MovieTV App Backend

Version: v2.1.0

Overview

This Django-based backend serves as the API for the MovieTV app, now enhanced with viewsets, Google login/signup features, and email verification for signup and password reset. It provides RESTful endpoints for various functionalities, including user authentication, title management, review creation, and integration with the TMDB API for title data retrieval.

The backend utilizes JWT authentication with the rest_framework_simplejwt library, allowing users to obtain and refresh authentication tokens securely. Additionally, Google OAuth integration enables streamlined user authentication and profile management.

A user lock mechanism has been added to the authentication flow. If a user exceeds the maximum number of allowed failed login attempts, their account will be locked temporarily, improving security.

Comprehensive tests have been implemented for app models and views to ensure reliability and catch potential issues early.

The project is organized into multiple Django apps, each handling specific aspects of the application, such as user management (users app), API endpoints (app app), and project configuration (django_movietv). The backend is designed to be flexible, supporting PostgreSQL or SQLite3 as the database backend, and uses environment variables for configuration, including database credentials and the TMDB API key.

Note: The app includes middleware that automatically converts between camel case (used by the frontend) and snake case (used by the backend), ensuring seamless integration between the two.

New Features (v2.1.0)

• User Lock Mechanism: After a predefined number of failed login attempts, users are temporarily locked out of their account to prevent unauthorized access.

• Bug Fix: Incorrect permissions assignment for review deletion.

• Improve Error handling.

• Testing: Unit tests have been added for both models and views, ensuring that the application behaves as expected. The test suite can be run with the following command:

python manage.py test

Installation and Setup

1. Clone the repository:

   git clone <repository-url>

2. Navigate to the project directory:

   cd <project-directory>

3. Install dependencies:

   pip install -r requirements.txt

4. Set up environment variables:

   • Create a .env file with the following variables:

   DJANGO_SECRET_KEY=<your-secret-key>
   TMDB_API_KEY=<your-tmdb-api-key>
   DJANGO_SETTINGS_MODULE=django_movietv.dev_settings  # or django_movietv.test_settings for testing or prod_settings.py for production
   GOOGLE_CLIENT_ID=<your-google-client-id>
   EMAIL_HOST=<your-email-host> # for production
   EMAIL_PORT=<your-email-port> # for production
   EMAIL_HOST_USER=<your-email-host-user> # for production
   DEFAULT_FROM_EMAIL=<your-default-from-email> # for production
   EMAIL_HOST_PASSWORD=<your-email-host-password> # for production

   • Export environment variables for development:

   export $(grep -v '^#' .env | xargs)

5. Configure Django settings:

   • For development, use django_movietv.dev_settings.
   • For production, use django_movietv.prod_settings.
   • For testing, use django_movietv.test_settings.

6. Set ALLOWED_HOSTS:

   • Update the ALLOWED_HOSTS setting in your settings file to allow appropriate hosts.

Usage

1. Run migrations:

   python manage.py migrate

2. Start the development server:

   python manage.py runserver

API Endpoints

• /token/:

  • POST: Obtain JWT token for authentication
    • Example:

      POST /token/
      {
        "username": "user",
        "password": "pass"
      }

• /token/refresh/:

  • POST: Refresh JWT token
    • Example:

      POST /token/refresh/
      {
        "refresh": "your-refresh-token"
      }

• /users/:

  • GET: List users
  • POST: Create a new user
    • Example:

      POST /users/
      {
        "username": "newuser",
        "password": "newpassword",
        "email": "newuser@example.com"
      }

• /users/<int:user_id>/:

  • GET: Retrieve a specific user
    • Example: /users/1/ to get details of the user with ID 1
  • PATCH: Update user details
    • Example:

      PATCH /users/1/
      {
        "email": "updateduser@example.com"
      }

  • DELETE: Delete a user
    • Example: /users/1/ to delete the user with ID 1

• /genres/:

  • GET: List genres
    • Example: /genres/ to get a list of all genres
    • Example: /genres/?page=1 to get the first page of genres

• /titles/:

  • GET: List titles
    • Example: /titles/?page=1 to get the first page of titles
    • Example: /titles/?movie_or_tv=movie to get only movies (first page as default)
    • Example: /titles/?year_range=2000,2020 to get titles released between 2000 and 2020
    • Example: /titles/?rating_range=4,8 to get titles with ratings between 4 and 8
    • Example: /titles/?search=Inception to search for titles containing "Inception"
    • Example: /titles/?genres=1,2 to get titles that match genres with IDs 1 and 2
  • POST: Create a new title
    • Example:

      POST /titles/
      {
        "title": "New Movie",
        "release_date": "2023-01-01",
        "rating": 7.5,
        "movie_or_tv": "movie",
        "genres": [1, 2]
      }

• /titles/<int:title_id>/:

  • GET: Retrieve a specific title
    • Example: /titles/1/ to get details of the title with ID 1
  • PATCH: Update a title
    • Example:

      PATCH /titles/1/
      {
        "rating": 8.0
      }

  • DELETE: Delete a title
    • Example: /titles/1/ to delete the title with ID 1

• /reviews/:

  • POST: Create a review
    • Example:

      POST /reviews/
      {
        "title": 1,
        "rating": 5,
        "review_text": "Great movie!"
      }

• /reviews/<int:review_id>/:

  • PATCH: Edit a review
    • Example:

      PATCH /reviews/1/
      {
        "review_text": "Updated review text."
      }

• /tmdb-search/:

  • GET: Search titles in TMDB
    • Example: /tmdb-search/?query=Inception to search for titles with "Inception"

• /password-reset/:

  • POST: Reset password
    • Example:

      POST /password-reset/
      {
        "email": "user@example.com"
      }

• /validation/:

  • POST: Validate data
    • Example:

      POST /validation/
      {
        "data": {
          "key": "value"
        }
      }

• /auth/:

  • POST: Google login authentication
    • Example:

      POST /auth/google/
      {
        "credential": "your-google-oauth-token"
      }

    • Response:

      {
        "refresh": "your-refresh-token",
        "access": "your-access-token"
      }

    • Error Response:

      {
        "error": "Invalid token"
      }

Dependencies

• Django: The core framework for building the web application.
• Django REST framework: For building the RESTful API.
• django_filters: To provide filtering capabilities for API queries.
• rest_framework_simplejwt: For handling JWT authentication and token management.
• PostgreSQL: Preferred database backend for production. SQLite3 can be used for development.
• google.oauth2: For Google OAuth integration and authentication.

Production Setup

1. A Dockerfile is available for setting up the production environment.

Contributing

Contributions are welcome! If you'd like to contribute to this project, please follow these steps:

1. Fork the repository.
2. Create a new branch (git checkout -b feature/your-feature-name).
3. Make your changes.
4. Commit your changes (git commit -am 'Add some feature').
5. Push to the branch (git push origin feature/your-feature-name).
6. Create a new Pull Request.

License

This project is licensed under the MIT License. See the LICENSE file for details.