From c079f3ceca942fe2f461b644beefed35bc0c13de Mon Sep 17 00:00:00 2001
From: abutalib-kiwi <abu.talib@kiwitech.com>
Date: Thu, 27 Jul 2023 10:59:10 +0530
Subject: [PATCH] some changes in forgot password api

---
 .gitignore                               |   2 +-
 base/messages.py                         |   4 +-
 celerybeat-schedule                      | Bin 16384 -> 16384 bytes
 web_admin/serializers/auth_serializer.py |  47 ++++++++---------------
 web_admin/views/auth.py                  |   4 +-
 5 files changed, 23 insertions(+), 34 deletions(-)

diff --git a/.gitignore b/.gitignore
index 063a8af..f1d4456 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,4 +21,4 @@ static/*
 __pycache__/
 *.env
 ve/*
-
+celerybeat-schedule
\ No newline at end of file
diff --git a/base/messages.py b/base/messages.py
index f99f9cb..a58dd79 100644
--- a/base/messages.py
+++ b/base/messages.py
@@ -88,7 +88,9 @@ ERROR_CODE = {
     "2060": "Task does not exist or not in pending state",
     "2061": "Please insert image or check the image is valid or not.",
     # email not null
-    "2062": "Please enter email address"
+    "2062": "Please enter email address",
+    "2063": "Unauthorized access.",
+    "2064": "To change your password first request an OTP and get it verify then change your password."
 }
 """Success message code"""
 SUCCESS_CODE = {
diff --git a/celerybeat-schedule b/celerybeat-schedule
index 573b0c9bd5140b34794915695cfc78142e742fee..71062ba3971bec6320e397a68913989f4b8aa458 100644
GIT binary patch
literal 16384
zcmeI3O-~a+7{|A?Sl+5Ah(H0s7ha6nfT)S_VnR5O#!H3RaB#ETj_js&+v(04AgSR*
zG}#-=#SdUS8ZRF8>d6n_$&)v)UQF~EW|}s7F$5Ac|J}?y&%Er+?(doTXSYc|y?i)e
z^c%)OA|q|Lwy&hUCo{wNp$u{m009sH0T2KI5C8!X009sH0T2Lzf04kXzG+wm0vy0W
z62LmZI>0)>K7bBD2cQGc0q6j906G92_|J6Ul-kus(@xE+ij1x|boq=f&**Zb%jE^-
zOed6G*6r{5RC#4lcO;Xd^plQOP0K^QVgU}|(ApK)FHIK5y)Qn0{4!%%PuX{^XT3D>
zAf@A;7vrl4g9A7y0^k4+?F5vcee`xB6pnRUzh6py#`|Q86ZBKD0EfeIuwQ%|V7{mi
z-B8!3$y}#zI`BLk&-ZUuhsCyGWVBv&&@ksHoiv^@<{k@nk_~Q{VtXgGFC#CHD7m(}
z6q}3Yf@(<?l2l7|RFq20e7jg-rJdAsvpGm=e^CDn(1@cxwpsJ)tYis0D92H+!z!%4
zWfqw&;wbaLaak#>uw|NmE8dG|-9$9E5!&^VXZtk1R|(9pR<Z@N+Q+d1VT&+`qb}Jb
zyeF*P-HVrc(qGe~J$Fv`Zr-JqV(3+b=Tram2BRxQou-PqwyQq#{Kr*t*U4RxF4cEi
zp<nZya)rgaaXwZ6atZ0nlry4!{Sbk^dpWREulm9+%4f(K)F*K*cC&6)&=rliIM<+D
z`hj`A!G{FDkmtjNAtKr2VLN5!mn^5kY(K2=5w~O39icPTdX}wceALbC@@$@u<qWrf
zwjeRj^YH_FlTWy3<tg~ZJfCdvDVmjEYVgYi8B2vP;8*T{cpV6SHP5F*Q-12y1Fz~^
z7KQxa4<FPu>bxc69k&H^>d*oGeE}R*bhDiUsjl($Bad$4ucJHWj{O;3!iNI{KmY_l
S00ck)1V8`;KmY_zGJ#(a8VJ$=

delta 402
zcmX|*F;Bu!6op#~mOgkz#mR((kQl)M>EJ*d35nXRYSOqg?c*sgl$P5*444o*5eFSi
z{{VxVli^4C0~}m^gvNV^d-9!}lba-RlE|xiBPVSKXIJWMg{E)sukmhNt^N8(9^=d^
z38%8I9sLw>KSQcOpX*w?C*$J`ZHjR^K3!EE=aEJ+3j@bV6uTh!Sz7NjE|ixx4S2+8
zoG1&Bns!-ObT(lT9XQ;LM<5eIeHzW%9(6goCPO-y`m`@Xa|F5OP_|nllD>6X&!CWj
z%PD7Liv9)Udr19O4^dYy&Ca1fyeacJ3u5#@xyyNkV23<~0cF8`i0*{A+z3!@P4qg`
zV8Y1Ar%+siW&yGlL2qw*P%`Bulr6wZ&@HH#66t1-#@UZCB2gG{*F&(|G$m8AWsyCB
Yy`fkR`xaCeaNxBTkdBPkFGJJ+0CH?-P5=M^

diff --git a/web_admin/serializers/auth_serializer.py b/web_admin/serializers/auth_serializer.py
index 9ce0491..bed2891 100644
--- a/web_admin/serializers/auth_serializer.py
+++ b/web_admin/serializers/auth_serializer.py
@@ -9,11 +9,11 @@ from rest_framework import serializers
 from django.contrib.auth import get_user_model
 from django.conf import settings
 from django.utils import timezone
-from rest_framework import status
 from templated_email import send_templated_mail
 
 # local imports
 from account.models import UserEmailOtp
+from base.constants import USER_TYPE
 from base.messages import ERROR_CODE
 from guardian.tasks import generate_otp
 
@@ -35,11 +35,11 @@ class AdminOTPSerializer(serializers.ModelSerializer):
 
     def validate(self, attrs):
         """ used to validate the incoming data """
-        user = USER.objects.filter(email=attrs['email']).first()
+        user = USER.objects.filter(email=attrs.get('email')).first()
         if not user:
             raise serializers.ValidationError(ERROR_CODE['2004'])
         elif not user.is_superuser:
-            raise serializers.ValidationError(ERROR_CODE['2036'])
+            raise serializers.ValidationError(ERROR_CODE['2063'])
         attrs.update({'user': user})
         return attrs
 
@@ -67,9 +67,11 @@ class AdminOTPSerializer(serializers.ModelSerializer):
         user_data, created = UserEmailOtp.objects.get_or_create(email=email)
         if created:
             user_data.expired_at = expiry
+            user_data.user_type = dict(USER_TYPE).get('3')
         if user_data:
             user_data.otp = verification_code
             user_data.expired_at = expiry
+            user_data.user_type = dict(USER_TYPE).get('3')
         user_data.save()
         return user_data
 
@@ -93,15 +95,12 @@ class AdminVerifyOTPSerializer(serializers.Serializer):
         email = attrs.get('email')
         otp = attrs.get('otp')
 
-        user = USER.objects.filter(email=attrs['email']).first()
-        if not user:
-            raise serializers.ValidationError(ERROR_CODE['2004'])
-        elif not user.is_superuser:
-            raise serializers.ValidationError(ERROR_CODE['2036'])
         # fetch email otp object of the user
         user_otp_details = UserEmailOtp.objects.filter(email=email, otp=otp).last()
         if not user_otp_details:
-            raise serializers.ValidationError(ERROR_CODE['2008'])
+            raise serializers.ValidationError(ERROR_CODE['2064'])
+        if user_otp_details.user_type != dict(USER_TYPE).get('3'):
+            raise serializers.ValidationError(ERROR_CODE['2063'])
         if user_otp_details.expired_at.replace(tzinfo=None) < datetime.utcnow():
             raise serializers.ValidationError(ERROR_CODE['2029'])
         user_otp_details.is_verified = True
@@ -137,26 +136,12 @@ class AdminCreatePasswordSerializer(serializers.ModelSerializer):
         if new_password != confirm_password:
             raise serializers.ValidationError('password do not match')
 
-        user = USER.objects.filter(email=attrs['email']).first()
-        if not user:
-            raise serializers.ValidationError(ERROR_CODE['2004'])
-        elif not user.is_superuser:
-            raise serializers.ValidationError(ERROR_CODE['2036'])
-
         user_otp_details = UserEmailOtp.objects.filter(email=email).last()
-
-        if user_otp_details and user_otp_details.is_verified:
-            user_otp_details.delete()
-            attrs.update({'user': user})
-            return attrs
-        raise serializers.ValidationError(ERROR_CODE['2036'])
-
-    def create(self, validated_data):
-        """
-        to create password
-        :return: user
-        """
-        user = validated_data.get('user')
-        user.set_password(validated_data.get('password'))
-        user.save()
-        return user
+        if not user_otp_details:
+            raise serializers.ValidationError(ERROR_CODE['2064'])
+        if user_otp_details.user_type != dict(USER_TYPE).get('3'):
+            raise serializers.ValidationError(ERROR_CODE['2063'])
+        if not user_otp_details.is_verified:
+            raise serializers.ValidationError(ERROR_CODE['2064'])
+        user_otp_details.delete()
+        return attrs
diff --git a/web_admin/views/auth.py b/web_admin/views/auth.py
index d55cff2..009d7db 100644
--- a/web_admin/views/auth.py
+++ b/web_admin/views/auth.py
@@ -53,5 +53,7 @@ class ForgotAndResetPasswordViewSet(GenericViewSet):
         """
         serializer = self.serializer_class(data=request.data)
         serializer.is_valid(raise_exception=True)
-        serializer.save()
+        user = USER.objects.filter(email=serializer.validated_data.get('email')).first()
+        user.set_password(serializer.validated_data.get('new_password'))
+        user.save()
         return custom_response(SUCCESS_CODE['3007'])