U sc@sXddlZddlZddlZddlmZddlmZmZddlm Z ddl m Z ddl m Z ddl mZddlmZdd lmZdd lmZdd lmZmZdd lmZmZmZdd lmZddlm Z m!Z!m"Z"m#Z#m$Z$ddl%m&Z&ddl'm(Z)ddl*m+Z+m,Z,ddl-m.Z.ddl/m0Z0ddl1m2Z2ddl3m4Z4ddl5m6Z6ddl7m8Z8m9Z9ddl:m;Z;e e;ZddGdddeZ?e er r r@rrAr create_recordauthenticate_serializers9UserSerializerForAuthenticateAndCollaboratorsAndInstituter1) rBrCr'r(rPr+rDrFr1rGrY user_datarHrHrIr$ksj          z!LoginOrVerificationCodeCheck.postNrJrHrHrHrIrOcsrOc@seZdZdZddZdS) RegisterUserz This API class is responsible for handling incoming requests for register verifying. it takes an email, a password and a code from user and checks if the code belongs to that email in temp user and then create a User in database c Csx|jd}|jd}|jd}|jd}|jd}|jd}|jd}|jd} t|} |jd } t| | ||d } | dk r| S|r|}ztjj||d } Wn6tjj | |d d dd}t ||t j dYSXz*t jj|dd dd}t ||t j dWSYnXt jj |||| d}|rB||_|r\tt|j||_| rt| tjd|_t| tjd|_|n|rztjj||d} Wn6tjj | |dd dd}t ||t j dYSXz*t jj|dd dd}t ||t j dWSt jj |||| d}|r2||_|rLtt|j||_| rrt| tjd|_t| tjd|_|YnXnd dd}t ||t j dSt|}t|tjj d|dd}tjj |dt !ddddddt"jj ||t#j$g|j%|j&d | '|r,t(jj)|dddd!j*|d"n"|rNt(jj)|dddd#j*|d"t+,|j-}t |d$d%||d&d't j.dS)(Nr)r'r(passwordrP first_name last_nameimager*rQrRrSr.#Your verification code is incorrectr4r rTzduplicate email)r'rar`rb max_side_sizerUrVrWr3)r(rar`rbsandboxT)r%rGrfrF) instituter% start_datemax_collaborators_per_institutemax_examinee_per_instituteassign_examinee_to_examassign_public_link_to_examenable_institute_api_key)rGrgrolesinstitute_nameinstitute_created_at) invited_phonecanceledrejectedinvited_user__isnull) invited_user) invited_emailrrrsrtr5r6rXr/)/r7r8rr:rr9rr=rr>r r r@rr)rstridr_r!r9maximum_side_size_compress_for_authenticate_profile_imagerbCmaximum_side_size_compress_for_authenticate_profile_image_thumbnailimage_thumbnailsaverrZrcreate_initial_balance_historyrrrnowrdr__ROLE_OWNER__r% created_atdeleterfilterupdater[r\r1rA)rBrCr)r'r(r_rPr`rarbr+rDrFZverification_attemptr1rGrYZsandbox_instituter]rHrHrIr$s                  zRegisterUser.postNrJrHrHrHrIr^sr^c@seZdZdZddZdS)LoginWithPasswordz This API class is responsible for handling incoming requests for login. it takes an email and a password from user and checks if the code belongs to that email in temp user and then create a User in database c Csz|jd}|jd}|jd}|jd}t|}|jd}t|||||d}|dk rb|S|r|}zTtjj|d} tt | j || j st jj ||dd d d } t|| tjd WSWn6t jj ||dd d d } t|| tjd YSXnF|rzVtjj|d } tt | j || j sZt jj ||dd dd } t|| tjd WSWn6t jj ||dd dd } t|| tjd YSXn|r,zVtjj|d} tt | j || j st jj ||dd dd } t|| tjd WSWn6t jj ||dd dd } t|| tjd YSXnd dd } t|| tjd St| } t| j} t|dd| | ddtjd S)Nr)r'r(r_r*)r'r(r)rTr'r+r.zEmail or password is incorrectr4r rWr(r+zPhone or password is incorrectr-r)r+z!Username or password is incorrectr3r5r6rXr/)r7r8rr:rr9rr=rrwrxr_rr>r r r@rrZr[r\r1rA) rBrCr)r'r(r_r+rDrFrGr1rYr]rHrHrIr$<s       zLoginWithPassword.postNrJrHrHrHrIr4srT)Zaccept_user_tokenc@seZdZdZddZdS) LogoutUserz This API class is responsible for handling incoming requests for logout. it takes the user token and if valid, deletes it. cCs |jt|dddtjdS)Nr5r6r4r )Zmiddleware_token_recordrr r rA)rBrCrHrHrIr$s zLogoutUser.postNrJrHrHrHrIrsrc@seZdZdZddZdS)ChangeUserPasswordz This API class is responsible for handling incoming datas for changing password. it takes the password and code from the user and if the code belongs to the user of incoming token, then hashes and sets the new password to the user. cCs|jd}|jd}t|}|jd}|j}t|||j|j|j}|dk rT|S|j dk rt t |j ||j rt t |j ||_ |t|dddtjdStjj|j|j|dt|d d dtjdSdS) N old_password new_passwordr*r6zPassword updated successfullyr4r )r(r'r+r.zWrong Old Password)r7r8rr:middleware_userrr'r(r)r_rrwrxrr|r r rArr=r>r@)rBrCrrr+rDrGrFrHrHrIr$s8      zChangeUserPassword.postNrJrHrHrHrIrsrc@seZdZdZddZdS)ForgetUserPassworda This API class is responsible for handling incoming datas for forgetting password. it takes the email, password and code from the user and if the code belongs to the user of incoming email, then hashes and sets the new password to the user. c Cs|jd}|jd}|jd}|jd}|jd}t|}|jd}t|||||} | dk rl| S|r*|}ztjj||dWn6tjj ||dd d d } t || t j d YSXzt jj|d } Wn&d dd } t || t j d YSXtt| j|| _| t| } n|rztjj||dWn6tjj ||dd d d } t || t j d YSXzt jj|d} Wn.tdd dd } t || t j d YSXtt| j|| _| t| } n|rztjj||dWn6tjj ||dd d d } t || t j d YSXzt jj|d} Wn.tdd dd } t || t j d YSXtt| j|| _| t| } nd dd } t || t j d Sdd| d} t || t jd S)Nr'r(r)rrPr*rRrr.rcr4r rTzRegister FirstrUrrWz'CRITICAL: Invalid State #44875265927245)r)r,rr-r3r5r6)r r0rY)r7r8rr:rr9rr=rr>r r r@rrrwrxr_r|rrZr"rA) rBrCr'r(r)rrPr+rDrFr1rGrYrHrHrIr$s                zForgetUserPassword.postNrJrHrHrHrIrsrc@seZdZddZdS)EditUserc Cs6|jd}|jd}|jd}|jd}|jd}|jd}|jd}|j} |sf|dkrl|| _|sx|dkr~|| _|s|dkr|| _|r| j| j|r| j | j |rt |t j d | _t |t jd | _|r t |t jd | _ t |t jd | _ | t| j} t|d d | d tjd S)Nr`rainforbposter delete_image delete_posterrdr5r6r r0rGr )r7r8rr`rarrbrr{rposter_thumbnailr!rryrz2maximum_side_size_compress_for_authenticate_posterrrZr[r\r1rArr|)rBrCrZidinforGrYr]rHrHrIr$tsd "       zUserGoogleLogin.postNrJrHrHrHrIrlsrc@seZdZdZddZdS)UserFacebookLogina  This API class is responsible for handling incoming requests for login via Facebook. it takes a g_id_token and try to decode it. if it was successful, then we create a user with the incoming data, otherwise the client faces an 403 forbidden error! c Cs|jd}z|tjtjtjd}tjd|d}|jdkrTt|dddt j d WStjd d | d id}|jdkrt|dddt j d WS| }zt j j|d d }Wnft j j|d|d|d |dd}t|}t|j} t|dd|| ddt jd YWSX|js2|d|_|n(|j|dkrZt|dddt j d WSt|}t|j} t|dd|| ddt jd WSt|dddt j d YSXdS)Nfb_code)rPZ client_idZ redirect_uriZ client_secretz2https://graph.facebook.com/v7.0/oauth/access_token)paramsr.rr4r z?https://graph.facebook.com/me?fields=first_name,last_name,emailZ access_tokenr'rTr`rarx)r`rar'fb_idr5r6rXr/)r7r8rFACEBOOK_CLIENT_IDFACEBOOK_REDIRECT_URIFACEBOOK_CLIENT_SECRETr status_coder r rjsonrr=r>rrZr[r\r1rArr|) rBrCrZfb_dataZfirst_responseZsecond_responseZ client_datarGrYr]rHrHrIr$s~            zUserFacebookLogin.postNrJrHrHrHrIrsrc@seZdZddZdS) UserBalancecCs(|j}|j}t|ddd|idtjdS)Nr5r6balancer/r )rrr r rA)rBrCZcallerrrHrHrIr$szUserBalance.postNrrHrHrHrIrsr)Urandomr;r django.confrdjango.contrib.auth.hashersrr django.utilsrdjango.utils.decoratorsrrZgoogle.auth.transportrZ google.oauth2r rest_frameworkr rest_framework.viewsr authenticater r[rZauthenticate.attemp_recaptcharrrZauthenticate.middlewarerauthenticate.modelsrrrrrZauthenticate.utilsr collaboratorsrrZcollaborators.modelsrrinstitute.modelsrpayment.modelsr plan.modelsrutilsrutils.myresponser utils.utilsr!r"Zwikiazma.middlewarer#Z serializer_validation_middlewareZIuser_token_or_server_token_or_server_API_key_validation_and_authorizationZ$SendAVerificationCodeInputSerializerr&Z+InputLoginOrVerificationCodeCheckSerializerrOZInputRegisterUserSerializerr^Z InputLoginWithPasswordSerializerrrZ!InputChangeUserPasswordSerializerrZ!InputForgetUserPasswordSerializerrZInputEditUserSerializerrZInputUserProfileSerializerrrZInputUserGoogleLoginSerializerrZ InputUserFacebookLoginSerializerrrrHrHrHrIs                 9 ?N  !] 1   2<