Introduce ExchangeTokenAPIView at /api/account/exchange-token/ to
exchange temporary tokens for a DRF auth token and minimal user
profile (id, fullname, email, avatar). Tokens are one-time use and
validated via OnlineClassTokenManager. Added serializer, view, URL,
and Swagger examples.
Update CourseOnlineClassTokenAPIView to return a fixed join URL:
https://imamjavad.newhorizonco.uk/join-class?token={TOKEN}&slug={SLUG}.
Store course_slug in token payload and remove redirect_path and the
_base_components helper. Examples and docs updated.
Docs: add CHANGELOG_EXCHANGE_TOKEN.md and exchange_token_api.md;
update online_class_entry_flow.md.
BREAKING CHANGE: exchange-token endpoint moved from
/api/courses/auth/exchange-token/ to /api/account/exchange-token/.
Response shape changed: adds token, user.id is numeric, user.name
renamed to user.fullname, user.role and user.is_admin removed.
Online token response now returns a fixed URL and includes course
slug. redirect_path support removed; clients must use the returned
token for subsequent requests.
- Created a new markdown file for the online class entry flow, detailing the process for obtaining and validating tokens for online classes.
- Added a new HTML file for the prayer times calculation guide, including detailed explanations, code examples, and styling.
- Updated the multilang JSON widget HTML and Python files to include additional spacing for readability.
- Implemented a new `OnlineClassTokenManager` class in the Redis utility module to handle the generation, storage, retrieval, and deletion of temporary tokens for online classes, including methods for building entry URLs.
- Introduced a new endpoint for web user registration at 'web/register/'.
- Created WebUserRegisterSerializer to handle user registration with email and password validation.
- Enhanced UserVerifyView to support password handling during user creation and verification.
- Enhanced UserVerifyView to set user passwords securely during account creation and takeover.
- Removed the use of unusable passwords, ensuring all users have functional passwords upon verification.
- Updated UserProfileSerializer to handle password updates securely by hashing new passwords.
- Modified UserVerifyView to improve user creation and account takeover logic, ensuring unusable passwords are set for new and converted guest accounts.
- Updated UserRegisterSerializer to make device_id write-only and handle its assignment during user creation.
- Implemented email normalization in UserRegisterSerializer, UserVerifySerializer, and UserLoginSerializer to ensure case-insensitive uniqueness.
- Refactored UserRecoverPasswordSerializer to validate email format without checking for database uniqueness.
- Modified the unique_together constraint for the User model to only require uniqueness on the email field, removing device_id from the constraints.
- Added a migration to apply this change to the database schema.
- Changed device_id field in UserRegisterSerializer to be optional.
- Updated UserVerifyView to handle device_id more gracefully, allowing for None values and adjusting user creation logic accordingly.
- Removed the API documentation README file as it is no longer needed.
- Added a new script to optimize Hadis transmitter chains, ensuring a maximum of 5 transmitters and exactly one gap.
- Enhanced the Hadis data seeding script for better performance with batch operations and duplicate checks.
- Updated utility functions to streamline thumbnail generation and improve code readability.
mortezaei
nwhco
alireza