from pickle import TRUE import random from datetime import datetime, timedelta from django.contrib.auth import get_user_model from rest_framework.authtoken.models import Token from rest_framework.decorators import api_view, authentication_classes, permission_classes from rest_framework.authentication import SessionAuthentication, TokenAuthentication from rest_framework.permissions import IsAuthenticated from rest_framework.response import Response from rest_framework import status from django.contrib.auth.models import User from core.models.customer import Customer from core.serializers.UserSerializer import UserSerializer from core.serializers.CustomerSerializer import CustomerSerializer from core.serializers.ImageSerializer import ImageSerializer from core.serializers.GlbSerializer import GlbSerializer from core.serializers.VideoSerializer import VideoSerializer from core.serializers.PdfSerializer import PdfSerializer from core.serializers.SubscriptionSerializer import SubscriptionSerializer from core.serializers.TeamMemberSerializer import TeamMemberSerializer from core.serializers.SpaceSerializer import SpaceSerializer # utils.py from core.models.AssignedRule import AssignedRule from core.models.image import Image from core.models.video import Video from core.models.pdf import Pdf from core.models.glb import Glb from core.models.Subscription import Subscription from core.models.TeamMember import TeamMember from django.core.mail import EmailMultiAlternatives from django.template.loader import render_to_string from django.utils.html import strip_tags from django.conf import settings from django.utils.dateparse import parse_date from datetime import datetime from django.core.files.storage import default_storage import os import requests import json import logging logger = logging.getLogger(__name__) from django.core.cache import cache import random import string import requests import json def send_sms(to_number, code): username = "09399112092" password = "Dadechin123!@##!" from_number = "+983000505" pattern_code = "lgfrblbdppyn202" url = "https://ippanel.com/patterns/pattern" to = [to_number] input_data = {"code": code} params = { "username": username, "password": password, "from": from_number, "to": json.dumps(to), "input_data": json.dumps(input_data), "pattern_code": pattern_code } try: response = requests.post(url, params=params, data=input_data) return response.text except Exception as e: return f"Error: {e}" def user_has_role(user, role_name): return AssignedRule.objects.filter(user=user, role__name=role_name).exists() @api_view(['POST']) def signup(request): # Check if username already exists if User.objects.filter(username=request.data['mobile_number']).exists(): return Response({'username': ['A user with that username already exists.']}, status=status.HTTP_400_BAD_REQUEST) # Ensure mobile number is provided if 'mobile_number' not in request.data: return Response({'mobile_number': ['This field is required.']}, status=status.HTTP_400_BAD_REQUEST) # Proceed with user creation user_serializer = UserSerializer(data=request.data) if user_serializer.is_valid(): user = user_serializer.save() user.set_password(request.data['password']) user.username = request.data['mobile_number'] user.first_name = request.data['first_name'] user.last_name = request.data['last_name'] user.save() customer_data = { 'user': user.id, 'mobile_number': request.data['mobile_number'], # Ensure mobile number is provided 'semat': request.data['semat'], } customer_serializer = CustomerSerializer(data=customer_data) if customer_serializer.is_valid(): customer_serializer.save() token = Token.objects.create(user=user) return Response({'token': token.key, 'customer': customer_serializer.data, 'user': user_serializer.data}, status=status.HTTP_201_CREATED) else: # If customer data is invalid, delete the created user user.delete() return Response(customer_serializer.errors, status=status.HTTP_400_BAD_REQUEST) else: return Response(user_serializer.errors, status=status.HTTP_400_BAD_REQUEST) @api_view(['POST']) def sendForgetPasswordCode(request): try: # Retrieve the associated customer object customer = Customer.objects.get(mobile_number=request.data['mobile_number']) # Generate a random verification code verification_code = str(random.randint(100000, 999999)) # Update user's verification_code and sms_time_for_valid customer.verification_email_code = verification_code customer.verification_sms_code = verification_code customer.save() sendEmail(customer.user.email,verification_code) return Response({"message": ("Email verification code sent successfully. " + customer.user.email)}) except Customer.DoesNotExist: # If no customer object exists for the user, return an error response return Response({'error': 'No customer data found for this user'}, status=404) from django.contrib.auth.hashers import make_password @api_view(['POST']) def sendCodeAndNewPassword(request): try: # Retrieve the associated customer object customer = Customer.objects.get(mobile_number=request.data['mobile_number'], verification_sms_code=request.data['verification_sms_code']) if customer: # Update the user's password customer.user.password = make_password(request.data['password']) customer.user.save() return Response({"message": "Password has been changed successfully."}) else: return Response({"message": "Wrong mobile number or verification code."}) except Customer.DoesNotExist: # If no customer object exists for the user, return an error response return Response({'message': 'No customer data found for this user'}, status=404) # @api_view(['POST']) # def login(request): # try: # customer = Customer.objects.get(mobile_number=request.data['mobile_number']) # except get_user_model().DoesNotExist: # return Response("User not found", status=status.HTTP_404_NOT_FOUND) # if not customer.user.check_password(request.data['password']): # return Response("Invalid password", status=status.HTTP_401_UNAUTHORIZED) # token, created = Token.objects.get_or_create(user=customer.user) # serializer = UserSerializer(customer.user) # return Response({'token': token.key, 'user': serializer.data}) # @api_view(['POST']) # def login(request): # try: # customer = Customer.objects.get(mobile_number=request.data['mobile_number']) # except Customer.DoesNotExist: # return Response({ # "status": 401, # "data": {}, # "message": "موبایل یا پسورد غلط است" # }, status=status.HTTP_401_UNAUTHORIZED) # if not customer.user.check_password(request.data['password']): # return Response({ # "status": 401, # "data": {}, # "message": "موبایل یا پسورد غلط است" # }, status=status.HTTP_401_UNAUTHORIZED) # token, created = Token.objects.get_or_create(user=customer.user) # serializer = UserSerializer(customer.user) # return Response({ # "status": 200, # "data": { # "token": token.key, # "user": serializer.data # }, # "message": "ورود با موفقیت انجام شد" # }, status=status.HTTP_200_OK) @api_view(['POST']) def login(request): mobile_number = request.data.get('mobile_number') password = request.data.get('password') if not mobile_number or not password: return Response({ "status": 403, "data": {}, "message": "برای ورود نیاز به شماره موبایل و پسورد است" }, status=status.HTTP_401_UNAUTHORIZED) try: customer = Customer.objects.get(mobile_number=mobile_number) except Customer.DoesNotExist: return Response({ "status": 401, "data": {}, "message": "موبایل یا پسورد غلط است" }, status=status.HTTP_401_UNAUTHORIZED) if not customer.user.check_password(password): return Response({ "status": 401, "data": {}, "message": "موبایل یا پسورد غلط است" }, status=status.HTTP_401_UNAUTHORIZED) token, created = Token.objects.get_or_create(user=customer.user) serializer = UserSerializer(customer.user) return Response({ "status": 200, "data": { "token": token.key, "user": serializer.data }, "message": "ورود با موفقیت انجام شد" }, status=status.HTTP_200_OK) @api_view(['GET']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def sendSmsVerification(request): # Retrieve the current user user = request.user # Assuming a OneToOneField relation between User and Customer try: # Retrieve the associated customer object customer = Customer.objects.get(user=user) # Generate a random verification code verification_code = str(random.randint(100000, 999999)) # Update user's verification_code and sms_time_for_valid customer.verification_sms_code = verification_code customer.sms_time_for_valid = datetime.now() + timedelta(minutes=10) # Set validity time to now + 10 minutes customer.save() sms_response = send_sms(customer.mobile_number, verification_code) # Send SMS with verification code (implement this part according to your SMS service provider's API) # send_sms(user.mobile_number, verification_code) # You need to implement this function return Response({ "message": "SMS verification code sent successfully.", "sms_response": sms_response }) except Customer.DoesNotExist: # If no customer object exists for the user, return an error response return Response({'error': 'No customer data found for this user'}, status=404) @api_view(['GET']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def getInfo(request): user = request.user try: customer = Customer.objects.get(user=user) user_images = Image.objects.filter(user=user).order_by('-created_at') user_pdfs = Pdf.objects.filter(user=user).order_by('-created_at') user_videos = Video.objects.filter(user=user).order_by('-created_at') user_glbs = Glb.objects.filter(user=user).order_by('-created_at') user_subscriptions = Subscription.objects.filter(user=user) customer_serializer = CustomerSerializer(customer) image_serializer = ImageSerializer(user_images, many=True) pdf_serializer = PdfSerializer(user_pdfs, many=True) video_serializer = VideoSerializer(user_videos, many=True) glb_serializer = GlbSerializer(user_glbs, many=True) subscription_serializer = SubscriptionSerializer(user_subscriptions, many=True) first_subscription = subscription_serializer.data[0] if subscription_serializer.data else None user_subscription_data = first_subscription.get('user_count') if first_subscription else None user_data = { 'id': user.id, 'first_name': user.first_name, 'last_name': user.last_name, } return Response({ 'status': 200, 'data': { 'customer': customer_serializer.data, 'user': user_data, 'images': image_serializer.data, 'pdfs': pdf_serializer.data, 'videos': video_serializer.data, 'glbs': glb_serializer.data, 'subscription': user_subscription_data, }, 'message': 'موفق' }, status=status.HTTP_200_OK) except Customer.DoesNotExist: return Response({ 'status': 404, 'data': {}, 'message': 'اطلاعات مشتری یافت نشد' }, status=status.HTTP_404_NOT_FOUND) @api_view(['GET']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def sendEmailVerification(request): # Retrieve the current user user = request.user # Assuming a OneToOneField relation between User and Customer try: # Retrieve the associated customer object customer = Customer.objects.get(user=user) # Generate a random verification code verification_code = str(random.randint(100000, 999999)) # Update user's verification_code and sms_time_for_valid customer.verification_email_code = verification_code customer.save() sendEmail(user.email,verification_code) return Response({"message": ("Email verification code sent successfully. " + user.email)}) except Customer.DoesNotExist: # If no customer object exists for the user, return an error response return Response({'error': 'No customer data found for this user'}, status=404) def sendEmail(email, verification_code): subject = 'WZK Bestätigungscode' context = {'verification_code': verification_code} # Render HTML content from a template # html_content = render_to_string('core/templates/emails/email_template.html', context) html_content = render_to_string('emails/verification_email_template2.html', context) # Create a plain text version of the email (optional) text_content = strip_tags(html_content) email_from = settings.DEFAULT_FROM_EMAIL recipient_list = [email] try: # Create an EmailMultiAlternatives object msg = EmailMultiAlternatives(subject, text_content, email_from, recipient_list) # Attach the HTML content to the email msg.attach_alternative(html_content, "text/html") # Send the email msg.send() print("Email has been sent! ") return True except Exception as e: print(f"Error sending email: {e}") return False @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def submitEmailVerification(request): try: user = request.user customer = Customer.objects.get(user=user) if customer.verification_email_code == request.data['verification_email_code'] : customer.is_email_verified = True customer.save() return Response({"message": "Email Verified!"}) # else : # return Response({"message": customer.verification_email_code}) except get_user_model().DoesNotExist: return Response("Not verified 1", status=status.HTTP_404_NOT_FOUND) return Response("Not verified ", status=status.HTTP_404_NOT_FOUND) @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def submitSmsVerification(request): try: user = request.user customer = Customer.objects.get(user=user) if customer.verification_sms_code == request.data['verification_sms_code'] : customer.is_sms_verified = True customer.save() return Response({"message": "SMS Verified!"}) # else : # return Response({"message": customer.verification_email_code}) except get_user_model().DoesNotExist: return Response("Not verified 1", status=status.HTTP_404_NOT_FOUND) return Response("Not verified ", status=status.HTTP_404_NOT_FOUND) # @api_view(['GET']) # @authentication_classes([SessionAuthentication, TokenAuthentication]) # @permission_classes([IsAuthenticated]) # def test_token(request): # if not user_has_role(request.user, 'admin'): # return Response({'message': 'No access'}, status=status.HTTP_403_FORBIDDEN) # return Response({'message': 'User has admin role'}) @api_view(['GET']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def test_token(request): return Response({ "status": 200, "data": { "username": request.user.username }, "message": "موفق" }, status=status.HTTP_200_OK) @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def upload_image(request): user = request.user try: customer = Customer.objects.get(user=user) except Customer.DoesNotExist: return Response( {'error': 'No customer profile found.'}, status=status.HTTP_403_FORBIDDEN ) if not request.FILES.get('image'): return Response( {'error': 'No image file provided.'}, status=status.HTTP_400_BAD_REQUEST ) uploaded_file = request.FILES['image'] # Generate the new path: "2025/1/23/filename.jpg" today = datetime.now() year = str(today.year) month = str(today.month) day = str(today.day) # New path format: "2025/1/23/original_filename.jpg" new_path = os.path.join(year, month, day, uploaded_file.name) # Save the file manually to the desired directory saved_path = default_storage.save(new_path, uploaded_file) # Now create the Image record with the new path image = Image.objects.create( user=user, image=saved_path, # This will be "2025/1/23/filename.jpg" name=request.data.get('name', uploaded_file.name), ) serializer = ImageSerializer(image) return Response(serializer.data, status=status.HTTP_201_CREATED) @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def upload_glb(request): user = request.user try: customer = Customer.objects.get(user=user) except Customer.DoesNotExist: return Response( {'error': 'No customer profile found.'}, status=status.HTTP_403_FORBIDDEN ) if not request.FILES.get('glb'): return Response( {'error': 'No glb file provided.'}, status=status.HTTP_400_BAD_REQUEST ) uploaded_file = request.FILES['glb'] # Generate the new path: "2025/1/23/filename.jpg" today = datetime.now() year = str(today.year) month = str(today.month) day = str(today.day) # New path format: "2025/1/23/original_filename.jpg" new_path = os.path.join(year, month, day, uploaded_file.name) # Save the file manually to the desired directory saved_path = default_storage.save(new_path, uploaded_file) glb = Glb.objects.create( user=user, glb=saved_path, # This will be "2025/1/23/filename.jpg" name=request.data.get('name', uploaded_file.name), ) serializer = GlbSerializer(glb) return Response(serializer.data, status=status.HTTP_201_CREATED) @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def upload_video(request): user = request.user try: customer = Customer.objects.get(user=user) except Customer.DoesNotExist: return Response( {'error': 'No customer profile found.'}, status=status.HTTP_403_FORBIDDEN ) if not request.FILES.get('video'): return Response( {'error': 'No video file provided.'}, status=status.HTTP_400_BAD_REQUEST ) uploaded_file = request.FILES['video'] # Generate the new path: "2025/1/23/filename.jpg" today = datetime.now() year = str(today.year) month = str(today.month) day = str(today.day) # New path format: "2025/1/23/original_filename.jpg" new_path = os.path.join(year, month, day, uploaded_file.name) # Save the file manually to the desired directory saved_path = default_storage.save(new_path, uploaded_file) video = Video.objects.create( user=user, video=saved_path, # This will be "2025/1/23/filename.jpg" name=request.data.get('name', uploaded_file.name), ) serializer = VideoSerializer(video) return Response(serializer.data, status=status.HTTP_201_CREATED) @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def upload_pdf(request): user = request.user try: customer = Customer.objects.get(user=user) except Customer.DoesNotExist: return Response( {'error': 'No customer profile found.'}, status=status.HTTP_403_FORBIDDEN ) if not request.FILES.get('pdf'): return Response( {'error': 'No pdf file provided.'}, status=status.HTTP_400_BAD_REQUEST ) uploaded_file = request.FILES['pdf'] # Generate the new path: "2025/1/23/filename.jpg" today = datetime.now() year = str(today.year) month = str(today.month) day = str(today.day) # New path format: "2025/1/23/original_filename.jpg" new_path = os.path.join(year, month, day, uploaded_file.name) # Save the file manually to the desired directory saved_path = default_storage.save(new_path, uploaded_file) pdf = Pdf.objects.create( user=user, pdf=saved_path, # This will be "2025/1/23/filename.jpg" name=request.data.get('name', uploaded_file.name), ) serializer = GlbSerializer(pdf) return Response(serializer.data, status=status.HTTP_201_CREATED) from django.core.files.storage import default_storage from datetime import datetime import os from django.core.files.uploadedfile import UploadedFile, InMemoryUploadedFile @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def editProfile(request): user = request.user try: customer = Customer.objects.get(user=user) except Customer.DoesNotExist: return Response({'error': 'Customer profile not found'}, status=status.HTTP_404_NOT_FOUND) # Update user fields if 'first_name' in request.data: user.first_name = request.data['first_name'] if 'last_name' in request.data: user.last_name = request.data['last_name'] if 'semat' in request.data: customer.semat = request.data['semat'] # Initialize customer data dict customer_data = {} # Handle mobile number update if 'mobile_number' in request.data: if User.objects.exclude(pk=user.pk).filter(username=request.data['mobile_number']).exists(): return Response({'mobile_number': ['This mobile number is already in use.']}, status=status.HTTP_400_BAD_REQUEST) user.username = request.data['mobile_number'] customer_data['mobile_number'] = request.data['mobile_number'] # Handle mobile number update if 'profile_glb_url' in request.data: customer_data['profile_glb'] = request.data['profile_glb_url'] # Handle profile image upload if 'profile_img' in request.FILES: uploaded_img = request.FILES['profile_img'] today = datetime.now() img_path = os.path.join( str(today.year), str(today.month), str(today.day), f"profile_img_{user.id}_{uploaded_img.name}" ) saved_img_path = default_storage.save(img_path, uploaded_img) customer_data['profile_img'] = saved_img_path # Delete old image if it exists if customer.profile_img: try: default_storage.delete(customer.profile_img) except: pass # Handle profile GLB upload if 'profile_glb' in request.FILES: uploaded_glb = request.FILES['profile_glb'] today = datetime.now() glb_path = os.path.join( str(today.year), str(today.month), str(today.day), f"profile_glb_{user.id}_{uploaded_glb.name}" ) saved_glb_path = default_storage.save(glb_path, uploaded_glb) customer_data['profile_glb'] = saved_glb_path # Delete old GLB if it exists if customer.profile_glb: try: default_storage.delete(customer.profile_glb) except: pass # Also allow text-based updates (in case client sends path instead of file) if 'profile_img' in request.data and not isinstance(request.data['profile_img'], (UploadedFile, InMemoryUploadedFile)): customer_data['profile_img'] = request.data['profile_img'] if 'profile_glb' in request.data and not isinstance(request.data['profile_glb'], (UploadedFile, InMemoryUploadedFile)): customer_data['profile_glb'] = request.data['profile_glb'] # Serialize and validate customer data customer_serializer = CustomerSerializer(customer, data=customer_data, partial=True) if customer_serializer.is_valid(): user.save() customer_serializer.save() user_serializer = UserSerializer(user) return Response({ 'user': user_serializer.data, 'customer': customer_serializer.data }, status=status.HTTP_200_OK) else: return Response(customer_serializer.errors, status=status.HTTP_400_BAD_REQUEST) @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def resetPassword(request): user = request.user # Validate required fields if 'old_password' not in request.data or 'new_password' not in request.data: return Response( {'error': 'Both old_password and new_password are required'}, status=status.HTTP_400_BAD_REQUEST ) old_password = request.data['old_password'] new_password = request.data['new_password'] # Verify old password if not user.check_password(old_password): return Response( {'old_password': ['Wrong password.']}, status=status.HTTP_400_BAD_REQUEST ) # Set new password user.set_password(new_password) user.save() # If using JWT, you might want to blacklist the old token here # and optionally return a new token return Response({'message': 'Password updated successfully'}, status=status.HTTP_200_OK) def generate_code(length=6): """Generate a random verification code.""" return ''.join(random.choices(string.digits, k=length)) @api_view(['POST']) def requestResetCode(request): """ Request a password reset code for the given mobile number. Expects: {'mobile_number': 'string'} Returns: {'success': bool, 'message': 'string'} """ mobile_number = request.data.get('mobile_number') if not mobile_number: return Response( {'success': False, 'message': 'Mobile number is required'}, status=status.HTTP_400_BAD_REQUEST ) # Check if customer exists with the mobile number customer = Customer.objects.get(mobile_number=mobile_number) user = customer.user # Get the associated User # Generate verification code code = generate_code() # Store code in cache with 10-minute expiration cache_key = f"reset_code_{mobile_number}" cache.set(cache_key, code, timeout=600) # Send code via SMS sms_result = send_sms(mobile_number, code) if sms_result == 0: return Response( {'success': False, 'message': sms_result['message']}, status=status.HTTP_500_INTERNAL_SERVER_ERROR ) return Response( {'success': True, 'message': 'Verification code sent successfully'}, status=status.HTTP_200_OK ) @api_view(['POST']) def verifyResetCode(request): """ Verify the reset code and update the password. Expects: {'mobile_number': 'string', 'code': 'string', 'password': 'string'} Returns: {'success': bool, 'message': 'string'} """ mobile_number = request.data.get('mobile_number') code = request.data.get('code') new_password = request.data.get('password') if not all([mobile_number, code, new_password]): return Response( {'success': False, 'message': 'Mobile number, code, and new password are required'}, status=status.HTTP_400_BAD_REQUEST ) try: # Retrieve customer and associated user customer = Customer.objects.get(mobile_number=mobile_number) user = customer.user # Get the associated User # Check cached code cache_key = f"reset_code_{mobile_number}" stored_code = cache.get(cache_key) if not stored_code: return Response( {'success': False, 'message': 'Code has expired or is invalid'}, status=status.HTTP_400_BAD_REQUEST ) if stored_code != code: return Response( {'success': False, 'message': 'Invalid verification code'}, status=status.HTTP_400_BAD_REQUEST ) # Validate password (basic example; add more validation as needed) if len(new_password) < 6: return Response( {'success': False, 'message': 'Password must be at least 8 characters long'}, status=status.HTTP_400_BAD_REQUEST ) # Update password print(new_password) user.set_password(new_password) user.save() # Clear the cache cache.delete(cache_key) return Response( {'success': True, 'message': 'Password reset successfully'}, status=status.HTTP_200_OK ) except Customer.DoesNotExist: return Response( {'success': False, 'message': 'No user found with this mobile number'}, status=status.HTTP_404_NOT_FOUND ) except Exception as e: return Response( {'success': False, 'message': f'Error resetting password: {str(e)}'}, status=status.HTTP_500_INTERNAL_SERVER_ERROR ) @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def addSubscription(request): # Make a mutable copy of the request data data = request.data.copy() data['user'] = request.user.id # Automatically assign the authenticated user # Deserialize and validate the incoming data serializer = SubscriptionSerializer(data=data) if serializer.is_valid(): # Save the subscription using the validated data subscription = serializer.save(user=request.user) # This automatically saves the subscription # Return the response with the subscription data return Response({ "message": "Subscription created successfully.", "subscription": serializer.data # This gives you the serialized data of the saved subscription }, status=status.HTTP_201_CREATED) else: # If validation fails, return the errors return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) # @api_view(['POST']) # @authentication_classes([SessionAuthentication, TokenAuthentication]) # @permission_classes([IsAuthenticated]) # def addTeamMember(request): # # Make a mutable copy of the request data # data = request.data.copy() # data['adminUser'] = request.user.id # Automatically assign the authenticated user as admin # # Pass the request object to the serializer context # serializer = TeamMemberSerializer(data=data, context={'request': request}) # if serializer.is_valid(): # # Save the team member using the validated data # team_member = serializer.save() # This automatically saves the team member # # Return the response with the team member data # return Response({ # "message": "Team member added successfully.", # "team_member": serializer.data # This gives you the serialized data of the saved team member # }, status=status.HTTP_201_CREATED) # else: # # If validation fails, return the errors # return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) @api_view(['POST']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def addTeamMember(request): # Ensure mobile number is provided if 'mobile_number' not in request.data or not request.data['mobile_number'].strip(): return Response({'mobile_number': ['This field is required and cannot be empty.']}, status=status.HTTP_400_BAD_REQUEST) # Check if username already exists if User.objects.filter(username=request.data['mobile_number']).exists(): return Response({'username': ['A user with that username already exists.']}, status=status.HTTP_400_BAD_REQUEST) # Proceed with user creation user_serializer = UserSerializer(data=request.data) if user_serializer.is_valid(): user = user_serializer.save() user.set_password(request.data['password']) # Ensure mobile_number is assigned to username field user.username = request.data['mobile_number'] user.first_name = request.data['first_name'] user.last_name = request.data['last_name'] user.save() # Proceed with customer data creation customer_data = { 'user': user.id, 'mobile_number': request.data['mobile_number'], 'semat': request.data['semat'], } customer_serializer = CustomerSerializer(data=customer_data) if customer_serializer.is_valid(): customer_serializer.save() token = Token.objects.create(user=user) # Make a mutable copy of the request data for TeamMember data = request.data.copy() data['adminUser'] = request.user.id # Automatically assign the authenticated user as admin data['user'] = user.id # Automatically assign the user as team member # Pass the request object to the serializer context serializer = TeamMemberSerializer(data=data, context={'request': request}) if serializer.is_valid(): # Save the team member and return success response team_member = serializer.save() return Response({ "message": "Team member added successfully.", "team_member": serializer.data }, status=status.HTTP_201_CREATED) else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) else: # If customer data is invalid, delete the created user user.delete() return Response(customer_serializer.errors, status=status.HTTP_400_BAD_REQUEST) else: return Response(user_serializer.errors, status=status.HTTP_400_BAD_REQUEST) @api_view(['GET']) @authentication_classes([SessionAuthentication, TokenAuthentication]) @permission_classes([IsAuthenticated]) def get_team_member_info(request): user = request.user # Count team members where this user is the admin team_member_count = TeamMember.objects.filter(adminUser=user).count() # Get subscriptions where this user is the actual subscriber user_subscriptions = Subscription.objects.filter(user=user) subscription_serializer = SubscriptionSerializer(user_subscriptions, many=True) # Extract user_count from the first subscription first_subscription = subscription_serializer.data[0] if subscription_serializer.data else None user_subscription_data = first_subscription.get('user_count') if first_subscription else None return Response({ 'status': 200, 'data': { 'team_member_capacity': team_member_count, 'subscriptionCount': user_subscription_data, }, 'message': 'موفق' }, status=status.HTTP_200_OK)