django-cfg 1.4.82__py3-none-any.whl → 1.4.84__py3-none-any.whl

django_cfg/apps/dashboard/services/system_health_service.py

@@ -0,0 +1,280 @@
+"""
+System Health Service
+
+Monitors system components health status.
+Checks database, cache, queue, storage, and API availability.
+"""
+
+import logging
+from datetime import datetime
+from typing import Any, Dict, List, Literal
+
+logger = logging.getLogger(__name__)
+
+
+class SystemHealthService:
+    """
+    Service for monitoring system component health.
+
+    %%PRIORITY:HIGH%%
+    %%AI_HINT: Checks health of various system components%%
+
+    TAGS: health, monitoring, system, service
+    DEPENDS_ON: [django.db.connection, django.core.cache, redis]
+    """
+
+    def __init__(self):
+        """Initialize system health service."""
+        self.logger = logger
+
+    def check_database_health(self) -> Dict[str, Any]:
+        """
+        Check database connectivity and health.
+
+        Returns:
+            Health status dictionary with status, description, last_check
+        """
+        try:
+            from django.db import connection
+
+            # Test database connection
+            with connection.cursor() as cursor:
+                cursor.execute("SELECT 1")
+                cursor.fetchone()
+
+            return {
+                'component': 'database',
+                'status': 'healthy',
+                'description': 'Database connection is working',
+                'last_check': datetime.now().isoformat(),
+                'health_percentage': 100,
+            }
+        except Exception as e:
+            self.logger.error(f"Database health check failed: {e}")
+            return {
+                'component': 'database',
+                'status': 'error',
+                'description': f'Database error: {str(e)}',
+                'last_check': datetime.now().isoformat(),
+                'health_percentage': 0,
+            }
+
+    def check_cache_health(self) -> Dict[str, Any]:
+        """
+        Check cache (Redis/Memcached) connectivity and health.
+
+        Returns:
+            Health status dictionary
+        """
+        try:
+            from django.core.cache import cache
+
+            # Test cache by setting and getting a test value
+            test_key = 'health_check_test'
+            test_value = 'ok'
+            cache.set(test_key, test_value, timeout=10)
+            result = cache.get(test_key)
+
+            if result == test_value:
+                cache.delete(test_key)
+                return {
+                    'component': 'cache',
+                    'status': 'healthy',
+                    'description': 'Cache is working correctly',
+                    'last_check': datetime.now().isoformat(),
+                    'health_percentage': 100,
+                }
+            else:
+                return {
+                    'component': 'cache',
+                    'status': 'warning',
+                    'description': 'Cache test failed',
+                    'last_check': datetime.now().isoformat(),
+                    'health_percentage': 50,
+                }
+
+        except Exception as e:
+            self.logger.error(f"Cache health check failed: {e}")
+            return {
+                'component': 'cache',
+                'status': 'error',
+                'description': f'Cache error: {str(e)}',
+                'last_check': datetime.now().isoformat(),
+                'health_percentage': 0,
+            }
+
+    def check_queue_health(self) -> Dict[str, Any]:
+        """
+        Check task queue (Celery/Dramatiq) health.
+
+        Returns:
+            Health status dictionary
+        """
+        try:
+            # TODO: Add real queue health check
+            # Example: Check Redis connection, queue sizes, worker status
+            from django_cfg.modules.django_tasks import DjangoTasks
+
+            tasks = DjangoTasks()
+            redis_client = tasks.get_redis_client()
+
+            if redis_client and redis_client.ping():
+                return {
+                    'component': 'queue',
+                    'status': 'healthy',
+                    'description': 'Queue system is operational',
+                    'last_check': datetime.now().isoformat(),
+                    'health_percentage': 100,
+                }
+            else:
+                return {
+                    'component': 'queue',
+                    'status': 'error',
+                    'description': 'Queue system unavailable',
+                    'last_check': datetime.now().isoformat(),
+                    'health_percentage': 0,
+                }
+
+        except Exception as e:
+            self.logger.error(f"Queue health check failed: {e}")
+            return {
+                'component': 'queue',
+                'status': 'error',
+                'description': f'Queue error: {str(e)}',
+                'last_check': datetime.now().isoformat(),
+                'health_percentage': 0,
+            }
+
+    def check_storage_health(self) -> Dict[str, Any]:
+        """
+        Check storage/file system health.
+
+        Returns:
+            Health status dictionary
+        """
+        try:
+            import os
+            from django.conf import settings
+
+            # Check if media directory is writable
+            media_root = getattr(settings, 'MEDIA_ROOT', None)
+
+            if media_root and os.path.exists(media_root) and os.access(media_root, os.W_OK):
+                return {
+                    'component': 'storage',
+                    'status': 'healthy',
+                    'description': 'Storage is accessible and writable',
+                    'last_check': datetime.now().isoformat(),
+                    'health_percentage': 100,
+                }
+            else:
+                return {
+                    'component': 'storage',
+                    'status': 'warning',
+                    'description': 'Storage may have limited access',
+                    'last_check': datetime.now().isoformat(),
+                    'health_percentage': 70,
+                }
+
+        except Exception as e:
+            self.logger.error(f"Storage health check failed: {e}")
+            return {
+                'component': 'storage',
+                'status': 'error',
+                'description': f'Storage error: {str(e)}',
+                'last_check': datetime.now().isoformat(),
+                'health_percentage': 0,
+            }
+
+    def get_all_health_checks(self) -> List[Dict[str, Any]]:
+        """
+        Run all health checks and return aggregated results.
+
+        Returns:
+            List of health check results for all components
+
+        USED_BY: DashboardViewSet.system_health endpoint
+        """
+        checks = [
+            self.check_database_health(),
+            self.check_cache_health(),
+            self.check_queue_health(),
+            self.check_storage_health(),
+        ]
+
+        return checks
+
+    def get_overall_health_status(self) -> Dict[str, Any]:
+        """
+        Get overall system health status.
+
+        Returns:
+            Dictionary with overall status, percentage, and component details
+        """
+        checks = self.get_all_health_checks()
+
+        # Calculate overall health percentage
+        total_health = sum(check.get('health_percentage', 0) for check in checks)
+        overall_percentage = total_health // len(checks) if checks else 0
+
+        # Determine overall status
+        statuses = [check.get('status') for check in checks]
+        if 'error' in statuses:
+            overall_status = 'error'
+        elif 'warning' in statuses:
+            overall_status = 'warning'
+        else:
+            overall_status = 'healthy'
+
+        return {
+            'overall_status': overall_status,
+            'overall_health_percentage': overall_percentage,
+            'components': checks,
+            'timestamp': datetime.now().isoformat(),
+        }
+
+    def get_quick_actions(self) -> List[Dict[str, Any]]:
+        """
+        Get quick action buttons for dashboard.
+
+        Returns:
+            List of quick action dictionaries
+
+        %%AI_HINT: Actions link to admin pages or trigger common tasks%%
+        """
+        actions = [
+            {
+                'title': 'User Management',
+                'description': 'Manage users and permissions',
+                'icon': 'people',
+                'link': '/admin/auth/user/',
+                'color': 'primary',
+                'category': 'admin',
+            },
+            {
+                'title': 'View Logs',
+                'description': 'Check system logs',
+                'icon': 'description',
+                'link': '/admin/django_cfg/logs/',
+                'color': 'secondary',
+                'category': 'system',
+            },
+            {
+                'title': 'Clear Cache',
+                'description': 'Clear application cache',
+                'icon': 'refresh',
+                'link': '/cfg/admin/cache/clear/',
+                'color': 'warning',
+                'category': 'system',
+            },
+            {
+                'title': 'Run Backup',
+                'description': 'Create system backup',
+                'icon': 'backup',
+                'link': '/cfg/admin/backup/create/',
+                'color': 'success',
+                'category': 'system',
+            },
+        ]
+
+        return actions

django_cfg/apps/dashboard/urls.py

@@ -0,0 +1,23 @@
+"""
+Dashboard URLs
+
+RESTful API endpoints for dashboard data.
+Follows the same pattern as tasks app.
+"""
+
+from django.urls import include, path
+from rest_framework.routers import DefaultRouter
+
+from .api.viewsets import DashboardViewSet
+
+app_name = 'dashboard'
+
+# Main router for ViewSets
+router = DefaultRouter()
+router.register(r'', DashboardViewSet, basename='dashboard')
+
+urlpatterns = [
+    # RESTful API endpoints using ViewSets
+    # Mounted at cfg/dashboard/api/
+    path('api/', include(router.urls)),
+]

django_cfg/apps/frontend/JWT_AUTO_INJECTION.md

@@ -0,0 +1,224 @@
+# JWT Auto-Injection для Next.js приложений
+
+## Обзор
+
+Django-CFG автоматически инжектирует JWT токены (`auth_token` и `refresh_token`) в `localStorage` для авторизованных пользователей при загрузке Next.js приложений через **NextJSStaticView**.
+
+## Как это работает
+
+### Автоматическая инжекция в Next.js apps (рекомендуется)
+
+**NextJSStaticView** автоматически инжектирует JWT токены во все HTML ответы для авторизованных пользователей.
+
+```python
+# urls.py
+from django_cfg.apps.frontend.views import AdminView
+
+urlpatterns = [
+    path('admin/', include('django_cfg.apps.frontend.urls')),  # JWT injection automatic
+]
+```
+
+При загрузке **любой страницы Next.js приложения**, если пользователь авторизован:
+1. View обслуживает статический файл Next.js
+2. Генерируются JWT токены (access + refresh)
+3. Токены автоматически инжектируются в `<head>` или `<body>` через `<script>` тег
+4. Токены сохраняются в `localStorage`
+
+**Преимущества:**
+- Работает только для Next.js приложений (безопасный scope)
+- Не нужно модифицировать templates
+- Централизованная логика в базовом view
+- Не влияет на другие HTML responses (Django admin, etc.)
+
+### Template Tags (для кастомных шаблонов)
+
+Если вы используете собственные Django шаблоны, можете использовать готовые template tags:
+
+#### 1. Полная автоматическая инжекция
+
+```django
+{% load django_cfg %}
+
+<!DOCTYPE html>
+<html>
+<head>
+    <title>My App</title>
+    {% inject_jwt_tokens_script %}  {# Автоматически инжектит оба токена #}
+</head>
+<body>
+    <!-- Your content -->
+</body>
+</html>
+```
+
+#### 2. Отдельные токены
+
+```django
+{% load django_cfg %}
+
+<script>
+    // Access token
+    const accessToken = '{% user_jwt_token %}';
+
+    // Refresh token
+    const refreshToken = '{% user_jwt_refresh_token %}';
+
+    // Manual storage
+    localStorage.setItem('auth_token', accessToken);
+    localStorage.setItem('refresh_token', refreshToken);
+</script>
+```
+
+## Использование в Next.js
+
+После инжекции токены доступны в вашем Next.js приложении:
+
+```typescript
+// В любом Next.js компоненте или API клиенте
+const accessToken = localStorage.getItem('auth_token');
+const refreshToken = localStorage.getItem('refresh_token');
+
+// Использование с API клиентом
+import { API } from './generated/cfg';
+
+const api = new API('http://localhost:8000', {
+  storage: {
+    getItem: (key) => localStorage.getItem(key),
+    setItem: (key, value) => localStorage.setItem(key, value),
+    removeItem: (key) => localStorage.removeItem(key),
+  }
+});
+```
+
+## Безопасность
+
+### Что инжектируется
+- `auth_token` - JWT access token (короткий срок жизни)
+- `refresh_token` - JWT refresh token (длинный срок жизни)
+
+### Когда инжектируется
+Токены генерируются **только** если:
+1. Пользователь **авторизован** через Django session
+2. Загружается **HTML файл** (не JS, CSS и т.д.)
+3. `rest_framework_simplejwt` установлен
+
+### Безопасность токенов
+- Токены генерируются **на лету** при каждом запросе
+- Access token имеет короткий срок жизни (настраивается в `JWTConfig`)
+- Refresh token позволяет получить новый access token без повторной авторизации
+- Токены хранятся только в `localStorage` на клиенте
+
+## Конфигурация JWT
+
+Настройка времени жизни токенов в `django_cfg`:
+
+```python
+from django_cfg.models.api import JWTConfig
+
+jwt_config = JWTConfig(
+    access_token_lifetime_hours=24,      # Access token на 24 часа
+    refresh_token_lifetime_days=30,      # Refresh token на 30 дней
+    rotate_refresh_tokens=True,          # Ротация refresh токенов
+    blacklist_after_rotation=True,       # Блэклист старых токенов
+)
+```
+
+## Отладка
+
+Проверьте в консоли браузера:
+
+```javascript
+// Проверить наличие токенов
+console.log('Access Token:', localStorage.getItem('auth_token'));
+console.log('Refresh Token:', localStorage.getItem('refresh_token'));
+
+// Сообщение об успешной инжекции
+// "JWT tokens injected successfully"
+```
+
+## Примеры
+
+### Пример 1: Автоматическая инжекция в Next.js приложении (рекомендуется)
+
+```python
+# urls.py - JWT injection работает автоматически
+urlpatterns = [
+    path('cfg/admin/', include('django_cfg.apps.frontend.urls')),  # Admin Panel with JWT
+]
+
+# views.py - создайте свой Next.js app view
+from django_cfg.apps.frontend.views import NextJSStaticView
+
+class MyAppView(NextJSStaticView):
+    """Custom Next.js app with automatic JWT injection."""
+    app_name = 'my_app'  # Serves from static/frontend/my_app/
+```
+
+При переходе на **любую страницу** Next.js приложения авторизованный пользователь автоматически получит JWT токены в localStorage.
+
+**⚠️ На /cfg/admin/auth токены НЕ инжектятся** - это страница логина, пользователь ещё не авторизован!
+
+### Пример 2: Кастомный шаблон с инжекцией
+
+```django
+{% load django_cfg %}
+
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>Centrifugo Monitor</title>
+
+    {# Автоматическая инжекция JWT токенов #}
+    {% inject_jwt_tokens_script %}
+</head>
+<body>
+    <div id="root"></div>
+    <script src="/_next/static/chunks/main.js"></script>
+</body>
+</html>
+```
+
+## Требования
+
+- Django с включенной аутентификацией
+- `rest_framework_simplejwt` установлен
+- Пользователь авторизован через Django session
+
+## API Reference
+
+### Template Tags
+
+#### `{% user_jwt_token %}`
+Возвращает JWT access token для текущего пользователя.
+
+#### `{% user_jwt_refresh_token %}`
+Возвращает JWT refresh token для текущего пользователя.
+
+#### `{% inject_jwt_tokens_script %}`
+Генерирует полный `<script>` тег с автоматической инжекцией обоих токенов в localStorage.
+
+### View Classes
+
+#### `NextJSStaticView`
+Базовый view для обслуживания Next.js статических сборок с автоматической JWT инжекцией.
+
+**Features:**
+- Serves Next.js static export files
+- Automatically injects JWT tokens for authenticated users
+- Tokens injected into HTML responses only
+- Handles Next.js client-side routing (.html fallback)
+
+**Usage:**
+```python
+from django_cfg.apps.frontend.views import NextJSStaticView
+
+class MyAppView(NextJSStaticView):
+    app_name = 'my_app'  # Serves from static/frontend/my_app/
+```
+
+#### `AdminView`
+Специализированный view для Admin Panel (наследует `NextJSStaticView`).
+
+**Built-in JWT injection** - no additional configuration needed.

django_cfg/apps/frontend/views.py

@@ -1,20 +1,34 @@
-"""Views for serving Next.js static builds."""
+"""Views for serving Next.js static builds with automatic JWT injection.
 
+JWT tokens are automatically injected into HTML responses for authenticated users.
+This is specific to Next.js frontend apps only.
+"""
+
+import logging
 from pathlib import Path
-from django.http import Http404
+from django.http import Http404, HttpResponse, FileResponse
 from django.views.static import serve
 from django.views import View
+from rest_framework_simplejwt.tokens import RefreshToken
+
+logger = logging.getLogger(__name__)
 
 
 class NextJSStaticView(View):
     """
-    Serve Next.js static build files using Django's built-in static file serving.
+    Serve Next.js static build files with automatic JWT token injection.
+
+    Features:
+    - Serves Next.js static export files
+    - Automatically injects JWT tokens for authenticated users
+    - Tokens injected into HTML responses only
+    - Handles Next.js client-side routing (.html fallback)
     """
 
     app_name = 'admin'
 
     def get(self, request, path=''):
-        """Serve static files from Next.js build."""
+        """Serve static files from Next.js build with JWT injection."""
         import django_cfg
 
         base_dir = Path(django_cfg.__file__).parent / 'static' / 'frontend' / self.app_name
@@ -26,17 +40,117 @@ class NextJSStaticView(View):
         if not path or path == '/':
             path = 'index.html'
 
+        # Handle trailing slash (Next.js static export behavior)
+        # /private/ -> private.html
+        if path.endswith('/') and path != '/':
+            path = path.rstrip('/') + '.html'
+
         # For routes without extension, try .html (Next.js static export behavior)
         file_path = base_dir / path
         if not file_path.exists() and not path.endswith('.html') and '.' not in Path(path).name:
-            # Try adding .html extension
             html_path = path + '.html'
             html_file = base_dir / html_path
             if html_file.exists():
                 path = html_path
 
-        # Use Django's static serve view (handles security, content-type, etc.)
-        return serve(request, path, document_root=str(base_dir))
+        # For HTML files, remove conditional GET headers to force full response
+        # This allows JWT token injection (can't inject into 304 Not Modified responses)
+        is_html_file = path.endswith('.html')
+        if is_html_file and request.user.is_authenticated:
+            request.META.pop('HTTP_IF_MODIFIED_SINCE', None)
+            request.META.pop('HTTP_IF_NONE_MATCH', None)
+
+        # Serve the static file
+        response = serve(request, path, document_root=str(base_dir))
+
+        # Convert FileResponse to HttpResponse for HTML files to enable JWT injection
+        if isinstance(response, FileResponse):
+            content_type = response.get('Content-Type', '')
+            if 'text/html' in content_type and request.user.is_authenticated:
+                content = b''.join(response.streaming_content)
+                original_response = response
+                response = HttpResponse(
+                    content=content,
+                    status=original_response.status_code,
+                    content_type=content_type
+                )
+                # Copy headers from original response
+                for header, value in original_response.items():
+                    if header.lower() not in ('content-length', 'content-type'):
+                        response[header] = value
+
+        # Inject JWT tokens for authenticated users on HTML responses
+        if self._should_inject_jwt(request, response):
+            self._inject_jwt_tokens(request, response)
+
+        return response
+
+    def _should_inject_jwt(self, request, response):
+        """Check if JWT tokens should be injected."""
+        # Only for authenticated users
+        if not request.user or not request.user.is_authenticated:
+            return False
+
+        # Only for HttpResponse (not FileResponse or StreamingHttpResponse)
+        if not isinstance(response, HttpResponse) or isinstance(response, FileResponse):
+            return False
+
+        # Check if response has content attribute
+        if not hasattr(response, 'content'):
+            return False
+
+        # Only for HTML responses
+        content_type = response.get('Content-Type', '')
+        return 'text/html' in content_type
+
+    def _inject_jwt_tokens(self, request, response):
+        """Inject JWT tokens into HTML response."""
+        try:
+            # Generate JWT tokens
+            refresh = RefreshToken.for_user(request.user)
+            access_token = str(refresh.access_token)
+            refresh_token = str(refresh)
+
+            # Create injection script
+            injection_script = f"""
+<script>
+(function() {{
+    try {{
+        localStorage.setItem('auth_token', '{access_token}');
+        localStorage.setItem('refresh_token', '{refresh_token}');
+        console.log('[Django-CFG] JWT tokens injected successfully');
+    }} catch (e) {{
+        console.error('[Django-CFG] Failed to inject JWT tokens:', e);
+    }}
+}})();
+</script>
+"""
+
+            # Decode response content
+            try:
+                content = response.content.decode('utf-8')
+            except UnicodeDecodeError:
+                logger.warning("Failed to decode response content as UTF-8, skipping JWT injection")
+                return
+
+            # Inject before </head> or </body>
+            if '</head>' in content:
+                content = content.replace('</head>', f'{injection_script}</head>', 1)
+                logger.debug(f"JWT tokens injected before </head> for user {request.user.pk}")
+            elif '</body>' in content:
+                content = content.replace('</body>', f'{injection_script}</body>', 1)
+                logger.debug(f"JWT tokens injected before </body> for user {request.user.pk}")
+            else:
+                logger.warning(f"No </head> or </body> tag found in HTML, skipping JWT injection")
+                return
+
+            # Update response
+            response.content = content.encode('utf-8')
+            response['Content-Length'] = len(response.content)
+
+        except Exception as e:
+            # Log error but don't break the response
+            logger.error(f"Failed to inject JWT tokens for user {request.user.pk}: {e}", exc_info=True)
 
 
 class AdminView(NextJSStaticView):