Added Token based auth views.

Author: Yosef-AlSabbah

account/admin.py

@@ -1,18 +1,90 @@
 from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
 
-from account.models import User, Profile
+from .models import Profile, UserAccount
 
 
-@admin.register(User)
-class UserAdmin(admin.ModelAdmin):
-    list_display = ('username', 'email', 'first_name', 'last_name', 'is_staff', 'is_active')
-    list_filter = ('is_staff', 'is_active', 'date_joined')
-    search_fields = ('username', 'email', 'first_name', 'last_name')
-    ordering = ('date_joined',)
+# Extend the base UserAdmin to customize for UserAccount
+@admin.register(UserAccount)
+class UserAccountAdmin(BaseUserAdmin):
+    """
+    Admin view for the UserAccount model with enhanced visibility and control over user details.
+    """
+    # Fields to display in the user list
+    list_display = ('id', 'email', 'username', 'is_active', 'is_staff', 'date_joined')
+    list_filter = ('is_active', 'is_staff', 'is_manager', 'is_admin')
 
+    # Fields to enable search by email and username
+    search_fields = ('email', 'username')
 
+    # Fields layout in the detail view
+    fieldsets = (
+        (None, {'fields': ('email', 'username', 'password')}),
+        ('Personal Info', {'fields': ('first_name', 'last_name', 'phone_number', 'bio', 'profile_image')}),
+        ('Permissions', {'fields': ('is_active', 'is_staff', 'is_manager', 'is_admin')}),
+        ('Important dates', {'fields': ('last_login', 'date_joined')}),
+        ('Advanced options', {
+            'classes': ('collapse',),
+            'fields': ('groups', 'user_permissions'),
+        }),
+    )
+
+    # Fields layout when creating a new user
+    add_fieldsets = (
+        (None, {
+            'classes': ('wide',),
+            'fields': (
+                'email', 'username', 'first_name', 'last_name', 'phone_number', 'password1', 'password2', 'is_active',
+                'is_staff', 'is_superuser'),
+        }),
+    )
+
+    readonly_fields = ('date_joined', 'last_login')
+
+    # Ensure email and username are used for logging in and user identification
+    ordering = ('email',)
+
+    def has_add_permission(self, request):
+        """
+        Control add permissions if needed.
+        """
+        return True
+
+    def has_change_permission(self, request, obj=None):
+        """
+        Allow edits only for staff members.
+        """
+        if request.user.is_staff:
+            return True
+        return False
+
+
+# Register the ProfileAdmin as well
 @admin.register(Profile)
 class ProfileAdmin(admin.ModelAdmin):
-    list_display = ('user', 'location', 'birth_date')
-    search_fields = ('user__username', 'location')
-    list_filter = ('birth_date',)
+    """
+    Admin view for the Profile model with limited edit permissions.
+    """
+    list_display = ('user', 'balance', 'date_created')
+    search_fields = ('user__username', 'user__email')  # Use 'username' and 'email' instead of 'name'
+
+    readonly_fields = ('balance', 'date_created')  # Make balance and date_created read-only
+
+    def get_form(self, request, obj=None, **kwargs):
+        """Customize form to limit user choices and enforce creation-only permissions."""
+        form = super().get_form(request, obj, **kwargs)
+        if obj is None:
+            # Restrict user choices to those without a profile only during creation
+            form.base_fields['user'].queryset = UserAccount.objects.filter(profile__isnull=True)
+        else:
+            # Make the user field read-only when viewing an existing profile
+            self.readonly_fields = ('user', 'balance', 'date_created')
+        return form
+
+    def has_change_permission(self, request, obj=None):
+        """
+        Allow profile creation but restrict editing after creation.
+        """
+        if obj is not None:
+            return False  # Disable editing of existing profiles
+        return True

account/emails.py

@@ -0,0 +1,27 @@
+from djoser.email import ActivationEmail
+
+
+class CustomActivationEmail(ActivationEmail):
+    template_name = 'djoser/email/activation.html'
+
+    def get_context_data(self):
+        # Call the base implementation first to get a context dictionary
+        context = super().get_context_data()
+
+        # Ensure correct values are set for protocol and domain
+        request = self.context.get('request')
+        if request:
+            protocol = 'https' if request.is_secure() else 'http'
+            domain = request.get_host()  # This will provide the correct domain, without protocol
+        else:
+            protocol = 'http'  # Default fallback
+            domain = '127.0.0.1:8000'  # Replace with your actual domain for production
+
+        # Construct the activation URL properly
+        uid = context.get('uid')
+        token = context.get('token')
+        activation_url = f"{protocol}://{domain}/activate/{uid}/{token}/"
+
+        context['activation_url'] = activation_url
+
+        return context

account/models.py

@@ -1,27 +1,119 @@
-from django.contrib.auth.models import AbstractUser
+from django.conf import settings
+from django.contrib.auth.base_user import BaseUserManager
+from django.contrib.auth.models import PermissionsMixin, AbstractUser
+from django.core.validators import RegexValidator
 from django.db import models
+from django.utils import timezone
+from django.utils.translation import gettext_lazy as _
+from simple_history.models import HistoricalRecords
 
 from .utils import profile_upload_to_unique
 
 
-class User(AbstractUser):
-    email = models.EmailField(unique=True)
+class Profile(models.Model):
+    """
+    Model representing a user's profile.
+    Connects to income, expenses, and allows for personal data storage.
+    """
+    user = models.OneToOneField(
+        settings.AUTH_USER_MODEL,
+        on_delete=models.CASCADE,
+        related_name="profile"
+    )
+    balance = models.DecimalField(
+        max_digits=10,
+        decimal_places=2,
+        default=0.0,
+        help_text="User's current balance."
+    )
+    date_created = models.DateTimeField(auto_now_add=True)
+    profile_pic = models.ImageField(
+        upload_to=profile_upload_to_unique,
+        blank=True,
+        null=True,
+        help_text="User's profile picture."
+    )
 
+    # Add historical records field to track changes
+    history = HistoricalRecords()
 
-class Profile(models.Model):
-    user = models.OneToOneField(User, on_delete=models.CASCADE)
-    bio = models.TextField(blank=True)
-    location = models.CharField(max_length=100, blank=True)
-    birth_date = models.DateField(null=True, blank=True)
-    picture = models.ImageField(upload_to=profile_upload_to_unique, null=True, blank=True)
+    def __str__(self):
+        """String representation of the profile object, displaying the associated user's username."""
+        return f'Profile of {self.user}'
 
-    class Meta:
-        verbose_name = "Profile"
-        verbose_name_plural = "Profiles"
-        indexes = [
-            models.Index(fields=['user']),
-        ]
-        ordering = ['user']
+
+# Custom User Manager
+class UserManager(BaseUserManager):
+    def create_user(self, email, password=None, **extra_fields):
+        if not email:
+            raise ValueError(_('The Email field must be set'))
+        email = self.normalize_email(email)
+        user = self.model(email=email, **extra_fields)
+        user.set_password(password)
+        user.save(using=self._db)
+        return user
+
+    def create_superuser(self, email, password=None, **extra_fields):
+        extra_fields.setdefault('is_staff', True)
+        extra_fields.setdefault('is_superuser', True)
+        extra_fields.setdefault('is_active', True)
+
+        if extra_fields.get('is_staff') is not True:
+            raise ValueError(_('Superuser must have is_staff=True.'))
+        if extra_fields.get('is_superuser') is not True:
+            raise ValueError(_('Superuser must have is_superuser=True.'))
+
+        return self.create_user(email, password, **extra_fields)
+
+
+# Custom User Model
+class UserAccount(AbstractUser, PermissionsMixin):
+    email = models.EmailField(_('email address'), unique=True)
+    username = models.CharField(_('username'), max_length=30, unique=True, blank=False,
+                                help_text="User's unique username",
+                                validators=[
+                                    RegexValidator(
+                                        regex=r'^[\w-]+$',
+                                        message=_(
+                                            "Username can only contain letters, numbers, underscores, or hyphens.")
+                                    )
+                                ]
+                                )
+    phone_number = models.CharField(_('phone number'), max_length=15, unique=True, null=True, blank=True,
+                                    validators=[
+                                        RegexValidator(
+                                            regex=r'^\+?1?\d{9,15}$',
+                                            message=_(
+                                                "Phone number must be entered in the format: '+999999999'. Up to 15 digits allowed."
+                                            ),
+                                        )
+                                    ], )
+    first_name = models.CharField(_('first name'), max_length=30, blank=True)
+    last_name = models.CharField(_('last name'), max_length=30, blank=True)
+    profile_image = models.ImageField(_('profile image'), upload_to='profile_images/', null=True, blank=True)
+    bio = models.TextField(_('bio'), max_length=500, blank=True)
+    last_login_ip = models.GenericIPAddressField(_('last login IP'), null=True, blank=True)
+    last_login = models.DateTimeField(_('last login'), auto_now=True)
+    date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
+
+    is_active = models.BooleanField(_('active'), default=True)
+    is_staff = models.BooleanField(_('staff status'), default=False)
+    is_manager = models.BooleanField(_('manager status'), default=False)
+    is_admin = models.BooleanField(_('admin status'), default=False)
+
+    objects = UserManager()
+
+    USERNAME_FIELD = 'email'
+    REQUIRED_FIELDS = ['username', 'phone_number', 'first_name', 'last_name']
+
+    @property
+    def name(self):
+        return f'{self.first_name} {self.last_name}'
 
     def __str__(self):
-        return f'{self.user.username} Profile'
+        return self.username or self.email
+
+    class Meta:
+        verbose_name = _('user')
+        verbose_name_plural = _('users')
+        ordering = ['-pk']

account/permissions.py

@@ -0,0 +1,26 @@
+from rest_framework.permissions import BasePermission, SAFE_METHODS
+
+
+class IsOwnerOrAdmin(BasePermission):
+    """
+    Custom permission that allows access only to the owner of the profile or an admin.
+    """
+
+    def has_permission(self, request, view):
+        # Allow access if the user is authenticated
+        return request.user and request.user.is_authenticated
+
+    def has_object_permission(self, request, view, obj):
+        # Allow read access, or write access only if user is owner or admin
+        if request.method in SAFE_METHODS:
+            return True
+        return obj.user == request.user or request.user.is_staff
+
+
+class IsNotAuthenticated(BasePermission):
+    """
+    Custom permission that allows access only to non-authenticated users.
+    """
+
+    def has_permission(self, request, view):
+        return not request.user or not request.user.is_authenticated