django-cfg 1.1.74__tar.gz → 1.1.76__tar.gz

{django_cfg-1.1.74 → django_cfg-1.1.76}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: django-cfg
-Version: 1.1.74
+Version: 1.1.76
 Summary: 🚀 Production-ready Django configuration framework with type-safe settings, smart automation, and modern developer experience
 Project-URL: Homepage, https://github.com/markolofsen/django-cfg
 Project-URL: Documentation, https://django-cfg.readthedocs.io

{django_cfg-1.1.74 → django_cfg-1.1.76}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "django-cfg"
-version = "1.1.74"
+version = "1.1.76"
 description = "🚀 Production-ready Django configuration framework with type-safe settings, smart automation, and modern developer experience"
 readme = "README.md"
 license = {text = "MIT"}

{django_cfg-1.1.74 → django_cfg-1.1.76}/src/django_cfg/__init__.py

@@ -38,7 +38,7 @@ default_app_config = "django_cfg.apps.DjangoCfgConfig"
 from typing import TYPE_CHECKING
 
 # Version information
-__version__ = "1.1.74"
+__version__ = "1.1.76"
 __author__ = "Unrealos Team"
 __email__ = "info@unrealos.com"
 __license__ = "MIT"

{django_cfg-1.1.74 → django_cfg-1.1.76}/src/django_cfg/core/config.py

@@ -633,6 +633,7 @@ class DjangoConfig(BaseModel):
             "django.contrib.sessions.middleware.SessionMiddleware",
             "django.middleware.common.CommonMiddleware",
             "django.middleware.csrf.CsrfViewMiddleware",
+            "django_cfg.middleware.PublicEndpointsMiddleware",  # Handle invalid JWT tokens on public endpoints
             "django.contrib.auth.middleware.AuthenticationMiddleware",
             "django.contrib.messages.middleware.MessageMiddleware",
             "django.middleware.clickjacking.XFrameOptionsMiddleware",

django_cfg-1.1.76/src/django_cfg/middleware/README.md

@@ -0,0 +1,318 @@
+# 🛡️ Django CFG Middleware
+
+Custom Django middleware components for Django CFG applications.
+
+## 📋 Contents
+
+- [UserActivityMiddleware](#useractivitymiddleware) - User activity tracking
+- [PublicEndpointsMiddleware](#publicendpointsmiddleware) - Ignore invalid JWT tokens on public endpoints
+
+## UserActivityMiddleware
+
+Middleware for automatic user activity tracking by updating the `last_login` field on API requests.
+
+### ✨ Features
+
+- ✅ Automatic `last_login` update on API requests
+- ✅ Smart API request detection (JSON, DRF, REST methods)
+- ✅ 5-minute update interval to prevent database spam
+- ✅ In-memory caching for performance optimization
+- ✅ Only works when `accounts` app is enabled
+- ✅ KISS principle - no configuration needed
+
+### 🚀 Automatic Integration
+
+The middleware is automatically included when `enable_accounts = True`:
+
+```python
+class MyConfig(DjangoConfig):
+    enable_accounts = True  # UserActivityMiddleware will be auto-included
+```
+
+### 🎯 API Request Detection
+
+The middleware intelligently detects API requests using:
+
+1. **JSON Content-Type or Accept header**
+   ```
+   Content-Type: application/json
+   Accept: application/json
+   ```
+
+2. **DRF format parameter**
+   ```
+   ?format=json
+   ?format=api
+   ```
+
+3. **REST methods** (POST, PUT, PATCH, DELETE) on non-admin paths
+
+4. **Configured API prefixes**
+   - Django Revolution API: `/{api_prefix}/` (from config)
+   - Django CFG API: `/cfg/` (always)
+
+### 📊 Statistics
+
+Get middleware statistics:
+
+```python
+from django_cfg.middleware import UserActivityMiddleware
+
+# In view or management command
+middleware = UserActivityMiddleware()
+stats = middleware.get_activity_stats()
+
+print(stats)
+# {
+#     'tracked_users': 42,
+#     'update_interval': 300,
+#     'api_only': True,
+#     'accounts_enabled': True,
+#     'middleware_active': True
+# }
+```
+
+### 🔍 Logging
+
+The middleware logs activity at DEBUG level:
+
+```python
+# settings.py
+LOGGING = {
+    'loggers': {
+        'django_cfg.middleware.user_activity': {
+            'level': 'DEBUG',
+            'handlers': ['console'],
+        },
+    },
+}
+```
+
+### 🎛️ Manual Integration
+
+If you need to include the middleware manually:
+
+```python
+# settings.py
+MIDDLEWARE = [
+    # ... other middleware
+    'django_cfg.middleware.UserActivityMiddleware',
+]
+```
+
+### 🔧 Performance
+
+- **Caching**: Last update times are cached in memory
+- **Batch updates**: Uses `update()` instead of `save()` for optimization
+- **Auto-cleanup**: Cache automatically cleans up when exceeding 1000 users
+- **Graceful errors**: Errors don't break request processing
+
+### 🎯 Admin Integration
+
+The `last_login` field is automatically displayed in accounts admin:
+
+- ✅ In user list view (`last_login_display`)
+- ✅ In user detail view
+- ✅ With human-readable time format
+
+### 🚨 Important Notes
+
+1. **Accounts only**: Middleware only works when `enable_accounts = True`
+2. **Authentication**: Only tracks authenticated users
+3. **Performance**: 5-minute interval prevents database spam
+4. **Safety**: Middleware doesn't break requests on errors
+
+### 📈 Monitoring
+
+For user activity monitoring:
+
+```python
+# In Django admin or management command
+from django.contrib.auth import get_user_model
+from django.utils import timezone
+from datetime import timedelta
+
+User = get_user_model()
+
+# Active users in the last hour
+active_users = User.objects.filter(
+    last_login__gte=timezone.now() - timedelta(hours=1)
+).count()
+
+# Online users (last 5 minutes)
+online_users = User.objects.filter(
+    last_login__gte=timezone.now() - timedelta(minutes=5)
+).count()
+```
+
+### 💡 Usage Examples
+
+The middleware works automatically with no configuration needed:
+
+```python
+# Your DjangoConfig
+class MyProjectConfig(DjangoConfig):
+    enable_accounts = True  # That's it! Middleware is active
+
+# API requests will automatically update last_login:
+# POST /cfg/accounts/profile/
+# GET /api/users/?format=json
+# PUT /cfg/newsletter/subscribe/
+```
+
+## PublicEndpointsMiddleware
+
+Middleware that temporarily removes invalid JWT tokens from public endpoints to prevent authentication errors.
+
+### ✨ Features
+
+- ✅ **Automatic activation** - No configuration needed, works out of the box
+- ✅ **Smart endpoint detection** - Configurable regex patterns for public endpoints
+- ✅ **JWT token detection** - Only processes requests with Bearer tokens
+- ✅ **Temporary removal** - Auth headers are restored after request processing
+- ✅ **Performance optimized** - Compiled regex patterns for fast matching
+- ✅ **Detailed logging** - Debug information for troubleshooting
+- ✅ **Statistics tracking** - Monitor middleware usage and effectiveness
+
+### 🎯 Problem Solved
+
+When a frontend sends an invalid/expired JWT token to a public endpoint (like OTP request), Django's authentication middleware tries to authenticate the user and fails with "User not found" errors, even though the endpoint has `AllowAny` permissions.
+
+This middleware temporarily removes the `Authorization` header for public endpoints, allowing them to work without authentication errors.
+
+### 🚀 Automatic Integration
+
+The middleware is **automatically included** in all Django CFG projects:
+
+```python
+class MyConfig(DjangoConfig):
+    # No configuration needed - PublicEndpointsMiddleware is always active
+    pass
+```
+
+### 🎯 Default Public Endpoints
+
+The middleware protects these endpoints by default:
+
+```python
+DEFAULT_PUBLIC_PATTERNS = [
+    r'^/api/accounts/otp/',           # OTP endpoints (request, verify)
+    r'^/cfg/accounts/otp/',           # CFG OTP endpoints
+    r'^/api/accounts/token/refresh/', # Token refresh
+    r'^/cfg/accounts/token/refresh/', # CFG Token refresh
+    r'^/api/health/',                 # Health check endpoints
+    r'^/cfg/api/health/',             # CFG Health check endpoints
+    r'^/admin/login/',                # Django admin login
+    r'^/api/schema/',                 # API schema endpoints
+    r'^/api/docs/',                   # API documentation
+]
+```
+
+### ⚙️ Custom Configuration
+
+You can customize public endpoint patterns in your Django settings:
+
+```python
+# settings.py (optional)
+PUBLIC_ENDPOINT_PATTERNS = [
+    r'^/api/accounts/otp/',
+    r'^/api/public/',
+    r'^/api/webhooks/',
+    # Add your custom patterns here
+]
+```
+
+### 🔍 How It Works
+
+1. **Request Processing**: Middleware checks if the request path matches public endpoint patterns
+2. **Token Detection**: If a Bearer token is present, it's temporarily removed
+3. **Request Handling**: Django processes the request without authentication
+4. **Token Restoration**: The original Authorization header is restored after processing
+
+### 📊 Statistics
+
+Get middleware statistics for monitoring:
+
+```python
+from django_cfg.middleware import PublicEndpointsMiddleware
+
+# In your view or management command
+middleware = PublicEndpointsMiddleware()
+stats = middleware.get_stats()
+
+print(stats)
+# {
+#     'requests_processed': 1250,
+#     'tokens_ignored': 45,
+#     'public_endpoints_hit': 120,
+#     'public_patterns_count': 9,
+#     'middleware_active': True
+# }
+```
+
+### 🔍 Logging
+
+The middleware logs activity at DEBUG level:
+
+```python
+# settings.py
+LOGGING = {
+    'loggers': {
+        'django_cfg.middleware.public_endpoints': {
+            'level': 'DEBUG',
+            'handlers': ['console'],
+        },
+    },
+}
+```
+
+### 🎛️ Manual Integration
+
+If you need to include the middleware manually (not recommended):
+
+```python
+# settings.py
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
+    'django_cfg.middleware.PublicEndpointsMiddleware',  # Add early in stack
+    # ... other middleware
+]
+```
+
+### 🚨 Important Notes
+
+1. **Always Active**: Middleware is included by default in all Django CFG projects
+2. **Performance**: Uses compiled regex patterns for fast endpoint matching
+3. **Safety**: Only removes Authorization headers temporarily, restores them after processing
+4. **Logging**: All actions are logged for debugging and monitoring
+
+### 💡 Usage Examples
+
+The middleware works automatically with no configuration needed:
+
+```python
+# Your DjangoConfig
+class MyProjectConfig(DjangoConfig):
+    # PublicEndpointsMiddleware is automatically active
+    pass
+
+# These requests will work even with invalid tokens:
+# POST /api/accounts/otp/request/ (with expired Bearer token)
+# POST /cfg/accounts/otp/verify/ (with invalid Bearer token)
+# GET /api/health/ (with any Bearer token)
+```
+
+### 🔧 Frontend Integration
+
+Perfect companion to frontend error handling:
+
+```typescript
+// Frontend automatically clears invalid tokens on 401/403
+// Middleware ensures public endpoints work during token cleanup
+const response = await api.requestOTP({
+  identifier: "user@example.com",
+  channel: "email"
+});
+// ✅ Works even if localStorage has invalid token
+```

{django_cfg-1.1.74 → django_cfg-1.1.76}/src/django_cfg/middleware/__init__.py

@@ -5,7 +5,9 @@ Provides middleware components for Django CFG applications.
 """
 
 from .user_activity import UserActivityMiddleware
+from .public_endpoints import PublicEndpointsMiddleware
 
 __all__ = [
     'UserActivityMiddleware',
+    'PublicEndpointsMiddleware',
 ]

django_cfg-1.1.76/src/django_cfg/middleware/public_endpoints.py

@@ -0,0 +1,182 @@
+"""
+Public Endpoints Middleware
+
+Middleware that ignores invalid JWT tokens on public endpoints to prevent
+authentication errors on endpoints with AllowAny permissions.
+"""
+
+import logging
+import re
+from typing import List, Optional, Set
+from django.http import HttpRequest, HttpResponse
+from django.utils.deprecation import MiddlewareMixin
+
+logger = logging.getLogger(__name__)
+
+
+class PublicEndpointsMiddleware(MiddlewareMixin):
+    """
+    Middleware that temporarily removes Authorization headers for public endpoints.
+    
+    This prevents Django from trying to authenticate invalid JWT tokens on endpoints
+    that have AllowAny permissions, which can cause "User not found" errors.
+    
+    Features:
+    - ✅ Configurable public endpoint patterns
+    - ✅ Smart JWT token detection
+    - ✅ Automatic restoration of headers after processing
+    - ✅ Detailed logging for debugging
+    - ✅ Performance optimized with compiled regex patterns
+    """
+    
+    # Default public endpoint patterns
+    DEFAULT_PUBLIC_PATTERNS = [
+        r'^/api/accounts/otp/',           # OTP endpoints (request, verify)
+        r'^/cfg/accounts/otp/',           # CFG OTP endpoints
+        r'^/api/accounts/token/refresh/', # Token refresh
+        r'^/cfg/accounts/token/refresh/', # CFG Token refresh
+        r'^/api/health/',                 # Health check endpoints
+        r'^/cfg/api/health/',             # CFG Health check endpoints
+        r'^/admin/login/',                # Django admin login
+        r'^/api/schema/',                 # API schema endpoints
+        r'^/api/docs/',                   # API documentation
+    ]
+    
+    def __init__(self, get_response=None):
+        super().__init__(get_response)
+        self.public_patterns: List[re.Pattern] = []
+        self.stats = {
+            'requests_processed': 0,
+            'tokens_ignored': 0,
+            'public_endpoints_hit': 0,
+        }
+        self._compile_patterns()
+    
+    def _compile_patterns(self):
+        """Compile regex patterns for better performance."""
+        patterns = self._get_public_patterns()
+        self.public_patterns = [re.compile(pattern) for pattern in patterns]
+        logger.debug(f"Compiled {len(self.public_patterns)} public endpoint patterns")
+    
+    def _get_public_patterns(self) -> List[str]:
+        """Get public endpoint patterns from Django settings or use defaults."""
+        from django.conf import settings
+        
+        # Try to get patterns from settings
+        custom_patterns = getattr(settings, 'PUBLIC_ENDPOINT_PATTERNS', None)
+        if custom_patterns:
+            logger.debug(f"Using custom public patterns: {len(custom_patterns)} patterns")
+            return custom_patterns
+        
+        # Use defaults
+        logger.debug(f"Using default public patterns: {len(self.DEFAULT_PUBLIC_PATTERNS)} patterns")
+        return self.DEFAULT_PUBLIC_PATTERNS
+    
+    def _is_public_endpoint(self, path: str) -> bool:
+        """Check if the request path matches any public endpoint pattern."""
+        for pattern in self.public_patterns:
+            if pattern.match(path):
+                return True
+        return False
+    
+    def _has_jwt_token(self, request: HttpRequest) -> bool:
+        """Check if request has a JWT Authorization header."""
+        auth_header = request.META.get('HTTP_AUTHORIZATION', '')
+        return auth_header.startswith('Bearer ')
+    
+    def _extract_auth_header(self, request: HttpRequest) -> Optional[str]:
+        """Extract and remove Authorization header from request."""
+        return request.META.pop('HTTP_AUTHORIZATION', None)
+    
+    def _restore_auth_header(self, request: HttpRequest, auth_header: str):
+        """Restore Authorization header to request."""
+        if auth_header:
+            request.META['HTTP_AUTHORIZATION'] = auth_header
+    
+    def process_request(self, request: HttpRequest) -> Optional[HttpResponse]:
+        """
+        Process incoming request and temporarily remove auth header for public endpoints.
+        """
+        self.stats['requests_processed'] += 1
+        
+        # Check if this is a public endpoint
+        if not self._is_public_endpoint(request.path):
+            return None
+        
+        self.stats['public_endpoints_hit'] += 1
+        
+        # Check if request has JWT token
+        if not self._has_jwt_token(request):
+            return None
+        
+        # Store the auth header and remove it temporarily
+        auth_header = self._extract_auth_header(request)
+        if auth_header:
+            self.stats['tokens_ignored'] += 1
+            # Store in request for restoration later
+            request._original_auth_header = auth_header
+            
+            logger.debug(
+                f"Temporarily removed auth header for public endpoint: {request.path}",
+                extra={
+                    'path': request.path,
+                    'method': request.method,
+                    'has_token': bool(auth_header),
+                }
+            )
+        
+        return None
+    
+    def process_response(self, request: HttpRequest, response: HttpResponse) -> HttpResponse:
+        """
+        Restore Authorization header after request processing.
+        """
+        # Restore auth header if it was temporarily removed
+        if hasattr(request, '_original_auth_header'):
+            self._restore_auth_header(request, request._original_auth_header)
+            delattr(request, '_original_auth_header')
+            
+            logger.debug(
+                f"Restored auth header for public endpoint: {request.path}",
+                extra={
+                    'path': request.path,
+                    'status_code': response.status_code,
+                }
+            )
+        
+        return response
+    
+    def get_stats(self) -> dict:
+        """Get middleware statistics."""
+        return {
+            **self.stats,
+            'public_patterns_count': len(self.public_patterns),
+            'middleware_active': True,
+        }
+    
+    def reset_stats(self):
+        """Reset middleware statistics."""
+        self.stats = {
+            'requests_processed': 0,
+            'tokens_ignored': 0,
+            'public_endpoints_hit': 0,
+        }
+        logger.info("PublicEndpointsMiddleware stats reset")
+
+
+# Convenience function for getting middleware stats
+def get_public_endpoints_stats() -> dict:
+    """Get statistics from PublicEndpointsMiddleware if available."""
+    try:
+        # This would need to be implemented if we want global stats access
+        # For now, return basic info
+        return {
+            'middleware_available': True,
+            'note': 'Use middleware.get_stats() method for detailed statistics'
+        }
+    except Exception as e:
+        logger.error(f"Error getting public endpoints stats: {e}")
+        return {
+            'middleware_available': False,
+            'error': str(e)
+        }

{django_cfg-1.1.74 → django_cfg-1.1.76}/src/django_cfg/modules/django_llm/llm/client.py

@@ -26,6 +26,17 @@ from .models_cache import ModelsCache, ModelInfo
 from .costs import calculate_chat_cost, calculate_embedding_cost, estimate_cost
 from .tokenizer import Tokenizer
 from .extractor import JSONExtractor
+from .models import (
+    EmbeddingResponse, 
+    ChatCompletionResponse, 
+    TokenUsage, 
+    ChatChoice,
+    LLMStats,
+    CostEstimate,
+    ValidationResult,
+    CacheInfo,
+    LLMError
+)
 
 logger = logging.getLogger(__name__)
 
@@ -458,7 +469,7 @@ class LLMClient:
             self.models_cache.clear_cache()
         logger.info("LLM client cache cleared")
     
-    def generate_embedding(self, text: str, model: str = "text-embedding-ada-002") -> Dict[str, Any]:
+    def generate_embedding(self, text: str, model: str = "text-embedding-ada-002") -> EmbeddingResponse:
         """
         Generate embedding for text.
         
@@ -484,7 +495,8 @@ class LLMClient:
         if cached_response:
             logger.debug("Cache hit for embedding generation")
             self.stats['cache_hits'] += 1
-            return cached_response
+            # Convert cached dict back to Pydantic model
+            return EmbeddingResponse(**cached_response)
         
         self.stats['cache_misses'] += 1
         self.stats['total_requests'] += 1
@@ -526,16 +538,16 @@ class LLMClient:
                 tokens_used = len(text.split())  # Rough estimate
                 cost = calculate_embedding_cost(tokens_used, model, self.models_cache)
                 
-                result = {
-                    "embedding": mock_embedding,
-                    "tokens": tokens_used,
-                    "cost": cost,
-                    "model": model,
-                    "text_length": len(text),
-                    "dimension": len(mock_embedding),
-                    "response_time": time.time() - start_time,
-                    "warning": "This is a mock embedding, not a real one. OpenRouter doesn't support embedding models."
-                }
+                result = EmbeddingResponse(
+                    embedding=mock_embedding,
+                    tokens=tokens_used,
+                    cost=cost,
+                    model=model,
+                    text_length=len(text),
+                    dimension=len(mock_embedding),
+                    response_time=time.time() - start_time,
+                    warning="This is a mock embedding, not a real one. OpenRouter doesn't support embedding models."
+                )
             else:
                 # Use real OpenAI embedding API
                 response = self.client.embeddings.create(
@@ -551,25 +563,25 @@ class LLMClient:
                 tokens_used = response.usage.total_tokens
                 cost = calculate_embedding_cost(tokens_used, model, self.models_cache)
                 
-                result = {
-                    "embedding": embedding_vector,
-                    "tokens": tokens_used,
-                    "cost": cost,
-                    "model": model,
-                    "text_length": len(text),
-                    "dimension": len(embedding_vector),
-                    "response_time": time.time() - start_time
-                }
+                result = EmbeddingResponse(
+                    embedding=embedding_vector,
+                    tokens=tokens_used,
+                    cost=cost,
+                    model=model,
+                    text_length=len(text),
+                    dimension=len(embedding_vector),
+                    response_time=time.time() - start_time
+                )
             
             # Update statistics
             self.stats['successful_requests'] += 1
-            self.stats['total_tokens_used'] += result["tokens"]
-            self.stats['total_cost_usd'] += result["cost"]
+            self.stats['total_tokens_used'] += result.tokens
+            self.stats['total_cost_usd'] += result.cost
             
-            # Cache the result
-            self.cache.set_response(request_hash, result, model)
+            # Cache the result (convert to dict for caching)
+            self.cache.set_response(request_hash, result.model_dump(), model)
             
-            logger.debug(f"Generated embedding: {result['tokens']} tokens, ${result['cost']:.6f}")
+            logger.debug(f"Generated embedding: {result.tokens} tokens, ${result.cost:.6f}")
             return result
             
         except Exception as e: