Izaac/izaac-2
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Jakub Kaniecki 2025-05-18 16:23:03 +02:00
commit 12c76e3e5a
220 changed files with 31696 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored Normal file
View File

Binary file not shown.

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
node_modules

81
README.md Normal file
View File

@ -0,0 +1,81 @@
# Izaac 2.1 Project
This project consists of a Django backend and a React/TypeScript frontend. Below are instructions for setting up and running both parts in development mode.
## Prerequisites
- Python 3.x
- Node.js (LTS version recommended)
- npm or yarn
- SQLite (included with Python)
## Backend Setup
1. Navigate to the backend directory:
```bash
cd backend
```
2. Create and activate a virtual environment:
```bash
python -m venv venv
source venv/bin/activate # On Windows use: venv\Scripts\activate
```
3. Install dependencies:
```bash
pip install -r requirements.txt
```
4. Run database migrations:
```bash
python manage.py migrate
```
5. Start the development server:
```bash
python manage.py runserver
```
The backend will be available at `http://localhost:8000`
## Frontend Setup
1. Navigate to the frontend directory:
```bash
cd frontend
```
2. Install dependencies:
```bash
npm install
# or if you use yarn:
yarn install
```
3. Start the development server:
```bash
npm run dev
# or if you use yarn:
yarn dev
```
The frontend will be available at `http://localhost:5173`
## Development
- Backend API documentation is available at `http://localhost:8000/api/docs/` when the server is running
- Frontend hot-reloading is enabled by default
- Backend hot-reloading is enabled by default with Django's development server
## Project Structure
- `/backend` - Django backend application
- `/frontend` - React/TypeScript frontend application
- `/nginx` - Nginx configuration files
## Additional Notes
- Make sure both backend and frontend servers are running simultaneously for full functionality
- The backend uses SQLite as the database by default
- Frontend is built with Vite and uses Tailwind CSS for styling

9
backend/.gitignore vendored Normal file
View File

@ -0,0 +1,9 @@
# Created by venv; see https://docs.python.org/3/library/venv.html
/bin
/lib
/include
/share
/man
/doc
/html
pyvenv.cfg

0
backend/README.md Normal file
View File

0
backend/content/__init__.py Normal file
View File

BIN
backend/content/__pycache__/__init__.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/__pycache__/admin.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/__pycache__/apps.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/__pycache__/models.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/__pycache__/serializers.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/__pycache__/urls.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/__pycache__/views.cpython-313.pyc Normal file
View File

Binary file not shown.

3
backend/content/admin.py Normal file
View File

@ -0,0 +1,3 @@
from django.contrib import admin
# Register your models here.

6
backend/content/apps.py Normal file
View File

@ -0,0 +1,6 @@
from django.apps import AppConfig
class ContentConfig(AppConfig):
default_auto_field = 'django.db.models.BigAutoField'
name = 'content'

59
backend/content/migrations/0001_initial.py Normal file
View File

@ -0,0 +1,59 @@
# Generated by Django 4.2 on 2025-05-01 18:16
from django.db import migrations, models
class Migration(migrations.Migration):
initial = True
dependencies = [
]
operations = [
migrations.CreateModel(
name='Category',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('name', models.CharField(max_length=255)),
('slug', models.SlugField(unique=True)),
],
),
migrations.CreateModel(
name='Comment',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('content', models.TextField(max_length=2000)),
('approved', models.BooleanField(default=False)),
('created_at', models.DateTimeField(auto_now_add=True)),
],
),
migrations.CreateModel(
name='Page',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('title', models.CharField(max_length=255)),
('content', models.TextField()),
('status', models.CharField(choices=[('draft', 'Draft'), ('pending', 'Pending Review'), ('published', 'Published')], default='draft', max_length=10)),
('created_at', models.DateTimeField(auto_now_add=True)),
('updated_at', models.DateTimeField(auto_now=True)),
],
options={
'abstract': False,
},
),
migrations.CreateModel(
name='Post',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('title', models.CharField(max_length=255)),
('content', models.TextField()),
('status', models.CharField(choices=[('draft', 'Draft'), ('pending', 'Pending Review'), ('published', 'Published')], default='draft', max_length=10)),
('created_at', models.DateTimeField(auto_now_add=True)),
('updated_at', models.DateTimeField(auto_now=True)),
],
options={
'abstract': False,
},
),
]

53
backend/content/migrations/0002_initial.py Normal file
View File

@ -0,0 +1,53 @@
# Generated by Django 4.2 on 2025-05-01 18:16
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
initial = True
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('content', '0001_initial'),
]
operations = [
migrations.AddField(
model_name='post',
name='author',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
),
migrations.AddField(
model_name='post',
name='category',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='content.category'),
),
migrations.AddField(
model_name='page',
name='author',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
),
migrations.AddField(
model_name='page',
name='category',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='content.category'),
),
migrations.AddField(
model_name='comment',
name='author',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
),
migrations.AddField(
model_name='comment',
name='page',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='content.page'),
),
migrations.AddField(
model_name='comment',
name='post',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='content.post'),
),
]

30
backend/content/migrations/0002_initial_categories.py Normal file
View File

@ -0,0 +1,30 @@
from django.db import migrations
def create_initial_categories(apps, schema_editor):
Category = apps.get_model('content', 'Category')
default_categories = [
{'name': 'General', 'slug': 'general'},
{'name': 'Technology', 'slug': 'technology'},
{'name': 'Science', 'slug': 'science'},
{'name': 'Programming', 'slug': 'programming'},
{'name': 'News', 'slug': 'news'},
]
for category in default_categories:
Category.objects.get_or_create(
name=category['name'],
slug=category['slug']
)
def remove_initial_categories(apps, schema_editor):
Category = apps.get_model('content', 'Category')
Category.objects.filter(slug__in=['general', 'technology', 'science', 'programming', 'news']).delete()
class Migration(migrations.Migration):
dependencies = [
('content', '0001_initial'),
]
operations = [
migrations.RunPython(create_initial_categories, remove_initial_categories),
]

31
backend/content/migrations/0003_uploadedimage.py Normal file
View File

@ -0,0 +1,31 @@
# Generated by Django 4.2 on 2025-05-01 19:05
from django.conf import settings
import django.core.validators
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('content', '0002_initial'),
]
operations = [
migrations.CreateModel(
name='UploadedImage',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('image', models.ImageField(upload_to='uploads/%Y/%m/%d/', validators=[django.core.validators.FileExtensionValidator(allowed_extensions=['jpg', 'jpeg', 'png', 'gif', 'webp'])])),
('title', models.CharField(max_length=255)),
('uploaded_at', models.DateTimeField(auto_now_add=True)),
('file_size', models.PositiveIntegerField()),
('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
],
options={
'ordering': ['-uploaded_at'],
},
),
]

14
backend/content/migrations/0004_merge_0002_initial_categories_0003_uploadedimage.py Normal file
View File

@ -0,0 +1,14 @@
# Generated by Django 4.2 on 2025-05-01 19:19
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('content', '0002_initial_categories'),
('content', '0003_uploadedimage'),
]
operations = [
]

31
backend/content/migrations/0005_tag_page_tags_post_tags.py Normal file
View File

@ -0,0 +1,31 @@
# Generated by Django 4.2 on 2025-05-04 10:54
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('content', '0004_merge_0002_initial_categories_0003_uploadedimage'),
]
operations = [
migrations.CreateModel(
name='Tag',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('name', models.CharField(max_length=255)),
('slug', models.SlugField(unique=True)),
],
),
migrations.AddField(
model_name='page',
name='tags',
field=models.ManyToManyField(blank=True, to='content.tag'),
),
migrations.AddField(
model_name='post',
name='tags',
field=models.ManyToManyField(blank=True, to='content.tag'),
),
]

23
backend/content/migrations/0006_page_slug_post_slug.py Normal file
View File

@ -0,0 +1,23 @@
# Generated by Django 4.2 on 2025-05-10 23:27
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('content', '0005_tag_page_tags_post_tags'),
]
operations = [
migrations.AddField(
model_name='page',
name='slug',
field=models.SlugField(blank=True, unique=True),
),
migrations.AddField(
model_name='post',
name='slug',
field=models.SlugField(blank=True, unique=True),
),
]

0
backend/content/migrations/__init__.py Normal file
View File

BIN
backend/content/migrations/__pycache__/0001_initial.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/migrations/__pycache__/0002_initial.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/migrations/__pycache__/0002_initial_categories.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/migrations/__pycache__/0003_uploadedimage.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/migrations/__pycache__/0004_merge_0002_initial_categories_0003_uploadedimage.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/migrations/__pycache__/0005_tag_page_tags_post_tags.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/migrations/__pycache__/0006_page_slug_post_slug.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/migrations/__pycache__/0007_alter_page_slug_alter_post_slug.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/content/migrations/__pycache__/__init__.cpython-313.pyc Normal file
View File

Binary file not shown.

88
backend/content/models.py Normal file
View File

@ -0,0 +1,88 @@
from django.db import models
from users.models import User
from django.conf import settings
from django.utils import timezone
from django.core.validators import FileExtensionValidator
class Category(models.Model):
name = models.CharField(max_length=255)
slug = models.SlugField(unique=True)
def __str__(self):
return self.name
class AbstractContent(models.Model):
STATUS_CHOICES = (
('draft', 'Draft'),
('pending', 'Pending Review'),
('published', 'Published'),
)
title = models.CharField(max_length=255)
slug = models.SlugField(unique=True, blank=True)
content = models.TextField()
status = models.CharField(max_length=10, choices=STATUS_CHOICES, default='draft')
author = models.ForeignKey(User, on_delete=models.CASCADE)
created_at = models.DateTimeField(auto_now_add=True)
updated_at = models.DateTimeField(auto_now=True)
category = models.ForeignKey('Category', on_delete=models.CASCADE)
tags = models.ManyToManyField('Tag', blank=True)
class Meta:
abstract = True
def __str__(self):
return self.title
class Post(AbstractContent):
pass
class Page(AbstractContent):
pass
class Comment(models.Model):
content = models.TextField(max_length=2000)
approved = models.BooleanField(default=False)
author = models.ForeignKey(User, on_delete=models.CASCADE)
post = models.ForeignKey(Post, null=True, blank=True, on_delete=models.CASCADE)
page = models.ForeignKey(Page, null=True, blank=True, on_delete=models.CASCADE)
created_at = models.DateTimeField(auto_now_add=True)
class UploadedImage(models.Model):
user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
image = models.ImageField(
upload_to='uploads/%Y/%m/%d/',
validators=[FileExtensionValidator(allowed_extensions=['jpg', 'jpeg', 'png', 'gif', 'webp'])]
)
title = models.CharField(max_length=255)
uploaded_at = models.DateTimeField(auto_now_add=True)
file_size = models.PositiveIntegerField() # Size in bytes
class Meta:
ordering = ['-uploaded_at']
def __str__(self):
return f"{self.title} - {self.user.username}"
@property
def url(self):
return self.image.url if self.image else None
def save(self, *args, **kwargs):
if not self.file_size and self.image:
self.file_size = self.image.size
super().save(*args, **kwargs)
@classmethod
def get_user_daily_upload_size(cls, user):
today = timezone.now().date()
tomorrow = today + timezone.timedelta(days=1)
return cls.objects.filter(
user=user,
uploaded_at__gte=today,
uploaded_at__lt=tomorrow
).aggregate(total_size=models.Sum('file_size'))['total_size'] or 0
class Tag(models.Model):
name = models.CharField(max_length=255)
slug = models.SlugField(unique=True)
def __str__(self):
return self.name

115
backend/content/serializers.py Normal file
View File

@ -0,0 +1,115 @@
from rest_framework import serializers
from .models import Post, Comment, Page, Category, UploadedImage, Tag
from users.models import User
class TagSerializer(serializers.ModelSerializer):
class Meta:
model = Tag
fields = ['id', 'name', 'slug']
read_only_fields = ['id']
class CategorySerializer(serializers.ModelSerializer):
class Meta:
model = Category
fields = ['id', 'name', 'slug']
read_only_fields = ['id']
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['id', 'username', 'first_name', 'last_name']
read_only_fields = ['id']
class CommentSerializer(serializers.ModelSerializer):
author = UserSerializer(read_only=True)
class Meta:
model = Comment
fields = ['id', 'content', 'author', 'post', 'page', 'approved', 'created_at']
read_only_fields = ['id', 'created_at', 'author']
class PostSerializer(serializers.ModelSerializer):
author = UserSerializer(read_only=True)
category = CategorySerializer(read_only=True)
category_id = serializers.PrimaryKeyRelatedField(
queryset=Category.objects.all(),
source='category',
write_only=True
)
comments = CommentSerializer(many=True, read_only=True)
tags = TagSerializer(many=True, read_only=True)
tag_ids = serializers.PrimaryKeyRelatedField(
queryset=Tag.objects.all(),
source='tags',
many=True,
write_only=True,
required=False
)
slug = serializers.SlugField(required=True)
class Meta:
model = Post
fields = [
'id', 'title', 'content', 'status', 'author',
'category', 'category_id', 'comments',
'created_at', 'updated_at', 'tags', 'tag_ids', 'slug'
]
read_only_fields = ['id', 'created_at', 'updated_at', 'author', 'slug']
lookup_field = 'slug'
extra_kwargs = {
'url': {'lookup_field': 'slug'}
}
class PageSerializer(serializers.ModelSerializer):
author = UserSerializer(read_only=True)
category = CategorySerializer(read_only=True)
category_id = serializers.PrimaryKeyRelatedField(
queryset=Category.objects.all(),
source='category',
write_only=True
)
comments = CommentSerializer(many=True, read_only=True)
slug = serializers.SlugField(required=True)
class Meta:
model = Page
fields = [
'id', 'title', 'content', 'status', 'author',
'category', 'category_id', 'comments',
'created_at', 'updated_at', 'slug'
]
read_only_fields = ['id', 'created_at', 'updated_at', 'author', 'slug']
lookup_field = 'slug'
extra_kwargs = {
'url': {'lookup_field': 'slug'}
}
class UploadedImageSerializer(serializers.ModelSerializer):
url = serializers.SerializerMethodField()
file_size_display = serializers.SerializerMethodField()
image = serializers.ImageField(required=True)
class Meta:
model = UploadedImage
fields = ['id', 'title', 'image', 'url', 'uploaded_at', 'file_size', 'file_size_display']
read_only_fields = ['file_size', 'uploaded_at', 'url']
def get_url(self, obj):
request = self.context.get('request')
if obj.image and hasattr(obj.image, 'url'):
return request.build_absolute_uri(obj.image.url) if request else obj.image.url
return None
def get_file_size_display(self, obj):
"""Convert bytes to human readable format"""
for unit in ['B', 'KB', 'MB', 'GB']:
if obj.file_size < 1024.0:
return f"{obj.file_size:.1f} {unit}"
obj.file_size /= 1024.0
return f"{obj.file_size:.1f} TB"
def validate_image(self, value):
if not value:
raise serializers.ValidationError("Image file is required.")
return value

3
backend/content/tests.py Normal file
View File

@ -0,0 +1,3 @@
from django.test import TestCase
# Create your tests here.

14
backend/content/urls.py Normal file
View File

@ -0,0 +1,14 @@
from rest_framework.routers import DefaultRouter
from django.urls import path, include
from .views import PostViewSet, CommentViewSet, PageViewSet, CategoryViewSet, UploadedImageViewSet, TagViewSet
router = DefaultRouter()
router.register(r'posts', PostViewSet, basename='post')
router.register(r'comments', CommentViewSet, basename='comment')
router.register(r'pages', PageViewSet, basename='page')
router.register(r'categories', CategoryViewSet, basename='category')
router.register(r'images', UploadedImageViewSet, basename='image')
router.register(r'tags', TagViewSet, basename='tag')
urlpatterns = [
path('', include(router.urls)),
]

202
backend/content/views.py Normal file
View File

@ -0,0 +1,202 @@
from rest_framework import viewsets, status, filters
from rest_framework.response import Response
from rest_framework.decorators import action
from django_filters.rest_framework import DjangoFilterBackend
from .models import Post, Comment, Page, Category, UploadedImage, Tag
from .serializers import PostSerializer, CommentSerializer, PageSerializer, CategorySerializer, UploadedImageSerializer, TagSerializer
from users.permissions import IsAuthorOrReadOnly, IsEditorOrAdmin
from rest_framework.permissions import IsAuthenticatedOrReadOnly
from rest_framework.parsers import MultiPartParser, FormParser
from django.conf import settings
from rest_framework import serializers
class PostViewSet(viewsets.ModelViewSet):
"""
API endpoint for managing blog posts.
list:
Return a list of all posts. Results can be filtered by:
- status (draft/pending/published)
- author
- category
- created_at (date range)
create:
Create a new post. Requires authentication and appropriate permissions.
retrieve:
Return the details of a specific post by ID.
update:
Update all fields of a specific post. Requires authentication and appropriate permissions.
partial_update:
Update one or more fields of a specific post. Requires authentication and appropriate permissions.
destroy:
Delete a specific post. Requires authentication and appropriate permissions.
"""
queryset = Post.objects.all()
serializer_class = PostSerializer
permission_classes = [IsAuthorOrReadOnly]
filter_backends = [DjangoFilterBackend, filters.SearchFilter, filters.OrderingFilter]
filterset_fields = ['status', 'author', 'category']
search_fields = ['title', 'content']
ordering_fields = ['created_at', 'updated_at', 'title']
ordering = ['-created_at']
lookup_field = 'slug'
def perform_create(self, serializer):
serializer.save(author=self.request.user)
def get_queryset(self):
queryset = Post.objects.all()
if not self.request.user.is_authenticated:
queryset = queryset.filter(status='published')
elif not self.request.user.role in ['admin', 'moderator']:
queryset = queryset.filter(
status='published'
) | Post.objects.filter(
author=self.request.user
)
return queryset
def perform_update(self, serializer):
print(serializer.validated_data)
return super().perform_update(serializer)
class CommentViewSet(viewsets.ModelViewSet):
"""
API endpoint for managing comments on posts and pages.
list:
Return a list of all comments. Results can be filtered by:
- post_id
- page_id
- author
- approved status
create:
Create a new comment. Requires authentication.
retrieve:
Return the details of a specific comment by ID.
update:
Update all fields of a specific comment. Requires authentication and appropriate permissions.
partial_update:
Update one or more fields of a specific comment. Requires authentication and appropriate permissions.
destroy:
Delete a specific comment. Requires authentication and appropriate permissions.
"""
queryset = Comment.objects.all()
serializer_class = CommentSerializer
permission_classes = [IsAuthorOrReadOnly]
filter_backends = [DjangoFilterBackend, filters.OrderingFilter]
filterset_fields = ['post', 'page', 'author', 'approved']
ordering_fields = ['created_at']
ordering = ['-created_at']
def perform_create(self, serializer):
serializer.save(author=self.request.user)
def get_queryset(self):
queryset = Comment.objects.all()
if not self.request.user.is_authenticated:
queryset = queryset.filter(approved=True)
elif not self.request.user.role in ['admin', 'moderator']:
queryset = queryset.filter(
approved=True
) | Comment.objects.filter(
author=self.request.user
)
return queryset
class PageViewSet(viewsets.ModelViewSet):
queryset = Page.objects.all()
serializer_class = PageSerializer
permission_classes = [IsEditorOrAdmin]
filter_backends = [DjangoFilterBackend, filters.SearchFilter, filters.OrderingFilter]
filterset_fields = ['status', 'author', 'category']
search_fields = ['title', 'content']
ordering_fields = ['created_at', 'updated_at', 'title']
ordering = ['-created_at']
def perform_create(self, serializer):
serializer.save(author=self.request.user)
def get_queryset(self):
queryset = Page.objects.all()
if not self.request.user.is_authenticated:
queryset = queryset.filter(status='published')
elif not self.request.user.role in ['admin', 'moderator']:
queryset = queryset.filter(
status='published'
) | Page.objects.filter(
author=self.request.user
)
return queryset
class CategoryViewSet(viewsets.ModelViewSet):
queryset = Category.objects.all()
serializer_class = CategorySerializer
permission_classes = [IsAuthenticatedOrReadOnly]
filter_backends = [filters.SearchFilter]
search_fields = ['name', 'slug']
def get_queryset(self):
return Category.objects.all()
class UploadedImageViewSet(viewsets.ModelViewSet):
serializer_class = UploadedImageSerializer
parser_classes = (MultiPartParser, FormParser)
def get_queryset(self):
return UploadedImage.objects.filter(user=self.request.user)
def get_serializer_context(self):
context = super().get_serializer_context()
context['request'] = self.request
return context
def perform_create(self, serializer):
# Check daily upload quota (5MB = 5 * 1024 * 1024 bytes)
DAILY_UPLOAD_LIMIT = 5 * 1024 * 1024 # 5MB in bytes
# Get current daily upload size
current_size = UploadedImage.get_user_daily_upload_size(self.request.user)
file_size = self.request.FILES['image'].size
# Check if upload would exceed daily limit
if current_size + file_size > DAILY_UPLOAD_LIMIT:
raise serializers.ValidationError({
'image': 'Daily upload limit (5MB) exceeded. Please try again tomorrow.'
})
try:
instance = serializer.save(user=self.request.user, file_size=file_size)
except Exception as e:
raise
@action(detail=False, methods=['get'])
def quota(self, request):
DAILY_UPLOAD_LIMIT = 5 * 1024 * 1024 # 5MB in bytes
current_size = UploadedImage.get_user_daily_upload_size(request.user)
remaining = max(0, DAILY_UPLOAD_LIMIT - current_size)
return Response({
'daily_limit': DAILY_UPLOAD_LIMIT,
'used': current_size,
'remaining': remaining,
'daily_limit_display': f"{DAILY_UPLOAD_LIMIT / (1024 * 1024):.1f}MB",
'used_display': f"{current_size / (1024 * 1024):.1f}MB",
'remaining_display': f"{remaining / (1024 * 1024):.1f}MB"
})
class TagViewSet(viewsets.ModelViewSet):
queryset = Tag.objects.all()
serializer_class = TagSerializer
permission_classes = [IsAuthenticatedOrReadOnly]
filter_backends = [filters.SearchFilter]
search_fields = ['name', 'slug']

0
backend/core/__init__.py Normal file
View File

BIN
backend/core/__pycache__/__init__.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/core/__pycache__/admin.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/core/__pycache__/apps.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/core/__pycache__/models.cpython-313.pyc Normal file
View File

Binary file not shown.

3
backend/core/admin.py Normal file
View File

@ -0,0 +1,3 @@
from django.contrib import admin
# Register your models here.

6
backend/core/apps.py Normal file
View File

@ -0,0 +1,6 @@
from django.apps import AppConfig
class CoreConfig(AppConfig):
default_auto_field = 'django.db.models.BigAutoField'
name = 'core'

0
backend/core/migrations/__init__.py Normal file
View File

BIN
backend/core/migrations/__pycache__/__init__.cpython-313.pyc Normal file
View File

Binary file not shown.

3
backend/core/models.py Normal file
View File

@ -0,0 +1,3 @@
from django.db import models
# Create your models here.

60
backend/core/settings.py Normal file
View File

@ -0,0 +1,60 @@
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'rest_framework_simplejwt',
'rest_framework_simplejwt.token_blacklist',
'corsheaders',
'django_filters',
'users',
'content',
]
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework_simplejwt.authentication.JWTAuthentication',
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
],
'DEFAULT_FILTER_BACKENDS': [
'django_filters.rest_framework.DjangoFilterBackend',
'rest_framework.filters.SearchFilter',
'rest_framework.filters.OrderingFilter',
],
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
'PAGE_SIZE': 10
}
from datetime import timedelta
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=60),
'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
'ROTATE_REFRESH_TOKENS': True,
'BLACKLIST_AFTER_ROTATION': True,
'UPDATE_LAST_LOGIN': False,
'ALGORITHM': 'HS256',
'SIGNING_KEY': SECRET_KEY,
'VERIFYING_KEY': None,
'AUDIENCE': None,
'ISSUER': None,
'JWK_URL': None,
'LEEWAY': 0,
'AUTH_HEADER_TYPES': ('Bearer',),
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
'USER_ID_FIELD': 'id',
'USER_ID_CLAIM': 'user_id',
'USER_AUTHENTICATION_RULE': 'rest_framework_simplejwt.authentication.default_user_authentication_rule',
'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
'TOKEN_TYPE_CLAIM': 'token_type',
'TOKEN_USER_CLASS': 'rest_framework_simplejwt.models.TokenUser',
'JTI_CLAIM': 'jti',
}

3
backend/core/tests.py Normal file
View File

@ -0,0 +1,3 @@
from django.test import TestCase
# Create your tests here.

3
backend/core/views.py Normal file
View File

@ -0,0 +1,3 @@
from django.shortcuts import render
# Create your views here.

BIN
backend/db.sqlite3 Normal file
View File

Binary file not shown.

0
backend/izaac2backend/__init__.py Normal file
View File

BIN
backend/izaac2backend/__pycache__/__init__.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/izaac2backend/__pycache__/settings.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/izaac2backend/__pycache__/urls.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/izaac2backend/__pycache__/wsgi.cpython-313.pyc Normal file
View File

Binary file not shown.

16
backend/izaac2backend/asgi.py Normal file
View File

@ -0,0 +1,16 @@
"""
ASGI config for izaac2backend project.
It exposes the ASGI callable as a module-level variable named ``application``.
For more information on this file, see
https://docs.djangoproject.com/en/5.2/howto/deployment/asgi/
"""
import os
from django.core.asgi import get_asgi_application
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'izaac2backend.settings')
application = get_asgi_application()

290
backend/izaac2backend/settings.py Normal file
View File

@ -0,0 +1,290 @@
"""
Django settings for izaac2backend project.
Generated by 'django-admin startproject' using Django 5.2.
For more information on this file, see
https://docs.djangoproject.com/en/5.2/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/5.2/ref/settings/
"""
from pathlib import Path
from datetime import timedelta
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent
# Custom user model
AUTH_USER_MODEL = 'users.User'
# Frontend URL for password reset links
FRONTEND_URL = 'http://localhost:5173' # Vite default port
# Email Configuration
if DEBUG:
# Development email settings (console backend)
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
DEFAULT_FROM_EMAIL = 'noreply@izaac.com'
else:
# Production email settings (SMTP backend)
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.gmail.com' # Or your SMTP server
EMAIL_PORT = 587
EMAIL_USE_TLS = True
EMAIL_HOST_USER = '' # Your email address
EMAIL_HOST_PASSWORD = '' # Your email password or app-specific password
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/5.2/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'django-insecure-^+2p2e93g2_1h-@u&l&j+(9n&6z02-e$pirm6(@@(4$+-zyhxr'
ALLOWED_HOSTS = []
CORS_ALLOWED_ORIGINS = [
"http://localhost:5173",
"http://127.0.0.1:5173",
]
CORS_ALLOW_CREDENTIALS = True
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
'DEFAULT_RENDERER_CLASSES': (
'rest_framework.renderers.JSONRenderer',
'rest_framework.renderers.BrowsableAPIRenderer',
),
}
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=30),
'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
'ROTATE_REFRESH_TOKENS': True,
'BLACKLIST_AFTER_ROTATION': True,
'UPDATE_LAST_LOGIN': False,
'ALGORITHM': 'HS256',
'SIGNING_KEY': SECRET_KEY,
'VERIFYING_KEY': None,
'AUDIENCE': None,
'ISSUER': None,
'JWK_URL': None,
'LEEWAY': 0,
'AUTH_HEADER_TYPES': ('Bearer',),
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
'USER_ID_FIELD': 'id',
'USER_ID_CLAIM': 'user_id',
'USER_AUTHENTICATION_RULE': 'rest_framework_simplejwt.authentication.default_user_authentication_rule',
'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
'TOKEN_TYPE_CLAIM': 'token_type',
'TOKEN_USER_CLASS': 'rest_framework_simplejwt.models.TokenUser',
'JTI_CLAIM': 'jti',
}
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'drf_spectacular',
'corsheaders',
'rest_framework_simplejwt',
'rest_framework_simplejwt.token_blacklist',
'core',
'users',
'content',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'izaac2backend.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'izaac2backend.wsgi.application'
# Database
# https://docs.djangoproject.com/en/5.2/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'db.sqlite3',
}
}
# Password validation
# https://docs.djangoproject.com/en/5.2/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/5.2/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/5.2/howto/static-files/
STATIC_URL = 'static/'
# Default primary key field type
# https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
# Add Spectacular settings
SPECTACULAR_SETTINGS = {
'TITLE': 'Izaac API',
'DESCRIPTION': '''
API for Izaac platform - A content management system with user authentication.
## Authentication
This API uses JWT (JSON Web Token) for authentication. To authenticate:
1. Use the `/api/v1/users/login/` endpoint to get your access and refresh tokens
2. Include the access token in the Authorization header: `Bearer <your_access_token>`
3. When the access token expires, use the refresh token to get a new one via `/api/v1/users/refresh/`
## Rate Limiting
API requests are limited to 100 requests per minute per IP address.
''',
'VERSION': '1.0.0',
'SERVE_INCLUDE_SCHEMA': False,
'SWAGGER_UI_SETTINGS': {
'deepLinking': True,
'persistAuthorization': True,
'displayOperationId': True,
'filter': True,
'syntaxHighlight.activate': True,
'syntaxHighlight.theme': 'monokai',
},
'COMPONENT_SPLIT_REQUEST': True,
'TAGS': [
{
'name': 'users',
'description': 'User management endpoints including authentication and user operations'
},
{
'name': 'content',
'description': 'Content management endpoints for posts, comments, and other content types'
}
],
'SECURITY': [{'jwtAuth': []}],
'SECURITY_DEFINITIONS': {
'jwtAuth': {
'type': 'http',
'scheme': 'bearer',
'bearerFormat': 'JWT',
'description': 'JWT token obtained from the login endpoint'
}
},
'SERVE_AUTHENTICATION': None, # Allow public access to documentation
'SERVE_PERMISSIONS': ['rest_framework.permissions.AllowAny'], # Allow public access to documentation
'APPEND_COMPONENTS': {
'securitySchemes': {
'jwtAuth': {
'type': 'http',
'scheme': 'bearer',
'bearerFormat': 'JWT',
'description': 'JWT token obtained from the login endpoint'
}
}
},
'PREPROCESSING_HOOKS': [],
'POSTPROCESSING_HOOKS': [],
'SORT_OPERATIONS': True,
'SORT_OPERATION_PARAMETERS': True,
'ENUM_NAME_OVERRIDES': {
'StatusEnum': 'content.models.AbstractContent.STATUS_CHOICES'
},
'GENERATOR_CLASS': 'drf_spectacular.generators.SchemaGenerator',
'GENERATOR_CLASS_KWARGS': {
'servers': [
{'url': 'http://localhost:8000', 'description': 'Local development server'},
{'url': 'https://api.izaac.com', 'description': 'Production server'}
]
}
}
# Add CORS settings
CORS_ALLOWED_ORIGINS = [
"http://localhost:5173", # Vite default port
"http://127.0.0.1:5173",
]
CORS_ALLOW_CREDENTIALS = True
# Media files (Uploads)
MEDIA_URL = '/media/'
MEDIA_ROOT = BASE_DIR / 'media'
# Maximum upload size (5MB)
MAX_UPLOAD_SIZE = 5 * 1024 * 1024 # 5MB in bytes

37
backend/izaac2backend/urls.py Normal file
View File

@ -0,0 +1,37 @@
"""
URL configuration for izaac2backend project.
The `urlpatterns` list routes URLs to views. For more information please see:
https://docs.djangoproject.com/en/5.2/topics/http/urls/
Examples:
Function views
1. Add an import: from my_app import views
2. Add a URL to urlpatterns: path('', views.home, name='home')
Class-based views
1. Add an import: from other_app.views import Home
2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
Including another URLconf
1. Import the include() function: from django.urls import include, path
2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path, include
from django.conf import settings
from django.conf.urls.static import static
from drf_spectacular.views import SpectacularAPIView, SpectacularSwaggerView, SpectacularRedocView
from rest_framework.permissions import AllowAny
urlpatterns = [
path('admin/', admin.site.urls),
path('api/users/', include('users.urls')),
path('api/content/', include('content.urls')),
# path('api/v1/core/', include('core.urls')),
# API Documentation URLs
path('api/schema/', SpectacularAPIView.as_view(permission_classes=[AllowAny]), name='schema'),
path('api/docs/', SpectacularSwaggerView.as_view(url_name='schema', permission_classes=[AllowAny]), name='swagger-ui'),
path('api/redoc/', SpectacularRedocView.as_view(url_name='schema', permission_classes=[AllowAny]), name='redoc'),
]
if settings.DEBUG:
urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

16
backend/izaac2backend/wsgi.py Normal file
View File

@ -0,0 +1,16 @@
"""
WSGI config for izaac2backend project.
It exposes the WSGI callable as a module-level variable named ``application``.
For more information on this file, see
https://docs.djangoproject.com/en/5.2/howto/deployment/wsgi/
"""
import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'izaac2backend.settings')
application = get_wsgi_application()

22
backend/manage.py Executable file
View File

@ -0,0 +1,22 @@
#!/usr/bin/env python
"""Django's command-line utility for administrative tasks."""
import os
import sys
def main():
"""Run administrative tasks."""
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'izaac2backend.settings')
try:
from django.core.management import execute_from_command_line
except ImportError as exc:
raise ImportError(
"Couldn't import Django. Are you sure it's installed and "
"available on your PYTHONPATH environment variable? Did you "
"forget to activate a virtual environment?"
) from exc
execute_from_command_line(sys.argv)
if __name__ == '__main__':
main()

BIN
backend/media/uploads/2025/05/01/471172126_884840823863129_7481652073453829414_n.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 55 KiB

BIN
backend/media/uploads/2025/05/10/1655072459464.jpeg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 108 KiB

8
backend/requirements.txt Normal file
View File

@ -0,0 +1,8 @@
Django==4.2.0
djangorestframework>=3.14.0
django-cors-headers>=4.3.0
django-filter>=23.5
python-dotenv>=1.0.0
psycopg2-binary>=2.9.9
Pillow>=10.0.0
djangorestframework-simplejwt>=5.3.0

0
backend/users/__init__.py Normal file
View File

BIN
backend/users/__pycache__/__init__.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/__pycache__/admin.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/__pycache__/apps.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/__pycache__/models.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/__pycache__/permissions.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/__pycache__/serializers.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/__pycache__/urls.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/__pycache__/views.cpython-313.pyc Normal file
View File

Binary file not shown.

3
backend/users/admin.py Normal file
View File

@ -0,0 +1,3 @@
from django.contrib import admin
# Register your models here.

6
backend/users/apps.py Normal file
View File

@ -0,0 +1,6 @@
from django.apps import AppConfig
class UsersConfig(AppConfig):
default_auto_field = 'django.db.models.BigAutoField'
name = 'users'

62
backend/users/migrations/0001_initial.py Normal file
View File

@ -0,0 +1,62 @@
# Generated by Django 4.2 on 2025-05-01 18:16
from django.conf import settings
import django.contrib.auth.models
import django.contrib.auth.validators
from django.db import migrations, models
import django.db.models.deletion
import django.utils.timezone
class Migration(migrations.Migration):
initial = True
dependencies = [
('auth', '0012_alter_user_first_name_max_length'),
]
operations = [
migrations.CreateModel(
name='User',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('password', models.CharField(max_length=128, verbose_name='password')),
('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
('role', models.CharField(choices=[('admin', 'Admin'), ('moderator', 'Moderator'), ('user', 'User')], default='user', max_length=10)),
('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to.', related_name='custom_user_set', to='auth.group', verbose_name='groups')),
('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='custom_user_set', to='auth.permission', verbose_name='user permissions')),
],
options={
'verbose_name': 'user',
'verbose_name_plural': 'users',
'abstract': False,
},
managers=[
('objects', django.contrib.auth.models.UserManager()),
],
),
migrations.CreateModel(
name='PasswordResetToken',
fields=[
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('token', models.CharField(max_length=100, unique=True)),
('created_at', models.DateTimeField(auto_now_add=True)),
('expires_at', models.DateTimeField()),
('used', models.BooleanField(default=False)),
('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
],
options={
'verbose_name': 'Password Reset Token',
'verbose_name_plural': 'Password Reset Tokens',
},
),
]

0
backend/users/migrations/__init__.py Normal file
View File

BIN
backend/users/migrations/__pycache__/0001_initial.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/migrations/__pycache__/0002_passwordresettoken.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/migrations/__pycache__/0002_token_blacklist.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/migrations/__pycache__/0003_alter_passwordresettoken_token_alter_user_role.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/migrations/__pycache__/0003_merge_0002_passwordresettoken_0002_token_blacklist.cpython-313.pyc Normal file
View File

Binary file not shown.

BIN
backend/users/migrations/__pycache__/__init__.cpython-313.pyc Normal file
View File

Binary file not shown.

57
backend/users/models.py Normal file
View File

@ -0,0 +1,57 @@
from django.db import models
from django.contrib.auth.models import AbstractUser
from django.utils import timezone
import secrets
import string
# Create your models here.
class User(AbstractUser):
ROLES = (
('admin', 'Admin'),
('moderator', 'Moderator'),
('user', 'User'),
)
role = models.CharField(max_length=10, choices=ROLES, default='user')
# Add related_name to resolve clashes
groups = models.ManyToManyField(
'auth.Group',
related_name='custom_user_set',
blank=True,
help_text='The groups this user belongs to.',
verbose_name='groups',
)
user_permissions = models.ManyToManyField(
'auth.Permission',
related_name='custom_user_set',
blank=True,
help_text='Specific permissions for this user.',
verbose_name='user permissions',
)
def __str__(self):
return self.username
class PasswordResetToken(models.Model):
user = models.ForeignKey(User, on_delete=models.CASCADE)
token = models.CharField(max_length=100, unique=True)
created_at = models.DateTimeField(auto_now_add=True)
expires_at = models.DateTimeField()
used = models.BooleanField(default=False)
def save(self, *args, **kwargs):
if not self.token:
# Generate a random token
alphabet = string.ascii_letters + string.digits
self.token = ''.join(secrets.choice(alphabet) for _ in range(64))
super().save(*args, **kwargs)
def is_valid(self):
return (
not self.used and
self.expires_at > timezone.now()
)
class Meta:
verbose_name = 'Password Reset Token'
verbose_name_plural = 'Password Reset Tokens'

17
backend/users/permissions.py Normal file
View File

@ -0,0 +1,17 @@
from rest_framework.permissions import BasePermission, SAFE_METHODS
class IsAuthorOrReadOnly(BasePermission):
"""
Pozwala edytować tylko własny wpis/komentarz.
"""
def has_object_permission(self, request, view, obj):
if request.method in SAFE_METHODS:
return True
return obj.author == request.user
class IsEditorOrAdmin(BasePermission):
"""
Pozwala publikować treści tylko edytorom lub adminom.
"""
def has_permission(self, request, view):
return request.user.is_authenticated and request.user.role in ['admin', 'editor']

66
backend/users/serializers.py Normal file
View File

@ -0,0 +1,66 @@
from rest_framework import serializers
from django.contrib.auth import get_user_model
from django.contrib.auth.password_validation import validate_password
from django.core.exceptions import ValidationError
from .models import PasswordResetToken
User = get_user_model()
class UserRegistrationSerializer(serializers.ModelSerializer):
password = serializers.CharField(write_only=True, required=True, validators=[validate_password])
password2 = serializers.CharField(write_only=True, required=True)
class Meta:
model = User
fields = ('username', 'password', 'password2', 'email', 'first_name', 'last_name', 'role')
extra_kwargs = {
'first_name': {'required': True},
'last_name': {'required': True},
'email': {'required': True},
'role': {'default': 'user'}
}
def validate(self, attrs):
if attrs['password'] != attrs['password2']:
raise serializers.ValidationError({"password": "Password fields didn't match."})
return attrs
def create(self, validated_data):
validated_data.pop('password2')
user = User.objects.create_user(**validated_data)
return user
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ('id', 'username', 'email', 'first_name', 'last_name', 'role')
read_only_fields = ('role', 'is_staff', 'is_active', 'is_superuser', 'date_joined', 'last_login', 'groups', 'user_permissions', 'id')
class ResetPasswordSerializer(serializers.Serializer):
email = serializers.EmailField(required=True)
def validate_email(self, value):
try:
User.objects.get(email=value)
except User.DoesNotExist:
# Don't reveal that the email doesn't exist
pass
return value
class ResetPasswordConfirmSerializer(serializers.Serializer):
token = serializers.UUIDField(required=True)
new_password = serializers.CharField(write_only=True, required=True, validators=[validate_password])
confirm_password = serializers.CharField(write_only=True, required=True)
def validate(self, attrs):
if attrs['new_password'] != attrs['confirm_password']:
raise serializers.ValidationError({"new_password": "Password fields didn't match."})
try:
reset_token = PasswordResetToken.objects.get(token=attrs['token'])
if not reset_token.is_valid():
raise serializers.ValidationError({"token": "Invalid or expired token."})
except PasswordResetToken.DoesNotExist:
raise serializers.ValidationError({"token": "Invalid token."})
return attrs

3
backend/users/tests.py Normal file
View File

@ -0,0 +1,3 @@
from django.test import TestCase
# Create your tests here.

22
backend/users/urls.py Normal file
View File

@ -0,0 +1,22 @@
from django.urls import path
from rest_framework_simplejwt.views import (
TokenObtainPairView,
TokenRefreshView,
)
from .views import (
RegisterView,
UserDetailView,
ChangePasswordView,
ResetPasswordView,
ResetPasswordConfirmView,
)
urlpatterns = [
path('login/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
path('refresh/', TokenRefreshView.as_view(), name='token_refresh'),
path('register/', RegisterView.as_view(), name='register'),
path('me/', UserDetailView.as_view(), name='user-detail'),
path('change-password/', ChangePasswordView.as_view(), name='change-password'),
path('reset-password/', ResetPasswordView.as_view(), name='reset-password'),
path('reset-password/confirm/', ResetPasswordConfirmView.as_view(), name='reset-password-confirm'),
]

174
backend/users/views.py Normal file
View File

@ -0,0 +1,174 @@
from django.shortcuts import render
from rest_framework import generics, status
from rest_framework.response import Response
from rest_framework.permissions import AllowAny, IsAdminUser, IsAuthenticated
from rest_framework.views import APIView
from django.contrib.auth import get_user_model
from django.contrib.auth.password_validation import validate_password
from django.core.exceptions import ValidationError
from django.utils import timezone
from datetime import timedelta
from django.core.mail import send_mail
from django.conf import settings
from .serializers import UserRegistrationSerializer, UserSerializer, ResetPasswordSerializer, ResetPasswordConfirmSerializer
from .models import User, PasswordResetToken
import secrets
import string
User = get_user_model()
# Create your views here.
class RegisterView(generics.CreateAPIView):
"""
API endpoint for user registration.
create:
Register a new user with the following fields:
- username (required)
- password (required)
- password2 (required, must match password)
- email (required)
- first_name (required)
- last_name (required)
- role (optional, defaults to 'user')
"""
permission_classes = (AllowAny,)
serializer_class = UserRegistrationSerializer
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
self.perform_create(serializer)
headers = self.get_success_headers(serializer.data)
return Response(
{"message": "User registered successfully. Please login to continue."},
status=status.HTTP_201_CREATED,
headers=headers
)
class UserViewSet(generics.ListAPIView):
"""
API endpoint for viewing and editing users.
"""
queryset = User.objects.all()
serializer_class = UserSerializer
permission_classes = [IsAdminUser]
class UserDetailView(generics.RetrieveUpdateAPIView):
"""
API endpoint for retrieving and updating the current user's data.
"""
serializer_class = UserSerializer
permission_classes = [IsAuthenticated]
def get_object(self):
return self.request.user
def update(self, request, *args, **kwargs):
partial = kwargs.pop('partial', False)
instance = self.get_object()
serializer = self.get_serializer(instance, data=request.data, partial=partial)
serializer.is_valid(raise_exception=True)
self.perform_update(serializer)
return Response(serializer.data)
class ChangePasswordView(APIView):
"""
API endpoint for changing user password.
"""
permission_classes = [IsAuthenticated]
def post(self, request):
user = request.user
old_password = request.data.get('old_password')
new_password = request.data.get('new_password')
if not old_password or not new_password:
return Response(
{"detail": "Both old and new password are required."},
status=status.HTTP_400_BAD_REQUEST
)
if not user.check_password(old_password):
return Response(
{"detail": "Current password is incorrect."},
status=status.HTTP_400_BAD_REQUEST
)
try:
validate_password(new_password, user)
except ValidationError as e:
return Response(
{"detail": list(e.messages)},
status=status.HTTP_400_BAD_REQUEST
)
user.set_password(new_password)
user.save()
return Response(
{"detail": "Password successfully updated."},
status=status.HTTP_200_OK
)
class ResetPasswordView(generics.GenericAPIView):
permission_classes = [AllowAny]
serializer_class = ResetPasswordSerializer
def post(self, request):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
email = serializer.validated_data['email']
try:
user = User.objects.get(email=email)
# Create a new reset token
token = PasswordResetToken.objects.create(
user=user,
expires_at=timezone.now() + timedelta(hours=24)
)
# Send reset email
reset_url = f"{settings.FRONTEND_URL}/reset-password/{token.token}"
send_mail(
'Password Reset Request',
f'Click the following link to reset your password: {reset_url}',
settings.DEFAULT_FROM_EMAIL,
[email],
fail_silently=False,
)
return Response({
'detail': 'If an account exists with this email, you will receive password reset instructions.'
}, status=status.HTTP_200_OK)
except User.DoesNotExist:
# Don't reveal that the email doesn't exist
return Response({
'detail': 'If an account exists with this email, you will receive password reset instructions.'
}, status=status.HTTP_200_OK)
class ResetPasswordConfirmView(generics.GenericAPIView):
permission_classes = [AllowAny]
serializer_class = ResetPasswordConfirmSerializer
def post(self, request):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
token = serializer.validated_data['token']
new_password = serializer.validated_data['new_password']
reset_token = PasswordResetToken.objects.get(token=token)
user = reset_token.user
# Update password
user.set_password(new_password)
user.save()
# Mark token as used
reset_token.used = True
reset_token.save()
return Response({
'detail': 'Password has been reset successfully.'
}, status=status.HTTP_200_OK)

56
frontend/README.md Normal file
View File

@ -0,0 +1,56 @@
# React + TypeScript + Vite
This template provides a minimal setup to get React working in Vite with HMR and some ESLint rules.
Currently, two official plugins are available:
- [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react) uses [Babel](https://babeljs.io/) for Fast Refresh
- [@vitejs/plugin-react-swc](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react-swc) uses [SWC](https://swc.rs/) for Fast Refresh
## Expanding the ESLint configuration
If you are developing a production application, we recommend updating the configuration to enable type-aware lint rules:
```js
export default tseslint.config({
extends: [
// Remove ...tseslint.configs.recommended and replace with this
...tseslint.configs.recommendedTypeChecked,
// Alternatively, use this for stricter rules
...tseslint.configs.strictTypeChecked,
// Optionally, add this for stylistic rules
...tseslint.configs.stylisticTypeChecked,
],
languageOptions: {
// other options...
parserOptions: {
project: ['./tsconfig.node.json', './tsconfig.app.json'],
tsconfigRootDir: import.meta.dirname,
},
},
})
```
You can also install [eslint-plugin-react-x](https://github.com/Rel1cx/eslint-react/tree/main/packages/plugins/eslint-plugin-react-x) and [eslint-plugin-react-dom](https://github.com/Rel1cx/eslint-react/tree/main/packages/plugins/eslint-plugin-react-dom) for React-specific lint rules:
```js
// eslint.config.js
import reactX from 'eslint-plugin-react-x'
import reactDom from 'eslint-plugin-react-dom'
export default tseslint.config({
plugins: {
// Add the react-x and react-dom plugins
'react-x': reactX,
'react-dom': reactDom,
},
rules: {
// other rules...
// Enable its recommended typescript rules
...reactX.configs['recommended-typescript'].rules,
...reactDom.configs.recommended.rules,
},
})
```

28
frontend/eslint.config.js Normal file
View File

@ -0,0 +1,28 @@
import js from '@eslint/js'
import globals from 'globals'
import reactHooks from 'eslint-plugin-react-hooks'
import reactRefresh from 'eslint-plugin-react-refresh'
import tseslint from 'typescript-eslint'
export default tseslint.config(
{ ignores: ['dist'] },
{
extends: [js.configs.recommended, ...tseslint.configs.recommended],
files: ['**/*.{ts,tsx}'],
languageOptions: {
ecmaVersion: 2020,
globals: globals.browser,
},
plugins: {
'react-hooks': reactHooks,
'react-refresh': reactRefresh,
},
rules: {
...reactHooks.configs.recommended.rules,
'react-refresh/only-export-components': [
'warn',
{ allowConstantExport: true },
],
},
},
)

13
frontend/index.html Normal file
View File

@ -0,0 +1,13 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/vite.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Izaac.pl | Strona główna</title>
</head>
<body>
<div id="root"></div>
<script type="module" src="/src/main.tsx"></script>
</body>
</html>

8419
frontend/package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

51
frontend/package.json Normal file
View File

@ -0,0 +1,51 @@
{
"name": "izaac_2_0",
"private": true,
"version": "0.0.0",
"type": "module",
"scripts": {
"dev": "vite",
"build": "tsc -b && vite build",
"lint": "eslint .",
"preview": "vite preview"
},
"dependencies": {
"@ant-design/icons": "^6.0.0",
"@uiw/react-md-editor": "^4.0.5",
"antd": "^5.24.9",
"axios": "^1.6.7",
"chart.js": "^4.4.1",
"framer-motion": "^11.0.3",
"katex": "^0.16.22",
"marked": "^12.0.0",
"motion": "^10.17.0",
"react": "^18.2.0",
"react-chartjs-2": "^5.2.0",
"react-dom": "^18.2.0",
"react-helmet": "^6.1.0",
"react-helmet-async": "^2.0.5",
"react-icons": "^5.5.0",
"react-markdown": "^9.1.0",
"react-router-dom": "^6.22.0",
"rehype-katex": "^7.0.1",
"remark-gfm": "^4.0.0",
"remark-math": "^6.0.0"
},
"devDependencies": {
"@eslint/js": "^8.56.0",
"@tailwindcss/typography": "^0.5.16",
"@types/react": "^18.2.55",
"@types/react-dom": "^18.2.19",
"@vitejs/plugin-react": "^4.2.1",
"autoprefixer": "^10.4.17",
"eslint": "^8.56.0",
"eslint-plugin-react-hooks": "^4.6.0",
"eslint-plugin-react-refresh": "^0.4.5",
"globals": "^13.24.0",
"postcss": "^8.4.35",
"tailwindcss": "^3.4.1",
"typescript": "~5.3.3",
"typescript-eslint": "^7.0.1",
"vite": "^5.1.3"
}
}

6
frontend/postcss.config.js Normal file
View File

@ -0,0 +1,6 @@
export default {
plugins: {
tailwindcss: {},
autoprefixer: {},
},
}

1
frontend/public/vite.svg Normal file
View File

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="31.88" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 257"><defs><linearGradient id="IconifyId1813088fe1fbc01fb466" x1="-.828%" x2="57.636%" y1="7.652%" y2="78.411%"><stop offset="0%" stop-color="#41D1FF"></stop><stop offset="100%" stop-color="#BD34FE"></stop></linearGradient><linearGradient id="IconifyId1813088fe1fbc01fb467" x1="43.376%" x2="50.316%" y1="2.242%" y2="89.03%"><stop offset="0%" stop-color="#FFEA83"></stop><stop offset="8.333%" stop-color="#FFDD35"></stop><stop offset="100%" stop-color="#FFA800"></stop></linearGradient></defs><path fill="url(#IconifyId1813088fe1fbc01fb466)" d="M255.153 37.938L134.897 252.976c-2.483 4.44-8.862 4.466-11.382.048L.875 37.958c-2.746-4.814 1.371-10.646 6.827-9.67l120.385 21.517a6.537 6.537 0 0 0 2.322-.004l117.867-21.483c5.438-.991 9.574 4.796 6.877 9.62Z"></path><path fill="url(#IconifyId1813088fe1fbc01fb467)" d="M185.432.063L96.44 17.501a3.268 3.268 0 0 0-2.634 3.014l-5.474 92.456a3.268 3.268 0 0 0 3.997 3.378l24.777-5.718c2.318-.535 4.413 1.507 3.936 3.838l-7.361 36.047c-.495 2.426 1.782 4.5 4.151 3.78l15.304-4.649c2.372-.72 4.652 1.36 4.15 3.788l-11.698 56.621c-.732 3.542 3.979 5.473 5.943 2.437l1.313-2.028l72.516-144.72c1.215-2.423-.88-5.186-3.54-4.672l-25.505 4.922c-2.396.462-4.435-1.77-3.759-4.114l16.646-57.705c.677-2.35-1.37-4.583-3.769-4.113Z"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
frontend/src/.DS_Store vendored Normal file
View File

Binary file not shown.

3
frontend/src/App.css Normal file
View File

@ -0,0 +1,3 @@
@tailwind base;
@tailwind components;
@tailwind utilities;

116
frontend/src/App.tsx Normal file
View File

@ -0,0 +1,116 @@
import React, { useEffect, useState } from 'react'
import Navbar from './components/Navbar'
import Footer from './components/Footer'
import { ThemeProvider } from './context/ThemeContext'
import { AuthProvider } from './context/AuthContext'
import { BrowserRouter as Router, Route, Routes } from 'react-router-dom';
import { HelmetProvider } from 'react-helmet-async';
import ScienceContent from './pages/ScienceContent';
import HomePage from './pages/HomePage';
import ContentPage from './pages/ContentPage';
import ContactPage from './pages/ContactPage';
import CategoriesPage from './pages/CategoriesPage';
import Login from './pages/Login';
import Register from './pages/Register';
import MyAccountPage from './pages/MyAccountPage';
import ForgotPasswordPage from './pages/ForgotPasswordPage';
import ProtectedRoute from './components/ProtectedRoute';
import PostsPage from './pages/PostsPage';
import CreatePostPage from './pages/CreatePostPage';
import PrivateRoute from './components/PrivateRoute';
import DashboardPage from './pages/DashboardPage';
import './styles/editor.css';
import TOS from './pages/TOS';
import PrivacyPolicy from './pages/PrivacyPolicy';
import { ConfigProvider, theme as antdTheme } from 'antd';
import CalculatorAndChartsPage from './pages/CalculatorAndChartsPage';
function App() {
const [isDark, setIsDark] = useState(false);
useEffect(() => {
const checkDark = () => {
return (
document.documentElement.classList.contains('dark') ||
document.body.classList.contains('dark')
);
};
setIsDark(checkDark());
const observer = new MutationObserver(() => {
setIsDark(checkDark());
});
observer.observe(document.documentElement, { attributes: true, attributeFilter: ['class'] });
observer.observe(document.body, { attributes: true, attributeFilter: ['class'] });
return () => observer.disconnect();
}, []);
return (
<HelmetProvider>
<Router>
<ThemeProvider>
<AuthProvider>
<ConfigProvider
theme={{
algorithm: isDark ? antdTheme.darkAlgorithm : antdTheme.defaultAlgorithm,
}}
>
<div className="bg-gray-50 dark:bg-gray-900 min-h-screen">
<Navbar />
<Routes>
<Route path="/" element={<HomePage />} />
<Route path="/categories" element={<CategoriesPage />} />
<Route path="/content" element={<ScienceContent />} />
{/* <Route path="/content/:slug" element={<ContentPage />} /> */}
<Route path="/contact" element={<ContactPage />} />
<Route path="/calculator" element={
<ProtectedRoute>
<CalculatorAndChartsPage />
</ProtectedRoute>
} />
<Route path="/login" element={<Login />} />
<Route path="/register" element={<Register />} />
<Route path="/forgot-password" element={<ForgotPasswordPage />} />
<Route path="/account" element={
<ProtectedRoute>
<MyAccountPage />
</ProtectedRoute>
} />
<Route path="/posts" element={<PostsPage />} />
<Route path="/posts/:slug" element={<PostsPage />} />
<Route
path="/posts/create"
element={
<PrivateRoute>
<CreatePostPage />
</PrivateRoute>
}
/>
<Route
path="/posts/:slug/edit"
element={
<PrivateRoute>
<CreatePostPage />
</PrivateRoute>
}
/>
<Route
path="/dashboard"
element={
<PrivateRoute requiredRoles={['admin', 'moderator']}>
<DashboardPage />
</PrivateRoute>
}
/>
<Route path="/regulamin" element={<TOS />} />
<Route path="/polityka-prywatności" element={<PrivacyPolicy />} />
</Routes>
<Footer />
</div>
</ConfigProvider>
</AuthProvider>
</ThemeProvider>
</Router>
</HelmetProvider>
)
}
export default App

38
frontend/src/api/auth.ts Normal file
View File

@ -0,0 +1,38 @@
import axios from 'axios';
const API_URL = 'http://localhost:8000/api/users';
export interface RegisterData {
username: string;
password: string;
password2: string;
email: string;
first_name: string;
last_name: string;
role?: 'admin' | 'user' | 'moderator';
}
export interface LoginData {
username: string;
password: string;
}
export interface AuthResponse {
access: string;
refresh: string;
}
export const register = async (data: RegisterData): Promise<{ message: string }> => {
const response = await axios.post(`${API_URL}/register/`, data);
return response.data;
};
export const login = async (data: LoginData): Promise<AuthResponse> => {
const response = await axios.post(`${API_URL}/login/`, data);
return response.data;
};
export const refreshToken = async (refresh: string): Promise<AuthResponse> => {
const response = await axios.post(`${API_URL}/refresh/`, { refresh });
return response.data;
};

Some files were not shown because too many files have changed in this diff Show More