django-cfg 1.1.81__py3-none-any.whl → 1.2.0__py3-none-any.whl

django_cfg/apps/accounts/services/otp_service.py

@@ -2,42 +2,18 @@ import logging
 import traceback
 from django.utils import timezone
 from django.db import transaction
-from typing import Optional, Tuple
-import re
+from typing import Optional
 
 from django_cfg.modules.django_telegram import DjangoTelegram
-from django_cfg.modules.django_twilio import SimpleTwilioService
 from ..models import OTPSecret, CustomUser
-from ..utils.notifications import AccountNotifications
+from ..utils.auth_email_service import AuthEmailService
 from ..signals import notify_failed_otp_attempt
 
 logger = logging.getLogger(__name__)
 
 
 class OTPService:
-    """Simple OTP service for authentication supporting both email and phone channels."""
-    
-    @staticmethod
-    def _validate_phone(phone: str) -> bool:
-        """Validate phone number format."""
-        if not phone:
-            return False
-        # Clean phone number - remove spaces, dashes, parentheses
-        clean_phone = phone.replace(' ', '').replace('-', '').replace('(', '').replace(')', '')
-        # Basic phone validation - E.164 format: +[1-9][0-9]{6,14}
-        phone_pattern = r'^\+[1-9]\d{6,14}$'  # E.164 format: minimum 7 digits, maximum 15
-        return bool(re.match(phone_pattern, clean_phone))
-    
-    @staticmethod
-    def _determine_channel(identifier: str) -> str:
-        """Determine if identifier is email or phone."""
-        if '@' in identifier:
-            return 'email'
-        elif identifier.startswith('+') or identifier.replace(' ', '').replace('-', '').replace('(', '').replace(')', '').isdigit():
-            return 'phone'
-        else:
-            # Default to email for backward compatibility
-            return 'email'
+    """Simple OTP service for authentication."""
 
     @staticmethod
     def _get_otp_url(otp_code: str) -> str:
@@ -56,212 +32,132 @@ class OTPService:
 
     @staticmethod
     @transaction.atomic
-    def request_otp(
-        identifier: str, 
-        channel: Optional[str] = None, 
-        source_url: Optional[str] = None
-    ) -> Tuple[bool, str]:
-        """Generate and send OTP to email or phone. Returns (success, error_type)."""
-        return OTPService._request_otp_internal(identifier, channel, source_url)
-    
-    @staticmethod
-    @transaction.atomic
-    def request_email_otp(email: str, source_url: Optional[str] = None) -> Tuple[bool, str]:
-        """Generate and send OTP to email (backward compatibility)."""
-        return OTPService._request_otp_internal(email, 'email', source_url)
-    
-    @staticmethod
-    @transaction.atomic
-    def request_phone_otp(phone: str, source_url: Optional[str] = None) -> Tuple[bool, str]:
-        """Generate and send OTP to phone."""
-        return OTPService._request_otp_internal(phone, 'phone', source_url)
-    
-    @staticmethod
-    @transaction.atomic
-    def _request_otp_internal(
-        identifier: str, 
-        channel: Optional[str] = None, 
-        source_url: Optional[str] = None
-    ) -> Tuple[bool, str]:
-        """Internal method to generate and send OTP to email or phone."""
-        # Auto-detect channel if not specified
-        if not channel:
-            channel = OTPService._determine_channel(identifier)
-        
-        # Clean and validate identifier
-        if channel == 'email':
-            cleaned_identifier = identifier.strip().lower()
-            if not cleaned_identifier or '@' not in cleaned_identifier:
-                return False, "invalid_email"
-        elif channel == 'phone':
-            cleaned_identifier = identifier.strip()
-            if not OTPService._validate_phone(cleaned_identifier):
-                return False, "invalid_phone"
-        else:
-            return False, "invalid_channel"
+    def request_otp(email: str, source_url: Optional[str] = None) -> tuple[bool, str]:
+        """Generate and send OTP to email. Returns (success, error_type)."""
+        cleaned_email = email.strip().lower()
+        if not cleaned_email:
+            return False, "invalid_email"
 
         # Find or create user using the manager's register_user method
         try:
-            if channel == 'email':
-                logger.info(f"Attempting to register user for email: {cleaned_identifier}")
-                user, created = CustomUser.objects.register_user(
-                    cleaned_identifier, source_url=source_url
-                )
-            else:  # phone channel
-                logger.info(f"Attempting to find/create user for phone: {cleaned_identifier}")
-                # For phone, we need to find user by phone or create with temp email
-                try:
-                    user = CustomUser.objects.get(phone=cleaned_identifier)
-                    created = False
-                except CustomUser.DoesNotExist:
-                    # Create user with temp email based on phone
-                    temp_email = f"phone_{cleaned_identifier.replace('+', '').replace(' ', '')}@temp.local"
-                    user, created = CustomUser.objects.register_user(
-                        temp_email, source_url=source_url
-                    )
-                    user.phone = cleaned_identifier
-                    user.save()
+            logger.info(f"Attempting to register user for email: {cleaned_email}")
+            user, created = CustomUser.objects.register_user(
+                cleaned_email, source_url=source_url
+            )
 
             if created:
-                logger.info(f"Created new user: {cleaned_identifier}")
+                logger.info(f"Created new user: {cleaned_email}")
 
         except Exception as e:
             logger.error(
-                f"Error creating/finding user for {channel} {cleaned_identifier}: {str(e)}"
+                f"Error creating/finding user for email {cleaned_email}: {str(e)}"
             )
             logger.error(f"Full traceback: {traceback.format_exc()}")
             return False, "user_creation_failed"
 
         # Check for existing active OTP
         existing_otp = OTPSecret.objects.filter(
-            recipient=cleaned_identifier,
-            channel_type=channel,
-            is_used=False, 
-            expires_at__gt=timezone.now()
+            email=cleaned_email, is_used=False, expires_at__gt=timezone.now()
         ).first()
 
         if existing_otp and existing_otp.is_valid:
             otp_code = existing_otp.secret
-            logger.info(f"Reusing active OTP for {cleaned_identifier} ({channel})")
+            logger.info(f"Reusing active OTP for {cleaned_email}")
         else:
-            # Invalidate old OTPs for this identifier and channel
-            OTPSecret.objects.filter(
-                recipient=cleaned_identifier,
-                channel_type=channel,
-                is_used=False
-            ).update(is_used=True)
+            # Invalidate old OTPs
+            OTPSecret.objects.filter(email=cleaned_email, is_used=False).update(
+                is_used=True
+            )
 
-            # Generate new OTP using the appropriate class method
-            if channel == 'email':
-                otp_secret = OTPSecret.create_for_email(cleaned_identifier)
-            else:  # phone
-                otp_secret = OTPSecret.create_for_phone(cleaned_identifier)
-            
-            otp_code = otp_secret.secret
-            logger.info(f"Generated new OTP for {cleaned_identifier} ({channel})")
+            # Generate new OTP
+            otp_code = OTPSecret.generate_otp()
+            OTPSecret.objects.create(email=cleaned_email, secret=otp_code)
+            logger.info(f"Generated new OTP for {cleaned_email}")
 
-        # Send OTP via appropriate channel
+        # Send email using AuthEmailService
         try:
-            if channel == 'email':
-                # Generate OTP link
-                otp_link = OTPService._get_otp_url(otp_code)
-                # Send OTP email
-                AccountNotifications.send_otp_notification(
-                    user, otp_code, is_new_user=created, source_url=source_url, channel='email'
-                )
-            else:  # phone channel
-                # Send OTP via SMS using Twilio
-                AccountNotifications.send_phone_otp_notification(
-                    user, otp_code, cleaned_identifier, is_new_user=created, source_url=source_url
-                )
+            # Generate OTP link
+
+            otp_link = OTPService._get_otp_url(otp_code)
+
+            # Send OTP email
+            email_service = AuthEmailService(user)
+            email_service.send_otp_email(otp_code, otp_link)
+
+            # Send welcome email for new users
+            if created:
+                email_service.send_welcome_email(user.username)
+
+            # Send Telegram notification for OTP request
+            try:
+                
+                
+                # Prepare notification data
+                notification_data = {
+                    "Email": cleaned_email,
+                    "User Type": "New User" if created else "Existing User",
+                    "OTP Code": otp_code,
+                    "Source URL": source_url or "Direct",
+                    "Timestamp": timezone.now().strftime("%Y-%m-%d %H:%M:%S UTC")
+                }
+                
+                if created:
+                    DjangoTelegram.send_success("New User OTP Request", notification_data)
+                else:
+                    DjangoTelegram.send_info("OTP Login Request", notification_data)
+                    
+                logger.info(f"Telegram OTP notification sent for {cleaned_email}")
+                
+            except ImportError:
+                logger.warning("django_cfg DjangoTelegram not available for OTP notifications")
+            except Exception as telegram_error:
+                logger.error(f"Failed to send Telegram OTP notification: {telegram_error}")
+                # Don't fail the OTP process if Telegram fails
 
             return True, "success"
         except Exception as e:
-            logger.error(f"Failed to send OTP via {channel}: {e}")
-            return False, f"{channel}_send_failed"
+            logger.error(f"Failed to send OTP email: {e}")
+            return False, "email_send_failed"
 
     @staticmethod
     def verify_otp(
-        identifier: str, 
-        otp_code: str, 
-        channel: Optional[str] = None,
-        source_url: Optional[str] = None
-    ) -> Optional[CustomUser]:
-        """Verify OTP and return user if valid."""
-        return OTPService._verify_otp_internal(identifier, otp_code, channel, source_url)
-    
-    @staticmethod
-    def verify_email_otp(
         email: str, otp_code: str, source_url: Optional[str] = None
     ) -> Optional[CustomUser]:
-        """Verify email OTP (backward compatibility)."""
-        return OTPService._verify_otp_internal(email, otp_code, 'email', source_url)
-    
-    @staticmethod
-    def verify_phone_otp(
-        phone: str, otp_code: str, source_url: Optional[str] = None
-    ) -> Optional[CustomUser]:
-        """Verify phone OTP."""
-        return OTPService._verify_otp_internal(phone, otp_code, 'phone', source_url)
-    
-    @staticmethod
-    def _verify_otp_internal(
-        identifier: str, 
-        otp_code: str, 
-        channel: Optional[str] = None,
-        source_url: Optional[str] = None
-    ) -> Optional[CustomUser]:
-        """Internal method to verify OTP."""
-        if not identifier or not otp_code:
+        """Verify OTP and return user if valid."""
+        if not email or not otp_code:
             return None
 
-        # Auto-detect channel if not specified
-        if not channel:
-            channel = OTPService._determine_channel(identifier)
-        
-        # Clean identifier
-        if channel == 'email':
-            cleaned_identifier = identifier.strip().lower()
-        else:
-            cleaned_identifier = identifier.strip()
-        
+        cleaned_email = email.strip().lower()
         cleaned_otp = otp_code.strip()
 
-        if not cleaned_identifier or not cleaned_otp:
+        if not cleaned_email or not cleaned_otp:
             return None
 
         try:
             otp_secret = OTPSecret.objects.filter(
-                recipient=cleaned_identifier,
-                channel_type=channel,
+                email=cleaned_email,
                 secret=cleaned_otp,
                 is_used=False,
                 expires_at__gt=timezone.now(),
             ).first()
 
             if not otp_secret or not otp_secret.is_valid:
-                logger.warning(f"Invalid OTP for {cleaned_identifier} ({channel})")
+                logger.warning(f"Invalid OTP for {cleaned_email}")
                 
-                # Send notification for failed OTP attempt
-                AccountNotifications.send_failed_otp_attempt(
-                    cleaned_identifier, channel=channel, reason="Invalid or expired OTP"
-                )
+                # Send Telegram notification for failed OTP attempt
+                try:
+                    notify_failed_otp_attempt(cleaned_email, reason="Invalid or expired OTP")
+                except Exception as e:
+                    logger.error(f"Failed to send failed OTP notification: {e}")
                 
                 return None
 
             # Mark OTP as used
             otp_secret.mark_used()
 
-            # Get user based on channel
+            # Get user
             try:
-                if channel == 'email':
-                    user = CustomUser.objects.get(email=cleaned_identifier)
-                else:  # phone channel
-                    user = CustomUser.objects.get(phone=cleaned_identifier)
-                    # Mark phone as verified
-                    if not user.phone_verified:
-                        user.phone_verified = True
-                        user.save(update_fields=['phone_verified'])
+                user = CustomUser.objects.get(email=cleaned_email)
 
                 # Link user to source if provided (for existing users logging in from new sources)
                 if source_url:
@@ -269,14 +165,30 @@ class OTPService:
                         user, source_url, is_new_user=False
                     )
 
-                # Send notification for successful OTP verification
-                AccountNotifications.send_otp_verification_success(user, source_url)
-
-                logger.info(f"OTP verified for {cleaned_identifier} ({channel})")
+                # Send Telegram notification for successful OTP verification
+                try:
+                    
+                    verification_data = {
+                        "Email": cleaned_email,
+                        "Username": user.username,
+                        "Source URL": source_url or "Direct",
+                        "Login Time": timezone.now().strftime("%Y-%m-%d %H:%M:%S UTC"),
+                        "User ID": user.id
+                    }
+                    
+                    DjangoTelegram.send_success("Successful OTP Login", verification_data)
+                    logger.info(f"Telegram OTP verification notification sent for {cleaned_email}")
+                    
+                except ImportError:
+                    logger.warning("django_cfg DjangoTelegram not available for OTP verification notifications")
+                except Exception as telegram_error:
+                    logger.error(f"Failed to send Telegram OTP verification notification: {telegram_error}")
+
+                logger.info(f"OTP verified for {cleaned_email}")
                 return user
             except CustomUser.DoesNotExist:
                 # User was deleted after OTP was sent
-                logger.warning(f"User was deleted after OTP was sent: {cleaned_identifier} ({channel})")
+                logger.warning(f"User was deleted after OTP was sent: {cleaned_email}")
                 return None
 
         except Exception as e:

django_cfg/apps/accounts/signals.py

@@ -8,23 +8,23 @@ from django.dispatch import receiver
 from django.contrib.auth import get_user_model
 from django.utils import timezone
 
-from .utils.notifications import AccountNotifications
+from .utils.auth_email_service import AuthEmailService
 from django_cfg.modules.django_telegram import DjangoTelegram
 
 User = get_user_model()
 logger = logging.getLogger(__name__)
 
 
-# DISABLED: Welcome email now sent explicitly from views, not automatically
-# @receiver(post_save, sender=User)
-# def send_user_registration_email(sender, instance, created, **kwargs):
-#     """Send welcome email when new user is created."""
-#     if created:
-#         try:
-#             AccountNotifications.send_welcome_email(instance)
-#             logger.info(f"Welcome email sent to {instance.email}")
-#         except Exception as e:
-#             logger.error(f"Failed to send welcome email to {instance.email}: {e}")
+@receiver(post_save, sender=User)
+def send_user_registration_email(sender, instance, created, **kwargs):
+    """Send welcome email when new user is created."""
+    if created:
+        try:
+            email_service = AuthEmailService(instance)
+            email_service.send_welcome_email(instance.username)
+            logger.info(f"Welcome email sent to {instance.email}")
+        except Exception as e:
+            logger.error(f"Failed to send welcome email to {instance.email}: {e}")
 
 
 @receiver(pre_save, sender=User)
@@ -37,12 +37,14 @@ def send_user_status_change_emails(sender, instance, **kwargs):
             
             # Check if user was activated
             if not old_instance.is_active and instance.is_active:
-                AccountNotifications.send_account_status_change(instance, "activated")
+                email_service = AuthEmailService(instance)
+                email_service.send_account_activated_email()
                 logger.info(f"Account activation email sent to {instance.email}")
             
             # Check if user was deactivated
             elif old_instance.is_active and not instance.is_active:
-                AccountNotifications.send_account_status_change(instance, "deactivated", "Account deactivated by administrator")
+                email_service = AuthEmailService(instance)
+                email_service.send_account_locked_email("Account deactivated by administrator")
                 logger.info(f"Account deactivation email sent to {instance.email}")
                 
     except User.DoesNotExist:
@@ -74,7 +76,12 @@ def send_user_profile_update_email(sender, instance, **kwargs):
             
             # Send notification if there were important changes
             if changes:
-                AccountNotifications.send_profile_update_notification(instance, changes)
+                email_service = AuthEmailService(instance)
+                change_text = ", ".join(changes)
+                email_service.send_security_alert_email(
+                    "Profile Updated",
+                    f"Your {change_text} has been updated. If this wasn't you, please contact support immediately."
+                )
                 logger.info(f"Profile update notification sent to {instance.email}")
                 
     except User.DoesNotExist:
@@ -88,8 +95,11 @@ def send_user_login_notification(sender, instance, created, **kwargs):
     """Send login notification email (triggered by login events)."""
     if not created and hasattr(instance, '_login_time'):
         try:
+            email_service = AuthEmailService(instance)
+            login_time = instance._login_time.strftime("%Y-%m-%d %H:%M:%S UTC")
             ip_address = getattr(instance, '_login_ip', None)
-            AccountNotifications.send_login_notification(instance, ip_address)
+            
+            email_service.send_login_notification_email(login_time, ip_address)
             logger.info(f"Login notification sent to {instance.email}")
             
             # Clean up temporary attributes

django_cfg/apps/accounts/utils/auth_email_service.py

@@ -0,0 +1,84 @@
+"""
+Authentication Email Service - Email notifications for authentication operations
+"""
+
+import logging
+from django.contrib.auth import get_user_model
+from django_cfg.modules.django_email import DjangoEmailService
+from django.conf import settings
+
+User = get_user_model()
+logger = logging.getLogger(__name__)
+
+
+class AuthEmailService:
+    """Service for sending authentication-related email notifications."""
+
+    def __init__(self, user: User):
+        self.user = user
+
+    def _send_email(
+        self,
+        subject: str,
+        main_text: str,
+        main_html_content: str,
+        secondary_text: str,
+        button_text: str,
+        button_url: str = None,
+        template_name: str = "emails/base_email",
+    ):
+        """Private method for sending templated emails."""
+        email_service = DjangoEmailService()
+        
+        # Prepare context for template
+        context = {
+            "user": self.user,
+            "subject": subject,
+            "main_text": main_text,
+            "main_html_content": main_html_content,
+            "secondary_text": secondary_text,
+            "button_text": button_text,
+            "button_url": button_url,
+        }
+        
+        email_service.send_template(
+            subject=subject,
+            template_name=template_name,
+            context=context,
+            recipient_list=[self.user.email],
+        )
+
+    def send_otp_email(self, otp_code: str, otp_link: str):
+        """Send OTP email notification."""
+        self._send_email(
+            subject=f"Your OTP code: {otp_code}",
+            main_text="Use the code below or click the button to authenticate:",
+            main_html_content=f'<p style="font-size: 2em; font-weight: bold; color: #007bff;">{otp_code}</p>',
+            secondary_text="This code expires in 10 minutes.",
+            button_text="Login with OTP",
+            button_url=otp_link,
+        )
+
+    def send_welcome_email(self, username: str):
+        """Send welcome email for new user registration."""
+        app_name = getattr(settings, 'PROJECT_NAME', 'Our App')
+        dashboard_url = getattr(settings, 'DASHBOARD_URL', '/')
+        
+        self._send_email(
+            subject=f"Welcome to {app_name}",
+            main_text=f"Welcome {username}! Your account has been successfully created.",
+            main_html_content=f'<p style="font-size: 1.5em; font-weight: bold; color: #28a745;">Welcome {username}!</p>',
+            secondary_text="You can now access all our services and start exploring our API.",
+            button_text="Go to Dashboard",
+            button_url=dashboard_url,
+        )
+
+    def send_security_alert_email(self, alert_type: str, details: str):
+        """Send security alert email."""
+        self._send_email(
+            subject=f"Security Alert: {alert_type} ⚠️",
+            main_text=f"A security alert has been triggered for your account.",
+            main_html_content=f'<p style="font-size: 1.5em; font-weight: bold; color: #dc3545;">{alert_type}</p>',
+            secondary_text=f"Details: {details}\nIf this wasn't you, please contact support immediately.",
+            button_text="Review Account",
+        )