added 4 endpoints to support merchant login

app/controllers/merchant_controller.py

@@ -83,7 +83,7 @@ async def get_otps(key: str = Query(..., description="The email or mobile number
         logger.info("Retrieving OTP for key: %s", key)
 
         # Retrieve OTP from Redis
-        otp_data = await get_otp_from_cache(key)
+        otp_data = await get_otp_from_cache(f"otp:reg:{key}")
         if not otp_data:
             raise HTTPException(status_code=404, detail="OTP not found or expired")
 

app/controllers/merchant_login_controller.py

@@ -0,0 +1,104 @@
+from app.services.merchant_services import (
+    generate_login_otp_service,
+    login_service,
+    refresh_token_service,
+    logout_service,
+)
+from fastapi.security import OAuth2PasswordRequestForm
+from fastapi import APIRouter, HTTPException, Query, Depends, status, Body
+import logging
+
+# Initialize router and logger
+router = APIRouter(prefix="/merchant")
+logger = logging.getLogger(__name__)
+
+@router.post("/login/otp")
+async def generate_login_otp(identifier: str = Body(..., description="Email or Mobile number")):
+    """
+    Generate and send login OTP to the provided email or mobile number.
+
+    Args:
+        identifier (str): Email or mobile number.
+
+    Returns:
+        dict: Confirmation message indicating OTP has been sent.
+    """
+    try:
+        result = await generate_login_otp_service(identifier)
+        return result
+    except HTTPException as e:
+        logger.error("Failed to generate login OTP: %s", e.detail)
+        raise e
+    except Exception as e:
+        logger.error("Unexpected error while generating login OTP: %s", e)
+        raise HTTPException(status_code=500, detail="Failed to generate login OTP") from e
+
+
+@router.post("/login")
+async def login(user: OAuth2PasswordRequestForm = Depends()):
+    """
+    Login using email/mobile and OTP.
+
+    Args:
+        user (OAuth2PasswordRequestForm): Contains username (email/mobile) and password (OTP).
+
+    Returns:
+        dict: Access and refresh tokens.
+    """
+    try:
+        result = await login_service(user.username, user.password)
+        return result
+    except HTTPException as e:
+        logger.error("Login failed: %s", e.detail)
+        raise e
+    except Exception as e:
+        logger.error("Unexpected error during login: %s", e)
+        raise HTTPException(status_code=500, detail="Login failed") from e
+
+
+@router.post("/token/refresh")
+async def refresh_token(
+    identifier: str = Body(..., description="Email or Mobile number"),
+    refresh_token: str = Body(..., description="Refresh token")
+):
+    """
+    Refresh access and refresh tokens.
+
+    Args:
+        identifier (str): Email or mobile number.
+        refresh_token (str): The refresh token.
+
+    Returns:
+        dict: New access and refresh tokens.
+    """
+    try:
+        result = await refresh_token_service(identifier, refresh_token)
+        return result
+    except HTTPException as e:
+        logger.error("Failed to refresh token for identifier %s: %s", identifier, e.detail)
+        raise e
+    except Exception as e:
+        logger.error("Unexpected error while refreshing token for identifier %s: %s", identifier, e)
+        raise HTTPException(status_code=500, detail="Failed to refresh token") from e
+
+
+@router.post("/logout")
+async def logout(identifier: str = Body(..., description="Email or Mobile number")):
+    """
+    Logout the user by invalidating access and refresh tokens.
+
+    Args:
+        identifier (str): Email or mobile number.
+
+    Returns:
+        dict: Confirmation message.
+    """
+    try:
+        result = await logout_service(identifier)
+        return result
+    except HTTPException as e:
+        logger.error("Failed to logout: %s", e.detail)
+        raise e
+    except Exception as e:
+        logger.error("Unexpected error during logout: %s", e)
+        raise HTTPException(status_code=500, detail="Failed to logout") from e

app/repositories/cache_repository.py

@@ -16,7 +16,7 @@ async def get_otp(key: str) -> dict:
     """
     try:
         # Construct the Redis key
-        redis_key = f"otp:{key}"
+        redis_key = f"{key}"
         
         # Retrieve the value from Redis
         value = await redis_client.get(redis_key)
@@ -42,7 +42,7 @@ async def set_otp(key: str, otp_data: dict):
     """
     try:
         # Construct the Redis key
-        redis_key = f"otp:{key}"
+        redis_key = f"{key}"
         
         # Extract expiry duration in seconds
         expiry_duration = otp_data.get("expiry_duration", 15 * 60)  # Default to 15 minutes if not provided
@@ -52,4 +52,26 @@ async def set_otp(key: str, otp_data: dict):
     except Exception as e:
         # Log the error and re-raise it
         logger.error(f"Failed to store OTP for key {key}: {e}")
+        raise
+
+async def delete_cache(key: str) -> None:
+    """
+    Delete a key from Redis.
+
+    Args:
+        key (str): The key to delete from the cache.
+
+    Returns:
+        None
+    """
+    try:
+        # Construct the Redis key
+        redis_key = f"{key}"
+        
+        # Delete the key from Redis
+        await redis_client.delete(redis_key)
+        logger.info(f"Successfully deleted key {redis_key} from cache.")
+    except Exception as e:
+        # Log the error and re-raise it
+        logger.error(f"Failed to delete key {key} from cache: {e}")
         raise

app/routers/router.py

@@ -1,7 +1,9 @@
 from fastapi import APIRouter
 from app.controllers.customer_controller import router as customer
 from app.controllers.merchant_controller import router as merchant
+from app.controllers.merchant_login_controller import router as merchant_login
 
 router = APIRouter()
 router.include_router(customer, prefix="", tags=["Customer"])
-router.include_router(merchant, prefix="", tags=["Merchant"])
+router.include_router(merchant, prefix="", tags=["Merchant"])
+router.include_router(merchant_login, prefix="", tags=["Merchant Login"])

app/services/merchant_services.py

@@ -1,11 +1,11 @@
+import logging
+import random   
+from fastapi import HTTPException
 from app.models.merchant import MerchantRegister
 from app.repositories.db_repository import save_merchant, get_merchant_by_name, get_merchant_by_email, get_merchant_by_mobile
 from app.utils.merchant_utils import generate_tenant_id
-from app.utils.auth_utils import validate_email, validate_mobile
-from app.repositories.cache_repository import get_otp, set_otp  
-import logging
-import random   
-
+from app.utils.auth_utils import validate_email, validate_mobile, generate_tokens
+from app.repositories.cache_repository import get_otp, set_otp, delete_cache
 
 logger = logging.getLogger(__name__)
 
@@ -62,8 +62,8 @@ async def send_sms_email_verification(email: str, mobile: str):
     # Generate a 6-digit OTP
     otp = ''.join(random.choices("0123456789", k=6))    
     # Store OTP in cache with a 15-minute expiry
-    await set_otp(email, {"otp": otp, "expiry_duration": 15 * 60})  # 15 minutes in seconds
-    await set_otp(mobile, {"otp": otp, "expiry_duration": 15 * 60})  # 15 minutes in seconds
+    await set_otp(f"otp:reg:{email}", {"otp": otp, "expiry_duration": 15 * 60})  # 15 minutes in seconds
+    await set_otp(f"otp:reg:{mobile}", {"otp": otp, "expiry_duration": 15 * 60})  # 15 minutes in seconds
     # Send the OTP to the email address 
     # (You would typically use an email service here)
     # For demonstration, we'll just log the OTP    
@@ -83,8 +83,8 @@ async def verify_otp_and_save_merchant(merchant: MerchantRegister) -> dict:
     errors = []
 
     # Retrieve OTPs from cache
-    email_otp_data = await get_otp_from_cache(merchant.email)
-    mobile_otp_data = await get_otp_from_cache(merchant.mobile)
+    email_otp_data = await get_otp(f"otp:reg:{merchant.email}")
+    mobile_otp_data = await get_otp(f"otp:reg:{merchant.mobile}")
 
     # Verify email OTP
     email_verified = email_otp_data and email_otp_data["otp"] == merchant.email_ver_code
@@ -143,12 +143,114 @@ async def generate_and_send_otp(email: str, mobile: str) -> None:
         otp = ''.join(random.choices("0123456789", k=6))
 
         # Store OTP in cache with a 15-minute expiry
-        await set_otp(email, {"otp": otp, "expiry_duration": 15 * 60})  # 15 minutes in seconds
-        await set_otp(mobile, {"otp": otp, "expiry_duration": 15 * 60})
+        await set_otp(f"otp:reg:{email}", {"otp": otp, "expiry_duration": 15 * 60})  # 15 minutes in seconds
+        await set_otp(f"otp:reg:{mobile}", {"otp": otp, "expiry_duration": 15 * 60})
 
         # Log the OTP generation
         logger.info("Generated OTP for %s & %s: %s", email, mobile, otp)
 
     except Exception as e:
         logger.error("Failed to generate and send OTP for %s, %s: %s", email, mobile, e)
-        raise
+        raise
+    
+async def generate_login_otp_service(identifier: str) -> dict:
+    """
+    Generate and send login OTP to email or mobile after validating the identifier.
+
+    Args:
+        identifier (str): Email or mobile number.
+
+    Returns:
+        dict: Confirmation message or error message.
+    """
+    try:
+        # Determine if the identifier is an email or mobile number
+        if "@" in identifier:
+            # Check if the email exists in the database
+            merchant = await get_merchant_by_email(identifier)
+            if not merchant:
+                raise HTTPException(status_code=404, detail="Email not registered as a valid merchant")
+        else:
+            # Check if the mobile number exists in the database
+            merchant = await get_merchant_by_mobile(identifier)
+            if not merchant:
+                raise HTTPException(status_code=404, detail="Mobile number not registered as a valid merchant")
+
+        # Generate a 6-digit OTP
+        otp = ''.join(random.choices("0123456789", k=6))
+
+        # Store OTP in cache with a 3-minute expiry
+        await set_otp(f"otp:login:{identifier}", {"otp": otp, "expiry_duration": 3 * 60})  # 3 minutes
+
+        # Simulate sending OTP (replace with actual email/SMS service)
+        if "@" in identifier:
+            logger.info("Sending OTP to email: %s", identifier)
+        else:
+            logger.info("Sending OTP to mobile: %s", identifier)
+
+        return {"message": "OTP sent successfully to the provided identifier."}
+
+    except HTTPException as e:
+        logger.error("Failed to generate login OTP for identifier %s: %s", identifier, e.detail)
+        raise e
+    except Exception as e:
+        logger.error("Unexpected error while generating login OTP for identifier %s: %s", identifier, e)
+        raise HTTPException(status_code=500, detail="Failed to generate login OTP") from e
+
+async def login_service(identifier: str, otp: str) -> dict:
+    """
+    Verify OTP and generate access and refresh tokens.
+
+    Args:
+        identifier (str): Email or mobile number.
+        otp (str): OTP entered by the user.
+
+    Returns:
+        dict: Access and refresh tokens.
+    """
+    otp_data = await get_otp(f"otp:login:{identifier}")
+    if not otp_data or otp_data.get("otp") != otp:
+        raise HTTPException(status_code=400, detail="Invalid or expired OTP")
+    # Generate tokens
+    tokens = generate_tokens(identifier)
+    
+    await set_otp(f"token:login:access:{identifier}", {"access_token": tokens['access_token'], "expiry_duration": 30 * 60}) # 30 minutes
+    await set_otp(f"token:login:refresh:{identifier}", {"refresh_token": tokens['refresh_token'], "expiry_duration": 1 * 24 * 60 * 60})# 1day
+    
+    return tokens
+
+async def refresh_token_service(identifier: str, refresh_token: str) -> dict:
+    """
+    Refresh access and refresh tokens.
+
+    Args:
+        identifier (str): Email or mobile number.
+
+    Returns:
+        dict: New access and refresh tokens.
+    """
+    token_data = await get_otp(f"token:login:refresh:{identifier}")
+    
+    if not token_data or token_data["refresh_token"] != refresh_token:
+        raise HTTPException(status_code=400, detail="Invalid or expired refresh token")
+   
+    tokens = generate_tokens(identifier)
+    await set_otp(f"token:login:access:{identifier}", {"access_token": tokens['access_token'], "expiry_duration": 30 * 60}) # 30 minutes
+    await set_otp(f"token:login:refresh:{identifier}", {"refresh_token": tokens['refresh_token'], "expiry_duration": 1 * 24 * 60 * 60})# 1day
+    
+    return tokens
+
+async def logout_service(identifier: str) -> dict:
+    """
+    Invalidate access and refresh tokens.
+
+    Args:
+        identifier (str): Email or mobile number.
+
+    Returns:
+        dict: Confirmation message.
+    """    
+    await delete_cache(f"token:login:access:{identifier}")
+    await delete_cache(f"token:login:refresh:{identifier}")
+    
+    return {"message": "Successfully logged out."}

app/utils/auth_utils.py

@@ -1,5 +1,11 @@
 import re
 import logging
+from fastapi import HTTPException
+from jose import JWTError, jwt
+from datetime import datetime, timedelta
+
+SECRET_KEY = "B@@kMy$er^!(e"
+ALGORITHM = "HS256"
 
 def validate_email(email: str) -> bool:
     """
@@ -24,4 +30,40 @@ def validate_mobile(mobile: str) -> bool:
     Returns:
         bool: True if valid, False otherwise.
     """
-    return mobile.isdigit() and len(mobile) == 10
+    return mobile.isdigit() and len(mobile) == 10
+
+def generate_tokens(identifier: str) -> dict:
+    """
+    Generate access and refresh tokens.
+
+    Args:
+        identifier (str): Email or mobile number.
+
+    Returns:
+        dict: Access and refresh tokens.
+    """
+    access_token_expiry = datetime.utcnow() + timedelta(minutes=30)
+    refresh_token_expiry = datetime.utcnow() + timedelta(days=1)
+
+    access_token = jwt.encode({"sub": identifier, "exp": access_token_expiry}, SECRET_KEY, algorithm=ALGORITHM)
+    refresh_token = jwt.encode({"sub": identifier, "exp": refresh_token_expiry}, SECRET_KEY, algorithm=ALGORITHM)
+
+    return {"access_token": access_token, "refresh_token": refresh_token, "token_type": "bearer"}
+
+
+def verify_token(token: str) -> dict:
+    """
+    Verify and decode a JWT token.
+
+    Args:
+        token (str): The JWT token.
+
+    Returns:
+        dict: Decoded token data.
+    """
+    try:
+        return jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+    except jwt.ExpiredSignatureError:
+        raise HTTPException(status_code=401, detail="Token has expired")
+    except jwt.InvalidTokenError:
+        raise HTTPException(status_code=401, detail="Invalid token")

requirements.txt

@@ -9,4 +9,5 @@ python-jose
 passlib
 python-multipart
 bcrypt
-nanoid
+nanoid
+jose