validation for pos device - some changes in pos device models

Rasaddam_Backend/settings.py

@@ -106,7 +106,8 @@ MIDDLEWARE = [
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'apps.authentication.middlewares.BlockedTokenMiddleware',
     'crum.CurrentRequestUserMiddleware',
-    'apps.log.middlewares.SaveLog'
+    'apps.log.middlewares.SaveLog',
+    'apps.pos_device.middlewares.PosDeviceValidationMiddleware'
 ]
 
 ROOT_URLCONF = 'Rasaddam_Backend.urls'

apps/authentication/migrations/0033_organization_en_name_alter_organization_name.py

@@ -0,0 +1,23 @@
+# Generated by Django 5.0 on 2025-08-12 08:48
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0032_organization_has_pos'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='organization',
+            name='en_name',
+            field=models.CharField(max_length=150, null=True),
+        ),
+        migrations.AlterField(
+            model_name='organization',
+            name='name',
+            field=models.CharField(max_length=250, null=True),
+        ),
+    ]

apps/authentication/models.py

@@ -92,7 +92,8 @@ class OrganizationType(BaseModel):
 
 
 class Organization(BaseModel):
-    name = models.CharField(max_length=50)
+    name = models.CharField(max_length=250, null=True)
+    en_name = models.CharField(max_length=150, null=True)
     type = models.ForeignKey(
         'OrganizationType',
         on_delete=models.CASCADE,

apps/pos_device/middlewares.py

@@ -1,12 +1,27 @@
-from rest_framework.exceptions import APIException
+import traceback
 from django.utils.timezone import now
-
+from django.http import JsonResponse
-from apps.pos_device.models import DeviceVersion, ProviderCompany, Sessions
+from rest_framework import status
+from apps.pos_device.models import Sessions, DeviceVersion
+from apps.authentication.models import Organization
 
 
-class POSDeviceMiddleware:
+class POSDeviceException(Exception):
+    """Custom Exception for POS Validation"""
+    def __init__(self, message, code=400):
+        self.message = message
+        self.code = code
+        super().__init__(message)
+
+
+def get_client_ip(request):
+    forwarded = request.META.get('HTTP_X_FORWARDED_FOR')
+    return forwarded.split(',')[0] if forwarded else request.META.get('REMOTE_ADDR')
+
+
+class PosDeviceValidationMiddleware:
     REQUIRED_HEADERS = [
-        'device-id', 'device-mac', 'device-serial', 'device-name',
+        'device-mac', 'device-serial', 'device-name',
         'device-sdk', 'device-provider', 'device-version',
         'device-vname', 'device-lng', 'device-lot'  # noqa
     ]
@@ -14,18 +29,58 @@ class POSDeviceMiddleware:
     def __init__(self, get_response):
         self.get_response = get_response
 
-    def __call__(self, request, *args, **kwargs):
+    def __call__(self, request):
-        pass
+        try:
+            if request.path.startswith("/pos_device/pos/"):
+                self.validate_request(request)
 
-    def is_post_request(self, request):  # noqa
+            return self.get_response(request)
-        """ check if is pos request """
+        except POSDeviceException as e:
+            return JsonResponse({'message': e.message}, status=e.code)
 
-        has_device_headers = request.headers.get('device-id') and request.headers.get('device-mac')
+        # for response 500 errors in json format
-        is_pos_api_path = request.path.startswith('/api/pos/')
+        except Exception as e:
-        return has_device_headers or is_pos_api_path
+            if request.path.startswith('/pos_device/pos/'):
+                return JsonResponse(
+                    {"message": str(e), "traceback": traceback.format_exc()},
+                    status=500
+                )
+            raise
 
-    def validate_pos_request(self, request):
+    def validate_request(self, request):
-        """ validate request headers from pos device """
+        headers = request.headers.kiani
+        data = {key: headers.get(key) for key in self.REQUIRED_HEADERS}
 
-        data = {key: request.headers.get(key) for key in self.REQUIRED_HEADERS}
+        missing = [key for key, value in data.items() if not value]
+        if missing:
+            raise POSDeviceException(f'پارامترهای ارسالی ناقص هستند: {", ".join(missing)}')  # noqa
 
+        provider_name = data['device-provider']
+        organization = Organization.objects.filter(en_name=provider_name).first()  # noqa
+        if not organization:
+            raise POSDeviceException('شرکت پرداخت الکترونیک پشتیبانی نمی‌شود!', code=402)  # noqa
+        if not organization.active:
+            raise POSDeviceException('شرکت پرداخت الکترونیک مسدود شده است!', code=402)  # noqa
+
+        versions = DeviceVersion.objects.filter(organization=organization)
+        if not versions.exists():
+            raise POSDeviceException('هیچ نسخه‌ای برای این شرکت ثبت نشده است!', code=402)  # noqa
+
+        current_version = versions.filter(code=data['device-version']).first()
+        if not current_version or current_version.remove:
+            raise POSDeviceException(
+                f'نسخه {data["device-vname"]} منقضی شده است. لطفا بروزرسانی کنید.', code=402  # noqa
+            )
+
+        session = Sessions.objects.filter(
+            device__serial=data['device-serial'],
+            sdk=data['device-sdk']
+        ).first()
+
+        if session:
+            session.session_last_seen_date = now()
+            session.lng = data['device-lng']
+            session.lot = data['device-lot']
+            session.version = data['device-version']
+            session.ip = get_client_ip(request)
+            session.save()

apps/pos_device/migrations/0053_alter_deviceactivationcode_expires_at_and_more.py

@@ -0,0 +1,34 @@
+# Generated by Django 5.0 on 2025-08-12 08:48
+
+import datetime
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('pos_device', '0052_alter_deviceactivationcode_expires_at'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='deviceactivationcode',
+            name='expires_at',
+            field=models.DateTimeField(default=datetime.datetime(2025, 8, 12, 12, 18, 2, 264809)),
+        ),
+        migrations.AlterField(
+            model_name='sessions',
+            name='latitude',
+            field=models.FloatField(default=0),
+        ),
+        migrations.AlterField(
+            model_name='sessions',
+            name='longitude',
+            field=models.FloatField(default=0),
+        ),
+        migrations.AlterField(
+            model_name='sessions',
+            name='name',
+            field=models.CharField(max_length=250, null=True),
+        ),
+    ]

apps/pos_device/migrations/0054_alter_deviceactivationcode_expires_at.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.0 on 2025-08-12 08:50
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('pos_device', '0053_alter_deviceactivationcode_expires_at_and_more'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='deviceactivationcode',
+            name='expires_at',
+            field=models.DateTimeField(auto_now_add=True),
+        ),
+    ]

apps/pos_device/models.py

@@ -80,7 +80,7 @@ class DeviceActivationCode(BaseModel):
         null=True
     )
     code = models.CharField(max_length=10, null=True, unique=True)
-    expires_at = models.DateTimeField(default=datetime.datetime.now())
+    expires_at = models.DateTimeField(auto_now_add=True)
     is_used = models.BooleanField(default=False)
 
     def __str__(self):
@@ -123,15 +123,15 @@ class Sessions(BaseModel):
         related_name='devices',
         null=True
     )
-    name = models.CharField(max_length=125, null=True)
+    name = models.CharField(max_length=250, null=True)
     password = models.CharField(max_length=25, null=True)
     version = models.IntegerField(default=0)
     mac = models.CharField(max_length=50, null=True)
     ip = models.CharField(max_length=15, default='0.0.0.0')
     sdk = models.TextField(null=True)
     serial = models.TextField(null=True)
-    latitude = models.DecimalField(max_digits=20, decimal_places=10, null=True)
+    latitude = models.FloatField(default=0)
-    longitude = models.DecimalField(max_digits=20, decimal_places=10, null=True)
+    longitude = models.FloatField(default=0)
 
     def __str__(self):
         return f'Session: {self.name}-{self.version}-{self.id}'

apps/pos_device/pos/api/v1/urls.py

@@ -0,0 +1,10 @@
+from django.urls import path, include
+from rest_framework.routers import DefaultRouter
+from .viewsets.device import TestViewSet
+
+router = DefaultRouter()
+router.register('test', TestViewSet, basename='test')
+
+urlpatterns = [
+    path('v1/', include(router.urls))
+]

apps/pos_device/pos/api/v1/viewsets/device.py

@@ -0,0 +1,8 @@
+from rest_framework import viewsets
+from rest_framework.response import Response
+
+
+class TestViewSet(viewsets.ModelViewSet):
+
+    def list(self, request, *args, **kwargs):
+        return Response("Hello from the outsiiiiiiiiide")  # noqa

apps/pos_device/urls.py

@@ -1,5 +1,6 @@
 from django.urls import path, include
 
 urlpatterns = [
-    path('web/', include('apps.pos_device.web.api.v1.urls'))
+    path('web/', include('apps.pos_device.web.api.v1.urls')),
+    path('pos/', include('apps.pos_device.pos.api.v1.urls'))
 ]

apps/pos_device/web/api/v1/viewsets/device.py

@@ -121,7 +121,7 @@ class DeviceViewSet(viewsets.ModelViewSet, AdminFilterMixin):
     @transaction.atomic
     def psp_organizations(self, request):
         """ list of psp organizations """
-
+        print(request.path)
         organizations = Organization.objects.filter(type__key='PSP')
 
         # paginate devices