o *i)@sRddlZddlZddlZddlmZmZddlmZddlmZm Z ddl m Z ddl m Z ddlmZddlmZdd lmZdd lmZdd lmZdd lmZddlZeed gddZeddZdZdZdZdZGdddej Z!ddZ"de#de#fddZ$de#dede#fdd Z%de#fd!d"Z&d#e#d$e#de#fd%d&Z'de#fd'd(Z(dS))N)datetime timedelta) CryptContext) HTTPExceptionstatus)create_access_token)str_to_objectid)get_role_service) FeatureBase)verify_google_token)send_welcome_email)ObjectId) load_dotenvbcryptauto)schemes deprecatedi7)minutesusersaccounts subscriptionsprojectscseZdZfddZZS)CustomJSONEncodercs0t|tr |St|trt|St|S)N) isinstancer isoformatr strsuperdefault)selfobj __class__6/var/www/html/moveengine/app/v1/services/saas/login.pyr s   zCustomJSONEncoder.default)__name__ __module__ __qualname__r __classcell__r"r"r r#rsrcCs^t|trdd|DSt|trdd|DSt|tjr$|St|tr-t|S|S)NcSsi|] \}}|t|qSr"serialize_data).0kvr"r"r# )sz"serialize_data..cSsg|]}t|qSr"r()r*itemr"r"r# +sz"serialize_data..)rdictitemslistrrr r)rr"r"r#r)'s    r) user_datareturnc sjttdd}|dd|dd|dd|d||d d|d r|t}|d t|d i}|r|dd|d<|d d|d<|dd|d<|d r}|t}|d t|d i}|r||d d|d <|d||d<n|t }| |d dd}||d <|d} | rt | |} | r| di|d<|d} t | } | |d<|S)z Enriches user data with common details: - Account information (subscription, active agents, etc.) - Role rights from roles service. ALLOWED_FREE_AGENTS5 account_typersubscription_idsubscription_statussubscription_agents active_agents account_id_idactive_subscription_idactive_agents_countsubscription_agents_countACTIVE)r=rroles permissions role_rightsfeatures role_features)intosgetenv setdefaultgetACCOUNT_COLLECTION_NAMEfind_onerSUBSCRIPTION_COLLECTION_NAMEPROJECT_COLLECTION_NAMEcount_documentsr r2find) r3dbr5accounts_collection account_infosubscription_collection subscriptionproject_collectionactive_projects_countrole_idrolefeatures_collection features_listr"r"r#enrich_user_data3sL          r^token_expires_deltac st||IdH}td|d|ddi|d}|d}t|tr(t|}n|s,d}d}|rN|dd |id d d }t |}|rNt|d d}||d<t |}d||dS)z Common login processing: - Enrich user data with account/role details. - Generate a JWT token. - Serialize user data for the response. Nsubemailmobiler9)data expires_delta workforce_id iot_devicesassociated_entity_id last_updatedrr> device_idzLogin Successful)messageusertoken) r^rrLrr rrRsortlimitr2r))r3rSr_rnrerkiot_device_cursoriot_device_listr"r"r#process_user_loginis0     rscs|td|ji}|stdddt|j|ds#tddd|jr7|t d|did d |jiit ||t Id HS) z+ Handles the email/password login. raizUser not found status_codedetailhashed_passwordizInvalid credentialsr>$set fcm_tokenN) COLLECTION_NAMErNrar pwd_contextverifypasswordrLry update_onersaccess_token_expires) user_loginrS user_in_dbr"r"r# login_users    rpayload otp_storec s|d}|d}|r|durtddd||vr!tddd||}t|dkr6||=tdd d|dt|krDtdd d||=|t}|d |i}|sn|ttd d d d dd}||j} | |d<n| d|diddtii|}t ||t IdHS)a Verifies the OTP for a phone login. This function handles: - Validating the OTP (using an in-memory store for demo purposes) - Looking up (or creating) the user by phone - Processing the login (enriching user data and generating JWT token) phoneotpNiz"Phone number and OTP are required.rtz#OTP not sent for this phone number.expiresz OTP expired.z Invalid OTP.rbTr9)rb created_date last_login is_active is_verifiedmobile_verifiedr=rZr>rxr) rLrrutcnowrHrzrN insert_one inserted_idr~rsr) rrSrr otp_submittedstoredusers_collectionrr3rr"r"r#verify_phone_otp_servicesD         rc s6t|j}|sttjdd|t}|d|di}|sx|d|d|dd|dt t t ddd d }|d }|d|di}|rZ|d d|d <|d d|d<| |j } | |d<| t |d|dt||tIdHSt |dd} |d|did| i|| t||tIdHS)z' Handles Google Connect login. zInvalid Google token.rtranamepicturer9 refresh_tokenTF) rarpicurlgoogle_connectrr date_of_birthrrremailsr=r[ rZr>N)rrrx)r rnrrHTTP_401_UNAUTHORIZEDrzrNrLrrrradd_taskr rsrr~update) google_tokenbackground_tasksrS user_inforrr3emails_collection invitationr update_datar"r"r#google_connect_users>     r))jsonrIrandomrrpasslib.contextrfastapirrapp.v1.dependencies.authrapp.v1.libraries.objectrapp.v1.services.saas.rolesr app.v1.models.crudmodelr app.v1.libraries.googleconnectr app.v1.libraries.email_templatesr bsonr dotenvrr{rrzrMrOrP JSONEncoderrr)r0r^rsrrrr"r"r"r#s:           6-: