update

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Ahmed Nagi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,6 +1,8 @@
-# Learning Management System (LMS) API
+# Learning Management System (LMS) API with Vue.js
 
-Welcome to the Learning Management System (LMS) API! This project is a robust and scalable backend solution built with Django and Django Rest Framework (DRF). It is designed to manage courses and their associated modules, providing a structured and secure platform for educational content delivery.
+Welcome to the Learning Management System (LMS) API! This project is a robust, scalable backend solution built with Django and Django Rest Framework (DRF), coupled with a modern and responsive frontend using Vue.js. It is designed to manage courses and their associated modules, providing a structured and secure platform for educational content delivery.
+
+![Image](image.jpg)
 
 ## Features
 
@@ -9,42 +11,38 @@ Welcome to the Learning Management System (LMS) API! This project is a robust an
 - **Authentication & Permissions**: Secure access using Token Authentication and IsAuthenticated permissions.
 - **RESTful API Design**: Follows REST principles with hyperlinked relationships for intuitive navigation.
 - **Custom Query Logic**: Retrieve modules filtered by course ID for efficient data access.
+- **Interactive Frontend**: A Vue.js-powered frontend for seamless interaction with the backend API, including real-time updates and dynamic views.
 
 ## Technologies Used
 
-- **Backend**: Django, Django Rest Framework (DRF)
+### Backend
+- **Framework**: Django, Django Rest Framework (DRF)
 - **Authentication**: dj-rest-auth & django-alluth
 - **Database**: PostgreSQL
-- **API Documentation**: Auto-generated using drf_yasg browsable API.
+- **API Documentation**: Auto-generated using drf-spectacular browsable API.
+- **Project Scaffold**: Cookiecutter Django
 
-## Getting Started
+### Frontend
+- **Framework**: Vue.js 3
+- **Routing**: Vue Router
+- **UI Framework**: Tailwind CSS, DaisyUI
 
 
-# Prerequisites
+### Integration
 
-- [Docker](https://docs.docker.com/docker-for-mac/install/)  
-
-## Local Development
-
-Start the dev server for local development:
-```bash
-docker-compose up
-```
-
-Run a command inside the docker container:
-
-```bash
-docker-compose run --rm web [command]
-```
+1. **API Consumption**: Use Axios or Fetch API in Vue.js to interact with the backend API endpoints.
+2. **Authentication**: Implement login and token storage using Vuex/Pinia or localStorage.
+3. **Components**: Create reusable Vue components for courses, modules, authentication, and navigation.
+4. **Routing**: Use Vue Router to manage navigation between pages like course lists, module details, and user authentication.
 
 ## API Endpoints
+This project includes a fully interactive API documentation powered by drf-spectacular, a library for generating Swagger and ReDoc documentation for Django REST Framework (DRF).
 
-This project includes a fully interactive API documentation powered by drf_yasg, a library for generating Swagger and ReDoc documentation for Django REST Framework (DRF).
-Features
+### Features
 
-* Interactive Swagger UI: Test API endpoints directly within the browser.
-* ReDoc Interface: Professionally styled documentation for better readabi* lity.
-* Auto-generated: No need to write documentation manually; drf_yasg extracts t* he information from DRF views and serializers.
+- **Interactive Swagger UI**: Test API endpoints directly within the browser.
+- **MkDocs Material Interface**: A clean and customizable documentation tool with a modern Material Design theme.
+- **Auto-generated**: No need to write documentation manually; drf-spectacularyasg extracts the information from DRF views and serializers.
 
 ## Contributing
 
@@ -59,106 +57,7 @@ Contributions are welcome! If you’d like to contribute, please follow these st
 
 This project is licensed under the MIT License. See the LICENSE file for details.
 
-## Acknowledgments
+---
 
-- Built with ❤️ using Django and Django Rest Framework.
-- Inspired by the need for scalable and secure e-learning solutions.
+By combining the power of Django and Vue.js, this LMS API provides a full-stack solution for managing and delivering educational content effectively. Happy coding!
 
-Feel free to explore the API and contribute to its development. For any questions or feedback, please open an issue or contact the maintainers. Happy coding! 🚀
-
-This README is clear, concise, and provides all the necessary information for users and contributors.
-
-
-
-
-[![Built with Cookiecutter Django](https://img.shields.io/badge/built%20with-Cookiecutter%20Django-ff69b4.svg?logo=cookiecutter)](https://github.com/cookiecutter/cookiecutter-django/)
-[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
-
-## Settings
-
-Moved to [settings](https://cookiecutter-django.readthedocs.io/en/latest/1-getting-started/settings.html).
-
-## Basic Commands
-
-### Setting Up Your Users
-
-- To create a **normal user account**, just go to Sign Up and fill out the form. Once you submit it, you'll see a "Verify Your E-mail Address" page. Go to your console to see a simulated email verification message. Copy the link into your browser. Now the user's email should be verified and ready to go.
-
-- To create a **superuser account**, use this command:
-
-      $ python manage.py createsuperuser
-
-For convenience, you can keep your normal user logged in on Chrome and your superuser logged in on Firefox (or similar), so that you can see how the site behaves for both kinds of users.
-
-### Type checks
-
-Running type checks with mypy:
-
-    $ mypy lms
-
-### Test coverage
-
-To run the tests, check your test coverage, and generate an HTML coverage report:
-
-    $ coverage run -m pytest
-    $ coverage html
-    $ open htmlcov/index.html
-
-#### Running tests with pytest
-
-    $ pytest
-
-### Live reloading and Sass CSS compilation
-
-Moved to [Live reloading and SASS compilation](https://cookiecutter-django.readthedocs.io/en/latest/2-local-development/developing-locally.html#using-webpack-or-gulp).
-
-### Celery
-
-This app comes with Celery.
-
-To run a celery worker:
-
-```bash
-cd lms
-celery -A config.celery_app worker -l info
-```
-
-Please note: For Celery's import magic to work, it is important _where_ the celery commands are run. If you are in the same folder with _manage.py_, you should be right.
-
-To run [periodic tasks](https://docs.celeryq.dev/en/stable/userguide/periodic-tasks.html), you'll need to start the celery beat scheduler service. You can start it as a standalone process:
-
-```bash
-cd lms
-celery -A config.celery_app beat
-```
-
-or you can embed the beat service inside a worker with the `-B` option (not recommended for production use):
-
-```bash
-cd lms
-celery -A config.celery_app worker -B -l info
-```
-
-### Email Server
-
-In development, it is often nice to be able to see emails that are being sent from your application. For that reason local SMTP server [Mailpit](https://github.com/axllent/mailpit) with a web interface is available as docker container.
-
-Container mailpit will start automatically when you will run all docker containers.
-Please check [cookiecutter-django Docker documentation](https://cookiecutter-django.readthedocs.io/en/latest/2-local-development/developing-locally-docker.html) for more details how to start all containers.
-
-With Mailpit running, to view messages that are sent by your application, open your browser and go to `http://127.0.0.1:8025`
-
-### Sentry
-
-Sentry is an error logging aggregator service. You can sign up for a free account at <https://sentry.io/signup/?code=cookiecutter> or download and host it yourself.
-The system is set up with reasonable defaults, including 404 logging and integration with the WSGI application.
-
-You must set the DSN url in production.
-
-## Deployment
-
-The following details how to deploy this application.
-
-### Docker
-
-See detailed [cookiecutter-django Docker documentation](https://cookiecutter-django.readthedocs.io/en/latest/3-deployment/deployment-with-docker.html).

backend/.envs/.local/.django

@@ -12,3 +12,5 @@ REDIS_URL=redis://redis:6379/0
 # Flower
 CELERY_FLOWER_USER=debug
 CELERY_FLOWER_PASSWORD=debug
+
+SIGNING_KEY=ebd0c2f345ede5we3244t5r34a0dc1b994e33e729e

backend/.envs/.production/.django

@@ -5,12 +5,12 @@ DJANGO_SETTINGS_MODULE=config.settings.production
 DJANGO_SECRET_KEY=CQHQz4M3wN1VL2TT53Gl8yupKOjQ5m01js4jPw6bQsUexzkdy9JGXhQg9h6H24M5
 DJANGO_ADMIN_URL=6XfjlokEGlPf6SpVfGh7wBvs7t5ZFMDs/
 DJANGO_ALLOWED_HOSTS=.example.com
+SIGNING_KEY=HQz4M3wN1ebd0c2f345ede5we324@#$%$#@#R$Q#Zaexsredg/*43/54333e729e
 
 # Security
 # ------------------------------------------------------------------------------
 # TIP: better off using DNS, however, redirect is OK too
 DJANGO_SECURE_SSL_REDIRECT=False
-
 # Email
 # ------------------------------------------------------------------------------
 DJANGO_SERVER_EMAIL=

backend/.gitignore

@@ -277,3 +277,5 @@ lms/media/
 .pytest_cache/
 .ipython/
 .env
+
+# Ignore Django migrations

backend/.idx/dev.nix

@@ -0,0 +1,57 @@
+{ pkgs, ... }: {
+  # Which nixpkgs channel to use.
+  channel = "stable-24.05"; # or "unstable"
+  
+  # Use https://search.nixos.org/packages to find packages
+  packages = [
+    pkgs.docker
+    pkgs.docker-compose
+    pkgs.sudo
+  ];
+  
+  # Sets environment variables in the workspace
+  env = {
+    PORT = "6000";
+  };
+  services.docker.enable = true;
+  
+  
+  idx = {
+    # Search for the extensions you want on https://open-vsx.org/ and use "publisher.id"
+    extensions = [
+      "ms-azuretools.vscode-docker"
+    ];
+    
+    workspace = {
+      # Runs when a workspace is first created with this `dev.nix` file
+      onCreate = {
+        setup-docker-compose = ''
+          # Ensure Docker Compose is built only once
+          docker-compose -f docker-compose.local.yml build
+        '';
+        # Open editors for the following files by default, if they exist:
+        default.openFiles = ["docker-compose.local.yml"];
+      };
+      # To run something each time the workspace is (re)started, use the `onStart` hook
+      onStart = {
+        start-docker-compose = ''
+          docker-compose -f docker-compose.local.yml up
+        '';
+      };
+    };
+    
+    # Enable previews and customize configuration
+    previews = {
+      enable = true;
+      previews = {
+        web = {
+          command = ["docker-compose" "-f" "docker-compose.local.yml" "up"];
+          env = {
+            PORT = "$PORT";
+          };
+          manager = "web";
+        };
+      };
+    };
+  };
+}

backend/.vscode/settings.json

@@ -0,0 +1,4 @@
+{
+    "IDX.aI.enableInlineCompletion": true,
+    "IDX.aI.enableCodebaseIndexing": true
+}

backend/README.md

@@ -0,0 +1,91 @@
+[![Built with Cookiecutter Django](https://img.shields.io/badge/built%20with-Cookiecutter%20Django-ff69b4.svg?logo=cookiecutter)](https://github.com/cookiecutter/cookiecutter-django/)
+[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+
+## Settings
+
+Moved to [settings](https://cookiecutter-django.readthedocs.io/en/latest/1-getting-started/settings.html).
+
+## Basic Commands
+
+### Setting Up Your Users
+
+- To create a **normal user account**, just go to Sign Up and fill out the form. Once you submit it, you'll see a "Verify Your E-mail Address" page. Go to your console to see a simulated email verification message. Copy the link into your browser. Now the user's email should be verified and ready to go.
+
+- To create a **superuser account**, use this command:
+
+      $ python manage.py createsuperuser
+
+For convenience, you can keep your normal user logged in on Chrome and your superuser logged in on Firefox (or similar), so that you can see how the site behaves for both kinds of users.
+
+### Type checks
+
+Running type checks with mypy:
+
+    $ mypy lms
+
+### Test coverage
+
+To run the tests, check your test coverage, and generate an HTML coverage report:
+
+    $ coverage run -m pytest
+    $ coverage html
+    $ open htmlcov/index.html
+
+#### Running tests with pytest
+
+    $ pytest
+
+### Live reloading and Sass CSS compilation
+
+Moved to [Live reloading and SASS compilation](https://cookiecutter-django.readthedocs.io/en/latest/2-local-development/developing-locally.html#using-webpack-or-gulp).
+
+### Celery
+
+This app comes with Celery.
+
+To run a celery worker:
+
+```bash
+cd lms
+celery -A config.celery_app worker -l info
+```
+
+Please note: For Celery's import magic to work, it is important _where_ the celery commands are run. If you are in the same folder with _manage.py_, you should be right.
+
+To run [periodic tasks](https://docs.celeryq.dev/en/stable/userguide/periodic-tasks.html), you'll need to start the celery beat scheduler service. You can start it as a standalone process:
+
+```bash
+cd lms
+celery -A config.celery_app beat
+```
+
+or you can embed the beat service inside a worker with the `-B` option (not recommended for production use):
+
+```bash
+cd lms
+celery -A config.celery_app worker -B -l info
+```
+
+### Email Server
+
+In development, it is often nice to be able to see emails that are being sent from your application. For that reason local SMTP server [Mailpit](https://github.com/axllent/mailpit) with a web interface is available as docker container.
+
+Container mailpit will start automatically when you will run all docker containers.
+Please check [cookiecutter-django Docker documentation](https://cookiecutter-django.readthedocs.io/en/latest/2-local-development/developing-locally-docker.html) for more details how to start all containers.
+
+With Mailpit running, to view messages that are sent by your application, open your browser and go to `http://127.0.0.1:8025`
+
+### Sentry
+
+Sentry is an error logging aggregator service. You can sign up for a free account at <https://sentry.io/signup/?code=cookiecutter> or download and host it yourself.
+The system is set up with reasonable defaults, including 404 logging and integration with the WSGI application.
+
+You must set the DSN url in production.
+
+## Deployment
+
+The following details how to deploy this application.
+
+### Docker
+
+See detailed [cookiecutter-django Docker documentation](https://cookiecutter-django.readthedocs.io/en/latest/3-deployment/deployment-with-docker.html).

backend/compose/local/django/start

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-set -o errexit
+# set -o errexit
 set -o pipefail
 set -o nounset
 

backend/compose/local/docs/Dockerfile

@@ -0,0 +1,23 @@
+# Use a lightweight Python base image
+FROM python:3.12.8-alpine AS python
+
+# Python base stage
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+
+# Install dependencies
+RUN apk update && apk add --no-cache \
+    # Runtime dependencies
+    make \
+    gettext \
+    && rm -rf /var/cache/apk/*
+
+# Install MkDocs and required plugins
+RUN pip install mkdocs==1.5.1 mkdocs-material==9.1.15 mkdocs-markdownextradata-plugin
+
+# Copy the start script
+COPY ./compose/local/docs/start /start-docs
+RUN sed -i 's/\r$//g' /start-docs
+RUN chmod +x /start-docs
+
+WORKDIR /docs

backend/compose/local/docs/start

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -o errexit
+set -o pipefail
+set -o nounset
+
+# Start MkDocs live development server
+exec mkdocs serve -a 0.0.0.0:6000

backend/config/api_router.py

@@ -0,0 +1,13 @@
+# from django.conf import settings
+# from rest_framework.routers import DefaultRouter
+# from rest_framework.routers import SimpleRouter
+
+# from lms.users.api.views import UserViewSet
+
+# router = DefaultRouter() if settings.DEBUG else SimpleRouter()
+
+# router.register("users", UserViewSet)
+
+
+# app_name = "api"
+# urlpatterns = router.urls

backend/config/settings/base.py

@@ -75,6 +75,7 @@ THIRD_PARTY_APPS = [
     "crispy_forms",
     "crispy_bootstrap5",
     "allauth",
+    'allauth.headless',
     "allauth.account",
     "allauth.mfa",
     "allauth.socialaccount",
@@ -86,7 +87,6 @@ THIRD_PARTY_APPS = [
 ]
 
 LOCAL_APPS = [
-    "lms.users",
     "lms.accounts",
     "lms.app",
     # Your stuff: custom apps go here
@@ -103,7 +103,7 @@ MIGRATION_MODULES = {"sites": "lms.contrib.sites.migrations"}
 # ------------------------------------------------------------------------------
 # https://docs.djangoproject.com/en/dev/ref/settings/#authentication-backends
 AUTHENTICATION_BACKENDS = [
-    "django.contrib.auth.backends.ModelBackend",
+    # "django.contrib.auth.backends.ModelBackend",
     "allauth.account.auth_backends.AuthenticationBackend",
 ]
 # https://docs.djangoproject.com/en/dev/ref/settings/#auth-user-model
@@ -137,8 +137,8 @@ AUTH_PASSWORD_VALIDATORS = [
 # ------------------------------------------------------------------------------
 # https://docs.djangoproject.com/en/dev/ref/settings/#middleware
 MIDDLEWARE = [
-    "django.middleware.security.SecurityMiddleware",
     "corsheaders.middleware.CorsMiddleware",
+    "django.middleware.security.SecurityMiddleware",
     "whitenoise.middleware.WhiteNoiseMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.middleware.locale.LocaleMiddleware",
@@ -193,7 +193,6 @@ TEMPLATES = [
                 "django.template.context_processors.static",
                 "django.template.context_processors.tz",
                 "django.contrib.messages.context_processors.messages",
-                "lms.users.context_processors.allauth_settings",
             ],
         },
     },
@@ -235,7 +234,7 @@ EMAIL_TIMEOUT = 5
 # Django Admin URL.
 ADMIN_URL = "admin/"
 # https://docs.djangoproject.com/en/dev/ref/settings/#admins
-ADMINS = [("""Ahmed Nagi""", "ahmed10nagi@gmail.com")]
+ADMINS = [("""ص""", "e@gmail.com")]
 # https://docs.djangoproject.com/en/dev/ref/settings/#managers
 MANAGERS = ADMINS
 # https://cookiecutter-django.readthedocs.io/en/latest/settings.html#other-environment-settings
@@ -321,18 +320,37 @@ ACCOUNT_USERNAME_REQUIRED = False
 ACCOUNT_USER_MODEL_USERNAME_FIELD = None
 # https://docs.allauth.org/en/latest/account/configuration.html
 ACCOUNT_EMAIL_VERIFICATION = "mandatory"
+ACCOUNT_LOGIN_METHODS = {"email"}
 ACCOUNT_LOGOUT_ON_GET = True
-LOGOUT_ON_PASSWORD_CHANGE = False
+ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = False
 ACCOUNT_CHANGE_EMAIL = True
+# ACCOUNT_EMAIL_VERIFICATION_BY_CODE_ENABLED = True
+HEADLESS_SERVE_SPECIFICATION = True
+
 ACCOUNT_EMAIL_CONFIRMATION_HMAC = True
 ACCOUNT_CONFIRM_EMAIL_ON_GET = True
+ACCOUNT_MAX_EMAIL_ADDRESSES = 2
+
 ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL = None
 ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL = None
 # ACCOUNT_RATE_LIMITS = {
 #         "confirm_email": "1/4m", # 1 confirmation email every 4 minutes
 # }
+HEADLESS_FRONTEND_URLS = {
+    "account_signup":"http://localhost:3000/account/signup",
+    "account_confirm_email": "http://127.0.0.1:3000/account/email-confirmation/{key}/",
+
+    # "https://app.project.org/account/email/verify-email?token={key}",
+    "account_reset_password": "https://app.project.org/account/password/reset",
+    "account_reset_password_from_key": "https://app.project.org/account/password/reset/key/{key}",
+    # "account_signup": "https://app.project.org/account/signup",
+    # Fallback in case the state containing the `next` URL is lost and the handshake
+    # with the third-party provider fails.
+    # "socialaccount_login_error": "https://app.project.org/account/provider/callback",
+}
+HEADLESS_ONLY = True
 # https://docs.allauth.org/en/latest/account/configuration.html
-ACCOUNT_ADAPTER = "lms.accounts.adapters.CustomAccountAdapter"
+# ACCOUNT_ADAPTER = "lms.accounts.adapters.CustomAccountAdapter"
 # https://docs.allauth.org/en/latest/account/forms.html
 # ACCOUNT_FORMS = {"signup": "lms.users.forms.UserSignupForm"}
 # https://docs.allauth.org/en/latest/socialaccount/configuration.html
@@ -354,10 +372,13 @@ REST_FRAMEWORK = {
         'dj_rest_auth.jwt_auth.JWTCookieAuthentication',
     ),
     "DEFAULT_PERMISSION_CLASSES": (
+        # 'rest_framework.permissions.AllowAny',
         "rest_framework.permissions.IsAuthenticated",
         ),
     "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
+    'EXCEPTION_HANDLER': 'utils.exception_handler.custom_exception_handler',
 }
+
 REST_AUTH = {
     'LOGIN_SERIALIZER': 'lms.accounts.serializers.CustomLoginSerializer',
     'REGISTER_SERIALIZER': 'lms.accounts.serializers.CustomRegisterSerializer',
@@ -369,11 +390,11 @@ REST_AUTH = {
 from datetime import timedelta
 SIMPLE_JWT = {
     'ACCESS_TOKEN_LIFETIME': timedelta(hours=5),
-    'REFRESH_TOKEN_LIFETIME': timedelta(days=30),
+    'REFRESH_TOKEN_LIFETIME': timedelta(days=15),
     'ROTATE_REFRESH_TOKENS': True,
     'BLACKLIST_AFTER_ROTATION': True,
     'ALGORITHM': 'HS256',
-    'SIGNING_KEY': SECRET_KEY,
+    'SIGNING_KEY': 'env("SIGNING_KEY")',
 }
 
 # django-cors-headers - https://github.com/adamchainz/django-cors-headers#setup
@@ -385,8 +406,9 @@ SPECTACULAR_SETTINGS = {
     "TITLE": "Learning Management System API",
     "DESCRIPTION": "Documentation of API endpoints of Learning Management System",
     "VERSION": "1.0.0",
-    "SERVE_PERMISSIONS": ["rest_framework.permissions.IsAdminUser"],
+    # "SERVE_PERMISSIONS": ["rest_framework.permissions.IsAdminUser"],
     "SCHEMA_PATH_PREFIX": "/api/",
+    'SERVE_INCLUDE_SCHEMA': False,
 }
 # Your stuff...
 # ------------------------------------------------------------------------------

backend/config/settings/local.py

@@ -8,13 +8,46 @@ from .base import env
 # ------------------------------------------------------------------------------
 # https://docs.djangoproject.com/en/dev/ref/settings/#debug
 DEBUG = True
+DEBUG = True
 # https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
 SECRET_KEY = env(
     "DJANGO_SECRET_KEY",
     default="DM837WrWz7KIfZM2eb4swzqGlIG0VhhAIFNXf9KgamMtT42DTkHIEXfpF4N9rh2Y",
 )
 # https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = ["localhost", "0.0.0.0", "127.0.0.1"]  # noqa: S104
+ALLOWED_HOSTS = ["127.0.0.1", "localhost",
+ "8000-idx-learning-management-systemgit-1737467650700.cluster-y34ecccqenfhcuavp7vbnxv7zk.cloudworkstations.dev"
+ ]  # حدد المضيفين المسموح بهم
+
+CSRF_TRUSTED_ORIGINS = [
+    'http://localhost:3000',
+    'http://127.0.0.1:3000',
+    'https://8000-idx-learning-management-systemgit-1737467650700.cluster-y34ecccqenfhcuavp7vbnxv7zk.cloudworkstations.dev'
+]
+CORS_ORIGIN_ALLOW_ALL = True
+CORS_ALLOW_CREDENTIALS = False
+
+
+CORS_ALLOW_METHODS = [
+    "GET",
+    "POST",
+    "PUT",
+    "PATCH",
+    "DELETE",
+    "OPTIONS",
+]
+
+CORS_ALLOW_HEADERS = [
+    "content-type",
+    "authorization",
+    "accept",
+    "origin",
+    "user-agent",
+    "x-csrftoken",
+    "x-requested-with",
+    "x-session-token",
+]
+
 
 # CACHES
 # ------------------------------------------------------------------------------
@@ -81,3 +114,5 @@ INSTALLED_APPS += ["django_extensions"]
 CELERY_TASK_EAGER_PROPAGATES = True
 # Your stuff...
 # ------------------------------------------------------------------------------
+
+

backend/config/settings/production.py

@@ -204,3 +204,5 @@ SPECTACULAR_SETTINGS["SERVERS"] = [
 ]
 # Your stuff...
 # ------------------------------------------------------------------------------
+
+SIMPLE_JWT["SIGNING_KEY"]=SECRET_KEY

backend/config/urls.py

@@ -4,21 +4,26 @@ from django.conf.urls.static import static
 from django.contrib import admin
 from django.contrib.staticfiles.urls import staticfiles_urlpatterns
 from django.urls import include
-from django.urls import path
+from django.urls import path, re_path
 from django.views import defaults as default_views
 from django.views.generic import TemplateView
 from drf_spectacular.views import SpectacularAPIView
 from drf_spectacular.views import SpectacularSwaggerView
 from rest_framework.authtoken.views import obtain_auth_token
-from dj_rest_auth.views import PasswordResetConfirmView
+from lms.accounts.views import *
+
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework.permissions import AllowAny
+
+
 
 urlpatterns = [
     path("", TemplateView.as_view(template_name="pages/home.html"), name="home"),
     # Django Admin, use {% url 'admin:index' %}
     path(settings.ADMIN_URL, admin.site.urls),
-    # User management
-    path("users/", include("lms.users.urls", namespace="users")),
-    path("accounts/", include("allauth.urls")),
+    
+    path("authwed/", include("allauth.urls")),
     # Your stuff: custom urls includes go here
     # ...
     # Media files
@@ -30,24 +35,12 @@ if settings.DEBUG:
 
 # API URLS
 urlpatterns += [
-    path(
-        'auth/password/reset/confirm/<uidb64>/<token>/',
-        PasswordResetConfirmView.as_view(),
-        name='password_reset_confirm',
-    ),
-    path('auth/registration/', include('dj_rest_auth.registration.urls')),
-    path('auth/', include('dj_rest_auth.urls')),
-    path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
+    path("api/accounts/", include("allauth.urls")),
 
+    path('api/auth/', include('lms.accounts.urls')),
 
-    path('auth/', include('lms.accounts.urls')),
-    path('app/', include('lms.app.urls')),
+    path('api/app/', include('lms.app.urls')),
 
-
-    # API base url
-    path("api/", include("config.api_router")),
-    # DRF auth token
-    path("api/auth-token/", obtain_auth_token),
     path("api/schema/", SpectacularAPIView.as_view(), name="api-schema"),
     path(
         "api/docs/",

backend/docker-compose.docs.yml

@@ -12,5 +12,5 @@ services:
       - ./config:/app/config:z
       - ./lms:/app/lms:z
     ports:
-      - '9000:9000'
-    command: /start-docs
+      - '6000:6000'
+    command: mkdocs serve

backend/docs/mkdocs.yml

@@ -0,0 +1,67 @@
+# اسم الموقع
+site_name: My Project
+
+
+site_description: Learning Management System
+
+
+
+theme:
+  name: material
+  custom_dir: overrides   # تخصيص السمات (اختياري)
+  palette:
+    - scheme: default     # الوضع الافتراضي
+      primary: indigo     # اللون الأساسي
+      accent: pink        # اللون الثانوي
+    - scheme: slate       # وضع داكن
+      primary: deep purple
+      accent: amber
+  # features:
+  #   - navigation.tabs     # استخدام التبويبات للتنقل
+  #   - navigation.expand   # توسيع القوائم تلقائيًا
+  #   - toc.integrate       # دمج قائمة المحتويات (Table of Contents) مع التنقل
+  # logo: images/logo.png   # شعار الموقع (اختياري)
+  # favicon: images/favicon.ico # أيقونة الموقع (اختياري)
+
+# التنقل (Navigation)
+nav:
+  - Home: index.md
+  - Getting Started:
+      - Introduction: getting-started/introduction.md
+      - Installation: getting-started/installation.md
+  - Reference:
+      - API Documentation: reference/api.md
+      - CLI: reference/cli.md
+  - About: about.md
+
+# الإضافات (Plugins)
+plugins:
+  - search               # محرك البحث
+  - markdownextradata    # إدراج البيانات الإضافية (اختياري)
+
+# ملحقات Markdown
+markdown_extensions:
+  - admonition           # الملاحظات (تحذير، نصيحة، إلخ)
+  - codehilite           # تمييز الأكواد
+  - toc                  # قائمة المحتويات
+  - tables               # دعم الجداول
+  - pymdownx.arithmatex  # دعم LaTeX (للمعادلات الرياضية)
+  - pymdownx.superfences # تحسين تداخل الأكواد والجداول
+
+# إعدادات البحث
+extra:
+  search:
+    lang: en             # لغة البحث (يدعم الإنجليزية، الفرنسية، إلخ)
+    separator: "[\\s\\-]+" # الفاصل للبحث
+
+# بيانات إضافية (اختيارية)
+extra_css:
+  - styles/custom.css    # ملف CSS مخصص
+extra_javascript:
+  - scripts/custom.js    # ملف JavaScript مخصص
+
+# إعدادات مخرجات البناء
+# site_dir: site           # مسار مجلد الإخراج
+docs_dir: docs           # مسار مجلد الوثائق
+
+dev_addr: 0.0.0.0:6000

backend/lms/accounts/admin.py

@@ -7,7 +7,6 @@ class CustomUserAdmin(admin.ModelAdmin):
 
     # تخصيص الحقول
     fieldsets = (
-        (None, {'fields': ('username', 'password')}),
         ('Personal Info', {'fields': ('email', 'full_name', 'role')}),
         ('Permissions', {'fields': ('is_active', 'is_staff', 'is_superuser', 'groups', 'user_permissions')}),
         ('Important Dates', {'fields': ('last_login', 'date_joined')}),
@@ -16,12 +15,11 @@ class CustomUserAdmin(admin.ModelAdmin):
     add_fieldsets = (
         (None, {
             'classes': ('wide',),
-            'fields': ('username', 'password1', 'password2', 'email', 'full_name', 'role'),
+            'fields': ('password1', 'password2', 'email', 'full_name', 'role'),
         }),
     )
 
-    list_display = ('username', 'email', 'full_name', 'role', 'is_staff', 'is_active')
-    search_fields = ('username', 'email', 'full_name')
-    ordering = ('username',)
+    list_display = ('email', 'full_name', 'role', 'is_staff', 'is_active')
+    search_fields = ('email', 'full_name')
 
 admin.site.register(CustomUser, CustomUserAdmin)

backend/lms/accounts/middleware.py

@@ -0,0 +1,35 @@
+from django.contrib.auth import get_user_model
+
+
+User = get_user_model()
+
+class TransitionManager:
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        # هذه الخطوة تتم قبل وصول الطلب إلى الفيو
+        print("قبل معالجة الطلب")
+
+        # تمرير الطلب إلى الفيو والحصول على الاستجابة
+        response = self.get_response(request)
+
+        # التحقق من وجود المستخدم
+        try:
+            user = User.objects.get(email=request.user.email)
+            match user.role:
+                case "student":
+                    print("طالب")
+                case "instructor":
+                    print("instructor")
+                case "admin":
+                    print("مشرف")
+                case _:
+                    print("القيمة غير معروفة")
+        except User.DoesNotExist:
+            print("المستخدم غير موجود")
+        
+        print("بعد معالجة الطلب")
+
+        return response
+

backend/lms/accounts/migrations/0001_initial.py

@@ -0,0 +1,39 @@
+# Generated by Django 5.0.10 on 2025-01-21 13:50
+
+import django.utils.timezone
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0012_alter_user_first_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='CustomUser',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('email', models.EmailField(max_length=254, unique=True)),
+                ('full_name', models.CharField(blank=True, max_length=255, null=True)),
+                ('image', models.ImageField(blank=True, null=True, upload_to='account/profile_image/')),
+                ('role', models.CharField(blank=True, choices=[('student', 'Student'), ('instructor', 'Instructor'), ('admin', 'Admin')], max_length=20, null=True)),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
+                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
+            ],
+            options={
+                'verbose_name': 'user',
+                'verbose_name_plural': 'users',
+                'abstract': False,
+            },
+        ),
+    ]

backend/lms/accounts/models.py

@@ -0,0 +1,43 @@
+from django.db import models
+from django.contrib.auth.models import AbstractUser, BaseUserManager
+
+
+class CustomUserManager(BaseUserManager):
+    def create_user(self, email, password=None, **extra_fields):
+        if not email:
+            raise ValueError('The Email field must be set')
+        email = self.normalize_email(email)
+        user = self.model(email=email, **extra_fields)
+        user.set_password(password)
+        user.save(using=self._db)
+        return user
+
+    def create_superuser(self, email, password=None, **extra_fields):
+        extra_fields.setdefault('is_staff', True)
+        extra_fields.setdefault('is_superuser', True)
+        return self.create_user(email, password, **extra_fields)
+
+
+class CustomUser(AbstractUser):
+    ROLE_CHOICES = {
+        'student': 'Student',
+        'instructor': 'Instructor',
+        'admin': 'Admin',
+    }
+    username = None  
+    first_name = None  
+    last_name = None  
+
+    email = models.EmailField(unique=True)
+    full_name = models.CharField(max_length=255, null=True, blank=True)
+    image = models.ImageField(upload_to="account/profile_image/", null=True, blank=True)
+
+    role = models.CharField(max_length=20, choices=ROLE_CHOICES, null=True, blank=True)
+
+    objects = CustomUserManager()
+
+    USERNAME_FIELD = 'email'
+    REQUIRED_FIELDS = []  
+
+    def __str__(self):
+        return self.email

backend/lms/accounts/serializers.py

@@ -0,0 +1,116 @@
+from rest_framework import serializers
+from .models import *
+from dj_rest_auth.serializers import LoginSerializer
+from django.contrib.auth import authenticate
+from django.utils.translation import gettext_lazy as _
+from allauth.account.models import EmailAddress
+from dj_rest_auth.registration.serializers import RegisterSerializer
+from django.contrib.auth import get_user_model
+from rest_framework.exceptions import ValidationError
+from allauth.account.utils import send_email_confirmation
+from rest_framework.response import Response
+from lms.utils.exception_handler import CustomValidationError
+
+
+User = get_user_model()
+
+class UserSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = User
+        fields = ['id', 'email', 'full_name']
+
+
+class CustomLoginSerializer(LoginSerializer):
+    
+    email = serializers.EmailField(required=True)
+    password = serializers.CharField(style={'input_type': 'password'}, write_only=True)
+
+    def validate(self, attrs):
+        email = attrs.get('email')
+        password = attrs.get('password')
+
+        if not email or not password:
+            raise CustomValidationError(_("Please enter both email and password."))
+
+        # البحث عن المستخدم بالبريد الإلكتروني
+        users = User.objects.filter(email=email)
+        email_address = EmailAddress.objects.filter(email=email).first()
+
+        if not users.exists():
+            raise CustomValidationError(_("No account found with this email."))
+        
+        if not email_address.verified: 
+            CustomValidationError(_("Email not verified. Please verify your email first."))
+
+        if users.count() > 1:
+            raise CustomValidationError(_("Multiple accounts found with this email. Please contact support."))
+
+        user = users.first()
+
+        if not user.check_password(password):
+            raise CustomValidationError(_("Incorrect password."))
+
+        if not self.is_email_verified(user):
+            raise CustomValidationError(_("Email not verified. Please verify your email first."))
+
+        # إضافة المستخدم إلى الـ attrs
+        attrs['user'] = user
+        return attrs
+
+    def is_email_verified(self, user):
+        """
+        التحقق من حالة التحقق من البريد الإلكتروني.
+        """
+        try:
+            # استخدام نموذج EmailAddress للتحقق
+            email_address = EmailAddress.objects.get(user=user, email=user.email)
+            return email_address.verified
+        except EmailAddress.DoesNotExist:
+            return False
+
+
+class CustomRegisterSerializer(RegisterSerializer):
+    full_name = serializers.CharField(required=True)
+
+    def save(self, request):
+        email = self.data.get('email')
+
+        email_address = EmailAddress.objects.filter(email=email).first()
+        if email_address:
+            if email_address.verified: 
+                raise CustomValidationError({'email': 'This email is already.'})
+            else: 
+                send_email_confirmation(request, email_address.user)
+                raise CustomValidationError({'email': 'A confirmation email has been sent. Please confirm your email.'})
+        
+        user = super().save(request)
+        user.full_name = self.data.get('full_name', '')
+        user.save()
+       
+        send_email_confirmation(request, user)
+        return user
+
+
+
+class ChangeEmailSerializer(serializers.Serializer):
+    email = serializers.EmailField()
+
+    def validate_email(self, value):
+        if EmailAddress.objects.filter(email=value).exists() or User.objects.filter(email=value).exists():
+            raise CustomValidationError("This email is already in use.")
+        return value
+
+    def save(self, user):
+        email = self.validated_data["email"]
+        EmailAddress.objects.filter(user=user, verified=False).delete() # حذف الايميلات السابقة
+        
+        email_address, created = EmailAddress.objects.get_or_create(
+            user=user,
+            email=email,
+            defaults={"primary": False, "verified": False}
+        )
+        
+        if created:
+            send_email_confirmation(self.context["request"], user, email=email)
+            
+        return email

backend/lms/accounts/signals.py

@@ -0,0 +1,10 @@
+from allauth.account.signals import email_confirmed
+from django.dispatch import receiver
+from allauth.account.models import EmailAddress
+
+@receiver(email_confirmed)
+def set_primary_email(sender, request, email_address, **kwargs):
+    user = email_address.user
+    EmailAddress.objects.filter(user=user).update(primary=False)
+    email_address.primary = True
+    email_address.save()

backend/lms/accounts/urls.py

@@ -0,0 +1,17 @@
+from django.urls import path, re_path, include
+from dj_rest_auth.views import PasswordResetConfirmView
+from . import views
+
+
+urlpatterns = [
+    path('', include('dj_rest_auth.urls')),
+    path('registration/', include('dj_rest_auth.registration.urls')),
+    path("registration/account-confirm-email/", views.ConfirmEmailAPIView.as_view(),name="account_confirm_email",),
+    path(
+        'password/reset/confirm/<uidb64>/<token>/',
+        PasswordResetConfirmView.as_view(),
+        name='password_reset_confirm',
+    ),
+    path('change-email/', views.ChangeEmailView.as_view(), name='change_email'),
+    path('user-info/', views.UserView.as_view()),
+]

backend/lms/accounts/views.py

@@ -0,0 +1,82 @@
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework import status
+from django.utils.translation import gettext as _
+from allauth.account.models import EmailConfirmation, EmailConfirmationHMAC, EmailAddress
+from rest_framework.permissions import AllowAny, IsAuthenticated
+from .serializers import ChangeEmailSerializer
+from asgiref.sync import sync_to_async
+from django.contrib.auth import get_user_model
+from lms.utils.exception_handler import CustomValidationError
+User = get_user_model()
+
+class UserView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        user = request.user 
+        image_url = request.build_absolute_uri(user.image.url) if user.image else None
+        return Response({
+            "name": user.full_name,
+            "image": image_url
+        })
+
+    def patch(self, request):
+        print(request.data)
+        user = request.user
+        full_name = request.data.get('full_name')
+
+        if full_name:
+            user.full_name = full_name
+
+        profile_image = request.FILES.get('profile_image')
+        if profile_image:
+            user.image = profile_image
+            print("Ok")
+        user.save()
+
+        return Response(
+            {"ok"},
+            status=status.HTTP_200_OK
+        )
+                
+
+
+class ChangeEmailView(APIView):
+
+    def post(self, request, *args, **kwargs):
+        serializer = ChangeEmailSerializer(data=request.data, context={"request": request})
+        if serializer.is_valid():
+            serializer.save(user=request.user)
+            return Response({
+                "message": "Confirmation email has been sent to the new address.",
+                }, status=status.HTTP_200_OK)
+        
+        raise CustomValidationError(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+    
+    
+
+class ConfirmEmailAPIView(APIView):
+    permission_classes = [AllowAny]
+
+    def post(self, request, *args, **kwargs):
+        key = request.data.get("key")
+        if not key:
+            raise CustomValidationError({"detail": _("Key is required.")}, status=status.HTTP_400_BAD_REQUEST)
+
+        try:
+            # Attempt to retrieve the email confirmation using HMAC key
+            email_confirmation = EmailConfirmationHMAC.from_key(key)
+            if email_confirmation is None:
+                # If HMAC fails, fallback to database key
+                email_confirmation = EmailConfirmation.objects.get(key=key)
+        except EmailConfirmation.DoesNotExist:
+            raise CustomValidationError({"detail": _("Invalid or expired key.")}, status=status.HTTP_400_BAD_REQUEST)
+
+        if email_confirmation.email_address.verified:
+            return Response({"detail": _("Email is already verified.")}, status=status.HTTP_200_OK)
+
+        # Verify the email
+        email_confirmation.confirm(request)
+        email = email_confirmation.email_address.email
+        return Response({"detail": _("Email successfully verified."), "email": email}, status=status.HTTP_200_OK)

backend/lms/app/admin.py

@@ -4,19 +4,19 @@ from .models import *
 
 @admin.register(Course)
 class CourseAdmin(admin.ModelAdmin):
-    list_display = ('title', 'instructor', 'created_at', 'updated_at')
-    search_fields = ('title', 'instructor__username')
+    list_display = ('title', 'owner', 'created_at', 'updated_at')
+    search_fields = ('title', 'owner__username')
     list_filter = ('created_at', 'updated_at')
 
 @admin.register(Module)
 class ModuleAdmin(admin.ModelAdmin):
-    list_display = ('id', 'title', 'course', 'order')
+    list_display = ('id', 'title', 'course')
     search_fields = ('title', 'course__title')
     list_filter = ('course',)
 
 @admin.register(Lesson)
 class LessonAdmin(admin.ModelAdmin):
-    list_display = ('title', 'module', 'order')
+    list_display = ('title', 'module')
     search_fields = ('title', 'module__title')
     list_filter = ('module',)
 
@@ -26,11 +26,7 @@ class EnrollmentAdmin(admin.ModelAdmin):
     search_fields = ('student__username', 'course__title')
     list_filter = ('enrolled_at', 'completed')
 
-@admin.register(Quiz)
-class QuizAdmin(admin.ModelAdmin):
-    list_display = ('title', 'module')
-    search_fields = ('title', 'module__title')
-    list_filter = ('module',)
+
 
 @admin.register(Certificate)
 class CertificateAdmin(admin.ModelAdmin):

backend/lms/app/migrations/0001_initial.py

@@ -0,0 +1,86 @@
+# Generated by Django 5.0.10 on 2025-01-21 13:50
+
+import django.db.models.deletion
+import uuid
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='AD',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('title', models.CharField(max_length=255)),
+                ('description', models.TextField()),
+                ('image', models.ImageField(blank=True, null=True, upload_to='ads_images/')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Course',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
+                ('title', models.CharField(max_length=255, verbose_name='Course Title')),
+                ('description', models.TextField(verbose_name='Course Description')),
+                ('image', models.ImageField(null=True, upload_to='courses/image')),
+                ('is_paid', models.BooleanField(default=False)),
+                ('price', models.DecimalField(blank=True, decimal_places=2, max_digits=10, null=True)),
+                ('rating', models.PositiveSmallIntegerField(blank=True, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True, verbose_name='Created At')),
+                ('updated_at', models.DateTimeField(auto_now=True, verbose_name='Updated At')),
+                ('owner', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='owner', to=settings.AUTH_USER_MODEL, verbose_name='Owner')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Certificate',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
+                ('issued_at', models.DateTimeField(auto_now_add=True, verbose_name='Issued At')),
+                ('certificate_file', models.FileField(upload_to='certificates/', verbose_name='Certificate File')),
+                ('student', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='certificates', to=settings.AUTH_USER_MODEL, verbose_name='Student')),
+                ('course', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='certificates', to='app.course', verbose_name='Course')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Enrollment',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
+                ('enrolled_at', models.DateTimeField(auto_now_add=True, verbose_name='Enrollment Date')),
+                ('completed', models.BooleanField(default=False, verbose_name='Completed')),
+                ('course', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='enrollments', to='app.course', verbose_name='Course')),
+                ('student', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='students_enrollments', to=settings.AUTH_USER_MODEL, verbose_name='Student')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Module',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
+                ('title', models.CharField(max_length=255, verbose_name='Module Title')),
+                ('description', models.TextField(null=True, verbose_name='Module Description')),
+                ('course', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='modules', to='app.course', verbose_name='Course')),
+                ('created_by', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='Created By')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Lesson',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
+                ('title', models.CharField(max_length=255, verbose_name='Lesson Title')),
+                ('description', models.TextField(null=True, verbose_name='Lesson Description')),
+                ('content', models.TextField(verbose_name='Lesson Content')),
+                ('file', models.FileField(blank=True, null=True, upload_to='lesson_files/', verbose_name='Attached File')),
+                ('quiz', models.JSONField(null=True)),
+                ('created_by', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='Created By')),
+                ('module', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='lessons', to='app.module', verbose_name='Module')),
+            ],
+        ),
+    ]

backend/lms/app/models.py

@@ -1,49 +1,59 @@
 from django.db import models
 from uuid import uuid4
 from django.contrib.auth import get_user_model
-
+from rest_framework.exceptions import ValidationError
 
 User = get_user_model()
 
-# Table for courses (Course)
 class Course(models.Model):
     id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
     title = models.CharField(max_length=255, verbose_name="Course Title")
     description = models.TextField(verbose_name="Course Description")
-    instructor = models.ForeignKey(User, on_delete=models.CASCADE, related_name='courses_taught', verbose_name="Instructor")           
+    image = models.ImageField(upload_to="courses/image", null=True)
+    is_paid = models.BooleanField(default=False)
+    price = models.DecimalField(max_digits=10, decimal_places=2, null=True, blank=True)
+    owner = models.ForeignKey(User, on_delete=models.CASCADE, related_name='owner', verbose_name="Owner")      
+    rating = models.PositiveSmallIntegerField(null=True, blank=True)  
     created_at = models.DateTimeField(auto_now_add=True, verbose_name="Created At")
     updated_at = models.DateTimeField(auto_now=True, verbose_name="Updated At")
 
     def str(self):
         return self.title
     
-# Table for modules (Module)
+    def clean(self):
+        if self.is_paid and (self.price is None or self.price <= 0):
+            raise ValidationError({'price': 'Price must be set and greater than 0 for paid products.'})  
+        
+        if not self.is_paid and self.price:
+            raise ValidationError({'price': 'Price must be empty for free products.'})
+
+
 class Module(models.Model):
     id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
     title = models.CharField(max_length=255, verbose_name="Module Title")
-    description = models.TextField(verbose_name="Module Description")
+    description = models.TextField(null=True, verbose_name="Module Description")
     course = models.ForeignKey(Course, on_delete=models.CASCADE, related_name='modules', verbose_name="Course")
-    order = models.PositiveIntegerField(default=0, verbose_name="Order", unique=True)
+    created_by = models.ForeignKey(User, on_delete=models.CASCADE, null=True, blank=True, verbose_name="Created By")
 
     def str(self):
         return self.title
 
-# Table for lessons (Lesson)
 class Lesson(models.Model):
     id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
     title = models.CharField(max_length=255, verbose_name="Lesson Title")
+    description = models.TextField(null=True, verbose_name="Lesson Description")
     content = models.TextField(verbose_name="Lesson Content")
     module = models.ForeignKey(Module, on_delete=models.CASCADE, related_name='lessons', verbose_name="Module")
-    order = models.PositiveIntegerField(default=0, verbose_name="Order")
     file = models.FileField(upload_to='lesson_files/', null=True, blank=True, verbose_name="Attached File")
+    created_by = models.ForeignKey(User, on_delete=models.CASCADE, null=True, blank=True, verbose_name="Created By")
+    quiz = models.JSONField(null=True)
 
     def str(self):
         return self.title
 
-# Table for enrollments (Enrollment)
 class Enrollment(models.Model):
     id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
-    student = models.ForeignKey(User, on_delete=models.CASCADE, related_name='enrollments', verbose_name="Student")
+    student = models.ForeignKey(User, on_delete=models.CASCADE, related_name='students_enrollments', verbose_name="Student")
     course = models.ForeignKey(Course, on_delete=models.CASCADE, related_name='enrollments', verbose_name="Course")
     enrolled_at = models.DateTimeField(auto_now_add=True, verbose_name="Enrollment Date")
     completed = models.BooleanField(default=False, verbose_name="Completed")
@@ -51,21 +61,6 @@ class Enrollment(models.Model):
     def str(self):
         return f"{self.student.username} - {self.course.title}"
 
-# Table for quizzes (Quiz)
-class Quiz(models.Model):
-    id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
-    title = models.CharField(max_length=255, verbose_name="Quiz Title")
-    module = models.ForeignKey(Module, on_delete=models.CASCADE, related_name='quiz', verbose_name="Module")
-    questions = models.JSONField(verbose_name="Questions", null=True)  # Stores questions as a JSON list
-
-    def str(self):
-        return self.title
-
-
-    def str(self):
-        return f"{self.student.username} - {self.quiz.title}"
-
-# Table for certificates (Certificate)
 class Certificate(models.Model):
     id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
     student = models.ForeignKey(User, on_delete=models.CASCADE, related_name='certificates', verbose_name="Student")
@@ -75,3 +70,15 @@ class Certificate(models.Model):
 
     def str(self):
         return f"{self.student.username} - {self.course.title}"
+
+
+
+
+class AD(models.Model):
+    title = models.CharField(max_length=255)
+    description = models.TextField()
+    image = models.ImageField(upload_to='ads_images/', blank=True, null=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+
+    def __str__(self):
+        return self.title

backend/lms/app/permissions.py

@@ -0,0 +1,37 @@
+from rest_framework.permissions import IsAuthenticated, BasePermission, SAFE_METHODS 
+import logging
+
+logger = logging.getLogger(__name__)
+
+class IsOwnerOrReadOnly(BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+      
+        if request.method in SAFE_METHODS:
+            return True
+        
+        view_name = view.__class__.__name__
+        match view_name:
+            case "CourseViewSet":
+                return obj.owner == request.user
+                
+            case "ModuleViewSet":
+                return obj.created_by == request.user
+                
+            case "LessonViewSet":
+                return obj.created_by == request.user
+            
+            case "EnrollmentViewSet":
+                return obj.student == request.user
+                
+
+  
+  
+class IsAdmin(BasePermission):
+    """
+    Custom permission to allow access only to users with role 'instructor'.
+    """
+
+    def has_permission(self, request, view):
+        # Ensure the user is authenticated and has a role of 'instructor'
+        return request.user.is_authenticated and request.user.role == 'admin'

backend/lms/app/serializers.py

@@ -0,0 +1,89 @@
+from rest_framework import serializers
+from .models import *
+from dj_rest_auth.serializers import LoginSerializer
+from django.contrib.auth import authenticate
+from django.utils.translation import gettext_lazy as _
+from allauth.account.models import EmailAddress
+from dj_rest_auth.registration.serializers import RegisterSerializer
+from lms.utils.exception_handler import CustomValidationError
+
+
+
+class CourseSerializer(serializers.ModelSerializer):
+    owner_name = serializers.CharField(source='owner.full_name', read_only=True)
+    owner_image = serializers.SerializerMethodField()
+    students_in_course = serializers.SerializerMethodField()
+    class Meta:
+        model = Course
+        fields = ['id', 'title', 'description', 'is_paid', 'price', 'image', 'owner_name', 'owner_image', 'students_in_course', 'created_at', 'updated_at']
+        read_only_fields = ['created_at', 'updated_at']
+
+    def get_owner_image(self, obj):
+        request = self.context.get('request') 
+        if obj.owner.image:
+            return request.build_absolute_uri(obj.owner.image.url) 
+        return None
+
+    def get_students_in_course(self, obj):
+        return Enrollment.objects.filter(course=obj).values('student').distinct().count()
+
+
+
+class LessonSerializer(serializers.ModelSerializer):
+    module = serializers.PrimaryKeyRelatedField(queryset=Module.objects.all())
+
+    class Meta:
+        model = Lesson
+        fields = ['id', 'title', 'description', 'content', 'module', 'file']
+
+
+class ModuleSerializer(serializers.ModelSerializer):
+    lessons = serializers.SerializerMethodField()
+    class Meta:
+        model = Module
+        fields = ['id', 'title', 'description', 'lessons', 'course']
+        read_only_fields = ['course', 'lessons']
+        
+    def get_lessons(self, obj):
+        return obj.lessons.values('id', 'title', 'description')
+
+
+
+class EnrollmentSerializer(serializers.ModelSerializer):
+    course_details = serializers.SerializerMethodField() 
+    class Meta:
+        model = Enrollment
+        fields = ['id', 'course', 'course_details', 'enrolled_at', 'completed']
+        read_only_fields = ['enrolled_at']
+        
+    def get_course_details(self, obj):
+        course = obj.course
+        request = self.context.get('request') 
+        image_url = course.image.url if course.image else None
+        
+        if image_url and request:
+            image_url = request.build_absolute_uri(image_url)
+
+        return {
+            "id": course.id,
+            "title": course.title,
+            "description": course.description,
+            "image": image_url,
+            "is_paid": course.is_paid,
+            "price": course.price,
+            "rating": course.rating,
+        }
+
+
+        
+class CertificateSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Certificate
+        fields = ['student', 'course', 'issued_at', 'certificate_file']
+
+
+class PrivateEnrollmentSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Enrollment
+        fields = ['id', 'course', 'student', 'enrolled_at']
+        read_only_fields = ['enrolled_at']

backend/lms/app/signals.py

@@ -0,0 +1,3 @@
+from django.db.models.signals import pre_save
+from django.dispatch import receiver
+from .model import Module

backend/lms/app/tasks.py

@@ -0,0 +1,8 @@
+# tasks.py
+
+from celery import shared_task
+
+@shared_task
+def print_message(message):
+    print(f"الرسالة هي: {message}")
+    return message

backend/lms/app/tests/test_models.py

@@ -0,0 +1,107 @@
+from django.test import TestCase
+from django.contrib.auth import get_user_model
+from rest_framework.test import APIClient
+from rest_framework.exceptions import ValidationError
+from lms.app.models import Course, Module, Lesson, Enrollment, Certificate, AD
+from uuid import uuid4
+
+User = get_user_model()
+
+
+class ModelsTestCase(TestCase):
+
+    def setUp(self):
+        # Create test user
+        self.user = User.objects.create_user(email='testuser@email.com', password='password')
+        self.client = APIClient()
+        self.client.force_authenticate(user=self.user)
+
+        # Create a test course
+        self.course = Course.objects.create(
+            title="Test Course",
+            description="A test course description",
+            is_paid=True,
+            price=100.00,
+            owner=self.user
+        )
+
+    def test_course_creation(self):
+        """Test creating a course"""
+        self.assertEqual(Course.objects.count(), 1)
+        self.assertEqual(self.course.title, "Test Course")
+        self.assertTrue(self.course.is_paid)
+        self.assertEqual(self.course.price, 100.00)
+
+    def test_course_validation(self):
+        """Test course validation logic"""
+        course = Course(
+            title="Invalid Course",
+            description="Should fail validation",
+            is_paid=True,
+            price=None,  # Invalid case
+            owner=self.user
+        )
+        with self.assertRaises(ValidationError):
+            course.clean()
+
+    def test_module_creation(self):
+        """Test creating a module"""
+        module = Module.objects.create(
+            title="Test Module",
+            description="A test module description",
+            course=self.course,
+            created_by=self.user
+        )
+        self.assertEqual(Module.objects.count(), 1)
+        self.assertEqual(module.title, "Test Module")
+
+    def test_lesson_creation(self):
+        """Test creating a lesson"""
+        module = Module.objects.create(
+            title="Test Module",
+            course=self.course,
+            created_by=self.user
+        )
+        lesson = Lesson.objects.create(
+            title="Test Lesson",
+            description="A test lesson description",
+            content="Lesson content here",
+            module=module,
+            created_by=self.user
+        )
+        self.assertEqual(Lesson.objects.count(), 1)
+        self.assertEqual(lesson.title, "Test Lesson")
+        self.assertEqual(lesson.module, module)
+
+    def test_enrollment_creation(self):
+        """Test creating an enrollment"""
+        enrollment = Enrollment.objects.create(
+            student=self.user,
+            course=self.course,
+            completed=False
+        )
+        self.assertEqual(Enrollment.objects.count(), 1)
+        self.assertEqual(enrollment.student, self.user)
+        self.assertEqual(enrollment.course, self.course)
+
+    def test_certificate_creation(self):
+        """Test creating a certificate"""
+        certificate = Certificate.objects.create(
+            student=self.user,
+            course=self.course,
+            certificate_file='path/to/certificate.pdf'
+        )
+        self.assertEqual(Certificate.objects.count(), 1)
+        self.assertEqual(certificate.student, self.user)
+        self.assertEqual(certificate.course, self.course)
+
+    def test_ad_creation(self):
+        """Test creating an ad"""
+        ad = AD.objects.create(
+            title="Test Ad",
+            description="This is a test ad",
+            image=None
+        )
+        self.assertEqual(AD.objects.count(), 1)
+        self.assertEqual(ad.title, "Test Ad")
+        self.assertEqual(ad.description, "This is a test ad")

backend/lms/app/urls.py

@@ -7,7 +7,8 @@ router.register(r'courses', CourseViewSet, basename='course')
 router.register(r'modules', ModuleViewSet, basename='modules')
 router.register(r'lessons', LessonViewSet, basename='lessons')
 router.register(r'enrollment', EnrollmentViewSet, basename='enrollment')
-router.register(r'quiz', QuizViewSet, basename='quiz')
-router.register(r'certificate', CertificateViewSet, basename='certificate')
+# router.register(r'certificate', CertificateViewSet, basename='certificate')
 
-urlpatterns = router.urls
+urlpatterns = [
+
+] + router.urls

backend/lms/app/views.py

@@ -0,0 +1,328 @@
+from django.shortcuts import render
+from .serializers import *
+from .models import *
+from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet
+from rest_framework.response import Response
+from rest_framework import status
+from rest_framework.views import APIView
+from rest_framework.permissions import IsAuthenticated, BasePermission
+from .permissions import IsOwnerOrReadOnly, IsAdmin
+from rest_framework.decorators import action
+from rest_framework.exceptions import PermissionDenied
+from django.contrib.auth import get_user_model
+from lms.utils.exception_handler import CustomValidationError
+
+
+
+User = get_user_model()
+
+class CourseViewSet(ModelViewSet):
+    """
+    A ViewSet for viewing and editing Course instances.
+    """
+    queryset = Course.objects.all()
+    permission_classes = [IsAuthenticated, IsOwnerOrReadOnly]
+    serializer_class = CourseSerializer
+
+    def perform_create(self, serializer):
+        """
+        Save the post data when creating a new course.
+        """
+        
+        serializer.save(owner=self.request.user)
+        
+    @action(detail=False, methods=['get'], url_path='my-courses', url_name='my_courses')
+    def get_my_course(self, request):
+        my_courses = Course.objects.filter(owner=request.user).prefetch_related('enrollments__student')
+        total_students = Enrollment.objects.filter(course__in=my_courses).values('student').distinct().count()
+
+        serializer = self.get_serializer(my_courses, many=True)
+        response_data = {
+            "total_students": total_students,
+            "courses": serializer.data
+        }
+        return Response(response_data)
+
+
+
+class ModuleViewSet(ModelViewSet):
+    """
+    ViewSet for managing modules.
+    """
+
+    serializer_class = ModuleSerializer
+    permission_classes = [IsAuthenticated, IsOwnerOrReadOnly]    
+
+    def get_queryset(self):
+        """
+        Return modules only if the user is the course owner.
+        """
+        course_id = self.request.query_params.get('pk')  
+        if course_id:
+            course = Course.objects.filter(id=course_id).select_related('owner').first()
+            if course:
+                return Module.objects.filter(course=course).select_related('course')
+        return Module.objects.none()
+
+
+    def perform_create(self, serializer):
+        """
+        Allow only the course owner to create a module.
+        """
+        course_id = self.request.data.get('course')
+        course = Course.objects.filter(id=course_id, owner=self.request.user).first()
+        is_owner = course.owner == self.request.user
+        if not is_owner:
+            raise PermissionDenied("You do not have permission to create module.")
+        
+        if not course:
+            raise CustomValidationError(
+                {"detail": "This course not found."},
+                status=status.HTTP_404_NOT_FOUND,
+            )
+        serializer.save(course=course, created_by=self.request.user)
+        
+
+
+class LessonViewSet(ModelViewSet):
+    """
+    ViewSet for managing lessons.
+    """
+
+    serializer_class = LessonSerializer
+    permission_classes = [IsAuthenticated, IsOwnerOrReadOnly]    
+
+    def get_queryset(self):
+        """
+        Return a specific lesson within a specific module only if the user is authorized.
+        """
+
+        lesson_id = self.request.query_params.get('lesson_id')  # Get lesson ID from the request
+        module_id = self.request.query_params.get('module_id')  # Get module ID from the request
+
+        # Check if both lesson_id and module_id are provided
+        if not lesson_id or not module_id:
+            return Lesson.objects.none()  # Return no results if either is missing
+
+        # Verify that the module exist  
+        module = Module.objects.filter(id=module_id).first()
+        if not module:
+            return Lesson.objects.none()  # Return no results if the module does not exist
+
+        # Verify that the lesson exists and is associated with the module
+        lesson = Lesson.objects.filter(id=lesson_id, module=module).select_related('module__course__owner').first()
+        if not lesson:
+            return Lesson.objects.none()  # Return no results if the lesson does not exist or is not linked to the module
+
+        # Check if the user has access (owner of the course or enrolled in the course)
+        is_owner = module.course.owner == self.request.user
+        is_enrolled = Enrollment.objects.filter(course=module.course, student=self.request.user).exists()
+
+        if is_owner or is_enrolled:
+            
+            return Lesson.objects.filter(id=lesson_id) # Return the lesson if the user is authorized
+
+        return Lesson.objects.none()  # Deny access if the user is not authorized
+        
+    def perform_create(self, serializer):
+        """
+        Customize the creation of a lesson to include the module and the user who created it.
+        """
+        module_id = self.request.data.get('module')  # Get the module ID from the request
+        module = Module.objects.filter(id=module_id).first()  # Fetch the module
+        is_owner = module.course.owner == self.request.user
+        if not is_owner:
+            raise PermissionDenied("You do not have permission to create lessons in this module.")
+
+        if not module:
+            raise serializers.ValidationError({"module": "Module does not exist."})
+
+        # Save the lesson with the module and created_by user
+        serializer.save(module=module, created_by=self.request.user)
+
+    @action(detail=False, methods=['patch'], url_path='update-lesson')
+    def patch_lesson(self, request, *args, **kwargs):
+        """
+        Custom PATCH method to update a lesson.
+        """
+
+        lesson_id = self.request.query_params.get('lesson_id')
+        if not lesson_id:
+            raise CustomValidationError({"detail": "Lesson ID is required in the URL."}, status=status.HTTP_400_BAD_REQUEST)
+
+        lesson = Lesson.objects.filter(id=lesson_id).first()
+        if not lesson:
+            raise CustomValidationError({"detail": "Lesson not found."}, status=status.HTTP_404_NOT_FOUND)
+
+        is_owner = lesson.module.course.owner == request.user
+
+        if not is_owner:
+            raise PermissionDenied("You do not have permission to update this lesson.")
+
+        serializer = self.get_serializer(lesson, data=request.data, partial=True)  # partial=True لتحديث الحقول المطلوبة فقط
+        if serializer.is_valid():
+            serializer.save()
+            return Response(serializer.data, status=status.HTTP_200_OK)
+
+        raise CustomValidationError(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+
+
+    
+    @action(detail=False, methods=['delete'], url_path='delete-lesson')
+    def delete_lesson(self, request, *args, **kwargs):
+        """
+        Custom DELETE method to delete a lesson.
+        """
+        # الحصول على معرف الكائن (lesson_id) من الـ URL
+        lesson_id = request.query_params.get('lesson_id')
+        if not lesson_id:
+            raise CustomValidationError(
+                {"detail": "Lesson ID is required in the URL."},
+                status=status.HTTP_400_BAD_REQUEST
+            )
+
+
+        try:
+            lesson = Lesson.objects.get(id=lesson_id)
+        except Lesson.DoesNotExist:
+            raise CustomValidationError(
+                {"detail": "Lesson not found."},
+                status=status.HTTP_404_NOT_FOUND
+            )
+
+        is_owner = lesson.module.course.owner == request.user
+
+        if not is_owner:
+            raise PermissionDenied("You do not have permission to delete this lesson.")
+
+        lesson.delete()
+
+        return Response(
+            {"detail": "Lesson deleted successfully."},
+            status=status.HTTP_204_NO_CONTENT
+        )
+
+
+
+class EnrollmentViewSet(ModelViewSet):
+    queryset = Enrollment.objects.all()
+    serializer_class = EnrollmentSerializer
+    permission_classes = [IsAuthenticated]
+    http_method_names = ['get', 'post', 'delete']
+    
+    def list(self, request, *args, **kwargs):
+        instance = Enrollment.objects.filter(student=request.user).select_related('course__owner')
+        
+        serializer = self.get_serializer(instance, many=True)
+        return Response(serializer.data) 
+
+
+    def create(self, request, *args, **kwargs):
+        
+        course_id = request.data.get('course_id')
+
+        # Check if the student and course exist
+        try:
+            course = Course.objects.get(id=course_id)
+        except Course.DoesNotExist:
+            raise CustomValidationError({"detail": "Course not found"}, status=status.HTTP_404_NOT_FOUND)
+
+        if course.is_paid:
+            raise CustomValidationError({"detail": "This is paid"}, status=status.HTTP_404_NOT_FOUND)
+
+        if Enrollment.objects.filter(student=request.user, course=course).exists():
+            raise CustomValidationError({"detail": "You are already subscribed to this course."}, status=status.HTTP_404_NOT_FOUND)
+
+        if course.owner == request.user:
+            raise CustomValidationError({"detail": "You can't enroll in your course"}, status=status.HTTP_404_NOT_FOUND)
+        
+        # Create a new enrollment
+        enrollment = Enrollment.objects.create(student=request.user, course=course)
+        serializer = self.get_serializer(enrollment)
+        return Response(serializer.data, status=status.HTTP_201_CREATED)
+
+
+    @action(detail=False, methods=['post'], url_path='private-enrollment')
+    def private_enrollment( self, request):
+        """
+            Handles the private enrollment of a student into a specific course.
+
+            This custom action allows the owner of a paid course to manually enroll a student
+            using their email address. The course ID is provided in the URL, and the student's 
+            email is received in the request body.
+        """
+        course_id = request.data.get('course')
+        student_email = request.data.get('student_email').strip()
+
+        # Check if the course & student exists
+        course = Course.objects.filter(id=course_id).select_related('owner').first()
+        student = User.objects.filter(email=student_email).first()
+
+        if not student:
+            raise CustomValidationError("User not found", status=status.HTTP_404_NOT_FOUND)
+
+        if student_email == request.user.email:
+            raise CustomValidationError("You can't add yourself", status=status.HTTP_400_BAD_REQUEST)
+
+
+        if Enrollment.objects.filter(student__email=student_email, course=course).exists():
+            raise CustomValidationError("This user already exists", status=status.HTTP_400_BAD_REQUEST)
+
+        if not course.is_paid:
+            raise CustomValidationError("Course is not paid", status=status.HTTP_400_BAD_REQUEST)
+
+        # Allow only the course owner to enroll students
+        if course.owner != request.user:
+            raise CustomValidationError("You do not have permission to enroll students in this course",
+                                        status=status.HTTP_403_FORBIDDEN)
+
+        # Validate the data before saving
+        enrollment_data = {
+            'course': course.id,
+            'student': student.id
+        }
+        serializer = PrivateEnrollmentSerializer(data=enrollment_data)
+        if serializer.is_valid():
+            serializer.save()
+            return Response(f"Student {student.full_name} has been added",
+                                         status=status.HTTP_201_CREATED)
+
+        raise CustomValidationError(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+    @action(detail=False, methods=['get'], url_path='get-my-students')
+    def get_my_students(self, request):
+        """
+        Fetch detailed information about my students in a specific course.
+        """
+        course_id = request.query_params.get('course')  
+        if not course_id:
+            raise CustomValidationError(
+                {"detail": "Course ID is required in the query parameters."},
+                status=status.HTTP_400_BAD_REQUEST
+            )
+    
+        try:
+            course = Course.objects.get(id=course_id, owner=request.user)
+        except Course.DoesNotExist:
+            raise CustomValidationError(
+                {"detail": "Course not found or you do not have permission to access it."},
+                status=status.HTTP_404_NOT_FOUND
+            )
+    
+        my_students = (
+            Enrollment.objects.filter(course=course)
+            .select_related('student')
+            .values('student__full_name', 'student__email')
+            .distinct()
+        )
+
+        return Response(list(my_students), status=status.HTTP_200_OK)
+
+    
+
+
+
+        
+
+    

backend/lms/conftest.py

@@ -0,0 +1,14 @@
+# import pytest
+
+# from lms.users.models import User
+# from lms.users.tests.factories import UserFactory
+
+
+# @pytest.fixture(autouse=True)
+# def _media_storage(settings, tmpdir) -> None:
+#     settings.MEDIA_ROOT = tmpdir.strpath
+
+
+# @pytest.fixture
+# def user(db) -> User:
+#     return UserFactory()

backend/lms/contrib/sites/migrations/0003_set_site_domain_and_name.py

@@ -6,6 +6,7 @@ http://cookiecutter-django.readthedocs.io/en/latest/faq.html#why-is-there-a-djan
 from django.conf import settings
 from django.db import migrations
 
+domain_name = "example.com" # Front end domain
 
 def _update_or_create_site_with_sequence(site_model, connection, domain, name):
     """Update or create the site with default ID and keep the DB sequence in sync."""
@@ -40,7 +41,7 @@ def update_site_forward(apps, schema_editor):
     _update_or_create_site_with_sequence(
         Site,
         schema_editor.connection,
-        "example.com",
+        domain_name,
         "Learning Management System",
     )
 
@@ -51,8 +52,8 @@ def update_site_backward(apps, schema_editor):
     _update_or_create_site_with_sequence(
         Site,
         schema_editor.connection,
-        "example.com",
-        "example.com",
+        domain_name,
+        domain_name,
     )