation_result, Response):
            print("Errror reponse")
            return validation_result  # Return the error response if validation fails


        # auth_service = AuthService(principal_model=IAmPrincipal)

        # try:
        #     principal = self.model.objects.get(email=email)
        # except Exception as e:
        #     error_response = {
        #         "status": status.HTTP_403_FORBIDDEN,
        #         "message": constants.INVALID_EMAIL_PASSWORD,
        #         "errors": constants.INVALID_EMAIL_PASSWORD,
        #     }
        #     return ApiResponse.error(**error_response)

        # try:
        #     auth_service.authenticate(principal_id=principal.id, password=password)
        # except Exception as e:
        #     error_response = {
        #         "status": status.HTTP_403_FORBIDDEN,
        #         "message": e,
        #         "errors": e,
        #     }
        #     return ApiResponse.error(**error_response)

        try:
            principal.player_id = player_id
            principal.last_login = datetime.datetime.now()
            principal.save()
        except Exception as e:
            error_response = {
                "status": status.HTTP_500_INTERNAL_SERVER_ERROR,
                "message": constants.INTERNAL_SERVER_ERROR,
                "errors": str(e),
            }
            return ApiResponse.error(**error_response)

        token_data = generate_token_and_user_data(principal)
        return ApiResponse.success(message=constants.LOGIN_SUCCESS, data=token_data)


class OtpRequestView(APIView):
    authentication_classes = []
    permission_classes = []

    def post(self, request):
        if "email" not in request.data:
            return ApiResponse.error(message=constants.EMAIL_REQUIRED, errors=constants.EMAIL_REQUIRED)
        print(f"email auth username: {settings.EMAIL_HOST_USER}")
        email = request.data.get("email")

        principal = get_principal_by_email(email=email)

        if isinstance(principal, Response):
            return principal

        try:
            # auth_service = AuthService(IAmPrincipal)
            # principal = auth_service.get_principal_by_email(request.data.get("email"))

            otp_code = SMSService().create_otp(principal=principal, otp_purpose="Forget password")

        except Exception as e:
            return ApiResponse.error(message=str(e), errors=str(e))

        email_service = EmailService(
            subject="Forget Password",
            to=principal.email,
            from_email=settings.EMAIL_HOST_USER
        )

        # Send the email
        try:
            email_service.load_template("module_auth/email_template.html", context={"code": otp_code} )
            email_service.send()
        except Exception as e:
            return ApiResponse.error(message=f"Error sending email: {str(e)}", errors=str(e))

        return ApiResponse.success(message=constants.SUCCESS)

class OTPVerificationView(APIView):
    authentication_classes = []
    permission_classes = []
    serializer_class = OtpVerificationSerializer

    def post(self, request):
        serializer = self.serializer_class(data=request.data)
        if not serializer.is_valid():
            error_response = {
                "status": status.HTTP_403_FORBIDDEN,
                "message": constants.VALIDATION_ERROR,
                "errors": serializer.errors,
            }
            return ApiResponse.error(**error_response)
        
        email = serializer.validated_data.get("email")
        otp = serializer.validated_data.get("otp")

        principal = get_principal_by_email(email=email)

        if isinstance(principal, Response):
            return principal
        
        validation_result = authticate_with_otp_and_passsword(
            principal, otp=otp
        )
        print("pasword instance ", validation_result)

        if isinstance(validation_result, Response):
            print("Errror reponse")
            return validation_result  # Return the error response if validation fails

        token_data = generate_token_and_user_data(principal)
        return ApiResponse.success(message=constants.SUCCESS, data=token_data)

class ForgetPasswordView(APIView):
    authentication_classes = [JWTAuthentication]
    permission_classes = [IsAuthenticated]
    serializer_class = PasswordResetSerializer

    def post(self, request):
        serializer = self.serializer_class(request.user, data=request.data)
        if not serializer.is_valid():
            error_response = {
                "status": status.HTTP_403_FORBIDDEN,
                "message": constants.VALIDATION_ERROR,
                "errors": serializer.errors,
            }
            return ApiResponse.error(**error_response)

        try:
            serializer.save()
        except Exception as e:
            return ApiResponse.error(message=str(e), errors=str(e))

        return ApiResponse.success(message=constants.SUCCESS)