Update OTP generation interval, enhance SMS sending functionality, and add age validation for temporary user registration

2025-04-19 23:46:53 +00:00 · 2025-04-19 16:18:45 +05:00 · 2025-04-19 16:18:45 +05:00 · c006525aaa
commit c006525aaa
parent f77779a84f
5 changed files with 92 additions and 15 deletions
--- a/api/models.py
+++ b/api/models.py
@ -79,11 +79,11 @@ class TemporaryUser(models.Model):
    otp_verified = models.BooleanField(default=False)
    def generate_otp(self):
-        totp = pyotp.TOTP(self.otp_secret, interval=300)
+        totp = pyotp.TOTP(self.otp_secret, interval=1800)
        return totp.now()
    def verify_otp(self, otp):
-        totp = pyotp.TOTP(self.otp_secret, interval=300)
+        totp = pyotp.TOTP(self.otp_secret, interval=1800)
        return totp.verify(otp)
    def is_expired(self):
--- a/api/sms.py
+++ b/api/sms.py
@ -28,3 +28,30 @@ def send_otp(mobile: str, otp: int, message: str):
    else:
        logger.debug(f"Failed to send SMS. Status code: {response.status_code}")
        return False
 def send_sms(mobile: str, message: str):
    logger.info(f"Sending SMS to {mobile}")
    try:
        if not api_url or not api_key:
            logger.debug("Failed to send SMS. Missing SMS_API_URL or SMS_API_KEY.")
            return False
        headers = {
            "Content-Type": "application/json",
            "Authorization": f"Bearer {api_key}",
        }
        data = {
            "number": mobile,
            "message": message,
            "check_delivery": False,
        }
        response = requests.post(api_url, headers=headers, data=json.dumps(data))
        if response.status_code == 200:
            return True
        else:
            logger.debug(f"Failed to send SMS. Status code: {response.status_code}")
            return False
    except requests.exceptions.RequestException as e:
        logger.debug(f"Failed to send SMS. Error: {e}")
        return False
--- a/api/tasks.py
+++ b/api/tasks.py
@ -1,8 +1,12 @@
 from django.shortcuts import get_object_or_404
 from api.models import User
 from api.sms import send_sms
 import requests
 from apibase.env import env, BASE_DIR
 import os
 import logging
 logger = logging.getLogger(__name__)
 env.read_env(os.path.join(BASE_DIR, ".env"))
@ -26,32 +30,57 @@ def verify_user_with_person_api_task(user_id: int):
        api_name = data.get("name_en")
        api_house_name = data.get("house_name_en")
        api_dob = data.get("dob")
-        print(f"API nic: {api_nic}")
+        api_atoll = data.get("atoll_en")
-        print(f"API name: {api_name}")
+        api_island_name = data.get("island_name_en")
-        print(f"API house name: {api_house_name}")
+
-        print(f"API dob: {api_dob}")
+        logger.info(f"API nic: {api_nic}")
        logger.info(f"API name: {api_name}")
        logger.info(f"API house name: {api_house_name}")
        logger.info(f"API dob: {api_dob}")
        logger.info(f"API atoll: {api_atoll}")
        logger.info(f"API island name: {api_island_name}")
        user_nic = user.id_card
        user_name = f"{user.first_name} {user.last_name}"
        user_house_name = user.address
        user_dob = user.dob.isoformat()
-        print(f"User nic: {user_nic}")
+        logger.info(f"User nic: {user_nic}")
-        print(f"User name: {user_name}")
+        logger.info(f"User name: {user_name}")
-        print(f"User house name: {user_house_name}")
+        logger.info(f"User house name: {user_house_name}")
-        print(f"User dob: {user_dob}")
+        logger.info(f"User dob: {user_dob}")
        logger.info(f"User atoll: {user.atoll}")
        logger.info(f"User island name: {user.island}")
        logger.info(f"case User atoll: {user.atoll == api_atoll}")
        logger.info("api atoll type: ", {type(api_atoll)})
        logger.info("user atoll type: ", {type(user.atoll.name)})
        logger.info(f"case User island name: {user.island == api_island_name}")
        logger.info(f"api island name type: {type(api_island_name)}")
        logger.info(f"user island name type: {type(user.island.name)}")
        if (
            data.get("nic") == user.id_card
            and data.get("name_en") == f"{user.first_name} {user.last_name}"
            and data.get("house_name_en") == user.address
            and data.get("dob").split("T")[0] == user.dob.isoformat()
            and data.get("atoll_en").strip() == user.atoll.name
            and data.get("island_name_en").strip() == user.island.name
        ):
            user.verified = True
            user.save()
            send_sms(
                user.mobile,
                f"Dear {user.first_name} {user.last_name}, \n\nYour account has been successfully and verified. \n\nYou can now manage your devices and make payments through our portal at https://portal.sarlink.net. \n\n - SAR Link",
            )
            return True
        else:
            user.verified = False
            user.save()
            send_sms(
                user.mobile,
                f"Dear {user.first_name} {user.last_name}, \n\nYour account registration is being processed. \n\nWe will notify you once verification is complete. \n\n - SAR Link",
            )
            return False
    else:
        # Handle the error case
--- a/api/views.py
+++ b/api/views.py
@ -19,6 +19,8 @@ from api.serializers import (
    TemporaryUserSerializer,
 )
 from django.shortcuts import get_object_or_404
 from django.utils import timezone
 from datetime import timedelta
 # knox imports
 from knox.views import LoginView as KnoxLoginView
@ -52,6 +54,7 @@ class ErrorMessages:
    ID_CARD_EXISTS = "ID card already exists."
    INVALID_MOBILE = "Please enter a valid mobile number."
    INVALID_ACCOUNT = "Please enter a valid account number."
    UNDERAGE_ERROR = "You must be 18 and above to signup."
 class UpdateUserWalletView(generics.UpdateAPIView):
@ -105,6 +108,23 @@ class CreateTemporaryUserView(generics.CreateAPIView):
        firstname = request.data.get("firstname")
        lastname = request.data.get("lastname")
        current_date = timezone.now()
        try:
            dob = timezone.datetime.strptime(dob, "%Y-%m-%d").date()
        except ValueError:
            return Response(
                {"message": "Invalid date format for DOB. Use YYYY-MM-DD."}, status=400
            )
        age_from_dob = (
            current_date.year
            - dob.year
            - ((current_date.month, current_date.day) < (dob.month, dob.day))
        )
        if age_from_dob < 18:
            return Response({"message": ErrorMessages.UNDERAGE_ERROR}, status=400)
        if (
            TemporaryUser.objects.filter(t_mobile=mobile).exists()
            or User.objects.filter(mobile=mobile).exists()
@ -162,11 +182,13 @@ class CreateTemporaryUserView(generics.CreateAPIView):
            t_terms_accepted=terms_accepted,
            t_policy_accepted=policy_accepted,
        )
        otp_expiry = timezone.now() + timedelta(minutes=3)
        formatted_time = otp_expiry.strftime("%d/%m/%Y %H:%M:%S")
        otp = temp_user.generate_otp()
        send_otp(
            temp_user.t_mobile,
            otp,
-            f"Your Registration SARLink OTP is: {otp}, valid for 30 seconds. Please do not share it with anyone.",
+            f"Your Registration SARLink OTP: {otp}. \nExpires at {formatted_time}. \n\n- SAR Link",
        )
        serializer = self.get_serializer(temp_user)
        headers = self.get_success_headers(serializer.data)
--- a/apibase/settings.py
+++ b/apibase/settings.py
@ -205,8 +205,7 @@ AUTH_PASSWORD_VALIDATORS = [
 LANGUAGE_CODE = "en-us"
-TIME_ZONE = "UTC"
+TIME_ZONE = "Asia/Atyrau"
 USE_I18N = True
 USE_TZ = True
@ -293,7 +292,7 @@ STORAGES = {
 LOGGING_CONFIG = None
-LOGLEVEL = os.environ.get("LOGLEVEL", "WARNING").upper()
+LOGLEVEL = os.environ.get("LOGLEVEL", "INFO").upper()
 logging.config.dictConfig(
    {
@ -321,7 +320,7 @@ logging.config.dictConfig(
        },
        "loggers": {
            "": {
-                "level": "WARNING",
+                "level": LOGLEVEL,
                "handlers": ["console"],
            },
            "app": {