From 7617431f2bd40735e6b6f40c96516d878a833df8 Mon Sep 17 00:00:00 2001
From: Parsa Nazer <parsa.nazerrr@gmail.com>
Date: Tue, 18 Feb 2025 21:42:14 +0330
Subject: [PATCH] debug product serializer

---
 backend/core/urls.py                    |  4 +-
 backend/core/views.py                   | 55 ++++++++++++++++++++++-
 backend/order/admin.py                  |  2 +-
 backend/product/serializers.py          |  2 +-
 backend/templates/admin/fake_login.html | 60 +++++++++++++++++++++++++
 5 files changed, 119 insertions(+), 4 deletions(-)
 create mode 100644 backend/templates/admin/fake_login.html

diff --git a/backend/core/urls.py b/backend/core/urls.py
index 59fbd0f..b461d9c 100644
--- a/backend/core/urls.py
+++ b/backend/core/urls.py
@@ -7,6 +7,7 @@ from rest_framework_simplejwt.views import TokenObtainPairView,TokenRefreshView
 from product import views
 from account.views import CustomTokenObtainPairView
 from home.views import HomeView
+from .views import FakeAdminLoginView
 
 urlpatterns = [
 
@@ -17,7 +18,8 @@ urlpatterns = [
     path('home', HomeView.as_view()),
     path('token/', CustomTokenObtainPairView.as_view(), name='token_obtain_pair'),
     path('token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
-    path('admin/', admin.site.urls),
+    path('admin/', FakeAdminLoginView.as_view()),  # Fake admin  
+    path('secret-admin/', admin.site.urls),          # Real admin  
     path('schema/', SpectacularAPIView.as_view(), name='schema'),
     # path('comment/<int:pk>', views.CommentView.as_view(), name='comment-list'),
     path('products/', include('product.urls')),
diff --git a/backend/core/views.py b/backend/core/views.py
index 0a361be..229b4a5 100644
--- a/backend/core/views.py
+++ b/backend/core/views.py
@@ -10,12 +10,13 @@ from unfold.views import UnfoldModelAdminViewMixin
 from order.models import OrderModel
 from ticket.models import Ticket
 
-
+import json
 
 
 
 
 def dashboard_callback(request, context):
+    print(context)
     pending_count = OrderModel.objects.filter(status='ADMIN_PENDING').count()
     open_tickets_count = Ticket.objects.filter(status__in=['open', 'in_progress']).count()
     context.update(random_data())
@@ -192,3 +193,55 @@ def random_data():
         ],
     }
     return response
+
+
+
+
+
+
+
+
+
+
+
+
+
+# views.py
+from django.contrib.auth.views import LoginView
+from django.contrib.admin.sites import site as admin_site
+from django.contrib import messages
+from django.shortcuts import redirect
+from django.views.generic import RedirectView, TemplateView
+from unfold.views import UnfoldModelAdminViewMixin
+class FakeAdminLoginView(LoginView):
+    template_name = "admin/fake_login.html"
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        print(self.get_form())
+        context.update({
+            **admin_site.each_context(self.request),
+            "title": "Log in",  
+            "site_header": admin_site.site_header,
+            "form": self.get_form(),
+        })
+        return context
+
+    def form_valid(self, form):
+        # Log the honeypot attempt
+        username = form.cleaned_data.get("username")
+        ip = self.request.META.get("REMOTE_ADDR")
+        print(f"Honeypot triggered! IP: {ip}, Username: {username}")
+        
+        # Add error message and redirect back to fake login
+        messages.error(self.request, "Please enter a correct شماره تماس and password. Note that both fields may be case-sensitive.")
+        return redirect('/admin')
+
+    def form_invalid(self, form):
+        # Log the honeypot attempt
+        username = form.cleaned_data.get("username")
+        ip = self.request.META.get("REMOTE_ADDR")
+        print(f"Honeypot triggered! IP: {ip}, Username: {username}")
+        
+        # Add error message and redirect back to fake login
+        messages.error(self.request, "Please enter a correct شماره تماس and password. Note that both fields may be case-sensitive.")
+        return redirect('/admin')
\ No newline at end of file
diff --git a/backend/order/admin.py b/backend/order/admin.py
index bce84b0..3626c1a 100644
--- a/backend/order/admin.py
+++ b/backend/order/admin.py
@@ -28,7 +28,7 @@ class OrderAdmin(ModelAdmin, ImportExportModelAdmin):
     list_filter = ['is_paid', 'status']
     
     list_display = ['user', 'is_paid', 'status', 'discount_code', 'address']
-
+    readonly_fields = ('created_at',)
     compressed_fields = True
     warn_unsaved_form = True
 
diff --git a/backend/product/serializers.py b/backend/product/serializers.py
index f3bc036..3794822 100644
--- a/backend/product/serializers.py
+++ b/backend/product/serializers.py
@@ -44,7 +44,7 @@ class ProductImageSerailizer(serializers.ModelSerializer):
 
 
 class ProductVariantSerialzier(serializers.ModelSerializer):
-    attributes = AttributeValueSerialzier(many=True)
+    product_attributes = AttributeValueSerialzier(many=True)
     price = serializers.SerializerMethodField()
     in_pack_items = InPackItemsSerialzier(many=True)
     images = ProductImageSerailizer(many=True)
diff --git a/backend/templates/admin/fake_login.html b/backend/templates/admin/fake_login.html
new file mode 100644
index 0000000..cb1fb89
--- /dev/null
+++ b/backend/templates/admin/fake_login.html
@@ -0,0 +1,60 @@
+{% extends "admin/login.html" %}
+{% load i18n static %}
+
+{% block content %}
+    <div class="flex min-h-screen">
+        <div class="w-full max-w-md mx-auto p-6">
+            <div class="mb-8 text-center">
+                {% include "unfold/helpers/logo.html" %}
+            </div>
+
+            {% if messages %}
+                <div class="bg-red-50 text-red-600 p-4 rounded-lg mb-4 text-sm"> <!-- Unfold's error class -->
+                    {% for message in messages %}
+                        {{ message }}
+                    {% endfor %}
+                </div>
+            {% endif %}
+
+            <form method="post" class="space-y-4">
+                {% csrf_token %}
+                asdfadsf
+                <!-- Username Input (Matches Unfold's Styling) -->
+                <div>
+                    <label for="id_username" class="block text-sm font-medium text-gray-700 mb-2">
+                        {% trans "Username" %}
+                    </label>
+                    <input
+                        type="text"
+                        name="username"
+                        id="id_username"
+                        class="w-full px-3 py-2 border rounded-lg focus:ring-2 focus:ring-blue-500 focus:border-blue-500" <!-- Unfold's input classes -->
+                        required
+                    >
+                </div>
+
+                <!-- Password Input -->
+                <div>
+                    <label for="id_password" class="block text-sm font-medium text-gray-700 mb-2">
+                        {% trans "Password" %}
+                    </label>
+                    <input
+                        type="password"
+                        name="password"
+                        id="id_password"
+                        class="w-full px-3 py-2 border rounded-lg focus:ring-2 focus:ring-blue-500 focus:border-blue-500"
+                        required
+                    >
+                </div>
+
+                <!-- Submit Button -->
+                <button
+                    type="submit"
+                    class="w-full bg-blue-600 text-white py-2 px-4 rounded-lg hover:bg-blue-700 focus:ring-2 focus:ring-blue-500" <!-- Unfold's button classes -->
+                >
+                    {% trans "Log in" %}
+                </button>
+            </form>
+        </div>
+    </div>
+{% endblock %}
\ No newline at end of file