added api for forgot password, verify otp and resend otp for admin

web_admin/serializers/auth_serializer.py

@@ -0,0 +1,88 @@
+"""
+web_admin auth serializers file
+"""
+from datetime import datetime
+
+# django imports
+from rest_framework import serializers
+from django.contrib.auth import get_user_model
+from django.conf import settings
+from django.utils import timezone
+from rest_framework import status
+from templated_email import send_templated_mail
+
+# local imports
+from account.models import UserEmailOtp
+from account.utils import custom_error_response
+from base.messages import ERROR_CODE
+from guardian.tasks import generate_otp
+
+USER = get_user_model()
+
+
+class AdminForgotPasswordSerializer(serializers.ModelSerializer):
+    email = serializers.EmailField(required=True)
+
+    class Meta:
+        model = USER
+        fields = ('email',)
+
+    def validate(self, attrs):
+        """ used to validate the incoming data """
+        user = USER.objects.filter(email=attrs['email']).first()
+        if not user:
+            raise serializers.ValidationError(ERROR_CODE['2004'])
+        elif not user.is_superuser:
+            raise serializers.ValidationError(ERROR_CODE['2036'])
+        attrs.update({'user': user})
+        return attrs
+
+    def create(self, validated_data):
+        email = validated_data['email']
+        try:
+            USER.objects.get(email=email)
+        except USER.DoesNotExist:
+            return custom_error_response(ERROR_CODE['2004'], response_status=status.HTTP_404_NOT_FOUND)
+        verification_code = generate_otp()
+
+        # Send the verification code to the user's email
+        from_email = settings.EMAIL_FROM_ADDRESS
+        recipient_list = [email]
+        send_templated_mail(
+            template_name='email_reset_verification.email',
+            from_email=from_email,
+            recipient_list=recipient_list,
+            context={
+                'verification_code': verification_code
+            }
+        )
+        expiry = timezone.now() + timezone.timedelta(days=1)
+        user_data, created = UserEmailOtp.objects.get_or_create(email=email)
+        if created:
+            user_data.expired_at = expiry
+        if user_data:
+            user_data.otp = verification_code
+            user_data.expired_at = expiry
+        user_data.save()
+        return user_data
+
+
+class AdminVerifyOTPSerializer(serializers.Serializer):
+    otp = serializers.CharField(max_length=6, min_length=6)
+
+    class Meta:
+        """ meta class """
+        fields = ('otp',)
+
+    def validate(self, attrs):
+        otp = attrs.pop('otp')
+        # fetch email otp object of the user
+        user_opt_details = UserEmailOtp.objects.filter(otp=otp).last()
+        if not user_opt_details:
+            raise serializers.ValidationError(ERROR_CODE['2008'])
+        if user_opt_details.expired_at.replace(tzinfo=None) < datetime.utcnow():
+            raise serializers.ValidationError(ERROR_CODE['2029'])
+        user_details = USER.objects.filter(email=user_opt_details.email).last()
+        user_opt_details.delete()
+        if user_details:
+            return attrs