changes

App/Android/Android.py

@@ -75,14 +75,18 @@ class AndroidClient:
     async def remove_session(self, phone_number) -> APIResponse:
         """Enable or disable a user."""
         path = f"/users/{phone_number}/remove-session"
-        response = await self.client.post(path, json=None)
-        return APIResponse(**response.json())
+        try:
+            response = await self.client.post(path, json=None)
+            return APIResponse(**response.json())
+        except:
+            pass
 
     @require_base_url
-    async def disable_user(self, request: SetUserStatusRequest) -> APIResponse:
+    async def _disable_request(self, request: SetUserStatusRequest) -> APIResponse:
         """disable a user."""
         path = f"/users/{request.phone}/disable"
         response = await self.client.post(path, json=None)
+
         return APIResponse(**response.json())
 
     @require_base_url
@@ -143,6 +147,6 @@ class AndroidClient:
 
     async def deactivate_user(self, phone_number: str):
         request = SetUserStatusRequest(phone=phone_number, disabled=False)
-        await self.disable_user(request=request)
+        await self._disable_request(request=request)
         # Replace this with actual API call logic
         return {"status": "success", "message": "User activated."}

App/Android/Schema.py

@@ -66,8 +66,9 @@ class UserListItem(BaseModel):
 class APIResponse(BaseModel):
     success: bool
     message: str
-    data: Optional[Dict[str, Any]] = None
+    data: Optional[Any] = None
     error: Optional[str] = None
+    active_users: Optional[Any] = None
 
 
 # Specific Response Schemas

App/Messages/MessagesRoute.py

@@ -1,5 +1,6 @@
 # App/Messages/Routes.py
-from fastapi import APIRouter, HTTPException
+from fastapi import APIRouter, HTTPException, Depends
+from typing import List
 from .Model import Message
 from .Schema import MessageCreate, MessageResponse
 from typing import Optional
@@ -16,6 +17,30 @@ from tortoise.contrib.pydantic import pydantic_model_creator
 import traceback
 import logging
 
+from App.Users.dependencies import (
+    get_current_active_user,
+    UserType,
+)  # Assuming you have a dependency to get the current user
+
+message_router = APIRouter(tags=["Messages"])
+
+
+@message_router.get("/messages", response_model=List[MessageResponse])
+async def get_all_messages(current_user: User = Depends(get_current_active_user)):
+    # Check if the current user is an admin
+    if current_user.user_type != UserType.ADMIN:
+        raise HTTPException(
+            status_code=403,
+            detail="User does not have permission to access this resource",
+        )
+
+    # Fetch all messages from the database
+    messages = await Message.all()
+
+    # Serialize the messages
+    return [MessageResponse.from_orm(message) for message in messages]
+
+
 message_router = APIRouter(tags=["Messages"], prefix="/messages")
 logging.basicConfig(level=logging.WARNING)
 
@@ -57,9 +82,7 @@ async def receive_message(message_data: MessageCreate):
         message = await Message.get_or_none(message_id=message_data.id)
         if not message:
             # Process Mpesa Payments
-            user: User = await User.get_or_none(
-                phoneNumber="+" + parsed_data["phone_number"]
-            )
+            user: User = await User.get_or_none(phoneNumber=parsed_data["phone_number"])
             data_plan: Plan = await Plan.get_or_none(
                 amount=Decimal(parsed_data["amount_received"])
             )

App/Payments/PaymentsRoutes.py

@@ -1,5 +1,6 @@
-from fastapi import APIRouter, HTTPException, status
+from fastapi import APIRouter, HTTPException, status, Query, Depends
 from typing import List
+from datetime import datetime
 from .Model import Payment
 from App.Users.Model import User
 from App.Plans.Model import Plan
@@ -12,12 +13,17 @@ from .Schema import (
     PaymentListResponse,
 )
 from .Schema import PaymentMethod
+from App.Users.dependencies import (
+    get_current_active_user,
+    UserType,
+)  # Assuming you have a dependency to get the current user
+
 
 payment_router = APIRouter(tags=["Payments"])
 
 
 @payment_router.post("/payment/create", response_model=BaseResponse)
-async def create_payment(request: CreatePaymentRequest, internal=False):
+async def create_payment(request: CreatePaymentRequest, internal: bool = False):
     # If payment method is "Lipa Number", transaction_id is required
     if (
         request.payment_method == PaymentMethod.LIPA_NUMBER
@@ -35,6 +41,14 @@ async def create_payment(request: CreatePaymentRequest, internal=False):
             status_code=status.HTTP_404_NOT_FOUND, detail="Plan not found"
         )
 
+    payment = await Payment.get_or_none(transaction_id=request.transaction_id)
+
+    if payment:
+        return BaseResponse(
+            code=404,
+            message="Payment already exists",
+            payload={"payment_id": str(payment.id)},
+        )
     # Create new payment without linking a user initially
     payment = await Payment.create(
         user_id=request.user_id,
@@ -148,3 +162,64 @@ async def link_user_to_payment(payment_id: str, request: UpdatePaymentUserReques
         message="Payment linked to user successfully",
         payload={"payment_id": str(payment.id), "user_id": request.user_id},
     )
+
+
+@payment_router.get("/payments/date-range", response_model=PaymentListResponse)
+async def get_payments_by_date_range(
+    start_date: datetime = Query(..., description="Start date in ISO format"),
+    end_date: datetime = Query(..., description="End date in ISO format"),
+):
+    if start_date > end_date:
+        raise HTTPException(
+            status_code=400, detail="Start date must be less than or equal to end date"
+        )
+
+    payments = await Payment.filter(created_time__range=(start_date, end_date))
+
+    result = [
+        PaymentResponse(
+            id=str(payment.id),
+            user_id=payment.user_id,
+            plan_id=payment.plan_id,
+            amount=payment.amount,
+            payment_method=payment.payment_method,
+            status=payment.status,
+            transaction_id=payment.transaction_id,
+            created_time=payment.created_time,
+            updated_time=payment.updated_time,
+        )
+        for payment in payments
+    ]
+
+    return PaymentListResponse(payments=result, total_count=len(result))
+
+
+@payment_router.get("/payments/user/{user_id}", response_model=PaymentListResponse)
+async def get_user_payment_history(
+    user_id: str, current_user: User = Depends(get_current_active_user)
+):
+    # Optionally, you can check if the current user has permission to view this user's payment history
+    if current_user.user_type != UserType.ADMIN and current_user.id != user_id:
+        raise HTTPException(
+            status_code=403,
+            detail="User does not have permission to view this payment history",
+        )
+
+    payments = await Payment.filter(user_id=user_id)
+
+    result = [
+        PaymentResponse(
+            id=str(payment.id),
+            user_id=payment.user_id,
+            plan_id=payment.plan_id,
+            amount=payment.amount,
+            payment_method=payment.payment_method,
+            status=payment.status,
+            transaction_id=payment.transaction_id,
+            created_time=payment.created_time,
+            updated_time=payment.updated_time,
+        )
+        for payment in payments
+    ]
+
+    return PaymentListResponse(payments=result, total_count=len(result))

App/Payments/Schema.py

@@ -10,6 +10,7 @@ class BaseResponse(BaseModel):
     payload: Optional[dict] = None
 
 
+### Constants
 class PaymentMethod:
     CASH = "cash"
     MPESA = "mpesa"
@@ -19,6 +20,12 @@ class PaymentMethod:
     CHOICES = [CASH, MPESA, LIPA_NUMBER, CREDIT_CARD]
 
 
+class PaymentStatus:
+    ADDED_TO_BALANCE = "Added to balance"
+    PURCHASED_PLAN = "Purchased plan"
+    PENDING = "PENDING"
+
+
 class CreatePaymentRequest(BaseModel):
     user_id: Optional[str] = Field(
         None, description="ID of the user making the payment"

App/Users/Constants.py

@@ -0,0 +1,11 @@
+class UserType:
+    ADMIN = 1
+    MODERATOR = 2
+    USER = 4
+
+
+class ErrorCodes:
+    NOT_FOUND = 1
+    MIKROTIK = 2
+    INVALID_CREDENTIALS = 3
+    SERVER_ERROR = 0

App/Users/Model.py

@@ -7,6 +7,7 @@ from App.Android.Schema import RegisterUserRequest as AndroidRegister
 from App.Templates.Templates import MessageTemplate
 from App.Subscriptions.Model import Subscription
 from App.Plans.Model import Plan
+from .Constants import UserType
 import datetime
 import uuid
 import random
@@ -36,6 +37,7 @@ class User(models.Model):
     id = fields.CharField(primary_key=True, max_length=5, default=generate_short_uuid)
     name = fields.CharField(max_length=100)
     password = fields.CharField(max_length=100)  # Stores hashed password
+    user_type = fields.IntField(default=UserType.USER)
     phoneNumber = fields.CharField(max_length=15, unique=True)
     balance = fields.DecimalField(max_digits=10, decimal_places=2, default=0.00)
     mac_address = fields.CharField(max_length=17)
@@ -43,6 +45,7 @@ class User(models.Model):
     updatedAt = fields.DatetimeField(auto_now=True)
     lastLogin = fields.DatetimeField(default=datetime.datetime.now)
     failed_attempts = fields.IntField(default=0)
+
     account_locked = fields.BooleanField(default=False)
     reset_token = fields.CharField(max_length=6, null=True, unique=True)
     reset_token_expiration = fields.DatetimeField(null=True)
@@ -96,6 +99,16 @@ class User(models.Model):
             await self.save()
             return False
 
+    async def toggle_status(self):
+        if self.account_locked:
+            await self.activate_user()
+            self.account_locked = False
+        else:
+            await self.deactivate_user()
+            self.account_locked = True
+        # self.account_locked = not self.account_locked
+        await self.save()
+
     async def initiate_password_reset(self):
         """Generates a reset token and sends it to the user via message."""
         self.reset_token = f"{random.randint(100000, 999999)}"
@@ -321,8 +334,6 @@ class User(models.Model):
 
     async def deactivate_user(self):
 
-        self.account_locked = True
-        await self.save()
         await self.remover_user_session()
 
         try:

App/Users/Schema.py

@@ -54,7 +54,8 @@ class RegisterUserRequest(BaseModel):
 class LoginUserRequest(BaseModel):
     phoneNumber: str = Field(..., pattern=PHONE_PATTERN)
     password: str
-    mac_address: str = Field(..., pattern=MAC_PATTERN)
+    # grant_type: Optional[str] = None
+    mac_address: Optional[str] = Field(..., pattern=MAC_PATTERN)
 
 
 # Access Token Response

App/Users/UserRoutes.py

@@ -1,4 +1,5 @@
-from fastapi import APIRouter, HTTPException, status, Depends
+from fastapi import APIRouter, HTTPException, status, Depends, Query
+from fastapi.responses import JSONResponse
 from .Schema import (
     RegisterUserRequest,
     LoginUserRequest,
@@ -17,12 +18,14 @@ from App.Subscriptions.Model import Subscription
 from App.Android.Android import AndroidClient
 from App.Android.Schema import RegisterUserRequest as AndroidRegister
 from App.Templates.Templates import MessageTemplate
-from .dependencies import get_current_active_user
+from .dependencies import get_current_active_user, get_admin_user
+from App.Android.Schema import APIResponse
+
 
 # JWT Configurations
 SECRET_KEY = "your_secret_key_here"
 ALGORITHM = "HS256"
-ACCESS_TOKEN_EXPIRE_MINUTES = 30
+ACCESS_TOKEN_EXPIRE_MINUTES = 300
 user_router = APIRouter(tags=["User"])
 client = AndroidClient()
 templates = MessageTemplate()
@@ -64,6 +67,13 @@ async def register_user(request: RegisterUserRequest):
 async def login_user(request: LoginUserRequest):
     # Find user by phone number
     db_user: User = await User.filter(phoneNumber=request.phoneNumber).first()
+
+    # Raise an error if the user does not exist
+    if db_user is None:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND, detail="User not found."
+        )
+
     valid_password = await db_user.verify_password(request.password)
     # Check if user exists and password is correct
     if db_user and valid_password:
@@ -81,6 +91,7 @@ async def login_user(request: LoginUserRequest):
             await db_user.remover_user_session()
         access_token = create_access_token(
             data={
+                "user_type": db_user.user_type,
                 "user_name": db_user.name,
                 "sub": db_user.phoneNumber,
                 "locked": db_user.account_locked,
@@ -142,24 +153,26 @@ async def reset_password(request: ResetPasswordRequest):
 
 
 @user_router.get(
-    "/user/all", response_model=List[UserResponse], status_code=status.HTTP_200_OK
+    "/user/all",
+    response_model=List[UserResponse],
+    status_code=status.HTTP_200_OK,
 )
-async def get_all_users():
+async def get_all_users(admin: User = Depends(get_admin_user)):
     users = await User.all()
     return [UserResponse.from_orm(user) for user in users]
 
 
-# @user_router.delete(
-#     "/user/{user_id}", response_model=BaseResponse, status_code=status.HTTP_200_OK
-# )
-# async def delete_user(user_id: str):
-#     user = await User.filter(id=user_id).first()
-#     if not user:
-#         raise HTTPException(
-#             status_code=status.HTTP_404_NOT_FOUND, detail="User not found."
-#         )
-#     await user.delete()
-#     return BaseResponse(code=200, message="User deleted successfully.")
+@user_router.delete(
+    "/user/{user_id}", response_model=BaseResponse, status_code=status.HTTP_200_OK
+)
+async def delete_user(user_id: str, admin: User = Depends(get_current_active_user)):
+    user = await User.filter(id=user_id).first()
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND, detail="User not found."
+        )
+    await user.delete()
+    return BaseResponse(code=200, message="User deleted successfully.")
 
 
 @user_router.put(
@@ -173,8 +186,7 @@ async def toggle_user_status(user_id: str):
         raise HTTPException(
             status_code=status.HTTP_404_NOT_FOUND, detail="User not found."
         )
-    user.account_locked = not user.account_locked
-    await user.save()
+    await user.toggle_status()
     message = (
         "User disabled successfully."
         if user.account_locked
@@ -207,3 +219,62 @@ async def activate_user(user_id: str):
         raise HTTPException(
             status_code=status.HTTP_400_BAD_REQUEST, detail="Failed to activate user."
         )
+
+
+@user_router.get(
+    "/users/active", response_model=List[str]
+)  # Change response model to List[str]
+async def get_active_users():
+    # Fetch all active users using the Android client
+    api_response: APIResponse = await client.get_active_users()
+    active_users = api_response.active_users
+
+    if not api_response or not active_users:
+        return JSONResponse(content={"status": 200, "message": "no users online"})
+
+    # Collect phone numbers from active users
+    active_phone_numbers = [user["phone"] for user in active_users]
+
+    # Filter users from the database using the collected phone numbers
+    users_in_db = await User.filter(phoneNumber__in=active_phone_numbers).all()
+
+    # Extract usernames from the matched users
+    usernames = [
+        {"name": user.name, "phone": user.phoneNumber} for user in users_in_db
+    ]  # Assuming 'name' is the field for username in the User model
+
+    if not usernames:
+        return JSONResponse(
+            content={"status": 200, "message": "No matching active users found."}
+        )
+
+    return JSONResponse(
+        content={
+            "status": 200,
+            "message": f"Found {len(usernames)} active",
+            "payload": usernames,
+        }
+    )
+
+
+@user_router.get("/user/active", response_model=List[UserResponse])
+async def get_active_user(phone_numbers: List[str] = Query(...)):
+    # Fetch all active users using the Android client
+    api_response: APIResponse = await client.get_active_users()
+    active_users = api_response.active_users
+    if not api_response or not api_response.active_users:
+        return JSONResponse(content={"status": 200, "message": "no users online"})
+
+    # Filter active users by matching phone numbers
+    matched_users = [
+        UserResponse.from_orm(user)
+        for user in active_users
+        if user["phone"] in phone_numbers
+    ]
+
+    if not matched_users:
+        return JSONResponse(
+            content={"status": 200, "message": "No matching active users found."}
+        )
+
+    return matched_users

App/Users/dependencies.py

@@ -1,6 +1,7 @@
 from fastapi import Depends, HTTPException, status
 from jose import jwt
-from App.Users.Model import User
+from .Model import User
+from .Constants import UserType
 from fastapi.security import OAuth2PasswordBearer
 
 SECRET_KEY = "your_secret_key_here"
@@ -26,3 +27,14 @@ async def get_current_user(token: str = Depends(oauth2_scheme)):
 
 async def get_current_active_user(current_user: User = Depends(get_current_user)):
     return current_user
+
+
+async def get_admin_user(current_user: User = Depends(get_current_active_user)):
+    print(current_user.user_type, current_user.name)
+    if current_user.user_type != UserType.ADMIN:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="User does not have permission",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    return current_user

migrations/models/0_20241204103359_init.py

@@ -0,0 +1,105 @@
+from tortoise import BaseDBAsyncClient
+
+
+async def upgrade(db: BaseDBAsyncClient) -> str:
+    return """
+        CREATE TABLE IF NOT EXISTS "messages" (
+    "id" UUID NOT NULL  PRIMARY KEY,
+    "device_id" VARCHAR(100),
+    "event" VARCHAR(100),
+    "message_id" VARCHAR(100),
+    "webhook_id" VARCHAR(100),
+    "message_content" TEXT NOT NULL,
+    "phone_number" VARCHAR(20) NOT NULL,
+    "received_at" TIMESTAMPTZ NOT NULL,
+    "sim_number" INT,
+    "parsed_data" JSONB,
+    "created_time" TIMESTAMPTZ NOT NULL  DEFAULT CURRENT_TIMESTAMP
+);
+CREATE TABLE IF NOT EXISTS "plans" (
+    "id" UUID NOT NULL  PRIMARY KEY,
+    "name" VARCHAR(100) NOT NULL UNIQUE,
+    "amount" DECIMAL(10,2) NOT NULL,
+    "duration" INT NOT NULL,
+    "download_speed" DOUBLE PRECISION NOT NULL,
+    "upload_speed" DOUBLE PRECISION NOT NULL,
+    "expire_date" TIMESTAMPTZ,
+    "is_promo" BOOL NOT NULL  DEFAULT False,
+    "promo_duration_days" INT,
+    "is_valid" BOOL NOT NULL  DEFAULT True
+);
+COMMENT ON COLUMN "plans"."name" IS 'Name of the subscription plan';
+COMMENT ON COLUMN "plans"."amount" IS 'Cost of the plan';
+COMMENT ON COLUMN "plans"."duration" IS 'Duration of the subscription in hours';
+COMMENT ON COLUMN "plans"."download_speed" IS 'Download speed in Mbps';
+COMMENT ON COLUMN "plans"."upload_speed" IS 'Upload speed in Mbps';
+COMMENT ON COLUMN "plans"."expire_date" IS 'Expiration date of the plan';
+COMMENT ON COLUMN "plans"."is_promo" IS 'Indicates if the plan is a promotional plan';
+COMMENT ON COLUMN "plans"."promo_duration_days" IS 'Number of days the promotion is valid';
+COMMENT ON COLUMN "plans"."is_valid" IS 'Indicates if the plan is valid';
+CREATE TABLE IF NOT EXISTS "portals" (
+    "id" SERIAL NOT NULL PRIMARY KEY,
+    "name" VARCHAR(50) NOT NULL UNIQUE,
+    "description" VARCHAR(255) NOT NULL,
+    "url" VARCHAR(255) NOT NULL
+);
+COMMENT ON COLUMN "portals"."name" IS 'Name of the portal, e.g., Android or MikroTik';
+COMMENT ON COLUMN "portals"."description" IS 'Description of the portal';
+COMMENT ON COLUMN "portals"."url" IS 'URL of the portal, must start with http or https';
+CREATE TABLE IF NOT EXISTS "users" (
+    "id" VARCHAR(5) NOT NULL  PRIMARY KEY,
+    "name" VARCHAR(100) NOT NULL,
+    "password" VARCHAR(100) NOT NULL,
+    "phoneNumber" VARCHAR(15) NOT NULL UNIQUE,
+    "balance" DECIMAL(10,2) NOT NULL  DEFAULT 0,
+    "mac_address" VARCHAR(17) NOT NULL,
+    "createdAt" TIMESTAMPTZ NOT NULL  DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMPTZ NOT NULL  DEFAULT CURRENT_TIMESTAMP,
+    "lastLogin" TIMESTAMPTZ NOT NULL,
+    "failed_attempts" INT NOT NULL  DEFAULT 0,
+    "account_locked" BOOL NOT NULL  DEFAULT False,
+    "reset_token" VARCHAR(6)  UNIQUE,
+    "reset_token_expiration" TIMESTAMPTZ
+);
+CREATE TABLE IF NOT EXISTS "payments" (
+    "id" UUID NOT NULL  PRIMARY KEY,
+    "amount" DECIMAL(10,2) NOT NULL,
+    "status" VARCHAR(50) NOT NULL  DEFAULT 'pending',
+    "payment_method" VARCHAR(50) NOT NULL,
+    "transaction_id" VARCHAR(100)  UNIQUE,
+    "created_time" TIMESTAMPTZ NOT NULL  DEFAULT CURRENT_TIMESTAMP,
+    "updated_time" TIMESTAMPTZ NOT NULL  DEFAULT CURRENT_TIMESTAMP,
+    "plan_id" UUID REFERENCES "plans" ("id") ON DELETE CASCADE,
+    "user_id" VARCHAR(5) REFERENCES "users" ("id") ON DELETE CASCADE
+);
+COMMENT ON COLUMN "payments"."amount" IS 'Payment amount';
+COMMENT ON COLUMN "payments"."status" IS 'Payment status (e.g., pending, completed, failed, balance-assigned)';
+COMMENT ON COLUMN "payments"."payment_method" IS 'Payment method';
+COMMENT ON COLUMN "payments"."transaction_id" IS 'Unique transaction ID for payment (for methods like Lipa Number)';
+COMMENT ON COLUMN "payments"."plan_id" IS 'Plan associated with the payment';
+CREATE TABLE IF NOT EXISTS "subscriptions" (
+    "id" UUID NOT NULL  PRIMARY KEY,
+    "active" BOOL NOT NULL  DEFAULT True,
+    "duration" INT NOT NULL,
+    "download_mb" DOUBLE PRECISION NOT NULL  DEFAULT 0,
+    "upload_mb" DOUBLE PRECISION NOT NULL  DEFAULT 0,
+    "created_time" TIMESTAMPTZ NOT NULL  DEFAULT CURRENT_TIMESTAMP,
+    "expiration_time" TIMESTAMPTZ,
+    "plan_id" UUID REFERENCES "plans" ("id") ON DELETE CASCADE,
+    "user_id" VARCHAR(5) NOT NULL REFERENCES "users" ("id") ON DELETE CASCADE
+);
+COMMENT ON COLUMN "subscriptions"."duration" IS 'Duration in hours';
+COMMENT ON COLUMN "subscriptions"."download_mb" IS 'Download usage in megabytes';
+COMMENT ON COLUMN "subscriptions"."upload_mb" IS 'Upload usage in megabytes';
+COMMENT ON COLUMN "subscriptions"."plan_id" IS 'Plan associated with the subscription';
+CREATE TABLE IF NOT EXISTS "aerich" (
+    "id" SERIAL NOT NULL PRIMARY KEY,
+    "version" VARCHAR(255) NOT NULL,
+    "app" VARCHAR(100) NOT NULL,
+    "content" JSONB NOT NULL
+);"""
+
+
+async def downgrade(db: BaseDBAsyncClient) -> str:
+    return """
+        """

migrations/models/1_20241204103440_add_user_type_field.py

@@ -0,0 +1,11 @@
+from tortoise import BaseDBAsyncClient
+
+
+async def upgrade(db: BaseDBAsyncClient) -> str:
+    return """
+        ALTER TABLE "users" ADD "user_type" INT NOT NULL  DEFAULT 4;"""
+
+
+async def downgrade(db: BaseDBAsyncClient) -> str:
+    return """
+        ALTER TABLE "users" DROP COLUMN "user_type";"""