iatoolkit 0.11.0__py3-none-any.whl → 0.66.2__py3-none-any.whl

iatoolkit/services/profile_service.py

@@ -5,91 +5,163 @@
 
 from injector import inject
 from iatoolkit.repositories.profile_repo import ProfileRepo
+from iatoolkit.services.i18n_service import I18nService
 from iatoolkit.repositories.models import User, Company, ApiKey
 from flask_bcrypt import check_password_hash
 from iatoolkit.common.session_manager import SessionManager
+from iatoolkit.services.user_session_context_service import UserSessionContextService
 from flask_bcrypt import Bcrypt
 from iatoolkit.infra.mail_app import MailApp
 import random
-import logging
 import re
 import secrets
 import string
-from datetime import datetime, timezone
-from iatoolkit.services.user_session_context_service import UserSessionContextService
-from iatoolkit.services.query_service import QueryService
+import logging
+from iatoolkit.services.dispatcher_service import Dispatcher
 
 
 class ProfileService:
     @inject
     def __init__(self,
+                 i18n_service: I18nService,
                  profile_repo: ProfileRepo,
                  session_context_service: UserSessionContextService,
-                 query_service: QueryService,
+                 dispatcher: Dispatcher,
                  mail_app: MailApp):
+        self.i18n_service = i18n_service
         self.profile_repo = profile_repo
+        self.dispatcher = dispatcher
         self.session_context = session_context_service
-        self.query_service = query_service
         self.mail_app = mail_app
         self.bcrypt = Bcrypt()
 
 
     def login(self, company_short_name: str, email: str, password: str) -> dict:
         try:
-            # check if exits
+            # check if user exists
             user = self.profile_repo.get_user_by_email(email)
             if not user:
-                return {"error": "Usuario no encontrado"}
+                return {'success': False, 'message': self.i18n_service.t('errors.auth.user_not_found')}
 
             # check the encrypted password
             if not check_password_hash(user.password, password):
-                return {"error": "Contraseña inválida"}
+                return {'success': False, 'message': self.i18n_service.t('errors.auth.invalid_password')}
 
-            company = self.get_company_by_short_name(company_short_name)
+            company = self.profile_repo.get_company_by_short_name(company_short_name)
             if not company:
-                return {"error": "Empresa no encontrada"}
+                return {'success': False, "message": "Empresa no encontrada"}
 
-            # check that user belongs to  company
+            # check that user belongs to company
             if company not in user.companies:
-                return {"error": "Usuario no esta autorizado para esta empresa"}
+                return {'success': False, "message": "Usuario no esta autorizado para esta empresa"}
 
             if not user.verified:
-                return {"error": "Tu cuenta no ha sido verificada. Por favor, revisa tu correo."}
+                return {'success': False,
+                        "message": "Tu cuenta no ha sido verificada. Por favor, revisa tu correo."}
+
+            # 1. Build the local user profile dictionary here.
+            # the user_profile variables are used on the LLM templates also (see in query_main.prompt)
+            user_identifier = user.email             # no longer de ID
+            user_profile = {
+                "user_email": user.email,
+                "user_fullname": f'{user.first_name} {user.last_name}',
+                "user_is_local": True,
+                "extras": {}
+            }
+
+            # 2. create user_profile in context
+            self.save_user_profile(company, user_identifier, user_profile)
+
+            # 3. create the web session
+            self.set_session_for_user(company.short_name, user_identifier)
+            return {'success': True, "user_identifier": user_identifier, "message": "Login exitoso"}
+        except Exception as e:
+            logging.error(f"Error in login: {e}")
+            return {'success': False, "message": str(e)}
 
-            # clear history save user data into session manager
-            self.set_user_session(user=user, company=company)
+    def create_external_user_profile_context(self, company: Company, user_identifier: str):
+        """
+        Public method for views to create a user profile context for an external user.
+        """
+        # 1. Fetch the external user profile via Dispatcher.
+        external_user_profile = self.dispatcher.get_user_info(
+            company_name=company.short_name,
+            user_identifier=user_identifier
+        )
+
+        # 2. Call the session creation helper with external_user_id as user_identifier
+        self.save_user_profile(
+            company=company,
+            user_identifier=user_identifier,
+            user_profile=external_user_profile)
+
+    def save_user_profile(self, company: Company, user_identifier: str, user_profile: dict):
+        """
+        Private helper: Takes a pre-built profile, saves it to Redis, and sets the Flask cookie.
+        """
+        user_profile['company_short_name'] = company.short_name
+        user_profile['user_identifier'] = user_identifier
+        user_profile['id'] = user_identifier
+        user_profile['company_id'] = company.id
+        user_profile['company'] = company.name
 
-            # initialize company context
-            self.query_service.llm_init_context(
-                company_short_name=company_short_name,
-                local_user_id=user.id
-            )
+        # save user_profile in Redis session
+        self.session_context.save_profile_data(company.short_name, user_identifier, user_profile)
 
-            return {"message": "Login exitoso"}
-        except Exception as e:
-            logging.exception(f"login error: {str(e)}")
-            return {"error": str(e)}
-
-    def set_user_session(self, user: User, company: Company):
-        SessionManager.set('user_id', user.id)
-        SessionManager.set('company_id', company.id)
-        SessionManager.set('company_short_name', company.short_name)
-
-        # save user data into session manager
-        user_data = {
-            "id": user.id,
-            "email": user.email,
-            "user_fullname": f'{user.first_name} {user.last_name}',
-            "company_id": company.id,
-            "company": company.name,
-            "company_short_name": company.short_name,
-            "user_is_local": True,       # origin of data
-            "extras": {}                 # company specific data
+    def set_session_for_user(self, company_short_name: str, user_identifier:str ):
+        # save a min Flask session cookie for this user
+        SessionManager.set('company_short_name', company_short_name)
+        SessionManager.set('user_identifier', user_identifier)
+
+    def get_current_session_info(self) -> dict:
+        """
+         Gets the current web user's profile from the unified session.
+         This is the standard way to access user data for web requests.
+         """
+        # 1. Get identifiers from the simple Flask session cookie.
+        user_identifier = SessionManager.get('user_identifier')
+        company_short_name = SessionManager.get('company_short_name')
+
+        if not user_identifier or not company_short_name:
+            # No authenticated web user.
+            return {}
+
+        # 2. Use the identifiers to fetch the full, authoritative profile from Redis.
+        profile = self.session_context.get_profile_data(company_short_name, user_identifier)
+
+        return {
+            "user_identifier": user_identifier,
+            "company_short_name": company_short_name,
+            "profile": profile
         }
-        SessionManager.set('user', user_data)
 
-        # save time session was activated (in timestamp format)
-        SessionManager.set('last_activity', datetime.now(timezone.utc).timestamp())
+    def update_user_language(self, user_identifier: str, new_lang: str) -> dict:
+        """
+        Business logic to update a user's preferred language.
+        It validates the language and then calls the generic update method.
+        """
+        # 1. Validate that the language is supported by checking the loaded translations.
+        if new_lang not in self.i18n_service.translations:
+            return {'success': False, 'error_message': self.i18n_service.t('errors.general.unsupported_language')}
+
+        try:
+            # 2. Call the generic update_user method, passing the specific field to update.
+            self.update_user(user_identifier, preferred_language=new_lang)
+            return {'success': True, 'message': 'Language updated successfully.'}
+        except Exception as e:
+            # Log the error and return a generic failure message.
+            logging.error(f"Failed to update language for {user_identifier}: {e}")
+            return {'success': False, 'error_message': self.i18n_service.t('errors.general.unexpected_error')}
+
+
+    def get_profile_by_identifier(self, company_short_name: str, user_identifier: str) -> dict:
+        """
+        Fetches a user profile directly by their identifier, bypassing the Flask session.
+        This is ideal for API-side checks.
+        """
+        if not company_short_name or not user_identifier:
+            return {}
+        return self.session_context.get_profile_data(company_short_name, user_identifier)
 
 
     def signup(self,
@@ -103,9 +175,10 @@ class ProfileService:
         try:
 
             # get company info
-            company = self.get_company_by_short_name(company_short_name)
+            company = self.profile_repo.get_company_by_short_name(company_short_name)
             if not company:
-                return {"error": f"la empresa {company_short_name} no existe"}
+                return {
+                    "error": self.i18n_service.t('errors.signup.company_not_found', company_name=company_short_name)}
 
             # normalize  format's
             email = email.lower()
@@ -115,24 +188,25 @@ class ProfileService:
             if existing_user:
                 # validate password
                 if not self.bcrypt.check_password_hash(existing_user.password, password):
-                    return {"error": "La contraseña es incorrecta. No se puede agregar a la nueva empresa."}
+                    return {"error": self.i18n_service.t('errors.signup.incorrect_password_for_existing_user', email=email)}
 
                 # check if register
                 if company in existing_user.companies:
-                    return {"error": "Usuario ya registrado en esta empresa"}
+                    return {"error": self.i18n_service.t('errors.signup.user_already_registered', email=email)}
                 else:
                     # add new company to existing user
                     existing_user.companies.append(company)
                     self.profile_repo.save_user(existing_user)
-                    return {"message": "Usuario asociado a nueva empresa"}
+                    return {"message": self.i18n_service.t('flash_messages.user_associated_success')}
 
             # add the new user
             if password != confirm_password:
-                return {"error": "Las contraseñas no coinciden. Por favor, inténtalo de nuevo."}
+                return {"error": self.i18n_service.t('errors.signup.password_mismatch')}
 
             is_valid, message = self.validate_password(password)
             if not is_valid:
-                return {"error": message}
+                # Translate the key returned by validate_password
+                return {"error": self.i18n_service.t(message)}
 
             # encrypt the password
             hashed_password = self.bcrypt.generate_password_hash(password).decode('utf-8')
@@ -154,9 +228,9 @@ class ProfileService:
             # send email with verification
             self.send_verification_email(new_user, company_short_name)
 
-            return {"message": "Registro exitoso. Por favor, revisa tu correo para verificar tu cuenta."}
+            return {"message": self.i18n_service.t('flash_messages.signup_success')}
         except Exception as e:
-            return {"error": str(e)}
+            return {"error": self.i18n_service.t('errors.general.unexpected_error')}
 
     def update_user(self, email: str, **kwargs) -> User:
         return self.profile_repo.update_user(email, **kwargs)
@@ -166,14 +240,14 @@ class ProfileService:
             # check if user exist
             user = self.profile_repo.get_user_by_email(email)
             if not user:
-                return {"error": "El usuario no existe."}
+                return {"error": self.i18n_service.t('errors.verification.user_not_found')}
 
             # activate the user account
             self.profile_repo.verify_user(email)
-            return {"message": "Tu cuenta ha sido verificada exitosamente. Ahora puedes iniciar sesión."}
+            return {"message": self.i18n_service.t('flash_messages.account_verified_success')}
 
         except Exception as e:
-            return {"error": str(e)}
+            return {"error": self.i18n_service.t('errors.general.unexpected_error')}
 
     def change_password(self,
                          email: str,
@@ -182,28 +256,28 @@ class ProfileService:
                          confirm_password: str):
         try:
             if new_password != confirm_password:
-                return {"error": "Las contraseñas no coinciden. Por favor, inténtalo nuevamente."}
+                return {"error": self.i18n_service.t('errors.change_password.password_mismatch')}
 
             # check the temporary code
             user = self.profile_repo.get_user_by_email(email)
             if not user or user.temp_code != temp_code:
-                return {"error": "El código temporal no es válido. Por favor, verifica o solicita uno nuevo."}
+                return {"error": self.i18n_service.t('errors.change_password.invalid_temp_code')}
 
             # encrypt and save the password, make the temporary code invalid
             hashed_password = self.bcrypt.generate_password_hash(new_password).decode('utf-8')
             self.profile_repo.update_password(email, hashed_password)
             self.profile_repo.reset_temp_code(email)
 
-            return {"message": "La clave se cambio correctamente"}
+            return {"message": self.i18n_service.t('flash_messages.password_changed_success')}
         except Exception as e:
-            return {"error": str(e)}
+            return {"error": self.i18n_service.t('errors.general.unexpected_error')}
 
     def forgot_password(self, email: str, reset_url: str):
         try:
             # Verificar si el usuario existe
             user = self.profile_repo.get_user_by_email(email)
             if not user:
-                return {"error": "El usuario no existe."}
+                return {"error": self.i18n_service.t('errors.forgot_password.user_not_registered', email=email)}
 
             # Gen a temporary code and store in the repositories
             temp_code = ''.join(random.choices(string.ascii_letters + string.digits, k=6)).upper()
@@ -212,35 +286,31 @@ class ProfileService:
             # send email to the user
             self.send_forgot_password_email(user, reset_url)
 
-            return {"message": "se envio mail para cambio de clave"}
+            return {"message": self.i18n_service.t('flash_messages.forgot_password_success')}
         except Exception as e:
-            return {"error": str(e)}
+            return {"error": self.i18n_service.t('errors.general.unexpected_error')}
 
     def validate_password(self, password):
         """
-        Valida que una contraseña cumpla con los siguientes requisitos:
-        - Al menos 8 caracteres de longitud
-        - Contiene al menos una letra mayúscula
-        - Contiene al menos una letra minúscula
-        - Contiene al menos un número
-        - Contiene al menos un carácter especial
+        Validates that a password meets all requirements.
+        Returns (True, "...") on success, or (False, "translation.key") on failure.
         """
         if len(password) < 8:
-            return False, "La contraseña debe tener al menos 8 caracteres."
+            return False, "errors.validation.password_too_short"
 
         if not any(char.isupper() for char in password):
-            return False, "La contraseña debe tener al menos una letra mayúscula."
+            return False, "errors.validation.password_no_uppercase"
 
         if not any(char.islower() for char in password):
-            return False, "La contraseña debe tener al menos una letra minúscula."
+            return False, "errors.validation.password_no_lowercase"
 
         if not any(char.isdigit() for char in password):
-            return False, "La contraseña debe tener al menos un número."
+            return False, "errors.validation.password_no_digit"
 
         if not re.search(r'[!@#$%^&*(),.?":{}|<>]', password):
-            return False, "La contraseña debe tener al menos un carácter especial."
+            return False, "errors.validation.password_no_special_char"
 
-        return True, "La contraseña es válida."
+        return True, "Password is valid."
 
     def get_companies(self):
         return self.profile_repo.get_companies()
@@ -248,6 +318,9 @@ class ProfileService:
     def get_company_by_short_name(self, short_name: str) -> Company:
         return self.profile_repo.get_company_by_short_name(short_name)
 
+    def get_active_api_key_entry(self, api_key_value: str) -> ApiKey | None:
+        return self.profile_repo.get_active_api_key_entry(api_key_value)
+
     def new_api_key(self, company_short_name: str):
         company = self.get_company_by_short_name(company_short_name)
         if not company: