Day 9: Delete account if user is not cfreated that account

Author: PTHARRISH

api/urls.py

@@ -4,10 +4,12 @@
     AdminDashboardView,
     AdminRegisterView,
     AdminUserDetailView,
+    DeleteAccountView,
     LoginView,
     ProductDetailView,
     ProductListView,
     ProductReviewCreateUpdateView,
+    ProfileView,
     TechnicianRegisterView,
     UserRegisterView,
 )
@@ -21,13 +23,21 @@
     ),
     path("register/admin/", AdminRegisterView.as_view(), name="admin-register"),
     path("login/", LoginView.as_view(), name="login"),
-    path("products/", ProductListView.as_view()),
-    path("products/<int:product_id>/", ProductDetailView.as_view()),
-    path("products/<int:product_id>/review/", ProductReviewCreateUpdateView.as_view()),
+    path("profile/<str:username>/", ProfileView.as_view(), name="profile_detail"),
+    path("products/", ProductListView.as_view(), name="product-list"),
+    path(
+        "products/<int:product_id>/", ProductDetailView.as_view(), name="product-detail"
+    ),
+    path(
+        "products/<int:product_id>/review/",
+        ProductReviewCreateUpdateView.as_view(),
+        name="product-review",
+    ),
     path("admin/dashboard/", AdminDashboardView.as_view(), name="admin-dashboard"),
     path(
         "admin/users/<int:user_id>/",
         AdminUserDetailView.as_view(),
         name="admin-user-detail",
     ),
+    path("delete-account/", DeleteAccountView.as_view(), name="delete-account"),
 ]

users/signals.py

@@ -0,0 +1,41 @@
+from django.conf import settings
+from django.core.mail import send_mail
+from django.core.signing import TimestampSigner
+from django.db.models.signals import post_save
+from django.dispatch import receiver
+
+from users.models import Profile
+
+signer = TimestampSigner()
+
+
+@receiver(post_save, sender=settings.AUTH_USER_MODEL)
+def create_profile_and_send_email(sender, instance, created, **kwargs):
+    if created:
+        # Create the profile (safe even if mail fails)
+        Profile.objects.get_or_create(user=instance)
+
+        # Generate a signed token for deletion link
+        token = signer.sign(instance.pk)  # securely signs user ID with timestamp
+
+        # Build delete URL
+        delete_url = f"{settings.BASE_URL}/api/delete-account/?token={token}"
+
+        # Send confirmation mail
+        try:
+            send_mail(
+                subject="Welcome to Our RO Purifier App 🎉",
+                message=(
+                    f"Hi {instance.username},\n\n"
+                    f"Your account has been created successfully.\n"
+                    f"If you did NOT create this account, click below to delete it:\n"
+                    f"{delete_url}\n\n"
+                    f"This link is valid for 24 hours."
+                ),
+                from_email=settings.DEFAULT_FROM_EMAIL,
+                recipient_list=[instance.email],
+                fail_silently=False,
+            )
+        except Exception as e:
+            # Even if mail sending fails, the profile remains
+            print(f"⚠️ Failed to send welcome email: {e}")