Merge pull request 'Agregar método de pago crédito #20' (#36) from add_credit_pay_method_#20 into main

Reviewed-on: #36

AGENTS.md

@@ -0,0 +1,108 @@
+# Don Confiao Backend - Contexto del Proyecto
+
+## Tipo de Proyecto
+Backend Django con Django REST Framework
+
+## Estructura del Proyecto
+```
+don_confiao_backend/
+├── requirements.txt           # Dependencias Python
+├── docker-compose.yml        # Configuración Docker
+├── django.Dockerfile         # Dockerfile Django
+├── .env                      # Variables de entorno
+├── .env_example              # Ejemplo de variables de entorno
+├── README.rst                # Documentación básica
+├── Rakefile                  # Tareas rake
+├── doc/                      # Documentación adicional
+│   └── requests.org
+└── tienda_ilusion/           # Proyecto Django
+    ├── manage.py
+    ├── db.sqlite3            # Base de datos SQLite
+    ├── don_confiao/         # App principal
+    │   ├── models.py         # Modelos: Customer, Product, Sale, SaleLine, Payment, ReconciliationJar, AdminCode
+    │   ├── views.py
+    │   ├── api_views.py
+    │   ├── serializers.py
+    │   ├── forms.py
+    │   ├── admin.py
+    │   ├── urls.py
+    │   ├── export_csv.py
+    │   ├── tests/            # Tests
+    │   └── migrations/
+    ├── users/                # App de usuarios
+    │   ├── models.py
+    │   ├── views.py
+    │   ├── serializers.py
+    │   ├── urls.py
+    │   └── tests/
+    └── tienda_ilusion/       # Configuración Django
+        ├── settings.py
+        ├── urls.py
+        ├── wsgi.py
+        └── asgi.py
+```
+
+## Dependencias Principales
+- Django==5.0.6
+- djangorestframework
+- django-cors-headers
+- djangorestframework-simplejwt
+- sabatron-tryton-rpc-client==7.4.0 (integración con Tryton ERP)
+
+## Modelos Principales (don_confiao/models.py)
+- **Customer**: Clientes (name, address, email, phone, external_id)
+- **Product**: Productos (name, price, measuring_unit, categories)
+- **ProductCategory**: Categorías de productos
+- **Sale**: Ventas (customer, date, phone, description, payment_method, reconciliation)
+- **SaleLine**: Líneas de venta (sale, product, quantity, unit_price, description)
+- **Payment**: Pagos (date_time, type_payment, amount, reconciliation_jar)
+- **PaymentSale**: Relación muchos a muchos entre Payment y Sale
+- **ReconciliationJar**: Arqueo de caja (is_valid, date_time, reconcilier, cash_taken, cash_discrepancy)
+- **AdminCode**: Códigos de administrador
+
+## Autenticación
+- JWT con djangorestframework-simplejwt
+- ACCESS_TOKEN_LIFETIME: 30 minutos
+- REFRESH_TOKEN_LIFETIME: 1 día
+
+## API Endpoints
+- REST API en don_confiao/api_views.py y users/
+- URLs en don_confiao/urls.py y users/urls.py
+
+## Ejecución con Docker Compose
+
+El proyecto se ejecuta con docker-compose. Todos los comandos `manage.py` deben ejecutarse dentro del contenedor:
+
+```bash
+# Ejecutar tests
+docker-compose run --rm django python manage.py test
+
+# Migraciones
+docker-compose run --rm django python manage.py makemigrations
+docker-compose run --rm django python manage.py migrate
+
+# Servidor desarrollo
+docker-compose up
+
+# Shell Django
+docker-compose run --rm django python manage.py shell
+
+# Crear superuser
+docker-compose run --rm django python manage.py createsuperuser
+```
+
+Nota: El volumen monta `tienda_ilusion/` en `/app/`, por lo que el path correcto es `python manage.py` (no `python tienda_ilusion/manage.py`).
+
+## Tests
+- Framework: Django unittest
+- Directorio: don_confiao/tests/
+- Ejecutar: `docker-compose run --rm django python manage.py test`
+
+## Comandos Útiles (dentro del contenedor)
+- Migraciones: `docker-compose run --rm django python manage.py makemigrations && docker-compose run --rm django python manage.py migrate`
+- Servidor desarrollo: `docker-compose up`
+- Shell Django: `docker-compose run --rm django python manage.py shell`
+- Superuser: `docker-compose run --rm django python manage.py createsuperuser`
+
+## Integraciones
+- **Tryton ERP**: Integración mediante sabatron-tryton-rpc-client para sincronización de clientes, productos y ventas

doc/requests.org

@@ -0,0 +1,76 @@
+* Requests
+Ejemplo de request contra la api usando [[https://github.com/federicotdn/verb][verb]]
+
+** Autenticación :verb:
+template http://localhost:7000/api
+Content-Type: application/json;
+*** Solicitar token
+post /token/
+
+{
+    "username": "admin",
+    "password": "123"
+}
+**** respuesta
+#+begin_src json
+{
+  "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTc3MTE4NzYxOSwiaWF0IjoxNzcxMTAxMjE5LCJqdGkiOiI5ZTgzNGRlM2QzMmQ0NmQyODEwZGQ2MjI2ODUwNjgzNyIsInVzZXJfaWQiOiIyIn0.JaUOqEAZ2T8vVT36mXfweMmYjEWsP7toD07jeeyrl1k",
+  "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzMDE5LCJpYXQiOjE3NzExMDEyMTksImp0aSI6ImFmOWFjNGM1MzBiZjQ4ZGE4Yzg2MWFjYzIzNjQ3NjU3IiwidXNlcl9pZCI6IjIifQ.6wH5sx1fyFn3Wt3DVZGYbiYi79rGthUZkgGmTqzebXc"
+}
+#+end_src
+*** Perfil de usuario
+get /users/me/
+Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzMDE5LCJpYXQiOjE3NzExMDEyMTksImp0aSI6ImFmOWFjNGM1MzBiZjQ4ZGE4Yzg2MWFjYzIzNjQ3NjU3IiwidXNlcl9pZCI6IjIifQ.6wH5sx1fyFn3Wt3DVZGYbiYi79rGthUZkgGmTqzebXc
+**** Respuesta
+#+begin_src json
+{
+  "id": 2,
+  "username": "admin",
+  "email": "correo@example.com",
+  "first_name": "",
+  "last_name": ""
+}
+#+end_src
+*** Renovar token
+post /token/refresh/
+
+{
+   "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTc3MTE4NzYxOSwiaWF0IjoxNzcxMTAxMjE5LCJqdGkiOiI5ZTgzNGRlM2QzMmQ0NmQyODEwZGQ2MjI2ODUwNjgzNyIsInVzZXJfaWQiOiIyIn0.JaUOqEAZ2T8vVT36mXfweMmYjEWsP7toD07jeeyrl1k"
+}
+**** response
+#+begin_src json
+{
+  "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzNjA1LCJpYXQiOjE3NzExMDE4MDUsImp0aSI6ImJjZTY5ZTA3MTIyOTQxMTg5NmFjYzk1ZDNiOThhMTI0IiwidXNlcl9pZCI6IjIifQ.b4Z1c_Yi5tsLZ-7F0KZcM2tai-f1VeaE881j2pKDwYA"
+}
+#+end_src
+** Don confiao :verb:
+template http://localhost:7000/don_confiao/api/
+Content-Type: application/json;
+Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzNjA1LCJpYXQiOjE3NzExMDE4MDUsImp0aSI6ImJjZTY5ZTA3MTIyOTQxMTg5NmFjYzk1ZDNiOThhMTI0IiwidXNlcl9pZCI6IjIifQ.b4Z1c_Yi5tsLZ-7F0KZcM2tai-f1VeaE881j2pKDwYA
+*** todas las rutas
+get
+**** response
+#+begin_src json
+{
+  "sales": "http://localhost:7000/don_confiao/api/sales/",
+  "customers": "http://localhost:7000/don_confiao/api/customers/",
+  "products": "http://localhost:7000/don_confiao/api/products/",
+  "reconciliate_jar": "http://localhost:7000/don_confiao/api/reconciliate_jar/"
+}
+#+end_src
+*** customers
+get customers/
+**** response
+#+begin_src json
+[
+  {
+    "id": 1,
+    "name": "Consumidor Final",
+    "address": "",
+    "email": "",
+    "phone": "",
+    "external_id": "2753"
+  },
+  ...
+]
+#+end_src

requirements.txt

@@ -1,4 +1,5 @@
 Django==5.0.6
 djangorestframework
 django-cors-headers
+djangorestframework-simplejwt
 sabatron-tryton-rpc-client==7.4.0

tienda_ilusion/don_confiao/api_views.py

@@ -3,10 +3,12 @@ from rest_framework.response import Response
 from rest_framework.status import HTTP_400_BAD_REQUEST
 from rest_framework.views import APIView
 from rest_framework.pagination import PageNumberPagination
+from rest_framework.permissions import IsAuthenticated
 
 from .models import Sale, SaleLine, Customer, Product, ReconciliationJar, PaymentMethods, AdminCode
 from .serializers import SaleSerializer, ProductSerializer, CustomerSerializer, ReconciliationJarSerializer, PaymentMethodSerializer, SaleForRenconciliationSerializer, SaleSummarySerializer
 from .views import sales_to_tryton_csv
+from .permissions import IsAdministrator
 
 from decimal import Decimal
 from sabatron_tryton_rpc_client.client import Client
@@ -38,10 +40,12 @@ class SaleView(viewsets.ModelViewSet):
         date = data['date']
         lines = data['saleline_set']
         payment_method = data['payment_method']
+        description = data.get('notes', '')
         sale = Sale.objects.create(
             customer=customer,
             date=date,
-            payment_method=payment_method
+            payment_method=payment_method,
+            description=description
         )
 
         for line in lines:
@@ -72,6 +76,8 @@ class CustomerView(viewsets.ModelViewSet):
 
 
 class ReconciliateJarView(APIView):
+    permission_classes = [IsAuthenticated, IsAdministrator]
+
     def post(self, request):
         data = request.data
         cash_purchases_id = data.get('cash_purchases')
@@ -97,7 +103,8 @@ class ReconciliateJarView(APIView):
 
     def _is_valid_total(self, purchases, total):
         calculated_total = sum(p.get_total() for p in purchases)
-        return calculated_total == Decimal(total)
+        return Decimal(calculated_total).quantize(Decimal('.0001')) == (
+            Decimal(total).quantize(Decimal('.0001')))
 
     def _get_other_purchases(self, other_totals):
         if not other_totals:
@@ -128,6 +135,8 @@ class PaymentMethodView(APIView):
 
 
 class SalesForReconciliationView(APIView):
+    permission_classes = [IsAuthenticated, IsAdministrator]
+
     def get(self, request):
         sales = Sale.objects.filter(reconciliation=None)
         grouped_sales = {}
@@ -149,6 +158,8 @@ class SaleSummary(APIView):
 
 
 class AdminCodeValidateView(APIView):
+    permission_classes = [IsAuthenticated, IsAdministrator]
+
     def get(self, request, code):
         codes = AdminCode.objects.filter(value=code)
         return Response({'validCode': bool(codes)})
@@ -158,9 +169,12 @@ class ReconciliateJarModelView(viewsets.ModelViewSet):
     queryset = ReconciliationJar.objects.all().order_by('-date_time')
     pagination_class = Pagination
     serializer_class = ReconciliationJarSerializer
+    permission_classes = [IsAuthenticated, IsAdministrator]
 
 
 class SalesForTrytonView(APIView):
+    permission_classes = [IsAuthenticated, IsAdministrator]
+
     def get(self, request):
         sales = Sale.objects.all()
         csv = self._generate_sales_CSV(sales)
@@ -177,6 +191,8 @@ class SalesForTrytonView(APIView):
 
 
 class SalesToTrytonView(APIView):
+    permission_classes = [IsAuthenticated, IsAdministrator]
+
     def post(self, request):
         tryton_client = Client(
             hostname=TRYTON_HOST,
@@ -233,14 +249,18 @@ class TrytonSale:
             "shipment_address": self.sale.customer.address_external_id,
             "invoice_address": self.sale.customer.address_external_id,
             "currency": TRYTON_COP_CURRENCY,
-            "description": self.sale.description or '',
+            "comment": self.sale.description or '',
+            "description": "Metodo pago: " + str(
+                self.sale.payment_method or ''
+            ),
             "party": self.sale.customer.external_id,
             "reference": "don_confiao " + str(self.sale.id),
             "sale_date": self._format_date(self.sale.date),
             "lines": [[
                 "create",
                 [TrytonLineSale(line).to_tryton() for line in self.lines]
-            ]]
+            ]],
+            "self_pick_up": True,
         }
 
 
@@ -262,6 +282,8 @@ class TrytonLineSale:
 
 
 class ProductsFromTrytonView(APIView):
+    permission_classes = [IsAuthenticated, IsAdministrator]
+
     def post(self, request):
         tryton_client = Client(
             hostname=TRYTON_HOST,
@@ -355,6 +377,8 @@ class ProductsFromTrytonView(APIView):
 
 
 class CustomersFromTrytonView(APIView):
+    permission_classes = [IsAuthenticated, IsAdministrator]
+
     def post(self, request):
         tryton_client = Client(
             hostname=TRYTON_HOST,

tienda_ilusion/don_confiao/migrations/0044_alter_payment_type_payment_alter_sale_payment_method.py

@@ -0,0 +1,23 @@
+# Generated by Django 5.0.6 on 2026-03-15 04:39
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('don_confiao', '0043_customer_address_external_id'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='payment',
+            name='type_payment',
+            field=models.CharField(choices=[('CASH', 'Efectivo'), ('CONFIAR', 'Confiar'), ('BANCOLOMBIA', 'Bancolombia'), ('CREDIT', 'Crédito')], default='CASH', max_length=30),
+        ),
+        migrations.AlterField(
+            model_name='sale',
+            name='payment_method',
+            field=models.CharField(choices=[('CASH', 'Efectivo'), ('CONFIAR', 'Confiar'), ('BANCOLOMBIA', 'Bancolombia'), ('CREDIT', 'Crédito')], default='CASH', max_length=30),
+        ),
+    ]

tienda_ilusion/don_confiao/models.py

@@ -10,6 +10,7 @@ class PaymentMethods(models.TextChoices):
     CASH = 'CASH', _('Efectivo')
     CONFIAR = 'CONFIAR', _('Confiar')
     BANCOLOMBIA = 'BANCOLOMBIA', _('Bancolombia')
+    CREDIT = 'CREDIT', _('Crédito')
 
 
 class Customer(models.Model):

tienda_ilusion/don_confiao/permissions.py

@@ -0,0 +1,6 @@
+from rest_framework.permissions import BasePermission
+
+
+class IsAdministrator(BasePermission):
+    def has_permission(self, request, view):
+        return request.user and request.user.is_staff

tienda_ilusion/don_confiao/tests/Mixins.py

@@ -0,0 +1,19 @@
+from django.contrib.auth.models import User
+from rest_framework_simplejwt.tokens import RefreshToken
+from rest_framework.test import APIClient
+
+
+class LoginMixin:
+    def login(self):
+        self.user = User.objects.create_superuser(
+            username='admin',
+            email='admin@example.com',
+            password='adminpass'
+        )
+
+        refresh = RefreshToken.for_user(self.user)
+        self.access_token = str(refresh.access_token)
+
+        self.client = APIClient()
+        self.client.credentials(
+            HTTP_AUTHORIZATION=f'Bearer {self.access_token}')

tienda_ilusion/don_confiao/tests/test_admin_code.py

@@ -1,20 +1,21 @@
-from django.test import TestCase, Client
+from django.test import TestCase
 
 from ..models import AdminCode
+from .Mixins import LoginMixin
 
 import json
 
 
-class TestAdminCode(TestCase):
+class TestAdminCode(TestCase, LoginMixin):
     def setUp(self):
+        self.login()
+
         self.valid_code = 'some valid code'
         admin_code = AdminCode()
         admin_code.value = self.valid_code
         admin_code.clean()
         admin_code.save()
 
-        self.client = Client()
-
     def test_validate_code(self):
         url = '/don_confiao/api/admin_code/validate/' + self.valid_code
         response = self.client.get(url)

tienda_ilusion/don_confiao/tests/test_api.py

@@ -2,14 +2,16 @@ import json
 import csv
 import io
 
-from django.urls import reverse
 from rest_framework import status
 from rest_framework.test import APITestCase
 from ..models import Sale, Product, Customer
+from .Mixins import LoginMixin
 
 
-class TestAPI(APITestCase):
+class TestAPI(APITestCase, LoginMixin):
     def setUp(self):
+        self.login()
+
         self.product = Product.objects.create(
             name='Panela',
             price=5000,

tienda_ilusion/don_confiao/tests/test_customers_from_tryton.py

@@ -1,12 +1,15 @@
 import json
 from unittest.mock import patch
 
-from django.test import Client, TestCase
+from django.test import TestCase
 from ..models import Customer
+from .Mixins import LoginMixin
 
 
-class TestCustomersFromTryton(TestCase):
+class TestCustomersFromTryton(TestCase, LoginMixin):
     def setUp(self):
+        self.login()
+
         self.customer = Customer.objects.create(
             name='Calos',
             external_id=5

tienda_ilusion/don_confiao/tests/test_exportar_ventas_para_tryton.py

@@ -2,13 +2,16 @@ import csv
 import json
 from unittest.mock import patch
 
-from django.test import TestCase, Client
+from django.test import TestCase
-from django.urls import reverse
 
 from ..models import Sale, SaleLine, Product, Customer
+from .Mixins import LoginMixin
 
-class TestExportarVentasParaTryton(TestCase):
+
+class TestExportarVentasParaTryton(TestCase, LoginMixin):
     def setUp(self):
+        self.login()
+
         self.product = Product.objects.create(
             name='Panela',
             price=5000,
@@ -25,6 +28,7 @@ class TestExportarVentasParaTryton(TestCase):
             customer=self.customer,
             date='2024-09-02',
             payment_method='CASH',
+            description='un comentario'
         )
         self.sale_line1 = SaleLine.objects.create(
             product=self.product,
@@ -40,9 +44,8 @@ class TestExportarVentasParaTryton(TestCase):
         )
 
     def test_exportar_ventas_para_tryton(self):
-        client = Client()
         url = '/don_confiao/exportar_ventas_para_tryton'
-        response = client.get(url)
+        response = self.client.get(url)
         self.assertEqual(response.status_code, 200)
         self.assertEqual(response['Content-Type'], 'text/csv')
         csv_content = response.content.decode('utf-8')
@@ -71,7 +74,7 @@ class TestExportarVentasParaTryton(TestCase):
         self.assertEqual(next(csv_reader), expected_header)
 
         expected_rows = [
-            ["Camilo", "Camilo", "Camilo", "", "", "2024-09-02", "Contado", "Almacén", "Peso colombiano", "Panela", "2.00", "3000.00", "Unidad", "TIENDA LA ILUSIÓN", "Tienda La Ilusion", "La Ilusion", "True", ""],
+            ["Camilo", "Camilo", "Camilo", "un comentario", "un comentario", "2024-09-02", "Contado", "Almacén", "Peso colombiano", "Panela", "2.00", "3000.00", "Unidad", "TIENDA LA ILUSIÓN", "Tienda La Ilusion", "La Ilusion", "True", "un comentario"],
             ["", "", "", "", "", "", "", "", "", "Panela", "3.00", "5000.00", "Unidad", "", "", "", "", ""],
         ]
         csv_rows = list(csv_reader)
@@ -81,12 +84,11 @@ class TestExportarVentasParaTryton(TestCase):
     @patch('sabatron_tryton_rpc_client.client.Client.call')
     @patch('sabatron_tryton_rpc_client.client.Client.connect')
     def test_send_sales_to_tryton(self, mock_connect, mock_call):
-        client = Client()
         external_id = '23423'
         url = '/don_confiao/api/enviar_ventas_a_tryton'
         mock_connect.return_value = None
         mock_call.return_value = [external_id]
-        response = client.post(url)
+        response = self.client.post(url)
 
         self.assertEqual(response.status_code, 200)
         content = json.loads(response.content.decode('utf-8'))
@@ -100,4 +102,4 @@ class TestExportarVentasParaTryton(TestCase):
         self.assertEqual(updated_sale.external_id, external_id)
         mock_connect.assert_called_once()
         mock_call.assert_called_once()
-        mock_call.assert_called_with('model.sale.sale.create', [[{'company': 1, 'shipment_address': '307', 'invoice_address': '307', 'currency': 31, 'description': '', 'party': '1', 'reference': 'don_confiao 1', 'sale_date': {'__class__': 'date', 'year': 2024, 'month': 9, 'day': 2}, 'lines': [['create', [{'product': '1', 'quantity': {'__class__': 'Decimal', 'decimal': '2.00'}, 'type': 'line', 'unit': '1', 'unit_price': {'__class__': 'Decimal', 'decimal': '3000.00'}}, {'product': '1', 'quantity': {'__class__': 'Decimal', 'decimal': '3.00'}, 'type': 'line', 'unit': '1', 'unit_price': {'__class__': 'Decimal', 'decimal': '5000.00'}}]]]}], {'company': 1, 'shops': [1]}])
+        mock_call.assert_called_with('model.sale.sale.create', [[{'company': 1, 'shipment_address': '307', 'invoice_address': '307', 'currency': 31, 'comment': 'un comentario', 'description': 'Metodo pago: CASH', 'party': '1', 'reference': 'don_confiao 1', 'sale_date': {'__class__': 'date', 'year': 2024, 'month': 9, 'day': 2}, 'lines': [['create', [{'product': '1', 'quantity': {'__class__': 'Decimal', 'decimal': '2.00'}, 'type': 'line', 'unit': '1', 'unit_price': {'__class__': 'Decimal', 'decimal': '3000.00'}}, {'product': '1', 'quantity': {'__class__': 'Decimal', 'decimal': '3.00'}, 'type': 'line', 'unit': '1', 'unit_price': {'__class__': 'Decimal', 'decimal': '5000.00'}}]]], 'self_pick_up': True}], {'company': 1, 'shops': [1]}])

tienda_ilusion/don_confiao/tests/test_jar_reconciliation.py

@@ -1,18 +1,19 @@
-from django.test import TestCase, Client
+from django.test import TestCase
 from django.core.exceptions import ValidationError
 from ..models import Sale, Product, SaleLine, Customer, ReconciliationJar
+from .Mixins import LoginMixin
 
 import json
 
 
-class TestJarReconcliation(TestCase):
+class TestJarReconcliation(TestCase, LoginMixin):
     def setUp(self):
+        self.login()
+
         customer = Customer()
         customer.name = 'Alejo Mono'
         customer.save()
 
-        self.client = Client()
-
         purchase = Sale()
         purchase.customer = customer
         purchase.date = "2024-07-30"
@@ -235,6 +236,47 @@ class TestJarReconcliation(TestCase):
             [sale['payment_method'] for sale in content['Sales']]
         )
 
+    def test_create_reconciliation_with_decimal_on_sale_lines(self):
+        customer = Customer()
+        customer.name = 'Consumidor final'
+        customer.save()
+
+        product = Product()
+        product.name = "Mantequilla natural gramos"
+        product.price = "57.50"
+        product.save()
+
+        purchase = Sale()
+        purchase.customer = customer
+        purchase.date = "2024-07-30"
+        purchase.payment_method = 'CASH'
+        purchase.clean()
+        purchase.save()
+
+        line = SaleLine()
+        line.sale = purchase
+        line.product = product
+        line.quantity = "0.24"
+        line.unit_price = "57.50"
+        line.save()
+
+        url = '/don_confiao/reconciliate_jar'
+        total_purchases = 13.80
+        data = {
+            'date_time': '2024-12-02T21:07',
+            'reconcilier': 'carlos',
+            'total_cash_purchases': total_purchases,
+            'cash_taken': total_purchases,
+            'cash_discrepancy': 0,
+            'cash_purchases': [purchase.id],
+        }
+        response = self.client.post(
+            url, data=json.dumps(data).encode('utf-8'),
+            content_type='application/json'
+        )
+        self.assertEqual(response.status_code, 200)
+
+
     def _create_simple_reconciliation(self):
         reconciliation = ReconciliationJar()
         reconciliation.date_time = "2024-07-30"

tienda_ilusion/don_confiao/tests/test_payment_methods.py

@@ -1,10 +1,10 @@
-from django.test import Client, TestCase
+from django.test import TestCase
+from .Mixins import LoginMixin
 
-# from ..models import PaymentMethods
 
-class TestPaymentMethods(TestCase):
+class TestPaymentMethods(TestCase, LoginMixin):
     def setUp(self):
-        self.client = Client()
+        self.login()
 
     def test_keys_in_payment_methods_to_select(self):
         response = self.client.get(
@@ -21,3 +21,4 @@ class TestPaymentMethods(TestCase):
         self.assertIn('CASH', [method.get('value') for method in methods])
         self.assertIn('CONFIAR', [method.get('value') for method in methods])
         self.assertIn('BANCOLOMBIA', [method.get('value') for method in methods])
+        self.assertIn('CREDIT', [method.get('value') for method in methods])

tienda_ilusion/don_confiao/tests/test_products_from_tryton.py

@@ -2,12 +2,15 @@ import json
 from decimal import Decimal
 from unittest.mock import patch
 
-from django.test import Client, TestCase
+from django.test import TestCase
-from ..models import ProductCategory, Product
+from ..models import Product
+from .Mixins import LoginMixin
 
 
-class TestProductsFromTryton(TestCase):
+class TestProductsFromTryton(TestCase, LoginMixin):
     def setUp(self):
+        self.login()
+
         self.product = Product.objects.create(
             name='Panela',
             price=5000,

tienda_ilusion/don_confiao/tests/test_summary_view_purchase.py

@@ -1,14 +1,16 @@
-from django.test import TestCase, Client
+from django.test import TestCase
 from ..models import Sale, Product, SaleLine, Customer
+from .Mixins import LoginMixin
 
 
-class TestSummaryViewPurchase(TestCase):
+class TestSummaryViewPurchase(TestCase, LoginMixin):
     def setUp(self):
+        self.login()
+
         customer = Customer()
         customer.name = 'Alejo Mono'
         customer.save()
 
-        self.client = Client()
         purchase = Sale()
         purchase.customer = customer
         purchase.date = "2024-07-30"

tienda_ilusion/tienda_ilusion/settings.py

@@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/5.0/ref/settings/
 """
 import os
 
+from datetime import timedelta
 from pathlib import Path
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
@@ -44,7 +45,9 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'rest_framework',
+    'rest_framework.authtoken',
     'corsheaders',
+    'users',
     # 'don_confiao'
 ]
 
@@ -57,7 +60,6 @@ MIDDLEWARE = [
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'corsheaders.middleware.CorsMiddleware',
-    'django.middleware.common.CommonMiddleware',
 ]
 
 ROOT_URLCONF = 'tienda_ilusion.urls'
@@ -65,7 +67,7 @@ ROOT_URLCONF = 'tienda_ilusion.urls'
 TEMPLATES = [
     {
         'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': [],
+        'DIRS': [os.path.join(BASE_DIR, 'tienda_ilusion/templates')],
         'APP_DIRS': True,
         'OPTIONS': {
             'context_processors': [
@@ -134,3 +136,22 @@ STATIC_URL = 'static/'
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
 
 FIXTURE_DIRS = ['don_confiao/tests/Fixtures']
+
+REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        "rest_framework_simplejwt.authentication.JWTAuthentication",
+    ],
+    'DEFAULT_PERMISSION_CLASSES': [
+        'rest_framework.permissions.IsAuthenticated',
+    ],
+}
+
+SIMPLE_JWT = {
+    "ACCESS_TOKEN_LIFETIME": timedelta(minutes=30),
+    "REFRESH_TOKEN_LIFETIME": timedelta(days=1),
+    "AUTH_HEADER_TYPES": ("Bearer",),
+}
+
+# CORS_ALLOWED_ORIGINS = [
+#     "http://localhost:5173",
+# ]

tienda_ilusion/tienda_ilusion/urls.py

@@ -16,11 +16,19 @@ Including another URLconf
 """
 from django.contrib import admin
 from django.urls import include, path
-
+from rest_framework_simplejwt.views import (
+    TokenObtainPairView,
+    TokenRefreshView,
+)
 
 app_name = "don_confiao"
 
 urlpatterns = [
     path("don_confiao/", include("don_confiao.urls")),
     path('admin/', admin.site.urls),
+    path('api/token/', TokenObtainPairView.as_view(),
+         name='token_obtain_pair'),
+    path('api/token/refresh/', TokenRefreshView.as_view(),
+         name='token_refresh'),
+    path('api/users/', include('users.urls')),
 ]

tienda_ilusion/users/admin.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.

tienda_ilusion/users/apps.py

@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class UsersConfig(AppConfig):
+    name = 'users'

tienda_ilusion/users/models.py

@@ -0,0 +1,3 @@
+from django.db import models
+
+# Create your models here.

tienda_ilusion/users/serializers.py

@@ -0,0 +1,13 @@
+from django.contrib.auth.models import User
+from rest_framework import serializers
+
+
+class UserSerializer(serializers.ModelSerializer):
+    role = serializers.SerializerMethodField()
+
+    class Meta:
+        model = User
+        fields = ('id', 'username', 'email', 'first_name', 'last_name', 'role')
+
+    def get_role(self, obj):
+        return 'administrator' if obj.is_staff else 'user'

tienda_ilusion/users/tests.py

@@ -0,0 +1,98 @@
+from django.test import TestCase
+from django.urls import reverse
+from django.contrib.auth.models import User
+from rest_framework.test import APIClient
+from rest_framework_simplejwt.tokens import RefreshToken
+
+
+class MeEndpointTests(TestCase):
+    def setUp(self):
+        self.user = User.objects.create_superuser(
+            username='admin',
+            email='admin@example.com',
+            password='adminpass'
+        )
+
+        refresh = RefreshToken.for_user(self.user)
+        self.access_token = str(refresh.access_token)
+
+        self.client = APIClient()
+        self.client.credentials(
+            HTTP_AUTHORIZATION=f'Bearer {self.access_token}')
+
+    def test_me_endpoint_returns_correct_user_data(self):
+        """
+        Verifica que GET /api/users/me/ devuelve los datos del usuario
+        autenticado.
+        """
+        url = reverse('current-user')
+        response = self.client.get(url)
+
+        self.assertEqual(response.status_code, 200)
+
+        expected_fields = {'id', 'username', 'email',
+                           'first_name', 'last_name', 'role'}
+        self.assertTrue(expected_fields.issubset(response.json().keys()))
+
+        data = response.json()
+        self.assertEqual(data['username'], self.user.username)
+        self.assertEqual(data['email'], self.user.email)
+        self.assertEqual(data['first_name'], self.user.first_name)
+        self.assertEqual(data['last_name'], self.user.last_name)
+        self.assertEqual(data['role'], 'administrator')
+
+    def test_regular_user_role_is_user(self):
+        """
+        Verifica que un usuario sin permisos de staff recibe role 'user'.
+        """
+        regular_user = User.objects.create_user(
+            username='regular',
+            email='regular@example.com',
+            password='regularpass',
+            is_staff=False
+        )
+
+        refresh = RefreshToken.for_user(regular_user)
+        access_token = str(refresh.access_token)
+
+        client = APIClient()
+        client.credentials(HTTP_AUTHORIZATION=f'Bearer {access_token}')
+
+        url = reverse('current-user')
+        response = client.get(url)
+
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.json()['role'], 'user')
+
+    def test_staff_user_role_is_administrator(self):
+        """
+        Verifica que un usuario con is_staff=True recibe role 'administrator'.
+        """
+        staff_user = User.objects.create_user(
+            username='staff',
+            email='staff@example.com',
+            password='staffpass',
+            is_staff=True
+        )
+
+        refresh = RefreshToken.for_user(staff_user)
+        access_token = str(refresh.access_token)
+
+        client = APIClient()
+        client.credentials(HTTP_AUTHORIZATION=f'Bearer {access_token}')
+
+        url = reverse('current-user')
+        response = client.get(url)
+
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.json()['role'], 'administrator')
+
+    def test_me_endpoint_requires_authentication(self):
+        """
+        Sin token el endpoint debe devolver 401 Unauthorized.
+        """
+        client_no_auth = APIClient()
+        url = reverse('current-user')
+        response = client_no_auth.get(url)
+
+        self.assertEqual(response.status_code, 401)

tienda_ilusion/users/urls.py

@@ -0,0 +1,6 @@
+from django.urls import path
+from .views import CurrentUserView
+
+urlpatterns = [
+    path('me/', CurrentUserView.as_view(), name='current-user'),
+]

tienda_ilusion/users/views.py

@@ -0,0 +1,12 @@
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated
+from .serializers import UserSerializer
+
+
+class CurrentUserView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        serializer = UserSerializer(request.user)
+        return Response(serializer.data)