Datum vystavení: {{ invoice.issue_date.strftime("%Y-%m-%d") }}
+Zákazník: {{ invoice.order.customer_name }}
+ +| Produkt | +Množství | +Cena | +Celkem | +
|---|---|---|---|
| {{ item.product.name }} | +{{ item.quantity }} | +{{ item.price }} | +{{ item.price * item.quantity }} | +
Celkem k úhradě: {{ invoice.total_amount }} Kč
+ + diff --git a/backend/commerce/urls.py b/backend/commerce/urls.py index 5518a66..ecf49dd 100644 --- a/backend/commerce/urls.py +++ b/backend/commerce/urls.py @@ -1,15 +1,24 @@ from django.urls import path, include from rest_framework.routers import DefaultRouter -from .views import CategoryViewSet, ProductViewSet, DiscountCodeViewSet, OrderViewSet +from .views import ( + OrderViewSet, + ProductViewSet, + CategoryViewSet, + ProductImageViewSet, + DiscountCodeViewSet, + RefundViewSet, +) router = DefaultRouter() -router.register(r'categories', CategoryViewSet) -router.register(r'products', ProductViewSet) -router.register(r'discounts', DiscountCodeViewSet) router.register(r'orders', OrderViewSet) +router.register(r'products', ProductViewSet, basename='product') +router.register(r'categories', CategoryViewSet, basename='category') +router.register(r'product-images', ProductImageViewSet, basename='product-image') +router.register(r'discount-codes', DiscountCodeViewSet, basename='discount-code') +router.register(r'refunds', RefundViewSet, basename='refund') urlpatterns = [ path('', include(router.urls)), ] -# NOTE: Carrier endpoints intentionally omitted (TODO) +# NOTE: Other endpoints (categories/products/discounts) can be added later diff --git a/backend/commerce/views.py b/backend/commerce/views.py index e582197..13c2a8a 100644 --- a/backend/commerce/views.py +++ b/backend/commerce/views.py @@ -1,4 +1,382 @@ -from rest_framework import viewsets -from rest_framework.permissions import AllowAny -from drf_spectacular.utils import extend_schema, extend_schema_view +from django.db import transaction +from rest_framework import viewsets, mixins, status +from rest_framework.permissions import AllowAny, IsAdminUser, SAFE_METHODS +from rest_framework.decorators import action +from rest_framework.response import Response +from drf_spectacular.utils import extend_schema, extend_schema_view, OpenApiExample + +from .models import ( + Order, + OrderItem, + Carrier, + Payment, + Product, + DiscountCode, + Category, + ProductImage, + Refund, +) +from .serializers import ( + OrderReadSerializer, + OrderMiniSerializer, + OrderCreateSerializer, + OrderItemReadSerializer, + CarrierReadSerializer, + PaymentReadSerializer, + ProductSerializer, + CategorySerializer, + ProductImageSerializer, + DiscountCodeSerializer, + RefundSerializer, +) + + +@extend_schema_view( + list=extend_schema(tags=["Orders"], summary="List Orders (public)"), + retrieve=extend_schema(tags=["Orders"], summary="Retrieve Order (public)"), +) +class OrderViewSet(mixins.ListModelMixin, mixins.RetrieveModelMixin, viewsets.GenericViewSet): + queryset = Order.objects.select_related("carrier", "payment").prefetch_related( + "items__product", "discount" + ).order_by("-created_at") + permission_classes = [AllowAny] + + def get_serializer_class(self): + if self.action == "mini": + return OrderMiniSerializer + if self.action in ["list", "retrieve"]: + return OrderReadSerializer + if self.action == "create": + return OrderCreateSerializer + return OrderReadSerializer + + @extend_schema( + tags=["Orders"], + summary="Create Order (public)", + request=OrderCreateSerializer, + responses={201: OrderReadSerializer}, + examples=[ + OpenApiExample( + "Create order", + value={ + "first_name": "Jan", + "last_name": "Novak", + "email": "jan@example.com", + "phone": "+420123456789", + "address": "Ulice 1", + "city": "Praha", + "postal_code": "11000", + "country": "Czech Republic", + "note": "Prosím doručit odpoledne", + "items": [ + {"product_id": 1, "quantity": 2}, + {"product_id": 7, "quantity": 1}, + ], + "carrier": {"shipping_method": "store"}, + "payment": {"payment_method": "stripe"}, + "discount_codes": ["WELCOME10"], + }, + ) + ], + ) + def create(self, request, *args, **kwargs): + serializer = OrderCreateSerializer(data=request.data) + serializer.is_valid(raise_exception=True) + data = serializer.validated_data + user = request.user + + #VELMI DŮLEŽITELÉ: vše vytvořit v transakci, aby se nepřidávaly neúplné objednávky + with transaction.atomic(): + + # Create base order (customer details only for now) + order = Order.objects.create( + user=user if getattr(user, "is_authenticated", False) else None, + first_name=data["first_name"], + last_name=data["last_name"], + email=data["email"], + phone=data.get("phone", ""), + address=data["address"], + city=data["city"], + postal_code=data["postal_code"], + country=data.get("country", "Czech Republic"), + note=data.get("note", ""), + ) + + # Carrier + carrier_payload = data["carrier"] + carrier = Carrier.objects.create( + shipping_method=carrier_payload["shipping_method"], + weight=carrier_payload.get("weight"), + ) + order.carrier = carrier + order.save(update_fields=["carrier", "updated_at"]) # recalc later after items + + # Items + items_payload = data["items"] + order_items = [] + for item in items_payload: + product = Product.objects.get(pk=item["product_id"]) # raises 404 if missing + qty = int(item["quantity"]) + order_items.append(OrderItem(order=order, product=product, quantity=qty)) + OrderItem.objects.bulk_create(order_items) + + # Discount codes (optional) + codes = data.get("discount_codes") or [] + if codes: + discounts = list(DiscountCode.objects.filter(code__in=codes)) + order.discount.add(*discounts) + + # Recalculate now that items/discounts/carrier are linked + order.save() + + # Payment and validation + pay_payload = data["payment"] + payment_method = pay_payload["payment_method"] + + # Validate combos (mirror of Payment.save but here we have order) + if payment_method == Payment.PAYMENT.SHOP and order.carrier.shipping_method != Carrier.SHIPPING.STORE: + return Response( + {"payment": "Platba v obchodě je možná pouze pro osobní odběr."}, + status=status.HTTP_400_BAD_REQUEST, + ) + if payment_method == Payment.PAYMENT.CASH_ON_DELIVERY and order.carrier.shipping_method == Carrier.SHIPPING.STORE: + return Response( + {"payment": "Dobírka není možná pro osobní odběr."}, + status=status.HTTP_400_BAD_REQUEST, + ) + + # Create payment WITHOUT triggering Payment.save (which expects reverse link first) + payment = Payment(payment_method=payment_method) + # Bypass custom save by bulk_create + Payment.objects.bulk_create([payment]) + order.payment = payment + order.save(update_fields=["payment", "updated_at"]) + + # If Stripe, create StripePayment now and attach + if payment_method == Payment.PAYMENT.STRIPE: + from thirdparty.stripe.models import StripePayment + + stripe_obj = StripePayment.objects.create(amount=order.total_price) + payment.stripe = stripe_obj + payment.save(update_fields=["stripe"]) + + out = self.get_serializer(order) + return Response(out.data, status=status.HTTP_201_CREATED) + + # -- List mini orders -- (public) -- + @action(detail=False, methods=["get"], url_path="detail") + @extend_schema( + tags=["Orders"], + summary="List mini orders (public)", + responses={200: OrderMiniSerializer(many=True)}, + ) + def mini(self, request, *args, **kwargs): + qs = self.get_queryset() + page = self.paginate_queryset(qs) + + if page is not None: + ser = OrderMiniSerializer(page, many=True) + return self.get_paginated_response(ser.data) + + ser = OrderMiniSerializer(qs, many=True) + return Response(ser.data) + + # -- Get order items -- (public) -- + @action(detail=True, methods=["get"], url_path="items") + @extend_schema( + tags=["Orders"], + summary="List order items (public)", + responses={200: OrderItemReadSerializer(many=True)}, + ) + def items(self, request, pk=None): + order = self.get_object() + qs = order.items.select_related("product").all() + ser = OrderItemReadSerializer(qs, many=True) + return Response(ser.data) + + # -- Get order carrier -- (public) -- + @action(detail=True, methods=["get"], url_path="carrier") + @extend_schema( + tags=["Orders"], + summary="Get order carrier (public)", + responses={200: CarrierReadSerializer}, + ) + def carrier_detail(self, request, pk=None): + order = self.get_object() + ser = CarrierReadSerializer(order.carrier) + return Response(ser.data) + + # -- Get order payment -- (public) -- + @action(detail=True, methods=["get"], url_path="payment") + @extend_schema( + tags=["Orders"], + summary="Get order payment (public)", + responses={200: PaymentReadSerializer}, + ) + def payment_detail(self, request, pk=None): + order = self.get_object() + ser = PaymentReadSerializer(order.payment) + return Response(ser.data) + + # -- Mark carrier ready to pickup(store) (admin) -- + @action( + detail=True, + methods=["patch"], + url_path="carrier/ready-to-pickup", + permission_classes=[IsAdminUser], + ) + @extend_schema( + tags=["Orders"], + summary="Mark carrier ready to pickup (admin)", + request=None, + responses={200: CarrierReadSerializer}, + ) + def carrier_ready_to_pickup(self, request, pk=None): + order = self.get_object() + if not order.carrier: + return Response({"detail": "Carrier not set."}, status=400) + order.carrier.ready_to_pickup() + order.carrier.refresh_from_db() + ser = CarrierReadSerializer(order.carrier) + return Response(ser.data) + + # -- Start ordering shipping (admin) -- + @action( + detail=True, + methods=["patch"], + url_path="carrier/start-ordering-shipping", + permission_classes=[IsAdminUser], + ) + @extend_schema( + tags=["Orders"], + summary="Start ordering shipping (admin)", + request=None, + responses={200: CarrierReadSerializer}, + ) + def carrier_start_ordering_shipping(self, request, pk=None): + order = self.get_object() + if not order.carrier: + return Response({"detail": "Carrier not set."}, status=400) + order.carrier.start_ordering_shipping() + order.carrier.refresh_from_db() + ser = CarrierReadSerializer(order.carrier) + return Response(ser.data) + + +# -- Invoice PDF for Order -- +class OrderInvoice(viewsets.ViewSet): + @action(detail=True, methods=["get"], url_path="generate-invoice") + @extend_schema( + tags=["Orders"], + summary="Get Invoice PDF for Order (public)", + responses={200: "PDF File"}, + ) + def get(order_id, request): + try: + order = Order.objects.get(pk=order_id) + except Order.DoesNotExist: + return Response({"detail": "Order not found."}, status=status.HTTP_404_NOT_FOUND) + + return Response(order.invoice.pdf_file, content_type='application/pdf') + + +# ---------- Permissions helpers ---------- + +class AdminWriteOnlyOrReadOnly(AllowAny.__class__): + def has_permission(self, request, view): + if request.method in SAFE_METHODS: + return True + return IsAdminUser().has_permission(request, view) + + +class AdminOnlyForPatchOtherwisePublic(AllowAny.__class__): + def has_permission(self, request, view): + if request.method in SAFE_METHODS or request.method == "POST": + return True + if request.method == "PATCH": + return IsAdminUser().has_permission(request, view) + # default to admin for other unsafe + return IsAdminUser().has_permission(request, view) + + +# ---------- Public/admin viewsets ---------- + +# -- Product -- +@extend_schema_view( + list=extend_schema(tags=["Products"], summary="List products (public)"), + retrieve=extend_schema(tags=["Products"], summary="Retrieve product (public)"), + create=extend_schema(tags=["Products"], summary="Create product (admin)"), + partial_update=extend_schema(tags=["Products"], summary="Update product (admin)"), + update=extend_schema(tags=["Products"], summary="Replace product (admin)"), + destroy=extend_schema(tags=["Products"], summary="Delete product (admin)"), +) +class ProductViewSet(viewsets.ModelViewSet): + queryset = Product.objects.all().order_by("-created_at") + serializer_class = ProductSerializer + permission_classes = [AdminWriteOnlyOrReadOnly] + + +# -- Category -- +@extend_schema_view( + list=extend_schema(tags=["Categories"], summary="List categories (public)"), + retrieve=extend_schema(tags=["Categories"], summary="Retrieve category (public)"), + create=extend_schema(tags=["Categories"], summary="Create category (admin)"), + partial_update=extend_schema(tags=["Categories"], summary="Update category (admin)"), + update=extend_schema(tags=["Categories"], summary="Replace category (admin)"), + destroy=extend_schema(tags=["Categories"], summary="Delete category (admin)"), +) +class CategoryViewSet(viewsets.ModelViewSet): + queryset = Category.objects.all().order_by("name") + serializer_class = CategorySerializer + permission_classes = [AdminWriteOnlyOrReadOnly] + + +# -- Product Image -- +@extend_schema_view( + list=extend_schema(tags=["Product Images"], summary="List product images (public)"), + retrieve=extend_schema(tags=["Product Images"], summary="Retrieve product image (public)"), + create=extend_schema(tags=["Product Images"], summary="Create product image (admin)"), + partial_update=extend_schema(tags=["Product Images"], summary="Update product image (admin)"), + update=extend_schema(tags=["Product Images"], summary="Replace product image (admin)"), + destroy=extend_schema(tags=["Product Images"], summary="Delete product image (admin)"), +) +class ProductImageViewSet(viewsets.ModelViewSet): + queryset = ProductImage.objects.all().order_by("-id") + serializer_class = ProductImageSerializer + permission_classes = [AdminWriteOnlyOrReadOnly] + + +# -- Discount Code -- +@extend_schema_view( + list=extend_schema(tags=["Discount Codes"], summary="List discount codes (public)"), + retrieve=extend_schema(tags=["Discount Codes"], summary="Retrieve discount code (public)"), + create=extend_schema(tags=["Discount Codes"], summary="Create discount code (admin)"), + partial_update=extend_schema(tags=["Discount Codes"], summary="Update discount code (admin)"), + update=extend_schema(tags=["Discount Codes"], summary="Replace discount code (admin)"), + destroy=extend_schema(tags=["Discount Codes"], summary="Delete discount code (admin)"), +) +class DiscountCodeViewSet(viewsets.ModelViewSet): + queryset = DiscountCode.objects.all().order_by("-id") + serializer_class = DiscountCodeSerializer + permission_classes = [AdminWriteOnlyOrReadOnly] + + +# -- Refund -- +@extend_schema_view( + list=extend_schema(tags=["Refunds"], summary="List refunds (public)"), + retrieve=extend_schema(tags=["Refunds"], summary="Retrieve refund (public)"), + create=extend_schema(tags=["Refunds"], summary="Create refund (public)"), + partial_update=extend_schema(tags=["Refunds"], summary="Update refund (admin)"), +) +class RefundViewSet(mixins.CreateModelMixin, + mixins.ListModelMixin, + mixins.RetrieveModelMixin, + mixins.UpdateModelMixin, + viewsets.GenericViewSet): + queryset = Refund.objects.select_related("order").all().order_by("-created_at") + serializer_class = RefundSerializer + permission_classes = [AdminOnlyForPatchOtherwisePublic] + + + diff --git a/backend/configuration/apps.py b/backend/configuration/apps.py index d3265d0..8cc1282 100644 --- a/backend/configuration/apps.py +++ b/backend/configuration/apps.py @@ -1,6 +1,5 @@ from django.apps import AppConfig from django.db.utils import OperationalError, ProgrammingError -from .models import ShopConfiguration class ConfigurationConfig(AppConfig): default_auto_field = 'django.db.models.BigAutoField' @@ -13,9 +12,11 @@ class ConfigurationConfig(AppConfig): makemigrations/migrate don't fail when the table does not yet exist. """ try: - ShopConfiguration.get_solo() + from .models import ShopConfiguration # local import to avoid premature app registry access + ShopConfiguration.get_solo() # creates if missing except (OperationalError, ProgrammingError): - ShopConfiguration.objects.create() + # DB not ready (e.g., before initial migrate); ignore silently + pass diff --git a/backend/social/chat/migrations/__init__.py b/backend/social/chat/migrations/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/backend/thirdparty/downloader/migrations/0001_initial.py b/backend/thirdparty/downloader/migrations/0001_initial.py deleted file mode 100644 index 33b2b97..0000000 --- a/backend/thirdparty/downloader/migrations/0001_initial.py +++ /dev/null @@ -1,30 +0,0 @@ -# Generated by Django 5.2.7 on 2025-10-29 14:53 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - initial = True - - dependencies = [ - ] - - operations = [ - migrations.CreateModel( - name='DownloaderRecord', - fields=[ - ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('is_deleted', models.BooleanField(default=False)), - ('deleted_at', models.DateTimeField(blank=True, null=True)), - ('url', models.URLField()), - ('download_time', models.DateTimeField(auto_now_add=True)), - ('format', models.CharField(max_length=50)), - ('length_of_media', models.IntegerField(help_text='Length of media in seconds')), - ('file_size', models.BigIntegerField(help_text='File size in bytes')), - ], - options={ - 'abstract': False, - }, - ), - ] diff --git a/backend/thirdparty/downloader/migrations/__init__.py b/backend/thirdparty/downloader/migrations/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/backend/thirdparty/stripe/admin.py b/backend/thirdparty/stripe/admin.py index d23cc8e..c6fe108 100644 --- a/backend/thirdparty/stripe/admin.py +++ b/backend/thirdparty/stripe/admin.py @@ -1,23 +1,2 @@ from django.contrib import admin -from .models import Order -@admin.register(Order) -class OrderAdmin(admin.ModelAdmin): - list_display = ("id", "amount", "currency", "status", "created_at") - list_filter = ("status", "currency", "created_at") - search_fields = ("id", "stripe_session_id", "stripe_payment_intent") - readonly_fields = ("created_at", "stripe_session_id", "stripe_payment_intent") - - fieldsets = ( - (None, { - "fields": ("amount", "currency", "status") - }), - ("Stripe info", { - "fields": ("stripe_session_id", "stripe_payment_intent"), - "classes": ("collapse",), - }), - ("Metadata", { - "fields": ("created_at",), - }), - ) - ordering = ("-created_at",) diff --git a/backend/thirdparty/stripe/client.py b/backend/thirdparty/stripe/client.py new file mode 100644 index 0000000..d0c7e6e --- /dev/null +++ b/backend/thirdparty/stripe/client.py @@ -0,0 +1,54 @@ +import stripe +from django.conf import settings +import json +import os + +FRONTEND_URL = os.getenv("FRONTEND_URL") if not settings.DEBUG else os.getenv("DEBUG_DOMAIN") +SSL = "https://" if os.getenv("USE_SSL") == "true" else "http://" + +stripe.api_key = os.getenv("STRIPE_SECRET_KEY") + +class StripeClient: + + def create_checkout_session(order): + """ + Vytvoří Stripe Checkout Session pro danou objednávku. + Args: + order (Order): Instance objednávky pro kterou se vytváří session. + + Returns: + stripe.checkout.Session: Vytvořená Stripe Checkout Session. + """ + + session = stripe.checkout.Session.create( + mode="payment", + payment_method_types=["card"], + + success_url=f"{SSL}{FRONTEND_URL}/payment/success?order={order.id}", #jenom na grafickou část (webhook reálně ověří stav) + cancel_url=f"{SSL}{FRONTEND_URL}/payment/cancel?order={order.id}", + + client_reference_id=str(order.id), + line_items=[{ + "price_data": { + "currency": "czk", + "product_data": { + "name": f"Objednávka {order.id}", + }, + "unit_amount": int(order.total_price * 100), # cena v haléřích + }, + "quantity": 1, + }], + ) + + return session + + + def refund_order(stripe_payment_intent): + try: + refund = stripe.Refund.create( + payment_intent=stripe_payment_intent + ) + return refund + + except Exception as e: + return json.dumps({"error": str(e)}) \ No newline at end of file diff --git a/backend/thirdparty/stripe/migrations/0001_initial.py b/backend/thirdparty/stripe/migrations/0001_initial.py deleted file mode 100644 index 9377f3e..0000000 --- a/backend/thirdparty/stripe/migrations/0001_initial.py +++ /dev/null @@ -1,26 +0,0 @@ -# Generated by Django 5.2.7 on 2025-10-28 22:28 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - initial = True - - dependencies = [ - ] - - operations = [ - migrations.CreateModel( - name='Order', - fields=[ - ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('amount', models.DecimalField(decimal_places=2, max_digits=10)), - ('currency', models.CharField(default='czk', max_length=10)), - ('status', models.CharField(choices=[('pending', 'Pending'), ('paid', 'Paid'), ('failed', 'Failed'), ('cancelled', 'Cancelled')], default='pending', max_length=20)), - ('stripe_session_id', models.CharField(blank=True, max_length=255, null=True)), - ('stripe_payment_intent', models.CharField(blank=True, max_length=255, null=True)), - ('created_at', models.DateTimeField(auto_now_add=True)), - ], - ), - ] diff --git a/backend/thirdparty/stripe/migrations/__init__.py b/backend/thirdparty/stripe/migrations/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/backend/thirdparty/stripe/models.py b/backend/thirdparty/stripe/models.py index 4207bc1..f80f3a3 100644 --- a/backend/thirdparty/stripe/models.py +++ b/backend/thirdparty/stripe/models.py @@ -1,25 +1,68 @@ from django.db import models +from django.apps import apps # Create your models here. #TODO: logika a interakce bude na stripu (třeba aktualizovaní objednávky na zaplacenou apod.) - -class StripePayment(models.Model): - STATUS_CHOICES = [ - ("pending", "Pending"), - ("paid", "Paid"), - ("failed", "Failed"), - ("cancelled", "Cancelled"), - ] - amount = models.DecimalField(max_digits=10, decimal_places=2) - currency = models.CharField(max_length=10, default="czk") - status = models.CharField(max_length=20, choices=STATUS_CHOICES, default="pending") +from .client import StripeClient + +class StripeModel(models.Model): + class STATUS_CHOICES(models.TextChoices): + PENDING = "pending", "Čeká se na platbu" + PAID = "paid", "Zaplaceno" + FAILED = "failed", "Neúspěšné" + CANCELLED = "cancelled", "Zrušeno" + REFUNDING = "refunding", "Platba se vrací" + REFUNDED = "refunded", "Platba úspěšně vrácena" + + status = models.CharField(max_length=20, choices=STATUS_CHOICES.choices, default=STATUS_CHOICES.PENDING) stripe_session_id = models.CharField(max_length=255, blank=True, null=True) stripe_payment_intent = models.CharField(max_length=255, blank=True, null=True) + stripe_session_url = models.URLField(blank=True, null=True) created_at = models.DateTimeField(auto_now_add=True) + updated_at = models.DateTimeField(auto_now=True, null=True, blank=True) def __str__(self): - return f"Order {self.id} - {self.status}" \ No newline at end of file + return f"Order {self.id} - {self.status}" + + + + def save(self, *args, **kwargs): + #if new + if self.pk: + Order = apps.get_model('commerce', 'Order') + Payment = apps.get_model('commerce', 'Payment') + + order = Order.objects.get(payment=Payment.objects.get(stripe=self)) + + session = StripeClient.create_checkout_session(order)# <-- předáme self.StripePayment + + self.stripe_session_id = session.id + self.stripe_payment_intent = session.payment_intent + self.stripe_session_url = session.url + + else: + self.updated_at = models.DateTimeField(auto_now=True) + + super().save(*args, **kwargs) + + def paid(self): + self.status = self.STATUS_CHOICES.PAID + self.save() + + def refund(self): + StripeClient.refund_order(self.stripe_payment_intent) + self.status = self.STATUS_CHOICES.REFUNDING + self.save() + + def refund_confirmed(self): + self.status = self.STATUS_CHOICES.REFUNDED + self.save() + + def cancel(self): + StripeClient.cancel_checkout_session(self.stripe_session_id) + self.status = self.STATUS_CHOICES.CANCELLED + self.save() \ No newline at end of file diff --git a/backend/thirdparty/stripe/stripe.md b/backend/thirdparty/stripe/stripe.md new file mode 100644 index 0000000..11af82a --- /dev/null +++ b/backend/thirdparty/stripe/stripe.md @@ -0,0 +1,9 @@ +# Stripe Tutorial + +## Example of redirecting the webhook events to local Django endpoint +``` +stripe listen --forward-to localhost:8000/api/stripe/webhook/ +``` + + +# POUŽÍVEJTE SANDBOX/TESING REŽIM PŘI DEVELOPMENTU!!! \ No newline at end of file diff --git a/backend/account/migrations/__init__.py b/backend/thirdparty/stripe/tasks.py similarity index 100% rename from backend/account/migrations/__init__.py rename to backend/thirdparty/stripe/tasks.py diff --git a/backend/thirdparty/stripe/views.py b/backend/thirdparty/stripe/views.py index 561d29d..f940959 100644 --- a/backend/thirdparty/stripe/views.py +++ b/backend/thirdparty/stripe/views.py @@ -6,73 +6,73 @@ from rest_framework import generics from rest_framework.response import Response from rest_framework.views import APIView from drf_spectacular.utils import extend_schema - -from .models import Order -from .serializers import OrderSerializer import os +import logging + +from .models import StripeTransaction +from commerce.models import Order, Payment + +logger = logging.getLogger(__name__) import stripe stripe.api_key = os.getenv("STRIPE_SECRET_KEY") -class CreateCheckoutSessionView(APIView): +class StripeWebhook(APIView): @extend_schema( tags=["stripe"], ) def post(self, request): - serializer = OrderSerializer(data=request.data) #obecný serializer - serializer.is_valid(raise_exception=True) + payload = request.body + sig_header = request.META['HTTP_STRIPE_SIGNATURE'] - order = Order.objects.create( - amount=serializer.validated_data["amount"], - currency=serializer.validated_data.get("currency", "czk"), - ) + try: + #build stripe event + event = stripe.Webhook.construct_event( + payload, sig_header, os.getenv("STRIPE_WEBHOOK_SECRET") + ) - # Vytvoření Stripe Checkout Session - session = stripe.checkout.Session.create( - payment_method_types=["card"], - line_items=[{ - "price_data": { - "currency": order.currency, - "product_data": {"name": f"Order {order.id}"}, - "unit_amount": int(order.amount * 100), # v centech - }, - "quantity": 1, - }], - mode="payment", - success_url=request.build_absolute_uri(f"/payment/success/{order.id}"), - cancel_url=request.build_absolute_uri(f"/payment/cancel/{order.id}"), - ) + except ValueError as e: + logger.error(f"Invalid payload: {e}") + return HttpResponse(status=400) + + except stripe.error as e: + # stripe error + logger.error(f"Stripe error: {e}") + return HttpResponse(status=400) + - order.stripe_session_id = session.id - order.stripe_payment_intent = session.payment_intent - order.save() - - data = OrderSerializer(order).data - data["checkout_url"] = session.url - return Response(data) - + session = event['data']['object'] + # ZAPLACENO + if event['type'] == 'checkout.session.completed': + + stripe_transaction = StripeTransaction.objects.get(stripe_session_id=session.id) + if stripe_transaction: + stripe_transaction.paid() -@csrf_exempt -def stripe_webhook(request): - payload = request.body - sig_header = request.META.get("HTTP_STRIPE_SIGNATURE") - event = None + logger.info(f"Transaction {stripe_transaction.id} marked as paid.") - try: - event = stripe.Webhook.construct_event( - payload, sig_header, settings.STRIPE_WEBHOOK_SECRET - ) - except stripe.error.SignatureVerificationError: - return HttpResponse(status=400) + else: + logger.warning(f"No transaction found for session ID: {session.id}") - if event["type"] == "checkout.session.completed": - session = event["data"]["object"] - order = Order.objects.filter(stripe_session_id=session.get("id")).first() - if order: - order.status = "paid" + # EXPIRACE (zrušení objednávky) uživatel nezaplatil do 24 hodin! + elif event['type'] == 'checkout.session.expired': + order = Order.objects.get(payment=Payment.objects.get(stripe=StripeTransaction.objects.get(stripe_session_id=session.id))) + order.status = Order.STATUS_CHOICES.CANCELLED order.save() - return HttpResponse(status=200) + elif event['type'] == 'payment_intent.payment_failed': + #nothing to do for now + pass + + # REFUND POTVRZEN + elif event['type'] == 'payment_intent.refunded': + session = event['data']['object'] + stripe_transaction = StripeTransaction.objects.get(stripe_payment_intent=session.id) + + if stripe_transaction: + stripe_transaction.refund_confirmed() + + logger.info(f"Transaction {stripe_transaction.id} marked as refunded.") diff --git a/backend/thirdparty/stripe/where to find webhooks settings.png b/backend/thirdparty/stripe/where to find webhooks settings.png new file mode 100644 index 0000000..abcea44 Binary files /dev/null and b/backend/thirdparty/stripe/where to find webhooks settings.png differ diff --git a/backend/thirdparty/zasilkovna/migrations/__init__.py b/backend/thirdparty/zasilkovna/migrations/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/backend/thirdparty/zasilkovna/models.py b/backend/thirdparty/zasilkovna/models.py index 831386a..21e9d09 100644 --- a/backend/thirdparty/zasilkovna/models.py +++ b/backend/thirdparty/zasilkovna/models.py @@ -21,10 +21,11 @@ from django.db import models from django.utils import timezone from django.core.validators import RegexValidator from django.core.files.base import ContentFile +from django.apps import apps from .client import PacketaAPI -from commerce.models import Order, Carrier -from configuration.models import Configuration + +from configuration.models import ShopConfiguration packeta_client = PacketaAPI() # single reusable instance @@ -55,6 +56,13 @@ class ZasilkovnaPacket(models.Model): help_text="Hmotnost zásilky v gramech" ) + # 🚚 návratové směrovací kódy (pro vrácení zásilky) + return_routing = models.JSONField( + default=list, + blank=True, + help_text="Seznam 2 routing stringů pro vrácení zásilky" + ) + class PDF_SIZE(models.TextChoices): A6_ON_A6 = ("A6 on A6", "105x148 mm (A6) label on a page of the same size") A7_ON_A7 = ("A7 on A7", "105x74 mm (A7) label on a page of the same size") @@ -63,19 +71,16 @@ class ZasilkovnaPacket(models.Model): A8_ON_A8 = ("A8 on A8", "50x74 mm (A8) label on a page of the same size") size_of_pdf = models.CharField(max_length=20, choices=PDF_SIZE.choices, default=PDF_SIZE.A6_ON_A6) - - # 🚚 návratové směrovací kódy (pro vrácení zásilky) - return_routing = models.JSONField( - default=list, - blank=True, - help_text="Seznam 2 routing stringů pro vrácení zásilky" - ) - def save(self, *args, **kwargs): - # On first save, create the packet remotely if packet_id is not set + # workaroud to avoid circular import + Carrier = apps.get_model('commerce', 'Carrier') + Order = apps.get_model('commerce', 'Order') + carrier = Carrier.objects.get(zasilkovna=self) order = Order.objects.get(carrier=carrier) + cash_on_delivery = order.payment.payment_method == order.payment.PAYMENT.CASH_ON_DELIVERY + if not self.packet_id: response = packeta_client.create_packet( address_id=self.addressId, @@ -85,14 +90,13 @@ class ZasilkovnaPacket(models.Model): surname=order.last_name, company=order.company, email=order.email, - addressId=Configuration.get_solo().zasilkovna_address_id, + addressId=ShopConfiguration.get_solo().zasilkovna_address_id, - #FIXME: udělat logiku pro počítaní dobírky a hodnoty zboží - cod=100.00, - value=100.00, + cod=order.total_price if cash_on_delivery else 0, # dobírka + value=order.total_price, - currency=Configuration.get_solo().currency, - eshop= Configuration.get_solo().name, + currency=ShopConfiguration.get_solo().currency, + eshop= ShopConfiguration.get_solo().name, ) self.packet_id = response['packet_id'] self.barcode = response['barcode'] diff --git a/backend/thirdparty/zasilkovna/serializers.py b/backend/thirdparty/zasilkovna/serializers.py index e69de29..d0fe9b8 100644 --- a/backend/thirdparty/zasilkovna/serializers.py +++ b/backend/thirdparty/zasilkovna/serializers.py @@ -0,0 +1,38 @@ +from rest_framework import serializers + +from .models import ZasilkovnaPacket, ZasilkovnaShipment + + +class ZasilkovnaPacketSerializer(serializers.ModelSerializer): + class Meta: + model = ZasilkovnaPacket + fields = [ + "id", + "created_at", + "packet_id", + "barcode", + "state", + "weight", + "return_routing", + ] + read_only_fields = fields + + +class TrackingURLSerializer(serializers.Serializer): + barcode = serializers.CharField(read_only=True) + tracking_url = serializers.URLField(read_only=True) + + +class ZasilkovnaShipmentSerializer(serializers.ModelSerializer): + packets = serializers.PrimaryKeyRelatedField(many=True, read_only=True) + + class Meta: + model = ZasilkovnaShipment + fields = [ + "id", + "created_at", + "shipment_id", + "barcode", + "packets", + ] + read_only_fields = fields diff --git a/backend/thirdparty/zasilkovna/urls.py b/backend/thirdparty/zasilkovna/urls.py index e69de29..cd0592a 100644 --- a/backend/thirdparty/zasilkovna/urls.py +++ b/backend/thirdparty/zasilkovna/urls.py @@ -0,0 +1,15 @@ +from django.urls import path, include +from rest_framework.routers import DefaultRouter + +from .views import ZasilkovnaShipmentViewSet, ZasilkovnaPacketViewSet + + +router = DefaultRouter() +router.register(r"shipments", ZasilkovnaShipmentViewSet, basename="zasilkovna-shipment") +router.register(r"packets", ZasilkovnaPacketViewSet, basename="zasilkovna-packet") + +app_name = "zasilkovna" + +urlpatterns = [ + path("", include(router.urls)), +] diff --git a/backend/thirdparty/zasilkovna/views.py b/backend/thirdparty/zasilkovna/views.py index 04de252..022316c 100644 --- a/backend/thirdparty/zasilkovna/views.py +++ b/backend/thirdparty/zasilkovna/views.py @@ -1,8 +1,80 @@ -#views.py +from rest_framework import viewsets, mixins, status +from rest_framework.decorators import action +from rest_framework.response import Response -""" -TODO: OBJEDNAVANÍ SE VYVOLÁVA V CARRIER V COMMERCE.MODELS.PY - získaní labelu, - info o kurýrovi, vracení balíku, - vytvoření hromadné expedice -""" \ No newline at end of file +from drf_spectacular.utils import extend_schema, extend_schema_view, OpenApiResponse + +from .models import ZasilkovnaShipment, ZasilkovnaPacket +from .serializers import ( + ZasilkovnaShipmentSerializer, + ZasilkovnaPacketSerializer, + TrackingURLSerializer, +) + + +@extend_schema_view( + list=extend_schema( + tags=["Zásilkovna"], + summary="List shipments", + description="Returns a paginated list of Packeta (Zásilkovna) shipments.", + responses={200: ZasilkovnaShipmentSerializer}, + ), + retrieve=extend_schema( + tags=["Zásilkovna"], + summary="Retrieve a shipment", + description="Returns detail for a single shipment.", + responses={200: ZasilkovnaShipmentSerializer}, + ), +) +class ZasilkovnaShipmentViewSet(viewsets.ReadOnlyModelViewSet): + queryset = ZasilkovnaShipment.objects.all().order_by("-created_at") + serializer_class = ZasilkovnaShipmentSerializer + + + +@extend_schema_view( + retrieve=extend_schema( + tags=["Zásilkovna"], + summary="Retrieve a packet", + description="Returns detail for a single packet.", + responses={200: ZasilkovnaPacketSerializer}, + ) +) +class ZasilkovnaPacketViewSet(mixins.RetrieveModelMixin, viewsets.GenericViewSet): + queryset = ZasilkovnaPacket.objects.all() + serializer_class = ZasilkovnaPacketSerializer + + @extend_schema( + tags=["Zásilkovna"], + summary="Get public tracking URL", + description=( + "Returns the public Zásilkovna tracking URL derived from the packet's barcode." + ), + responses={200: OpenApiResponse(response=TrackingURLSerializer)}, + ) + @action(detail=True, methods=["get"], url_path="tracking-url") + def tracking_url(self, request, pk=None): + packet: ZasilkovnaPacket = self.get_object() + data = { + "barcode": packet.barcode, + "tracking_url": packet.get_tracking_url(), + } + return Response(data) + + + @extend_schema( + tags=["Zásilkovna"], + summary="Cancel packet", + description=( + "Cancels the packet through the Packeta API and updates its state to CANCELED. " + "No request body is required." + ), + request=None, + responses={200: OpenApiResponse(response=ZasilkovnaPacketSerializer)}, + ) + @action(detail=True, methods=["patch"], url_path="cancel") + def cancel(self, request, pk=None): + packet: ZasilkovnaPacket = self.get_object() + packet.cancel_packet() + serializer = self.get_serializer(packet) + return Response(serializer.data, status=status.HTTP_200_OK) diff --git a/backend/vontor_cz/asgi.py b/backend/vontor_cz/asgi.py index 626be7f..96c15cb 100644 --- a/backend/vontor_cz/asgi.py +++ b/backend/vontor_cz/asgi.py @@ -13,7 +13,7 @@ from channels.routing import ProtocolTypeRouter, URLRouter from channels.auth import AuthMiddlewareStack #import myapp.routing # your app's routing -os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'trznice.settings') +os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vontor_cz.settings') application = ProtocolTypeRouter({ "http": get_asgi_application(), diff --git a/backend/vontor_cz/celery.py b/backend/vontor_cz/celery.py index 96a43e1..5d7dd4a 100644 --- a/backend/vontor_cz/celery.py +++ b/backend/vontor_cz/celery.py @@ -1,8 +1,8 @@ import os from celery import Celery -os.environ.setdefault("DJANGO_SETTINGS_MODULE", "backend.settings") +os.environ.setdefault("DJANGO_SETTINGS_MODULE", "vontor_cz.settings") -app = Celery("backend") +app = Celery("vontor_cz") app.config_from_object("django.conf:settings", namespace="CELERY") app.autodiscover_tasks() diff --git a/backend/vontor_cz/settings.py b/backend/vontor_cz/settings.py index 1c06467..3eb8ad5 100644 --- a/backend/vontor_cz/settings.py +++ b/backend/vontor_cz/settings.py @@ -51,12 +51,13 @@ DATETIME_INPUT_FORMATS = [ "%Y-%m-%dT%H:%M:%S", # '2025-07-25T14:30:59' ] -LANGUAGE_CODE = 'cs' +# -------------------- LOKALIZACE ------------------------- -TIME_ZONE = 'Europe/Prague' +LANGUAGE_CODE = os.getenv("LANGUAGE_CODE", "cs") +TIME_ZONE = os.getenv("TIME_ZONE", "Europe/Prague") USE_I18N = True - +USE_L10N = True USE_TZ = True @@ -313,6 +314,10 @@ REST_FRAMEWORK = { 'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema', 'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend'], + # Enable default pagination so custom list actions (e.g., /orders/detail) paginate + 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination', + 'PAGE_SIZE': 20, + 'DEFAULT_THROTTLE_RATES': { 'anon': '100/hour', # unauthenticated 'user': '2000/hour', # authenticated @@ -326,7 +331,8 @@ REST_FRAMEWORK = { MY_CREATED_APPS = [ 'account', 'commerce', - + 'configuration', + 'social.chat', 'thirdparty.downloader', diff --git a/backend/vontor_cz/urls.py b/backend/vontor_cz/urls.py index ecce746..18e2e96 100644 --- a/backend/vontor_cz/urls.py +++ b/backend/vontor_cz/urls.py @@ -39,4 +39,5 @@ urlpatterns = [ path('api/trading212/', include('thirdparty.trading212.urls')), path('api/downloader/', include('thirdparty.downloader.urls')), path("api/payments/gopay/", include("thirdparty.gopay.urls", namespace="gopay")), + path('api/zasilkovna/', include('thirdparty.zasilkovna.urls')), ] diff --git a/backend/commerce/migrations/__init__.py b/backups/backup-20251117-224608.sql similarity index 100% rename from backend/commerce/migrations/__init__.py rename to backups/backup-20251117-224608.sql diff --git a/docker-compose.yml b/docker-compose.yml index ab1fe8e..bda87e4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,7 +10,7 @@ services: - ./backend:/app depends_on: - redis - command: daphne -b 0.0.0.0 -p 8000 backend.asgi:application + command: daphne -b 0.0.0.0 -p 8000 vontor_cz.asgi:application frontend: env_file: