feat: Implement initial schema and add various API, service, and management command enhancements across the application.

backend/config/settings/rest_framework.py

@@ -82,15 +82,11 @@ REST_FRAMEWORK = {
 CORS_ALLOW_CREDENTIALS = True
 
 # Allow all origins (not recommended for production)
-CORS_ALLOW_ALL_ORIGINS = config(
-    "CORS_ALLOW_ALL_ORIGINS", default=False, cast=bool
-)
+CORS_ALLOW_ALL_ORIGINS = config("CORS_ALLOW_ALL_ORIGINS", default=False, cast=bool)
 
 # Specific allowed origins (comma-separated)
 CORS_ALLOWED_ORIGINS = config(
-    "CORS_ALLOWED_ORIGINS",
-    default="",
-    cast=lambda v: [s.strip() for s in v.split(",") if s.strip()]
+    "CORS_ALLOWED_ORIGINS", default="", cast=lambda v: [s.strip() for s in v.split(",") if s.strip()]
 )
 
 # Allowed HTTP headers for CORS requests
@@ -129,33 +125,27 @@ CORS_EXPOSE_HEADERS = [
 # API Rate Limiting
 # =============================================================================
 
-API_RATE_LIMIT_PER_MINUTE = config(
-    "API_RATE_LIMIT_PER_MINUTE", default=60, cast=int
-)
-API_RATE_LIMIT_PER_HOUR = config(
-    "API_RATE_LIMIT_PER_HOUR", default=1000, cast=int
-)
+API_RATE_LIMIT_PER_MINUTE = config("API_RATE_LIMIT_PER_MINUTE", default=60, cast=int)
+API_RATE_LIMIT_PER_HOUR = config("API_RATE_LIMIT_PER_HOUR", default=1000, cast=int)
 
 # =============================================================================
 # SimpleJWT Settings
 # =============================================================================
 # JWT token configuration for authentication
 
+
 # Import SECRET_KEY for signing tokens
 # This will be set by base.py before this module is imported
 def get_secret_key():
     """Get SECRET_KEY lazily to avoid circular imports."""
     return config("SECRET_KEY")
 
+
 SIMPLE_JWT = {
     # Token lifetimes
     # Short access tokens (15 min) provide better security
-    "ACCESS_TOKEN_LIFETIME": timedelta(
-        minutes=config("JWT_ACCESS_TOKEN_LIFETIME_MINUTES", default=15, cast=int)
-    ),
-    "REFRESH_TOKEN_LIFETIME": timedelta(
-        days=config("JWT_REFRESH_TOKEN_LIFETIME_DAYS", default=7, cast=int)
-    ),
+    "ACCESS_TOKEN_LIFETIME": timedelta(minutes=config("JWT_ACCESS_TOKEN_LIFETIME_MINUTES", default=15, cast=int)),
+    "REFRESH_TOKEN_LIFETIME": timedelta(days=config("JWT_REFRESH_TOKEN_LIFETIME_DAYS", default=7, cast=int)),
     # Token rotation and blacklisting
     # Rotate refresh tokens on each use and blacklist old ones
     "ROTATE_REFRESH_TOKENS": True,
@@ -177,9 +167,7 @@ SIMPLE_JWT = {
     # User identification
     "USER_ID_FIELD": "id",
     "USER_ID_CLAIM": "user_id",
-    "USER_AUTHENTICATION_RULE": (
-        "rest_framework_simplejwt.authentication.default_user_authentication_rule"
-    ),
+    "USER_AUTHENTICATION_RULE": ("rest_framework_simplejwt.authentication.default_user_authentication_rule"),
     # Token classes
     "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
     "TOKEN_TYPE_CLAIM": "token_type",
@@ -211,9 +199,7 @@ REST_AUTH = {
     # SameSite cookie attribute (Lax is compatible with OAuth flows)
     "JWT_AUTH_SAMESITE": "Lax",
     "JWT_AUTH_RETURN_EXPIRATION": True,
-    "JWT_TOKEN_CLAIMS_SERIALIZER": (
-        "rest_framework_simplejwt.serializers.TokenObtainPairSerializer"
-    ),
+    "JWT_TOKEN_CLAIMS_SERIALIZER": ("rest_framework_simplejwt.serializers.TokenObtainPairSerializer"),
 }
 
 # =============================================================================