django-cfg 1.2.29__py3-none-any.whl → 1.3.1__py3-none-any.whl

django_cfg/apps/payments/utils/middleware_utils.py

@@ -1,228 +0,0 @@
-"""
-Utilities for middleware processing.
-"""
-
-from typing import Optional, List
-from django.http import HttpRequest
-from django.conf import settings
-
-
-def get_client_ip(request: HttpRequest) -> Optional[str]:
-    """
-    Get client IP address from request.
-    Handles various proxy headers and configurations.
-    """
-    
-    # Check for forwarded headers first
-    forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
-    if forwarded_for:
-        # Take first IP in chain (original client)
-        return forwarded_for.split(',')[0].strip()
-    
-    # Check for real IP header (common with nginx)
-    real_ip = request.META.get('HTTP_X_REAL_IP')
-    if real_ip:
-        return real_ip.strip()
-    
-    # Check for Cloudflare header
-    cf_ip = request.META.get('HTTP_CF_CONNECTING_IP')
-    if cf_ip:
-        return cf_ip.strip()
-    
-    # Fallback to remote address
-    remote_addr = request.META.get('REMOTE_ADDR')
-    if remote_addr:
-        return remote_addr.strip()
-    
-    return None
-
-
-def is_api_request(request: HttpRequest, api_prefixes: Optional[List[str]] = None) -> bool:
-    """
-    Check if request is an API request based on path prefixes.
-    
-    Args:
-        request: Django HTTP request
-        api_prefixes: List of API prefixes to check (defaults to settings)
-    """
-    
-    if api_prefixes is None:
-        api_prefixes = getattr(settings, 'PAYMENTS_API_PREFIXES', ['/api/'])
-    
-    path = request.path
-    return any(path.startswith(prefix) for prefix in api_prefixes)
-
-
-def extract_api_key(request: HttpRequest) -> Optional[str]:
-    """
-    Extract API key from request headers or query parameters.
-    Supports multiple authentication methods.
-    
-    Priority:
-    1. Authorization header (Bearer token)
-    2. X-API-Key header
-    3. Query parameter (less secure, for testing)
-    """
-    
-    # Method 1: Authorization header (Bearer token)
-    auth_header = request.META.get('HTTP_AUTHORIZATION', '')
-    if auth_header.startswith('Bearer '):
-        return auth_header[7:]  # Remove 'Bearer ' prefix
-    
-    # Method 2: X-API-Key header
-    api_key_header = request.META.get('HTTP_X_API_KEY')
-    if api_key_header:
-        return api_key_header.strip()
-    
-    # Method 3: Custom header variations
-    custom_headers = [
-        'HTTP_X_API_TOKEN',
-        'HTTP_APIKEY',
-        'HTTP_API_TOKEN',
-    ]
-    
-    for header in custom_headers:
-        value = request.META.get(header)
-        if value:
-            return value.strip()
-    
-    # Method 4: Query parameter (less secure, mainly for testing)
-    if getattr(settings, 'PAYMENTS_ALLOW_API_KEY_IN_QUERY', False):
-        query_key = request.GET.get('api_key') or request.GET.get('apikey')
-        if query_key:
-            return query_key.strip()
-    
-    return None
-
-
-def is_exempt_path(request: HttpRequest, exempt_paths: Optional[List[str]] = None) -> bool:
-    """
-    Check if request path is exempt from API key requirements.
-    
-    Args:
-        request: Django HTTP request
-        exempt_paths: List of exempt path prefixes (defaults to settings)
-    """
-    
-    if exempt_paths is None:
-        exempt_paths = getattr(settings, 'PAYMENTS_EXEMPT_PATHS', [
-            '/admin/',
-            '/cfg/',
-            '/api/v1/api-key/validate/',
-        ])
-    
-    path = request.path
-    return any(path.startswith(exempt) for exempt in exempt_paths)
-
-
-def get_request_metadata(request: HttpRequest) -> dict:
-    """
-    Extract useful metadata from request for logging and analytics.
-    """
-    
-    return {
-        'method': request.method,
-        'path': request.path,
-        'query_string': request.META.get('QUERY_STRING', ''),
-        'user_agent': request.META.get('HTTP_USER_AGENT', ''),
-        'referer': request.META.get('HTTP_REFERER', ''),
-        'ip_address': get_client_ip(request),
-        'content_type': request.META.get('CONTENT_TYPE', ''),
-        'content_length': request.META.get('CONTENT_LENGTH', 0),
-        'host': request.META.get('HTTP_HOST', ''),
-        'scheme': request.scheme,
-        'is_secure': request.is_secure(),
-    }
-
-
-def should_track_request_body(request: HttpRequest, max_size: int = 10000) -> bool:
-    """
-    Determine if request body should be tracked for analytics.
-    
-    Args:
-        request: Django HTTP request
-        max_size: Maximum body size to track (bytes)
-    """
-    
-    # Check content length
-    content_length = request.META.get('CONTENT_LENGTH')
-    if content_length and int(content_length) > max_size:
-        return False
-    
-    # Don't track file uploads
-    content_type = request.META.get('CONTENT_TYPE', '')
-    if 'multipart/form-data' in content_type:
-        return False
-    
-    # Don't track binary content
-    if 'application/octet-stream' in content_type:
-        return False
-    
-    # Don't track sensitive endpoints
-    sensitive_paths = getattr(settings, 'PAYMENTS_SENSITIVE_PATHS', [
-        '/api/v1/api-key/',
-        '/api/v1/payment/',
-        '/api/v1/subscription/',
-    ])
-    
-    path = request.path
-    if any(path.startswith(sensitive) for sensitive in sensitive_paths):
-        return False
-    
-    return True
-
-
-def should_track_response_body(response, max_size: int = 10000) -> bool:
-    """
-    Determine if response body should be tracked for analytics.
-    
-    Args:
-        response: Django HTTP response
-        max_size: Maximum body size to track (bytes)
-    """
-    
-    # Don't track large responses
-    if hasattr(response, 'content') and len(response.content) > max_size:
-        return False
-    
-    # Only track successful JSON responses
-    if not (200 <= response.status_code < 300):
-        return False
-    
-    # Check content type
-    content_type = response.get('Content-Type', '')
-    if 'application/json' not in content_type:
-        return False
-    
-    return True
-
-
-def format_error_response(error_code: str, 
-                         message: str, 
-                         status_code: int = 400,
-                         additional_data: Optional[dict] = None) -> dict:
-    """
-    Format standardized error response for middleware.
-    
-    Args:
-        error_code: Machine-readable error code
-        message: Human-readable error message
-        status_code: HTTP status code
-        additional_data: Additional error data
-    """
-    
-    from django.utils import timezone
-    
-    error_response = {
-        'error': {
-            'code': error_code,
-            'message': message,
-            'status_code': status_code,
-            'timestamp': timezone.now().isoformat(),
-        }
-    }
-    
-    if additional_data:
-        error_response['error'].update(additional_data)
-    
-    return error_response

django_cfg/apps/payments/utils/validation_utils.py

@@ -1,94 +0,0 @@
-"""
-Validation utilities for payments module.
-
-Basic validation functions for API keys and subscription access.
-"""
-
-import logging
-from typing import Optional, Dict, Any
-from django.contrib.auth import get_user_model
-from django.utils import timezone
-
-from ..models import APIKey, Subscription
-
-User = get_user_model()
-logger = logging.getLogger(__name__)
-
-
-def validate_api_key(api_key: str) -> bool:
-    """
-    Validate API key.
-    
-    Args:
-        api_key: API key to validate
-        
-    Returns:
-        True if valid, False otherwise
-    """
-    try:
-        key = APIKey.objects.select_related('user').get(
-            key_value=api_key,
-            is_active=True
-        )
-        
-        # Check if key is expired
-        if key.expires_at and key.expires_at < timezone.now():
-            return False
-            
-        return True
-        
-    except APIKey.DoesNotExist:
-        return False
-    except Exception as e:
-        logger.error(f"Error validating API key: {e}")
-        return False
-
-
-def check_subscription_access(user_id: int, endpoint_group: str) -> Dict[str, Any]:
-    """
-    Check subscription access for user and endpoint group.
-    
-    Args:
-        user_id: User ID
-        endpoint_group: Endpoint group name
-        
-    Returns:
-        Access check result dictionary
-    """
-    try:
-        subscription = Subscription.objects.select_related('endpoint_group').get(
-            user_id=user_id,
-            endpoint_group__name=endpoint_group,
-            status='active',
-            expires_at__gt=timezone.now()
-        )
-        
-        # Check usage limits
-        usage_percentage = (subscription.current_usage / subscription.monthly_limit) * 100
-        remaining_requests = subscription.monthly_limit - subscription.current_usage
-        
-        return {
-            'allowed': remaining_requests > 0,
-            'subscription_id': str(subscription.id),
-            'remaining_requests': remaining_requests,
-            'usage_percentage': usage_percentage,
-            'reason': 'Active subscription' if remaining_requests > 0 else 'Usage limit exceeded'
-        }
-        
-    except Subscription.DoesNotExist:
-        return {
-            'allowed': False,
-            'reason': 'No active subscription found',
-            'subscription_id': None,
-            'remaining_requests': 0,
-            'usage_percentage': 0
-        }
-    except Exception as e:
-        logger.error(f"Error checking subscription access: {e}")
-        return {
-            'allowed': False,
-            'reason': f'Access check failed: {str(e)}',
-            'subscription_id': None,
-            'remaining_requests': 0,
-            'usage_percentage': 0
-        }

django_cfg/apps/payments/views/__init__.py

@@ -1,62 +0,0 @@
-"""
-DRF ViewSets for universal payments.
-"""
-
-from .balance_views import UserBalanceViewSet, TransactionViewSet
-from .payment_views import (
-    UserPaymentViewSet, UniversalPaymentViewSet, 
-    PaymentCreateView, PaymentStatusView
-)
-from .subscription_views import (
-    UserSubscriptionViewSet, SubscriptionViewSet, EndpointGroupViewSet,
-    SubscriptionCreateView, ActiveSubscriptionsView
-)
-from .api_key_views import (
-    UserAPIKeyViewSet, APIKeyViewSet, 
-    APIKeyCreateView, APIKeyValidateView
-)
-from .currency_views import (
-    CurrencyViewSet, CurrencyNetworkViewSet,
-    SupportedCurrenciesView, CurrencyRatesView
-)
-from .tariff_views import (
-    TariffViewSet, TariffEndpointGroupViewSet,
-    AvailableTariffsView, TariffComparisonView
-)
-
-__all__ = [
-    # Balance ViewSets
-    'UserBalanceViewSet',
-    'TransactionViewSet',
-    
-    # Payment ViewSets & Generics
-    'UserPaymentViewSet',
-    'UniversalPaymentViewSet',
-    'PaymentCreateView',
-    'PaymentStatusView',
-    
-    # Subscription ViewSets & Generics
-    'UserSubscriptionViewSet',
-    'SubscriptionViewSet',
-    'EndpointGroupViewSet',
-    'SubscriptionCreateView',
-    'ActiveSubscriptionsView',
-    
-    # API Key ViewSets & Generics
-    'UserAPIKeyViewSet',
-    'APIKeyViewSet',
-    'APIKeyCreateView',
-    'APIKeyValidateView',
-    
-    # Currency ViewSets & Generics
-    'CurrencyViewSet',
-    'CurrencyNetworkViewSet',
-    'SupportedCurrenciesView',
-    'CurrencyRatesView',
-    
-    # Tariff ViewSets & Generics
-    'TariffViewSet',
-    'TariffEndpointGroupViewSet',
-    'AvailableTariffsView',
-    'TariffComparisonView',
-]

django_cfg/apps/payments/views/api_key_views.py

@@ -1,164 +0,0 @@
-"""
-API Key ViewSets with nested routing.
-"""
-
-from rest_framework import viewsets, permissions, status, generics
-from rest_framework.decorators import action
-from rest_framework.response import Response
-from django_filters.rest_framework import DjangoFilterBackend
-from django.contrib.auth import get_user_model
-from ..models import APIKey
-from ..serializers import (
-    APIKeySerializer, APIKeyCreateSerializer, APIKeyListSerializer
-)
-
-User = get_user_model()
-
-
-class UserAPIKeyViewSet(viewsets.ModelViewSet):
-    """Nested ViewSet for user API keys: /users/{user_id}/api-keys/"""
-    
-    serializer_class = APIKeySerializer
-    permission_classes = [permissions.IsAuthenticated]
-    filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['is_active']
-    
-    def get_queryset(self):
-        """Filter by user from URL."""
-        user_id = self.kwargs.get('user_pk')
-        return APIKey.objects.filter(user_id=user_id).order_by('-created_at')
-    
-    def get_serializer_class(self):
-        """Use different serializers for different actions."""
-        if self.action == 'create':
-            return APIKeyCreateSerializer
-        elif self.action == 'list':
-            return APIKeyListSerializer
-        return APIKeySerializer
-    
-    def perform_create(self, serializer):
-        """Set user from URL when creating."""
-        user_id = self.kwargs.get('user_pk')
-        user = User.objects.get(id=user_id)
-        
-        # Generate unique API key
-        import secrets
-        key_value = f"ak_{secrets.token_urlsafe(32)}"
-        
-        serializer.save(user=user, key_value=key_value)
-    
-    @action(detail=True, methods=['post'])
-    def regenerate(self, request, user_pk=None, pk=None):
-        """Regenerate API key."""
-        api_key = self.get_object()
-        
-        # Generate new key
-        import secrets
-        api_key.key_value = f"ak_{secrets.token_urlsafe(32)}"
-        api_key.usage_count = 0  # Reset usage
-        api_key.save()
-        
-        serializer = self.get_serializer(api_key)
-        return Response(serializer.data)
-    
-    @action(detail=True, methods=['post'])
-    def deactivate(self, request, user_pk=None, pk=None):
-        """Deactivate API key."""
-        api_key = self.get_object()
-        api_key.is_active = False
-        api_key.save()
-        
-        return Response({'message': 'API key deactivated'})
-    
-    @action(detail=True, methods=['get'])
-    def usage_stats(self, request, user_pk=None, pk=None):
-        """Get usage statistics for API key."""
-        api_key = self.get_object()
-        
-        return Response({
-            'usage_count': api_key.usage_count,
-            'last_used': api_key.last_used,
-            'is_valid': api_key.is_valid(),
-            'expires_at': api_key.expires_at,
-            'is_active': api_key.is_active,
-        })
-
-
-class APIKeyViewSet(viewsets.ReadOnlyModelViewSet):
-    """Global API keys ViewSet: /api-keys/"""
-    
-    queryset = APIKey.objects.all()
-    serializer_class = APIKeySerializer
-    permission_classes = [permissions.IsAuthenticated]
-    filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['is_active']
-    
-    def get_queryset(self):
-        """Filter by current user for security."""
-        return APIKey.objects.filter(user=self.request.user).order_by('-created_at')
-    
-    def get_serializer_class(self):
-        """Use list serializer for list action."""
-        if self.action == 'list':
-            return APIKeyListSerializer
-        return APIKeySerializer
-
-
-# Generic views for specific use cases
-class APIKeyCreateView(generics.CreateAPIView):
-    """Generic view to create API key."""
-    
-    serializer_class = APIKeyCreateSerializer
-    permission_classes = [permissions.IsAuthenticated]
-    
-    def perform_create(self, serializer):
-        """Set current user and generate key when creating."""
-        import secrets
-        key_value = f"ak_{secrets.token_urlsafe(32)}"
-        serializer.save(user=self.request.user, key_value=key_value)
-
-
-class APIKeyValidateView(generics.GenericAPIView):
-    """Generic view to validate API key."""
-    
-    serializer_class = APIKeySerializer  # For schema generation
-    permission_classes = [permissions.AllowAny]  # Public endpoint
-    
-    def post(self, request):
-        """Validate API key."""
-        key_value = request.data.get('api_key')
-        
-        if not key_value:
-            return Response(
-                {'error': 'API key required'}, 
-                status=status.HTTP_400_BAD_REQUEST
-            )
-        
-        try:
-            api_key = APIKey.objects.get(key_value=key_value, is_active=True)
-            
-            # Check if expired
-            if api_key.is_expired:
-                return Response(
-                    {'error': 'API key expired'}, 
-                    status=status.HTTP_401_UNAUTHORIZED
-                )
-            
-            # Update last used
-            from django.utils import timezone
-            api_key.last_used = timezone.now()
-            api_key.save()
-            
-            return Response({
-                'valid': True,
-                'user_id': api_key.user.id,
-                'usage_count': api_key.usage_count,
-                'expires_at': api_key.expires_at,
-                'is_active': api_key.is_active,
-            })
-            
-        except APIKey.DoesNotExist:
-            return Response(
-                {'valid': False, 'error': 'Invalid API key'}, 
-                status=status.HTTP_401_UNAUTHORIZED
-            )

django_cfg/apps/payments/views/balance_views.py

@@ -1,75 +0,0 @@
-"""
-Balance ViewSets.
-"""
-
-from rest_framework import viewsets, permissions, status
-from rest_framework.decorators import action
-from rest_framework.response import Response
-from django_filters.rest_framework import DjangoFilterBackend
-from ..models import UserBalance, Transaction
-from ..serializers import (
-    UserBalanceSerializer, TransactionSerializer, TransactionListSerializer
-)
-
-
-class UserBalanceViewSet(viewsets.ReadOnlyModelViewSet):
-    """User balance ViewSet - read only."""
-    
-    queryset = UserBalance.objects.all()
-    serializer_class = UserBalanceSerializer
-    permission_classes = [permissions.IsAuthenticated]
-    
-    def get_queryset(self):
-        """Filter by current user."""
-        return UserBalance.objects.filter(user=self.request.user)
-    
-    @action(detail=False, methods=['get'])
-    def current(self, request):
-        """Get current user balance."""
-        balance, _ = UserBalance.objects.get_or_create(
-            user=request.user,
-            defaults={'amount_usd': 0.0, 'reserved_usd': 0.0}
-        )
-        serializer = self.get_serializer(balance)
-        return Response(serializer.data)
-
-
-class TransactionViewSet(viewsets.ReadOnlyModelViewSet):
-    """Transaction ViewSet - read only."""
-    
-    queryset = Transaction.objects.all()
-    serializer_class = TransactionSerializer
-    permission_classes = [permissions.IsAuthenticated]
-    filter_backends = [DjangoFilterBackend]
-    filterset_fields = ['transaction_type', 'payment', 'subscription']
-    
-    def get_queryset(self):
-        """Filter by current user."""
-        return Transaction.objects.filter(user=self.request.user).order_by('-created_at')
-    
-    def get_serializer_class(self):
-        """Use list serializer for list action."""
-        if self.action == 'list':
-            return TransactionListSerializer
-        return TransactionSerializer
-    
-    @action(detail=False, methods=['get'])
-    def summary(self, request):
-        """Get transaction summary."""
-        queryset = self.get_queryset()
-        
-        total_earned = sum(
-            t.amount_usd for t in queryset 
-            if t.amount_usd > 0
-        )
-        total_spent = sum(
-            abs(t.amount_usd) for t in queryset 
-            if t.amount_usd < 0
-        )
-        
-        return Response({
-            'total_transactions': queryset.count(),
-            'total_earned': total_earned,
-            'total_spent': total_spent,
-            'net_balance': total_earned - total_spent
-        })