first commit

core/apps/accounts/admin.py

@@ -0,0 +1,42 @@
+from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin
+from django.contrib.auth.forms import AdminPasswordChangeForm, UserChangeForm
+from django.utils.translation import gettext_lazy as _
+from .models import User
+
+class CustomUserAdmin(UserAdmin):
+    model = User
+    change_password_form = AdminPasswordChangeForm
+    form = UserChangeForm
+
+    list_display = ("id", "first_name", "last_name", "phone", "role", "region", "is_active", "is_staff")
+    list_filter = ("role", "region", "is_staff", "is_superuser", "is_active")
+    search_fields = ("phone", "first_name", "last_name", "email")
+    ordering = ("phone",)
+    autocomplete_fields = ["groups"]
+
+    fieldsets = (
+        (None, {"fields": ("phone", "password")}),
+        (_("Personal info"), {"fields": ("first_name", "last_name", "email", "region")}),
+        (_("Permissions"), {
+            "fields": (
+                "is_active",
+                "is_staff",
+                "is_superuser",
+                "groups",
+                "user_permissions",
+                "role",
+            ),
+        }),
+        (_("Important dates"), {"fields": ("last_login", "date_joined")}),
+    )
+
+    add_fieldsets = (
+        (None, {
+            "classes": ("wide",),
+            "fields": ("phone", "password1", "password2", "role", "region", "is_active", "is_staff"),
+        }),
+    )
+
+# Register the custom user
+admin.site.register(User, CustomUserAdmin)

core/apps/accounts/apps.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class AccountsConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'core.apps.accounts'

core/apps/accounts/choices.py

@@ -0,0 +1,9 @@
+from django.db import models
+class RoleChoice(models.TextChoices):
+    """
+    User Role Choice
+    """
+    SUPERUSER = "superuser", "Superuser"
+    BUSINESSMAN = "businessman", "Businessman"
+    MANAGER = "manager", "Manager"
+    EMPLOYEE = "employee", "Employee"

core/apps/accounts/forms.py

@@ -0,0 +1,37 @@
+from django import forms
+from django.contrib.auth import authenticate
+from django.contrib.auth.forms import AuthenticationForm
+
+class PhoneLoginForm(forms.Form):
+    phone = forms.CharField(
+        label="Phone",
+        max_length=255,
+        widget=forms.TextInput(attrs={
+            'class': 'form-control',
+            'placeholder': 'Enter phone number',
+            'autofocus': True
+        })
+    )
+    password = forms.CharField(
+        label="Password",
+        widget=forms.PasswordInput(attrs={
+            'class': 'form-control',
+            'placeholder': 'Enter password'
+        })
+    )
+
+    def clean(self):
+        cleaned_data = super().clean()
+        phone = cleaned_data.get("phone")
+        password = cleaned_data.get("password")
+        if phone and password:
+            from django.contrib.auth import get_user_model
+            User = get_user_model()
+            user = authenticate(username=phone, password=password)
+            if user is None:
+                raise forms.ValidationError("Invalid phone number or password")
+            self.user = user
+        return cleaned_data
+
+    def get_user(self):
+        return getattr(self, 'user', None)

core/apps/accounts/managers.py

@@ -0,0 +1,22 @@
+from django.contrib.auth import base_user
+
+class UserManager(base_user.BaseUserManager):
+    def create_user(self, phone, password=None, **extra_fields):
+        if not phone:
+            raise ValueError("The phone number must be set")
+
+        user = self.model(phone=phone, **extra_fields)
+        user.set_password(password)
+        user.save(using=self._db)
+        return user
+
+    def create_superuser(self, phone, password=None, **extra_fields):
+        extra_fields.setdefault("is_staff", True)
+        extra_fields.setdefault("is_superuser", True)
+
+        if extra_fields.get("is_staff") is not True:
+            raise ValueError("Superuser must have is_staff=True.")
+        if extra_fields.get("is_superuser") is not True:
+            raise ValueError("Superuser must have is_superuser=True.")
+
+        return self.create_user(phone, password, **extra_fields)

core/apps/accounts/migrations/0001_initial.py

@@ -0,0 +1,43 @@
+# Generated by Django 6.0.2 on 2026-02-04 12:15
+
+import django.utils.timezone
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0012_alter_user_first_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
+                ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
+                ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('phone', models.CharField(max_length=255, unique=True)),
+                ('username', models.CharField(blank=True, max_length=255, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('validated_at', models.DateTimeField(blank=True, null=True)),
+                ('role', models.CharField(choices=[('superuser', 'Superuser'), ('businessman', 'Businessman'), ('manager', 'Manager'), ('employee', 'Employee')], default='employee', max_length=255)),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
+            ],
+            options={
+                'verbose_name': 'user',
+                'verbose_name_plural': 'users',
+                'abstract': False,
+            },
+        ),
+    ]

core/apps/accounts/migrations/0002_initial.py

@@ -0,0 +1,28 @@
+# Generated by Django 6.0.2 on 2026-02-04 12:15
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('accounts', '0001_initial'),
+        ('auth', '0012_alter_user_first_name_max_length'),
+        ('management', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='region',
+            field=models.ForeignKey(blank=True, help_text='Only for managers', null=True, on_delete=django.db.models.deletion.SET_NULL, to='management.region'),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='user_permissions',
+            field=models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions'),
+        ),
+    ]

core/apps/accounts/migrations/0003_user_warehouse.py

@@ -0,0 +1,20 @@
+# Generated by Django 6.0.2 on 2026-02-06 09:54
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0002_initial'),
+        ('management', '0013_rename_name_device_address_remove_device_monthly_fee_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='warehouse',
+            field=models.ForeignKey(blank=True, help_text='Only for employees', null=True, on_delete=django.db.models.deletion.PROTECT, to='management.warehouse'),
+        ),
+    ]

core/apps/accounts/models.py

@@ -0,0 +1,43 @@
+from django.contrib.auth import models as auth_models
+from django.db import models
+from .choices import RoleChoice
+from .managers import UserManager
+from ..management.models import Region, Warehouse
+
+
+class User(auth_models.AbstractUser):
+    phone = models.CharField(max_length=255, unique=True)
+    username = models.CharField(max_length=255, null=True, blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    validated_at = models.DateTimeField(null=True, blank=True)
+    role = models.CharField(
+        max_length=255,
+        choices=RoleChoice,
+        default=RoleChoice.EMPLOYEE,
+    )
+
+    region = models.ForeignKey(
+        Region,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        help_text="Only for managers"
+    )
+
+    warehouse = models.ForeignKey(
+        Warehouse,
+        on_delete=models.PROTECT,
+        null=True,
+        blank=True,
+        help_text="Only for employees"
+    )
+
+    def get_full_name(self):
+        return f"{self.first_name} {self.last_name}".strip() or self.phone
+
+    USERNAME_FIELD = "phone"
+    objects = UserManager()
+
+    def __str__(self):
+        return self.phone

core/apps/accounts/templates/auth/login.html

@@ -0,0 +1,147 @@
+<!-- templates/auth/login.html -->
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Login</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">
+    <style>
+        :root {
+            --primary: #4f46e5;
+            --bg: #f4f6fb;
+            --text: #111827;
+            --muted: #6b7280;
+            --danger: #dc2626;
+        }
+
+        * {
+            box-sizing: border-box;
+        }
+
+        body {
+            margin: 0;
+            min-height: 100vh;
+            background: var(--bg);
+            font-family: system-ui, -apple-system, sans-serif;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            padding: env(safe-area-inset-top) 14px env(safe-area-inset-bottom);
+        }
+
+        .card {
+            width: 100%;
+            max-width: 420px;
+            background: #fff;
+            border-radius: 16px;
+            padding: 24px 20px 28px;
+            box-shadow: 0 12px 40px rgba(0,0,0,.08);
+        }
+
+        h1 {
+            margin: 0 0 24px;
+            font-size: 24px;
+            text-align: center;
+            color: var(--text);
+        }
+
+        .form-group {
+            margin-bottom: 18px;
+        }
+
+        label {
+            display: block;
+            font-size: 13px;
+            margin-bottom: 6px;
+            color: var(--muted);
+        }
+
+        .form-control {
+            width: 100%;
+            padding: 14px 14px;
+            font-size: 16px; /* prevents iOS zoom */
+            border-radius: 12px;
+            border: 1px solid #d1d5db;
+            outline: none;
+            transition: border .15s, box-shadow .15s;
+        }
+
+        .form-control:focus {
+            border-color: var(--primary);
+            box-shadow: 0 0 0 3px rgba(79,70,229,.15);
+        }
+
+        .btn {
+            width: 100%;
+            padding: 15px;
+            border-radius: 14px;
+            border: none;
+            background: var(--primary);
+            color: #fff;
+            font-size: 16px;
+            font-weight: 600;
+            cursor: pointer;
+            margin-top: 8px;
+        }
+
+        .btn:active {
+            transform: scale(.99);
+        }
+
+        .error {
+            background: #fee2e2;
+            color: var(--danger);
+            padding: 12px 14px;
+            border-radius: 12px;
+            font-size: 14px;
+            margin-bottom: 16px;
+        }
+
+        @media (min-width: 768px) {
+            body {
+                padding: 0;
+            }
+            .card {
+                padding: 32px;
+            }
+            h1 {
+                font-size: 26px;
+            }
+        }
+    </style>
+</head>
+<body>
+
+<div class="card">
+    <h1>Sign in</h1>
+
+    {% if messages %}
+        {% for message in messages %}
+            <div class="error">{{ message }}</div>
+        {% endfor %}
+    {% endif %}
+
+    {% if form.non_field_errors %}
+        <div class="error">
+            {{ form.non_field_errors.0 }}
+        </div>
+    {% endif %}
+
+    <form method="post" novalidate>
+        {% csrf_token %}
+
+        <div class="form-group">
+            {{ form.phone.label_tag }}
+            {{ form.phone }}
+        </div>
+
+        <div class="form-group">
+            {{ form.password.label_tag }}
+            {{ form.password }}
+        </div>
+
+        <button type="submit" class="btn">Login</button>
+    </form>
+</div>
+</body>
+</html>

core/apps/accounts/tests.py

@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.

core/apps/accounts/urls.py

@@ -0,0 +1,8 @@
+from django.urls import path
+from .views import logout_view, login_view, dashboard
+
+urlpatterns = [
+    path("", login_view, name="login"),
+    path("logout/", logout_view, name="logout"),
+    path('dashboard/', dashboard, name='dashboard'),
+]

core/apps/accounts/views.py

@@ -0,0 +1,43 @@
+from django.shortcuts import render, redirect
+from django.contrib.auth import login, logout
+from .forms import PhoneLoginForm
+from django.contrib import messages
+from django.contrib.auth.decorators import login_required
+
+def login_view(request):
+    if request.user.is_authenticated:
+        return redirect('dashboard')
+
+    if request.method == "POST":
+        form = PhoneLoginForm(request.POST)
+        if form.is_valid():
+            user = form.get_user()
+            login(request, user)
+            return redirect('dashboard')
+        else:
+            messages.error(request, "Invalid phone number or password")
+    else:
+        form = PhoneLoginForm()
+
+    return render(request, "auth/login.html", {"form": form})
+
+
+def logout_view(request):
+    logout(request)
+    return redirect('login')
+
+@login_required
+def dashboard(request):
+    if request.user.role == "businessman":
+        return redirect("businessman_dashboard")
+    elif request.user.role == "manager":
+        return redirect("manager_dashboard")
+    elif request.user.role == "employee":
+        return redirect("employee_dashboard")
+    else:
+        return redirect("login")
+
+
+def csrf_failure(request, reason=""):
+    logout(request)
+    return redirect("login")