jasper

.dockerignore

@@ -0,0 +1,28 @@
+*.pyc
+*.pyo
+*.mo
+*.db
+*.css.map
+*.egg-info
+*.sql.gz
+.cache
+.project
+.idea
+.pydevproject
+.idea/workspace.xml
+.DS_Store
+.git/
+.sass-cache
+.vagrant/
+__pycache__
+dist
+docs
+env
+logs
+src/{{ project_name }}/settings/local.py
+src/node_modules
+web/media
+web/static/CACHE
+stats
+Dockerfile
+# .env

.github/workflows/docker-image.yml

@@ -0,0 +1,18 @@
+name: Docker Image CI
+
+on:
+ push:
+ branches: [ "main" ]
+ pull_request:
+ branches: [ "main" ]
+
+jobs:
+
+ build:
+
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+ - name: Build the Docker image
+ run: docker build . --file Dockerfile --tag cccrizzz/ccpd-django-service:latest

.gitignore

@@ -26,6 +26,8 @@ wheels/
 *.egg-info/
 .installed.cfg
 *.egg
+staticfiles/
+static/
 
 # PyInstaller
 # Usually these files are written by a python script from a template

.vscode/settings.json

@@ -2,5 +2,7 @@
  "[python]": {
  "editor.defaultFormatter": "ms-python.python"
  },
- "python.formatting.provider": "none"
+ "python.formatting.provider": "none",
+ "python.analysis.typeCheckingMode": "off",
+ "python.analysis.autoImportCompletions": true
 }

CCPDController/authentication.py

@@ -1,34 +1,97 @@
 import jwt
-from rest_framework.authentication import get_authorization_header, TokenAuthentication
+from firebase_admin import auth
+from rest_framework.authentication import CSRFCheck, TokenAuthentication, BaseAuthentication
 from bson.objectid import ObjectId
 from django.conf import settings
-from rest_framework.exceptions import AuthenticationFailed
+from rest_framework.exceptions import AuthenticationFailed, PermissionDenied
 from CCPDController.utils import get_db_client
 
 # pymongo
 db = get_db_client()
 collection = db['User']
 
+# check for csrf token in request
+def enforce_csrf(request):
+ check = CSRFCheck(request)
+ check.process_request(request)
+ reason = check.process_view(request, None, (), {})
+ if reason:
+ raise PermissionDenied('CSRF Failed: %s' % reason)
+
 # customized authentication class used in settings
-class JWTAuthentication(TokenAuthentication): 
- def verifyToken(self, token):
+class JWTAuthentication(TokenAuthentication):
+ # run query against database to verify user info by querying user id
+ def authenticate_credentials(self, id):
+ # if id cannot convert into ObjectId, throw error
  try:
- # decode
- payload = jwt.decode(token, settings.SECRET_KEY)
- uid = ObjectId(payload['id'])
-
- print(token)
+ uid = ObjectId(id)
+ except:
+ raise AuthenticationFailed('Invalid ID')
+
+ # get only id status and role
+ user = collection.find_one({'_id': uid}, {'userActive': 1, 'role': 1})
+
+ # check user status
+ if not user:
+ raise AuthenticationFailed('User Not Found')
+ if user['userActive'] == False:
+ raise AuthenticationFailed('User Inactive')
+
+ # return type have to be tuple
+ return (user, user['role'])
+
+ # called everytime when accessing restricted router
+ def authenticate(self, request):
+ try:
+ # check for http-only cookies
+ raw_token = request.COOKIES.get('token') or None
+ if not raw_token:
+ raise AuthenticationFailed('No token provided')
 
- # query mongo db for user
- user = collection.find_one({'_id': uid})
-
- # expect errors
- except jwt.DecodeError:
+ # decode jwt and retrive user id
+ payload = jwt.decode(raw_token, settings.JWT_SECRET_KEY, algorithms='HS256')
+
+ except jwt.DecodeError or UnicodeError:
  raise AuthenticationFailed('Invalid token')
  except jwt.ExpiredSignatureError:
  raise AuthenticationFailed('Token has expired')
 
- # if not activate throw error
- if not user['userActive']:
- raise AuthenticationFailed('User inactive or deleted')
- return payload
+ # TODO
+ # check the reason why csrf token cannot be fetch on logout
+ # enforce_csrf(request)
+ return self.authenticate_credentials(payload['id'])
+
+class FirebaseAuthentication(BaseAuthentication):
+ def authenticate(self, request):
+ # read token in header
+ auth_header = request.META.get("HTTP_AUTHORIZATION")
+ if not auth_header:
+ print("No auth token provided")
+ raise PermissionDenied("No auth token provided")
+
+ # decode token
+ id_token = auth_header.split(" ").pop()
+ decoded_token = None
+ try:
+ decoded_token = auth.verify_id_token(id_token)
+ except Exception as e:
+ raise PermissionDenied("Invalid Auth Token")
+
+ if not id_token or not decoded_token:
+ return None
+
+ # pull user form mongo
+ user = collection.find_one(
+ {'email': decoded_token.get('email').lower()}, 
+ {'_id': 0, 'userActive': 1, 'role': 1}
+ )
+
+ # check user status
+ if not user:
+ raise PermissionDenied('User Not Found')
+ if user['userActive'] == False:
+ raise PermissionDenied('User Inactive')
+ uid = decoded_token.get("uid")
+ if not uid:
+ raise PermissionDenied("Firebase Server Error")
+ return (user, user['role'])

CCPDController/chat_gpt_utils.py

@@ -0,0 +1,159 @@
+# send 
+import os
+from openai import OpenAI
+from dotenv import load_dotenv
+load_dotenv()
+
+# chat gpt's natural language processing model engine's name & key
+model_engine = "gpt-3.5-turbo-instruct"
+client = OpenAI(api_key=os.getenv('OPENAI_API_KEY'))
+
+# short description (lead on auction flex max 40 char )
+def generate_title(title, template) -> str:
+ if template == '':
+ template = "You are an Auctioneer, based on the information, create a short product title. The character limit for the product title is 50 characters. " + title + "."
+ else:
+ template = template + ' ' + title
+
+ res = client.chat.completions.create(
+ messages=[
+ {
+ "role": "user",
+ "content": template,
+ }
+ ],
+ model="gpt-3.5-turbo",
+ max_tokens=40
+ )
+ return special_characters_convert_l(res.choices[0].message.content.strip())
+
+# full description
+def generate_description(condition, comment, description, template) -> str:
+ if template == '':
+ template = "Please generate a product description in the format '[Item Condition] - [Item information]', The character limit for Item information is 250 characters."
+
+ res = client.chat.completions.create(
+ messages=[
+ { "role": "user", "content": f"Item Condition: {condition}, {comment}." },
+ { "role": "user", "content": f"Item information: {description}." },
+ { 
+ "role": "user", 
+ "content": template 
+ },
+ ],
+ model="gpt-3.5-turbo",
+ max_tokens=100,
+ temperature=0.4
+ )
+
+ desc = res.choices[0].message.content.strip()
+ desc = desc.replace("SAME", "")
+ desc = desc.replace("SCANNED", "")
+ desc = desc.replace("ALL MAIN PARTS IN", "")
+ desc = special_characters_convert_d(desc)
+ return desc
+
+def special_characters_convert_d(description):
+ try:
+ if description[0] == '"' and description[-1] == '"':
+ description = description.strip()
+ description = description[1:-1]
+ except Exception as e:
+ print(e)
+ description = description.replace("°"," Degree ")
+ description = description.replace("™","")
+ description = description.replace("®","")
+ description = description.replace("©","")
+ description = description.replace("w/ ","With ")
+ description = description.replace("w/","With ")
+ description = description.replace("W/ ","With ")
+ description = description.replace("W/","With ")
+ description = description.replace("，",",")
+ description = description.replace("“",'"')
+ description = description.replace("”",'"')
+ description = description.replace("’’",'"')
+ description = description.replace("’","'")
+ description = description.replace("‘","'")
+ description = description.replace("″",'"')
+ description = description.replace("【","[")
+ description = description.replace("】","]")
+ description = description.replace("×","x")
+ description = description.replace("–","-")
+ description = description.replace("℉"," Fahrenheit scale ")
+ # description = description.replace(" "," ")
+ description = description.replace("Φ"," ")
+ description = description.replace("’","'")
+ description = description.replace('Additional Condition" - "',"")
+ description = description.replace("Additional Condition - ","")
+ description = description.replace("Additional Condition: ","")
+ description = description.replace("[Additional Condition] - ","")
+ description = description.replace("Item Info: ","")
+ description = description.replace("é","e")
+ description = description.replace("（","(")
+ description = description.replace("）",")")
+ description = description.replace("≤"," less than or equal than ")
+ description = description.replace("ӧ","o")
+ description = description.replace("ö","o")
+ description = description.replace("î","i")
+ description = description.replace('"Additional Condition" - ',"")
+ description = description.replace("150 Byte: ","")
+ description = description.replace("150 byte: ","")
+ description = description.replace("150 Byte - ","")
+ description = description.replace("150 byte - ","")
+ description = description.replace("[Additional Condition] ","")
+ description = description.replace("ñ","n")
+ description = description.replace("New - ","")
+ description = description.replace("[Item information]","")
+ description = description.replace("Item information: ","")
+ description = description.replace("²","^2")
+ description = description.replace("³","^3")
+ description = description.replace("à","a")
+ return description
+
+def special_characters_convert_l(lead):
+ try:
+ if lead[0] == '"' and lead[-1] == '"':
+ lead = lead.strip()
+ lead = lead[1:-1]
+ if "(" in lead:
+ index1 = lead.find("(")
+ index2 = lead.find(")")
+ leadH = lead[:index1]
+ leadB = lead[index2+1:]
+ lead = leadH + leadB
+ if "," in lead:
+ index3 = lead.find(",")
+ lead = lead[:index3]
+ except Exception as e:
+ print(e)
+ lead = lead.replace("°","Degree")
+ lead = lead.replace("™","")
+ lead = lead.replace("®","")
+ lead = lead.replace("©","")
+ lead = lead.replace("w/ ","With ")
+ lead = lead.replace("w/","With ")
+ lead = lead.replace("，",",")
+ lead = lead.replace("“",'"')
+ lead = lead.replace("”",'"')
+ lead = lead.replace("″",'"')
+ lead = lead.replace("’’",'"')
+ lead = lead.replace("’","'")
+ lead = lead.replace("‘","'")
+ lead = lead.replace("【","[")
+ lead = lead.replace("】","]")
+ lead = lead.replace("×","x")
+ lead = lead.replace("–","-")
+ lead = lead.replace("℉"," Fahrenheit scale")
+ lead = lead.replace(" "," ")
+ lead = lead.replace("Φ"," ")
+ lead = lead.replace("î","i")
+ lead = lead.replace("é","e")
+ lead = lead.replace("（","(")
+ lead = lead.replace("）",")")
+ lead = lead.replace("≤"," less than or equal than ")
+ lead = lead.replace("ӧ","o")
+ lead = lead.replace("ö","o")
+ lead = lead.replace("ñ","n")
+ lead = lead.replace("²"," Squared")
+ lead = lead.replace("à","a")
+ return lead

CCPDController/permissions.py

@@ -0,0 +1,50 @@
+from rest_framework import permissions
+from CCPDController.utils import get_db_client, getIsWorkingHourEST
+
+# pymongo
+db = get_db_client()
+collection = db['User']
+
+# user object will be pass into here from authentication 
+# request.auth = ROLE
+# request.user = {
+# '_id': ObjectId(xxx),
+# 'userActive': xxx,
+# 'role': xxx
+# }
+
+# QA personal permission
+class IsQAPermission(permissions.BasePermission):
+ message = 'Permission Denied, QAPersonal Only!'
+ def has_permission(self, request, view):
+ # if not in work hours, return false
+ if getIsWorkingHourEST() == False:
+ return False
+
+ # mongo db query
+ # grant if user is qa personal and user is active
+ if request.auth == 'QAPersonal' and bool(request.user['userActive']) == True:
+ return True
+
+# admin permission
+class IsAdminPermission(permissions.BasePermission):
+ message = 'Permission Denied, Admin Only!'
+ def has_permission(self, request, view):
+ if request.auth == 'Admin' and bool(request.user['userActive']) == True :
+ return True
+ elif request.auth == 'Super Admin':
+ return True
+
+class IsSuperAdminPermission(permissions.BasePermission):
+ message = 'Permission Denied, Super Admin Only!'
+ def has_permission(self, request, view):
+ if request.auth == 'Super Admin':
+ return True
+
+# user blocked by IP black list
+# class BlockedPermission(permissions.BasePermission):
+# message = 'You Are Blocked From Our Service'
+
+# def has_permission(self, request, view):
+# ipAddress = request.META['REMOTE_ADDR']
+