add login api

core/apps/accounts/admin/__init__.py

@@ -0,0 +1,3 @@
+from .user import *
+from .permission import *
+from .role import * 

core/apps/accounts/admin/permission.py

@@ -0,0 +1,9 @@
+from django.contrib import admin 
+
+from core.apps.accounts.models.permission import Permission
+
+
+@admin.register(Permission)
+class PermissionAdmin(admin.ModelAdmin):
+    list_display = ['name', 'code']
+

core/apps/accounts/admin/role.py

@@ -0,0 +1,9 @@
+from django.contrib import admin
+
+from core.apps.accounts.models.role import Role
+
+
+@admin.register(Role)
+class RoleAdmin(admin.ModelAdmin):
+    list_display = ['name']
+    

core/apps/accounts/admin/user.py

@@ -0,0 +1,28 @@
+from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin as DjangoUserAdmin
+from django.utils.translation import gettext_lazy as _
+
+from core.apps.accounts.models import User
+
+@admin.register(User)
+class UserAdmin(DjangoUserAdmin):
+    add_form_template = "admin/auth/user/add_form.html"
+    change_user_password_template = None
+    fieldsets = (
+        (None, {"fields": ("username", "password")}),
+        (_("Personal info"), {"fields": ("first_name", "last_name", "email", "role")}),
+        (_("Important dates"), {"fields": ("last_login", "date_joined")}),
+    )
+    add_fieldsets = (
+        (
+            None,
+            {
+                "classes": ("wide",),
+                "fields": ("username", "password1", "password2"),
+            },
+        ),
+    )
+    list_display = ("username", "email", "first_name", "last_name", "is_staff")
+    list_filter = ("is_staff", "is_superuser", "is_active", "groups")
+    search_fields = ("username", "first_name", "last_name", "email")
+    ordering = ("username",)

core/apps/accounts/apps.py

@@ -4,3 +4,6 @@ from django.apps import AppConfig
 class AccountsConfig(AppConfig):
     default_auto_field = 'django.db.models.BigAutoField'
     name = 'core.apps.accounts'
+
+    def ready(self):
+        from . import admin

core/apps/accounts/migrations/0001_initial.py

@@ -0,0 +1,47 @@
+# Generated by Django 5.2.4 on 2025-07-31 10:59
+
+import django.contrib.auth.models
+import django.contrib.auth.validators
+import django.utils.timezone
+import uuid
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0012_alter_user_first_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
+                ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
+                ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
+                ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('profile_image', models.ImageField(blank=True, null=True, upload_to='users/profile_images/', verbose_name='profil rasmi')),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
+                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
+            ],
+            options={
+                'verbose_name': 'Foydalanuvchi',
+                'verbose_name_plural': 'Foydalanuvchilar',
+            },
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+    ]

core/apps/accounts/migrations/0002_permission_role_user_role.py

@@ -0,0 +1,48 @@
+# Generated by Django 5.2.4 on 2025-07-31 16:31
+
+import django.db.models.deletion
+import uuid
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Permission',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('name', models.CharField(max_length=200)),
+                ('code', models.CharField(max_length=100, unique=True)),
+            ],
+            options={
+                'verbose_name': 'Ruxsatnoma',
+                'verbose_name_plural': 'Ruxsatnomalar',
+            },
+        ),
+        migrations.CreateModel(
+            name='Role',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('name', models.CharField(max_length=200, unique=True)),
+                ('permissions', models.ManyToManyField(related_name='roles', to='accounts.permission')),
+            ],
+            options={
+                'verbose_name': 'Rol',
+                'verbose_name_plural': 'Rollar',
+            },
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='role',
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.DO_NOTHING, related_name='users', to='accounts.role'),
+        ),
+    ]

core/apps/accounts/models/__init__.py

@@ -0,0 +1 @@
+from .user import User

core/apps/accounts/models/permission.py

@@ -0,0 +1,16 @@
+from django.db import models
+from django.utils.translation import gettext_lazy as _
+
+from core.apps.shared.models import BaseModel
+
+
+class Permission(BaseModel):
+    name = models.CharField(max_length=200)
+    code = models.CharField(max_length=100, unique=True)
+
+    def __str__(self):
+        return f'{self.name} - {self.code}'
+    
+    class Meta:
+        verbose_name = _('Ruxsatnoma')
+        verbose_name_plural = _('Ruxsatnomalar')

core/apps/accounts/models/role.py

@@ -0,0 +1,17 @@
+from django.db import models
+from django.utils.translation import gettext_lazy as _
+
+from core.apps.shared.models import BaseModel
+from core.apps.accounts.models.permission import Permission
+
+
+class Role(BaseModel):
+    name = models.CharField(max_length=200, unique=True)
+    permissions = models.ManyToManyField(Permission, related_name='roles')
+
+    def __str__(self):
+        return self.name
+    
+    class Meta:
+        verbose_name = _('Rol')
+        verbose_name_plural = _('Rollar')

core/apps/accounts/models/user.py

@@ -0,0 +1,22 @@
+from django.db import models
+from django.contrib.auth.models import AbstractUser
+from django.utils.translation import gettext_lazy as _
+
+from core.apps.shared.models import BaseModel
+from core.apps.accounts.models.role import Role
+
+
+class User(BaseModel, AbstractUser):
+    profile_image = models.ImageField(
+        upload_to="users/profile_images/", null=True, blank=True, verbose_name=_('profil rasmi')
+    )
+    role = models.ForeignKey(Role, on_delete=models.DO_NOTHING, null=True, related_name="users")
+
+    REQUIRED_FIELDS = []
+
+    def __str__(self):
+        return self.username
+    
+    class Meta:
+        verbose_name = _("Foydalanuvchi")
+        verbose_name_plural = _("Foydalanuvchilar")

core/apps/accounts/permissions/permissions.py

@@ -0,0 +1,18 @@
+from rest_framework.permissions import BasePermission
+
+class HasRolePermission(BasePermission):
+    def has_permission(self, request, view):
+        user = request.user
+
+        if not user.is_authenticated:
+            return False
+
+        required_permissions = getattr(view, 'required_permissions', [])
+        if not required_permissions:
+            return True 
+
+        if user.role:
+            user_permissions = user.role.permissions.values_list('code', flat=True)
+            return all(perm in user_permissions for perm in required_permissions)
+
+        return False

core/apps/accounts/serializers/login.py

@@ -0,0 +1,17 @@
+from rest_framework import serializers
+
+from core.apps.accounts.models.user import User
+
+
+class LoginSerializer(serializers.Serializer):
+    username = serializers.CharField()
+    password = serializers.CharField()
+
+    def validate(self, data):
+        user = User.objects.filter(username=data['username']).first()
+        if not user:
+            raise serializers.ValidationError("User not found with this credentials")
+        if not user.check_password(data['password']):
+            raise serializers.ValidationError("User not found with this credentials")
+        data['user'] = user
+        return data

core/apps/accounts/urls.py

@@ -1,6 +1,8 @@
 from django.urls import path, include 
 
+from core.apps.accounts.views.login import LoginApiView, TestApiView
 
 urlpatterns = [
-    
+    path('auth/login/', LoginApiView.as_view(), name='login'),
+    path('test/', TestApiView.as_view()),
 ]

core/apps/accounts/views/login.py

@@ -0,0 +1,27 @@
+from rest_framework import generics, status
+from rest_framework.response import Response
+
+from rest_framework_simplejwt.tokens import RefreshToken
+
+from core.apps.accounts.models.user import User
+from core.apps.accounts.serializers.login import LoginSerializer
+from core.apps.accounts.permissions.permissions import HasRolePermission
+
+
+class LoginApiView(generics.GenericAPIView):
+    serializer_class = LoginSerializer
+    queryset = User.objects.all()
+
+    def post(self, request):
+        serializer = self.serializer_class(data=request.data)
+        if serializer.is_valid(raise_exception=True):
+            user = serializer.validated_data.get('user')
+            token = RefreshToken.for_user(user)
+            user_data = {
+                'role': user.role.name,
+                'permissions': user.role.permissions.values_list('code', flat=True),
+            }
+            return Response(
+                {"access": str(token.access_token), "refresh": str(token), 'user_data': user_data},
+                status=status.HTTP_200_OK
+            )