Samir Boulahtit
ad28a8a9a3
- Use error_state macro in vendor dashboard instead of inline HTML - Add # authenticated marker to shop profile/addresses endpoints 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
162 lines
4.8 KiB
Python
162 lines
4.8 KiB
Python
# app/api/v1/shop/profile.py
|
|
"""
|
|
Shop Profile API (Customer authenticated)
|
|
|
|
Endpoints for managing customer profile in shop frontend.
|
|
Requires customer authentication.
|
|
"""
|
|
|
|
import logging
|
|
|
|
from fastapi import APIRouter, Depends
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.api.deps import get_current_customer_api
|
|
from app.core.database import get_db
|
|
from app.exceptions import ValidationException
|
|
from app.services.auth_service import AuthService
|
|
from app.services.customer_service import customer_service
|
|
from models.database.customer import Customer
|
|
from models.schema.customer import (
|
|
CustomerPasswordChange,
|
|
CustomerResponse,
|
|
CustomerUpdate,
|
|
)
|
|
|
|
# Auth service for password operations
|
|
auth_service = AuthService()
|
|
|
|
router = APIRouter()
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
@router.get("/profile", response_model=CustomerResponse) # authenticated
|
|
def get_profile(
|
|
customer: Customer = Depends(get_current_customer_api),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
"""
|
|
Get current customer profile.
|
|
|
|
Returns the authenticated customer's profile information.
|
|
"""
|
|
logger.debug(
|
|
f"[SHOP_API] get_profile for customer {customer.id}",
|
|
extra={
|
|
"customer_id": customer.id,
|
|
"email": customer.email,
|
|
},
|
|
)
|
|
|
|
return CustomerResponse.model_validate(customer)
|
|
|
|
|
|
@router.put("/profile", response_model=CustomerResponse)
|
|
def update_profile(
|
|
update_data: CustomerUpdate,
|
|
customer: Customer = Depends(get_current_customer_api),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
"""
|
|
Update current customer profile.
|
|
|
|
Allows updating profile fields like name, phone, marketing consent, etc.
|
|
Email changes require the new email to be unique within the vendor.
|
|
|
|
Request Body:
|
|
- email: New email address (optional)
|
|
- first_name: First name (optional)
|
|
- last_name: Last name (optional)
|
|
- phone: Phone number (optional)
|
|
- marketing_consent: Marketing consent (optional)
|
|
- preferred_language: Preferred language (optional)
|
|
"""
|
|
logger.debug(
|
|
f"[SHOP_API] update_profile for customer {customer.id}",
|
|
extra={
|
|
"customer_id": customer.id,
|
|
"email": customer.email,
|
|
"update_fields": [k for k, v in update_data.model_dump().items() if v is not None],
|
|
},
|
|
)
|
|
|
|
# If email is being changed, check uniqueness within vendor
|
|
if update_data.email and update_data.email != customer.email:
|
|
existing = customer_service.get_customer_by_email(
|
|
db, customer.vendor_id, update_data.email
|
|
)
|
|
if existing and existing.id != customer.id:
|
|
raise ValidationException("Email already in use")
|
|
|
|
# Update only provided fields
|
|
update_dict = update_data.model_dump(exclude_unset=True)
|
|
for field, value in update_dict.items():
|
|
if value is not None:
|
|
setattr(customer, field, value)
|
|
|
|
db.commit()
|
|
db.refresh(customer)
|
|
|
|
logger.info(
|
|
f"Customer {customer.id} updated profile",
|
|
extra={
|
|
"customer_id": customer.id,
|
|
"updated_fields": list(update_dict.keys()),
|
|
},
|
|
)
|
|
|
|
return CustomerResponse.model_validate(customer)
|
|
|
|
|
|
@router.put("/profile/password", response_model=dict)
|
|
def change_password(
|
|
password_data: CustomerPasswordChange,
|
|
customer: Customer = Depends(get_current_customer_api),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
"""
|
|
Change customer password.
|
|
|
|
Requires current password verification and matching new password confirmation.
|
|
|
|
Request Body:
|
|
- current_password: Current password
|
|
- new_password: New password (min 8 chars, must contain letter and digit)
|
|
- confirm_password: Confirmation of new password
|
|
"""
|
|
logger.debug(
|
|
f"[SHOP_API] change_password for customer {customer.id}",
|
|
extra={
|
|
"customer_id": customer.id,
|
|
"email": customer.email,
|
|
},
|
|
)
|
|
|
|
# Verify current password
|
|
if not auth_service.auth_manager.verify_password(
|
|
password_data.current_password, customer.hashed_password
|
|
):
|
|
raise ValidationException("Current password is incorrect")
|
|
|
|
# Verify passwords match
|
|
if password_data.new_password != password_data.confirm_password:
|
|
raise ValidationException("New passwords do not match")
|
|
|
|
# Check new password is different
|
|
if password_data.new_password == password_data.current_password:
|
|
raise ValidationException("New password must be different from current password")
|
|
|
|
# Update password
|
|
customer.hashed_password = auth_service.hash_password(password_data.new_password)
|
|
db.commit()
|
|
|
|
logger.info(
|
|
f"Customer {customer.id} changed password",
|
|
extra={
|
|
"customer_id": customer.id,
|
|
"email": customer.email,
|
|
},
|
|
)
|
|
|
|
return {"message": "Password changed successfully"}
|