Sicherhaven/eventify_backend
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59 Commits 1 Branch 0 Tags
5a2752a2defc23354206739b7136f7ef35063461
Commit Graph

59 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eventify Deploy
5a2752a2de fix: security audit remediation — Django settings + payment gateway API 
- ALLOWED_HOSTS: wildcard replaced with explicit domain list (#15)
- CORS_ALLOWED_ORIGINS: added app.eventifyplus.com (#16)
- CSRF_TRUSTED_ORIGINS: added app.eventifyplus.com (#18)
- JWT ACCESS_TOKEN_LIFETIME: 1 day reduced to 30 minutes (#19)
- ROTATE_REFRESH_TOKENS enabled
- SECRET_KEY: removed unsafe fallback, crash on missing env var
- Added ActivePaymentGatewayView for dynamic gateway config (#1, #5, #20)
- Added PaymentGatewaySettingsView CRUD for admin panel

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 12:25:11 +00:00
Sicherhaven
b12f4952b3 fix: update admin_api migration dependency to existing events migration 
0001_initial was referencing events.0011_dashboard_indexes which no
longer exists as a file on disk (the DB has it applied but the file
was removed). Updated dependency to 0010_merge_20260324_1443 which
is the latest events migration file present, resolving the
NodeNotFoundError on management commands.
 2026-03-25 11:49:15 +05:30
Sicherhaven
ea378f19b1 refactor: migrate users to PostgreSQL, remove SQLite secondary DB 
Users have been migrated from eventify-django SQLite to eventify-backend
PostgreSQL. The temporary users_db workaround is no longer needed:

- settings.py: removed users_db SQLite secondary database config
- views.py: removed _user_db()/_user_qs() helpers; user views now query
  the default PostgreSQL directly with plain User.objects.filter()
- docker-compose.yml: SQLite read-only volume mount removed

All 27 users (25 non-superuser customers) now live in PostgreSQL.
 2026-03-25 11:43:12 +05:30
Sicherhaven
54aa7ce06e fix: read real users from eventify-django SQLite via secondary database 
The admin_api was querying eventify-backend's empty PostgreSQL. Real users
live in eventify-django's SQLite (db.sqlite3 on host). Fix:

- settings.py: auto-adds 'users_db' database config when users_db.sqlite3
  is mounted into the container (read-only volume in docker-compose)
- views.py: _user_db() helper selects the correct database alias;
  _user_qs() defers 'partner' field (absent from older SQLite schema)
- UserMetricsView, UserListView, UserDetailView, UserStatusView all use
  _user_qs() so they query the 25 real registered customers
 2026-03-25 11:38:03 +05:30
Sicherhaven
a3d1bbad30 fix: scope users API to end-users and tag new registrations as customers 
- UserListView and UserMetricsView now filter is_superuser=False so only
  end-user accounts appear in the admin Users page (not admin/staff)
- _serialize_user now returns avatarUrl from profile_picture field so the
  grid view renders profile images instead of broken img tags
- RegisterForm and WebRegisterForm now set is_customer=True and
  role='customer' on save so future registrants are correctly classified
 2026-03-25 11:10:29 +05:30
Eventify Deploy
54315408eb Phase 7: Reviews Moderation — Review model + migration + 4 admin endpoints (metrics, list, moderate, delete) 2026-03-25 02:46:50 +00:00
Eventify Deploy
3103eff949 Phase 6: Financials & Payouts — 4 new financial endpoints (metrics, transactions, settlements, release) 2026-03-24 19:05:33 +00:00
Eventify Deploy
bc0a9ad5c8 docs: beautify README with ASCII banner, badges, API reference, and architecture diagram 2026-03-24 18:47:15 +00:00
Eventify Deploy
d921dde598 Phase 5: Events Admin — 4 new event endpoints (stats, list, detail, moderate) 2026-03-24 18:42:15 +00:00
Eventify Deploy
54d31dd3b1 Phase 4: Users & RBAC — 4 new user endpoints (list, metrics, detail, status) 2026-03-24 18:26:55 +00:00
Ubuntu
cbe06e9c8f feat: Phase 3 - Partners API (5 endpoints + 2 helpers) 
- GET /api/v1/partners/stats/ - total, active, pendingKyc, highRisk counts
- GET /api/v1/partners/ - paginated list with status/kyc/type/search filters
- GET /api/v1/partners/:id/ - full detail with events, kycDocuments, dealTerms, ledger
- PATCH /api/v1/partners/:id/status/ - suspend/activate partner
- POST /api/v1/partners/:id/kyc/review/ - approve/reject KYC with reason

Helpers: _serialize_partner(), _partner_kyc_docs()
Status/KYC/type mapping: backend snake_case to frontend capitalised values
Risk score derived from kyc_compliance_status (high_risk=80, approved=5, etc.)
All views IsAuthenticated, models imported inside methods
 2026-03-24 18:11:33 +00:00
Ubuntu
b60d03142c feat: Phase 1+2 - JWT auth, dashboard metrics API, DB indexes 
Phase 1 - JWT Auth Foundation:
- Replace token auth with djangorestframework-simplejwt
- POST /api/v1/admin/auth/login/ - returns access + refresh JWT
- POST /api/v1/auth/refresh/ - JWT refresh
- GET /api/v1/auth/me/ - current admin profile
- GET /api/v1/health/ - DB health check
- Add ledger app to INSTALLED_APPS

Phase 2 - Dashboard Metrics API:
- GET /api/v1/dashboard/metrics/ - revenue, partners, events, tickets
- GET /api/v1/dashboard/revenue/ - 7-day revenue vs payouts chart data
- GET /api/v1/dashboard/activity/ - last 10 platform events feed
- GET /api/v1/dashboard/actions/ - KYC queue, flagged events, pending payouts

DB Indexes (dashboard query optimisation):
- RazorpayTransaction: status, captured_at
- Partner: status, kyc_compliance_status
- Event: event_status, start_date, created_date
- Booking: created_date
- PaymentTransaction: payment_type, payment_transaction_status, payment_transaction_date

Infra:
- Add Dockerfile for eventify-backend container
- Add simplejwt to requirements.txt
- All 4 dashboard views use IsAuthenticated permission class
 2026-03-24 17:46:41 +00:00
Ubuntu
37001f8e70 feat: add JWT auth foundation - /api/v1/ with admin login, refresh, me, health endpoints 
- Add djangorestframework-simplejwt==5.3.1 to requirements-docker.txt
- Configure REST_FRAMEWORK with JWTAuthentication and SIMPLE_JWT settings
- Create admin_api Django app with AdminLoginView, MeView, HealthView
- Wire /api/v1/ routes without touching existing /api/ mobile endpoints
- Resolve pre-existing events migration conflict (0010_merge)
- Superuser admin created for initial authentication
 2026-03-24 14:46:03 +00:00
Ubuntu
7bda3fd905 fix: correct dict key syntax in FeaturedEventsAPI and TopEventsAPI responses 2026-03-24 14:09:43 +00:00
Ubuntu
aaaab190da feat: add is_featured/is_top_event fields and API endpoints 
- Event model: added is_featured, is_top_event BooleanFields
- Migration 0007 applied to DB
- EventForm: checkboxes for both new fields
- EventAdmin: list_display, list_editable, list_filter for both flags
- FeaturedEventsAPI: POST /api/events/featured-events/ -> is_featured=True events
- TopEventsAPI: POST /api/events/top-events/ -> is_top_event=True events
 2026-03-24 14:09:43 +00:00
Vivek P Prakash
b54439a4c2 The changes for the new 2026-03-24 19:21:25 +05:30
Vivek P Prakash
c04395afc9 The new updates of partners and user 
Made-with: Cursor
 2026-03-15 00:29:17 +05:30
Vivek P Prakash
88b3aafb0b Refactor eventify urlpatterns to include new bookings endpoint 2026-01-28 16:52:06 +05:30
Vivek P Prakash
7fee636fca Add bookings URL path to eventify urlpatterns 2026-01-28 16:51:43 +05:30
Vivek
c43ea6b0c7 Update in the cor headers 2025-12-25 02:42:10 +05:30
Vivek
8488df7c14 Changes in the event model to take the event source 2025-12-20 04:05:07 +05:30
Vivek
2cd2c763f6 Update in the profile 2025-12-20 03:55:40 +05:30
Vivek
1d821bf981 Update in the event list 2025-12-20 03:53:31 +05:30
Vivek
1f9269467c Updates for the eventify model to enable teh all year event 2025-12-20 03:46:04 +05:30
Vivek
d1e618e06b Fixes for the icon in the eventtypes 2025-12-20 02:28:15 +05:30
Vivek
2d43d4b1e3 Update in the pincode-events 2025-12-20 01:42:25 +05:30
Vivek
5e4a1765de Update in the cors allowed origins 2025-12-20 01:37:36 +05:30
Vivek
689cedb3ff Update in the settings for the cors allowed origins 2025-12-19 21:48:51 +05:30
Vivek
bf75367d46 Update in the updateprofileview api 2025-12-19 20:46:11 +05:30
Vivek
d109df3973 Updates for the api and bug fixes 2025-12-19 19:35:38 +05:30
Vivek
105da4a876 Reverting back to admin pages as login and updates in the mobile api 2025-12-17 22:05:13 +05:30
Vivek
48c8abb366 Changes in the dashboard for the event images 2025-12-09 13:36:34 +05:30
Vivek
36e02cbf7e Changes in the dashboard for the event images 2025-12-09 13:30:55 +05:30
Vivek
24355ecdf5 The updates for the customer dashboard cum accounts 2025-12-09 03:59:57 +05:30
Vivek P Prakash
08a89a1212 Test for the uat db 2025-12-02 13:40:59 +05:30
Vivek P Prakash
d1ca2f9891 Mobile API Changes for the Events and event images 2025-12-02 02:59:41 +05:30
Vivek P Prakash
b2a2324c66 Mobile API Changes for the pincode events 2025-12-02 02:44:09 +05:30
Vivek P Prakash
d1c7042018 Updates for the event images 2025-12-01 05:38:08 +05:30
Vivek P Prakash
9dc99ede91 Updates for the event images 2025-12-01 05:37:09 +05:30
Vivek P Prakash
f436de0a73 Updates for the event images 2025-12-01 05:34:11 +05:30
Vivek P Prakash
b7327b7b47 Updates for the event images 2025-12-01 05:31:13 +05:30
Vivek P Prakash
66fa8e3e5e Updates for the event images 2025-12-01 05:27:43 +05:30
Vivek P Prakash
e297ee601f Updates for the event images 2025-12-01 05:25:54 +05:30
Vivek P Prakash
1aa5041c87 Updates for the event images 2025-12-01 05:24:25 +05:30
Vivek P Prakash
e208f682da Updates for the event images 2025-12-01 05:22:46 +05:30
Vivek P Prakash
fa77389c60 Updates for the event images 2025-12-01 05:20:39 +05:30
Vivek P Prakash
c059769ed5 Updates for the event images 2025-12-01 05:19:13 +05:30
Vivek P Prakash
1e08950e66 Updates for the event images 2025-12-01 05:17:57 +05:30
Vivek P Prakash
e6fba68fdd New views for the mobile api for the event images 2025-12-01 05:12:19 +05:30
Vivek P Prakash
264753d22d Changes in the event list template 2025-12-01 05:01:35 +05:30