First release(v1)

.env_example

@@ -0,0 +1,5 @@
+SECRET_KEY='secret-xxxx'
+EMAIL_HOST='smtp.xxxx.xxx'
+EMAIL_HOST_USER='test@example.com'
+EMAIL_HOST_PASSWORD='password'
+URI_SECRET_KEY='Ck5C9bBqFAxVPS5Eaj55jK6GxerywfkMbxswmzCd'

.gitignore

@@ -0,0 +1 @@
+*.env

README.md

@@ -0,0 +1,77 @@
+<div align="center"> 
+<img  width="350" alt="coodig-icon" src="https://github.com/uswebk/coodig-api/assets/50518919/5e0a9c1c-ddf8-4835-ad7c-fffef407bc85">
+<h1>coodig</h1>
+
+<h4>Backend（API） of quiz application for engineers🧑‍💻</h4>
+</div>
+
+---
+
+📱 Mobile: https://github.com/uswebk/coodig-mobile
+
+## Run App 🚗
+```
+python3 manage.py runserver 0.0.0.0:9999
+```
+
+## Endpoints
+
+* **Register account**
+
+```
+POST: /api/v1/accounts/register/
+```
+
+* **Login**
+
+```
+POST: /api/v1/accounts/login/
+```
+
+* **Refresh JWT**
+
+```
+POST: /api/token/refresh/
+```
+
+* **Verify JWT**
+
+```
+POST: /api/token/verify/
+```
+
+* **Fetch Me**
+
+```
+GET: /api/v1/accounts/me/
+```
+
+* **Send OTP**
+
+```
+POST: /api/v1/accounts/otp/send/
+```
+
+* **Verify OTP**
+
+```
+POST: /api/v1/accounts/otp/verify/
+```
+
+* **Fetch OTP**
+
+```
+GET: /api/v1/accounts/otp/
+```
+
+* **Send Reset Password Email**
+
+```
+POST: /api/v1/accounts/reset-password/send/
+```
+
+* **Reset Password**
+
+```
+POST: /api/v1/accounts/reset-password/
+```

account/admin.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.

account/api/serializers.py

@@ -0,0 +1,84 @@
+from rest_framework import serializers
+
+from account.models import Account, Otp
+
+
+class AccountRegistrationSerializer(serializers.ModelSerializer):
+    password2 = serializers.CharField(style={'input_type': 'password'}, write_only=True)
+
+    class Meta:
+        model = Account
+        fields = ['name', 'email', 'password', 'password2']
+        extra_kwargs = {
+            'password': {'write_only': True}
+        }
+
+    def validate(self, attrs):
+        password = attrs.get('password')
+        password2 = attrs.get('password2')
+        if password != password2:
+            raise serializers.ValidationError("Password and Confirm Password doesn't match")
+        if len(password) < 6:
+            raise serializers.ValidationError("Password six more")
+        return attrs
+
+    def create(self, validate_data):
+        return Account.objects.create_user(**validate_data)
+
+
+class UserLoginSerializer(serializers.ModelSerializer):
+    email = serializers.EmailField(max_length=255)
+    password = serializers.CharField()
+
+    class Meta:
+        model = Account
+        fields = ['email', 'password']
+
+    def validate_password(self, value):
+        if len(value) < 6:
+            raise serializers.ValidationError("Passwords must be at least 6 characters long.")
+        return value
+
+
+class AccountSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Account
+        fields = ['id', 'name', 'email', 'email_verified_at']
+
+
+class OtpSerializer(serializers.ModelSerializer):
+    account = AccountSerializer(read_only=True)
+
+    class Meta:
+        model = Otp
+        fields = '__all__'
+
+
+class VerifyAccountSerializer(serializers.Serializer):  # noqa
+    otp = serializers.CharField()
+
+
+class SendPasswordResetEmailSerializer(serializers.Serializer):
+    email = serializers.EmailField(max_length=255)
+
+    class Meta:
+        fields = ['email']
+
+
+class PasswordResetSerializer(serializers.Serializer):
+    password = serializers.CharField(max_length=255, style={'input_type': 'password'})
+    password2 = serializers.CharField(max_length=255, style={'input_type': 'password'}, write_only=True)
+    uid = serializers.CharField()
+    token = serializers.CharField()
+
+    class Meta:
+        fields = ['password', 'password2', 'uid']
+
+    def validate(self, attrs):
+        password = attrs.get('password')
+        password2 = attrs.get('password2')
+        if password != password2:
+            raise serializers.ValidationError("Password and Confirm Password doesn't match")
+        if len(password) < 6:
+            raise serializers.ValidationError("Password six more")
+        return attrs

account/api/urls.py

@@ -0,0 +1,15 @@
+from django.urls import path
+
+from .views import RegistrationView, VerifyOtpView, SendOtpView, UserLoginView, MeView, OtpView, SendResetPasswordView, \
+    ResetPasswordView
+
+urlpatterns = [
+    path('me/', MeView.as_view(), name='account'),
+    path('register/', RegistrationView.as_view(), name='register'),
+    path('login/', UserLoginView.as_view(), name='login'),
+    path('otp/', OtpView.as_view(), name='otp'),
+    path('otp/verify/', VerifyOtpView.as_view(), name='verify_otp'),
+    path('otp/send/', SendOtpView.as_view(), name='send_otp'),
+    path('reset-password/send/', SendResetPasswordView.as_view(), name='send_reset_password'),
+    path('reset-password/', ResetPasswordView.as_view(), name='reset_password'),
+]

account/api/views.py

@@ -0,0 +1,126 @@
+from django.core.exceptions import ValidationError
+from django.db import transaction
+from rest_framework import permissions, status
+from rest_framework.response import Response
+from rest_framework.views import APIView
+
+from account.api.serializers import AccountRegistrationSerializer, VerifyAccountSerializer, UserLoginSerializer, \
+    AccountSerializer, OtpSerializer, SendPasswordResetEmailSerializer, PasswordResetSerializer
+from account.emails import send_opt
+from account.exceptions import OtpVerifyError, LoginError
+from account.models import Account
+from account.permissions import ActiveAccount
+from account.services import LoginService, OtpService, OtpVerifyService, get_tokens_for_user, SendResetPasswordService, \
+    ResetPasswordService
+from rest_framework.authentication import BasicAuthentication
+
+
+class RegistrationView(APIView):
+    authentication_classes = []
+    permission_classes = [permissions.AllowAny, ]
+    serializer_class = AccountRegistrationSerializer
+
+    def post(self, request):
+        with transaction.atomic():
+            serializer = self.serializer_class(data=request.data)
+            serializer.is_valid(raise_exception=True)
+            account = serializer.save()
+            otp = OtpService().create(account)
+            send_opt(otp)
+        return Response({'token': get_tokens_for_user(account)}, status=status.HTTP_201_CREATED)
+
+
+class UserLoginView(APIView):
+    permission_classes = [permissions.AllowAny, ]
+    serializer_class = UserLoginSerializer
+
+    def post(self, request):
+        serializer = self.serializer_class(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        try:
+            token = LoginService().login(serializer.data['email'], serializer.data['password'])
+            return Response({'token': token, 'message': 'Login Success'}, status=status.HTTP_200_OK)
+        except LoginError as e:
+            return Response({'non_field_errors': ['Email or Password is not Valid']},
+                            status=status.HTTP_404_NOT_FOUND)
+
+
+class VerifyOtpView(APIView):
+    permission_classes = [permissions.IsAuthenticated, ActiveAccount]
+    serializer_class = VerifyAccountSerializer
+
+    def post(self, request):
+        serializer = self.serializer_class(data=request.data)
+        account = self.request.user
+        if serializer.is_valid(raise_exception=True):
+            try:
+                OtpVerifyService().done(account, serializer.data['otp'])
+                return Response({"messages": "otp verify success"}, status=status.HTTP_200_OK)
+            except OtpVerifyError as e:
+                return Response({"messages": str(e)}, status=status.HTTP_400_BAD_REQUEST)
+
+
+class OtpView(APIView):
+    permission_classes = [permissions.IsAuthenticated, ActiveAccount]
+    serializer_class = OtpSerializer
+
+    def get(self, request):
+        account = self.request.user
+        otps = account.otps
+        if otps is None:
+            return Response({'message': 'Not Found Otp'}, status=status.HTTP_404_NOT_FOUND)
+
+        return Response(self.serializer_class(otps.last()).data, status=status.HTTP_200_OK)
+
+
+class SendOtpView(APIView):
+    permission_classes = [permissions.IsAuthenticated, ActiveAccount]
+
+    def post(self, request):
+        account = self.request.user
+        otp = OtpService().create(account)
+        send_opt(otp)
+        return Response({'message': 'Send otp success'}, status=status.HTTP_200_OK)
+
+
+class MeView(APIView):
+    permission_classes = [permissions.IsAuthenticated, ActiveAccount]
+
+    def get(self, request):
+        account = self.request.user
+        return Response(AccountSerializer(instance=account).data, status=status.HTTP_200_OK)
+
+
+class SendResetPasswordView(APIView):
+    permission_classes = [permissions.AllowAny, ]
+    serializer_class = SendPasswordResetEmailSerializer
+
+    def post(self, request):
+        serializer = self.serializer_class(data=request.data)
+
+        if serializer.is_valid(raise_exception=True):
+            account = Account.objects.filter(email=serializer.data['email']).first()
+            if account is not None:
+                SendResetPasswordService.execute(account)
+
+            return Response({'message': 'Send Reset Password Mail'}, status=status.HTTP_200_OK)
+
+
+class ResetPasswordView(APIView):
+    permission_classes = [permissions.AllowAny, ]
+    serializers_class = PasswordResetSerializer
+
+    def post(self, request):
+        serializer = self.serializers_class(data=request.data)
+
+        if serializer.is_valid(raise_exception=True):
+            try:
+                ResetPasswordService.execute(
+                    serializer.data['uid'],
+                    serializer.data['token'],
+                    serializer.data['password']
+                )
+                return Response({}, status=status.HTTP_200_OK)
+
+            except ValidationError as e:
+                return Response({'message': {e.messages[0]}}, status=status.HTTP_400_BAD_REQUEST)

account/apps.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class AccountConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'account'

account/consts.py

@@ -0,0 +1,2 @@
+OTP_VALID_MINUTES = 10
+OTP_CODE_NUMBER_OF_DIGITS = 6