Spaces:

Shyamnath
/

tableeee-v3

Sleeping

App Files Files Community

tableeee-v3 / app /routers /customer.py

Shyamnath

feat(core): implement unified database with multi-hotel support and session management

90537f3 4 months ago

raw

history blame contribute delete

25.5 kB

	from fastapi import APIRouter, Depends, HTTPException, Request, status, Query
	from sqlalchemy.orm import Session
	from typing import List, Dict, Any
	import uuid
	from datetime import datetime, timezone, timedelta

	from ..database import get_db, Dish, Order, OrderItem, Person, get_session_db, get_hotel_id_from_request
	from ..models.dish import Dish as DishModel
	from ..models.order import OrderCreate, Order as OrderModel
	from ..models.user import (
	PersonCreate,
	PersonLogin,
	Person as PersonModel,
	PhoneAuthRequest,
	PhoneVerifyRequest,
	UsernameRequest
	)
	from ..services import firebase_auth
	from ..middleware import get_session_id

	# Demo mode configuration
	DEMO_MODE_ENABLED = True # Set to False to disable demo mode
	DEMO_CUSTOMER_ID = 999999
	DEMO_CUSTOMER_USERNAME = "Demo Customer"
	DEMO_CUSTOMER_PHONE = "+91-DEMO-USER"

	router = APIRouter(
	prefix="/customer",
	tags=["customer"],
	responses={404: {"description": "Not found"}},
	)


	# Dependency to get session-aware database
	def get_session_database(request: Request):
	session_id = get_session_id(request)
	return next(get_session_db(session_id))


	# Demo mode endpoint - creates or returns demo customer
	@router.post("/api/demo-login", response_model=Dict[str, Any])
	def demo_login(request: Request, db: Session = Depends(get_session_database)):
	"""
	Demo mode login - bypasses authentication and returns a demo customer
	"""
	if not DEMO_MODE_ENABLED:
	raise HTTPException(
	status_code=status.HTTP_403_FORBIDDEN,
	detail="Demo mode is disabled"
	)

	hotel_id = get_hotel_id_from_request(request)

	# Check if demo customer already exists for this hotel
	demo_user = db.query(Person).filter(
	Person.hotel_id == hotel_id,
	Person.id == DEMO_CUSTOMER_ID
	).first()

	if not demo_user:
	# Create demo customer
	demo_user = Person(
	id=DEMO_CUSTOMER_ID,
	hotel_id=hotel_id,
	username=DEMO_CUSTOMER_USERNAME,
	password="demo", # Demo password
	phone_number=DEMO_CUSTOMER_PHONE,
	visit_count=5, # Show as returning customer
	last_visit=datetime.now(timezone.utc),
	created_at=datetime.now(timezone.utc)
	)
	db.add(demo_user)
	db.commit()
	db.refresh(demo_user)
	else:
	# Update last visit time
	demo_user.last_visit = datetime.now(timezone.utc)
	db.commit()

	return {
	"success": True,
	"message": "Demo login successful",
	"user_exists": True,
	"user_id": demo_user.id,
	"username": demo_user.username,
	"demo_mode": True
	}


	# Get all dishes for menu (only visible ones)
	@router.get("/api/menu", response_model=List[DishModel])
	def get_menu(request: Request, category: str = None, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)

	if category:
	# Filter dishes that contain the specified category in their JSON array
	import json
	all_dishes = db.query(Dish).filter(
	Dish.hotel_id == hotel_id,
	Dish.visibility == 1
	).all()

	filtered_dishes = []
	for dish in all_dishes:
	try:
	dish_categories = json.loads(dish.category) if dish.category else []
	if isinstance(dish_categories, list) and category in dish_categories:
	filtered_dishes.append(dish)
	elif isinstance(dish_categories, str) and dish_categories == category:
	filtered_dishes.append(dish)
	except (json.JSONDecodeError, TypeError):
	# Backward compatibility: treat as single category
	if dish.category == category:
	filtered_dishes.append(dish)

	return filtered_dishes
	else:
	dishes = db.query(Dish).filter(
	Dish.hotel_id == hotel_id,
	Dish.visibility == 1
	).all()
	return dishes


	# Get offer dishes (only visible ones)
	@router.get("/api/offers", response_model=List[DishModel])
	def get_offers(request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)
	dishes = db.query(Dish).filter(
	Dish.hotel_id == hotel_id,
	Dish.is_offer == 1,
	Dish.visibility == 1
	).all()
	return dishes


	# Get special dishes (only visible ones)
	@router.get("/api/specials", response_model=List[DishModel])
	def get_specials(request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)
	dishes = db.query(Dish).filter(
	Dish.hotel_id == hotel_id,
	Dish.is_special == 1,
	Dish.visibility == 1
	).all()
	return dishes


	# Get all dish categories (only from visible dishes)
	@router.get("/api/categories")
	def get_categories(request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)
	categories = db.query(Dish.category).filter(
	Dish.hotel_id == hotel_id,
	Dish.visibility == 1
	).distinct().all()

	# Parse JSON categories and flatten them
	import json
	unique_categories = set()

	for category_tuple in categories:
	category_str = category_tuple[0]
	if category_str:
	try:
	# Try to parse as JSON array
	category_list = json.loads(category_str)
	if isinstance(category_list, list):
	unique_categories.update(category_list)
	else:
	unique_categories.add(category_str)
	except (json.JSONDecodeError, TypeError):
	# If not JSON, treat as single category
	unique_categories.add(category_str)

	return sorted(list(unique_categories))


	# Register a new user or update existing user
	@router.post("/api/register", response_model=PersonModel)
	def register_user(user: PersonCreate, request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)

	# Check if user already exists for this hotel
	db_user = db.query(Person).filter(
	Person.hotel_id == hotel_id,
	Person.username == user.username
	).first()

	if db_user:
	# Update existing user's last visit time (visit count updated only when order is placed)
	db_user.last_visit = datetime.now(timezone.utc)
	db.commit()
	db.refresh(db_user)
	return db_user
	else:
	# Create new user (visit count will be incremented when first order is placed)
	db_user = Person(
	hotel_id=hotel_id,
	username=user.username,
	password=user.password, # In a real app, you should hash this password
	visit_count=0,
	last_visit=datetime.now(timezone.utc),
	)
	db.add(db_user)
	db.commit()
	db.refresh(db_user)
	return db_user


	# Login user
	@router.post("/api/login", response_model=Dict[str, Any])
	def login_user(user_data: PersonLogin, request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)

	# Find user by username for this hotel
	db_user = db.query(Person).filter(
	Person.hotel_id == hotel_id,
	Person.username == user_data.username
	).first()

	if not db_user:
	raise HTTPException(
	status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid username"
	)

	# Check password (in a real app, you would verify hashed passwords)
	if db_user.password != user_data.password:
	raise HTTPException(
	status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid password"
	)

	# Update last visit time (but not visit count - that's only updated when order is placed)
	db_user.last_visit = datetime.now(timezone.utc)
	db.commit()

	# Return user info and a success message
	return {
	"user": {
	"id": db_user.id,
	"username": db_user.username,
	"visit_count": db_user.visit_count,
	},
	"message": "Login successful",
	}


	# Create new order
	@router.post("/api/orders", response_model=OrderModel)
	def create_order(
	order: OrderCreate, request: Request, person_id: int = Query(None), db: Session = Depends(get_session_database)
	):
	hotel_id = get_hotel_id_from_request(request)

	# If person_id is not provided but we have a username/password, try to find or create the user
	if not person_id and hasattr(order, "username") and hasattr(order, "password"):
	# Check if user exists for this hotel
	db_user = db.query(Person).filter(
	Person.hotel_id == hotel_id,
	Person.username == order.username
	).first()

	if db_user:
	# Update existing user's visit count
	db_user.visit_count += 1
	db_user.last_visit = datetime.now(timezone.utc)
	db.commit()
	person_id = db_user.id
	else:
	# Create new user (visit count starts at 1 since they're placing their first order)
	db_user = Person(
	hotel_id=hotel_id,
	username=order.username,
	password=order.password,
	visit_count=1,
	last_visit=datetime.now(timezone.utc),
	)
	db.add(db_user)
	db.commit()
	db.refresh(db_user)
	person_id = db_user.id
	elif person_id:
	# If person_id is provided (normal flow), increment visit count for that user
	db_user = db.query(Person).filter(
	Person.hotel_id == hotel_id,
	Person.id == person_id
	).first()
	if db_user:
	db_user.visit_count += 1
	db_user.last_visit = datetime.now(timezone.utc)
	db.commit()

	# Create order
	db_order = Order(
	hotel_id=hotel_id,
	table_number=order.table_number,
	unique_id=order.unique_id,
	person_id=person_id, # Link order to person if provided
	status="pending",
	)
	db.add(db_order)
	db.commit()
	db.refresh(db_order)

	# Mark the table as occupied
	from ..database import Table

	db_table = db.query(Table).filter(
	Table.hotel_id == hotel_id,
	Table.table_number == order.table_number
	).first()
	if db_table:
	db_table.is_occupied = True
	db_table.current_order_id = db_order.id
	db.commit()

	# Create order items
	for item in order.items:
	# Get the dish to include its information and verify it belongs to this hotel
	dish = db.query(Dish).filter(
	Dish.hotel_id == hotel_id,
	Dish.id == item.dish_id
	).first()
	if not dish:
	continue # Skip if dish doesn't exist or doesn't belong to this hotel

	db_item = OrderItem(
	hotel_id=hotel_id,
	order_id=db_order.id,
	dish_id=item.dish_id,
	quantity=item.quantity,
	price=dish.price, # Store price at time of order
	remarks=item.remarks,
	)
	db.add(db_item)

	db.commit()
	db.refresh(db_order)

	return db_order


	# Get order status
	@router.get("/api/orders/{order_id}", response_model=OrderModel)
	def get_order(order_id: int, request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)

	# Use joinedload to load the dish relationship for each order item
	order = db.query(Order).filter(
	Order.hotel_id == hotel_id,
	Order.id == order_id
	).first()
	if order is None:
	raise HTTPException(status_code=404, detail="Order not found")

	# Explicitly load dish information for each order item
	for item in order.items:
	if not hasattr(item, "dish") or item.dish is None:
	dish = db.query(Dish).filter(
	Dish.hotel_id == hotel_id,
	Dish.id == item.dish_id
	).first()
	if dish:
	item.dish = dish

	return order


	# Get orders by person_id
	@router.get("/api/person/{person_id}/orders", response_model=List[OrderModel])
	def get_person_orders(person_id: int, request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)

	# Get all orders for a specific person in this hotel
	orders = (
	db.query(Order)
	.filter(
	Order.hotel_id == hotel_id,
	Order.person_id == person_id
	)
	.order_by(Order.created_at.desc())
	.all()
	)

	# Explicitly load dish information for each order item
	for order in orders:
	for item in order.items:
	if not hasattr(item, "dish") or item.dish is None:
	dish = db.query(Dish).filter(
	Dish.hotel_id == hotel_id,
	Dish.id == item.dish_id
	).first()
	if dish:
	item.dish = dish

	return orders


	# Request payment for order
	@router.put("/api/orders/{order_id}/payment")
	def request_payment(order_id: int, request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)

	try:
	# Check if order exists and is not already paid
	db_order = db.query(Order).filter(
	Order.hotel_id == hotel_id,
	Order.id == order_id
	).first()
	if db_order is None:
	raise HTTPException(status_code=404, detail="Order not found")

	# Check if order is already paid
	if db_order.status == "paid":
	return {"message": "Order is already paid"}

	# Check if order is completed (ready for payment)
	if db_order.status != "completed":
	raise HTTPException(
	status_code=400,
	detail="Order must be completed before payment can be processed"
	)

	# Calculate order totals and apply discounts
	from ..database import LoyaltyProgram, SelectionOffer, Person

	# Calculate subtotal from order items
	subtotal = 0
	for item in db_order.items:
	if item.dish:
	subtotal += item.dish.price * item.quantity

	# Initialize discount amounts
	loyalty_discount_amount = 0
	loyalty_discount_percentage = 0
	selection_offer_discount_amount = 0

	# Apply loyalty discount if customer is registered
	if db_order.person_id:
	person = db.query(Person).filter(Person.id == db_order.person_id).first()
	if person:
	# Get applicable loyalty discount
	loyalty_tier = (
	db.query(LoyaltyProgram)
	.filter(
	LoyaltyProgram.hotel_id == hotel_id,
	LoyaltyProgram.visit_count == person.visit_count,
	LoyaltyProgram.is_active == True,
	)
	.first()
	)

	if loyalty_tier:
	loyalty_discount_percentage = loyalty_tier.discount_percentage
	loyalty_discount_amount = subtotal * (loyalty_discount_percentage / 100)

	# Apply selection offer discount
	selection_offer = (
	db.query(SelectionOffer)
	.filter(
	SelectionOffer.hotel_id == hotel_id,
	SelectionOffer.min_amount <= subtotal,
	SelectionOffer.is_active == True,
	)
	.order_by(SelectionOffer.min_amount.desc())
	.first()
	)

	if selection_offer:
	selection_offer_discount_amount = selection_offer.discount_amount

	# Calculate final total after discounts
	final_total = subtotal - loyalty_discount_amount - selection_offer_discount_amount

	# Ensure final total is not negative
	final_total = max(0, final_total)

	# Update order with calculated amounts
	db_order.status = "paid"
	db_order.subtotal_amount = subtotal
	db_order.loyalty_discount_amount = loyalty_discount_amount
	db_order.loyalty_discount_percentage = loyalty_discount_percentage
	db_order.selection_offer_discount_amount = selection_offer_discount_amount
	db_order.total_amount = final_total
	db_order.updated_at = datetime.now(timezone.utc)

	# Check if this is the last unpaid order for this table
	from ..database import Table

	# Get all orders for this table that are not paid
	table_unpaid_orders = db.query(Order).filter(
	Order.table_number == db_order.table_number,
	Order.status != "paid",
	Order.status != "cancelled"
	).all()

	# If this is the only unpaid order, mark table as free
	if len(table_unpaid_orders) == 1 and table_unpaid_orders[0].id == order_id:
	db_table = db.query(Table).filter(Table.table_number == db_order.table_number).first()
	if db_table:
	db_table.is_occupied = False
	db_table.current_order_id = None
	db_table.updated_at = datetime.now(timezone.utc)

	# Commit the transaction
	db.commit()
	db.refresh(db_order)

	return {"message": "Payment completed successfully", "order_id": order_id}

	except HTTPException:
	# Re-raise HTTP exceptions
	db.rollback()
	raise
	except Exception as e:
	# Handle any other exceptions
	db.rollback()
	print(f"Error processing payment for order {order_id}: {str(e)}")
	raise HTTPException(
	status_code=500,
	detail=f"Error processing payment: {str(e)}"
	)


	# Cancel order
	@router.put("/api/orders/{order_id}/cancel")
	def cancel_order(order_id: int, request: Request, db: Session = Depends(get_session_database)):
	hotel_id = get_hotel_id_from_request(request)

	db_order = db.query(Order).filter(
	Order.hotel_id == hotel_id,
	Order.id == order_id
	).first()
	if db_order is None:
	raise HTTPException(status_code=404, detail="Order not found")

	# Check if order is in pending status (not accepted or completed)
	if db_order.status != "pending":
	raise HTTPException(
	status_code=400,
	detail="Only pending orders can be cancelled. Orders that have been accepted by the chef cannot be cancelled."
	)

	# Update order status to cancelled
	current_time = datetime.now(timezone.utc)
	db_order.status = "cancelled"
	db_order.updated_at = current_time

	# Mark the table as free if this was the current order
	from ..database import Table

	db_table = db.query(Table).filter(Table.table_number == db_order.table_number).first()
	if db_table and db_table.current_order_id == db_order.id:
	db_table.is_occupied = False
	db_table.current_order_id = None
	db_table.updated_at = current_time

	db.commit()

	return {"message": "Order cancelled successfully"}


	# Get person details
	@router.get("/api/person/{person_id}", response_model=PersonModel)
	def get_person(person_id: int, request: Request, db: Session = Depends(get_session_database)):
	person = db.query(Person).filter(Person.id == person_id).first()
	if not person:
	raise HTTPException(status_code=404, detail="Person not found")
	return person


	# Phone authentication endpoints
	@router.post("/api/phone-auth", response_model=Dict[str, Any])
	def phone_auth(auth_request: PhoneAuthRequest, request: Request, db: Session = Depends(get_session_database)):
	"""
	Initiate phone authentication by sending OTP
	"""
	try:
	# Validate phone number format
	if not auth_request.phone_number.startswith("+91"):
	raise HTTPException(
	status_code=status.HTTP_400_BAD_REQUEST,
	detail="Phone number must start with +91"
	)

	# Send OTP via Firebase
	result = firebase_auth.verify_phone_number(auth_request.phone_number)

	print(f"Phone auth initiated for: {auth_request.phone_number}, table: {auth_request.table_number}")

	return {
	"success": True,
	"message": "Verification code sent successfully",
	"session_info": result.get("sessionInfo", "firebase-verification-token")
	}
	except HTTPException as e:
	print(f"HTTP Exception in phone_auth: {e.detail}")
	raise e
	except Exception as e:
	print(f"Exception in phone_auth: {str(e)}")
	raise HTTPException(
	status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
	detail=f"Failed to send verification code: {str(e)}"
	)


	@router.post("/api/verify-otp", response_model=Dict[str, Any])
	def verify_otp(verify_request: PhoneVerifyRequest, request: Request, db: Session = Depends(get_session_database)):
	"""
	Verify OTP and authenticate user
	"""
	try:
	print(f"Verifying OTP for phone: {verify_request.phone_number}")

	# Verify OTP via Firebase
	# Note: The actual OTP verification is done on the client side with Firebase
	# This is just a validation step
	firebase_auth.verify_otp(
	verify_request.phone_number,
	verify_request.verification_code
	)

	# Check if user exists in database for this hotel
	hotel_id = get_hotel_id_from_request(request)
	user = db.query(Person).filter(
	Person.hotel_id == hotel_id,
	Person.phone_number == verify_request.phone_number
	).first()

	if user:
	print(f"Existing user found: {user.username}")
	# Existing user - update last visit time (visit count updated only when order is placed)
	user.last_visit = datetime.now(timezone.utc)
	db.commit()
	db.refresh(user)

	return {
	"success": True,
	"message": "Authentication successful",
	"user_exists": True,
	"user_id": user.id,
	"username": user.username
	}
	else:
	print(f"New user with phone: {verify_request.phone_number}")
	# New user - return flag to collect username
	return {
	"success": True,
	"message": "Authentication successful, but user not found",
	"user_exists": False
	}

	except HTTPException as e:
	print(f"HTTP Exception in verify_otp: {e.detail}")
	raise e
	except Exception as e:
	print(f"Exception in verify_otp: {str(e)}")
	raise HTTPException(
	status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
	detail=f"Failed to verify OTP: {str(e)}"
	)


	@router.post("/api/register-phone-user", response_model=Dict[str, Any])
	def register_phone_user(user_request: UsernameRequest, request: Request, db: Session = Depends(get_session_database)):
	"""
	Register a new user after phone authentication
	"""
	try:
	hotel_id = get_hotel_id_from_request(request)
	print(f"Registering new user with phone: {user_request.phone_number}, username: {user_request.username}")

	# Check if username already exists for this hotel
	existing_user = db.query(Person).filter(
	Person.hotel_id == hotel_id,
	Person.username == user_request.username
	).first()
	if existing_user:
	print(f"Username already exists: {user_request.username}")
	raise HTTPException(
	status_code=status.HTTP_400_BAD_REQUEST,
	detail="Username already exists"
	)

	# Check if phone number already exists for this hotel
	phone_user = db.query(Person).filter(
	Person.hotel_id == hotel_id,
	Person.phone_number == user_request.phone_number
	).first()
	if phone_user:
	print(f"Phone number already registered: {user_request.phone_number}")
	raise HTTPException(
	status_code=status.HTTP_400_BAD_REQUEST,
	detail="Phone number already registered"
	)

	# Create new user (visit count will be incremented when first order is placed)
	new_user = Person(
	hotel_id=hotel_id,
	username=user_request.username,
	password="", # No password needed for phone auth
	phone_number=user_request.phone_number,
	visit_count=0,
	last_visit=datetime.now(timezone.utc)
	)

	db.add(new_user)
	db.commit()
	db.refresh(new_user)

	print(f"User registered successfully: {new_user.id}, {new_user.username}")

	return {
	"success": True,
	"message": "User registered successfully",
	"user_id": new_user.id,
	"username": new_user.username
	}

	except HTTPException as e:
	print(f"HTTP Exception in register_phone_user: {e.detail}")
	raise e
	except Exception as e:
	print(f"Exception in register_phone_user: {str(e)}")
	raise HTTPException(
	status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
	detail=f"Failed to register user: {str(e)}"
	)