feat: Add deploy environment, Add pyprojectoml

chore: Add external_id to representation
Merge pull request 'feat/add_external_id_serializer' (#38 ) from feat/add_external_id_serializer into main
2026-05-09 19:09:31 -05:00 · 2026-05-09 15:52:56 -05:00 · 2026-04-11 16:49:46 -05:00 · 2026-03-14 23:46:27 -05:00 · 2026-03-14 23:45:52 -05:00 · 2026-03-14 18:26:31 -05:00
46 changed files with 1930 additions and 208 deletions
--- a/.env.development
+++ b/.env.development
@@ -0,0 +1,26 @@
 # Development Environment Variables
 # Este archivo contiene las variables de entorno para desarrollo local
 # Django Environment
 DJANGO_ENV=development
 # Debug mode (True for development)
 DEBUG=True
 # Django Secret Key (insecure key for development only)
 SECRET_KEY=django-insecure-development-key-zh6rinl@8y7g(cf781snisx2j%p^c#d&b2@@9cqe!v@4yv8x=v
 # Allowed hosts (comma-separated)
 ALLOWED_HOSTS=localhost,127.0.0.1,0.0.0.0
 # CORS allowed origins (comma-separated)
 CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:7001,http://localhost:5173
 # Database (SQLite by default in development)
 # No additional DB configuration needed for SQLite
 # Tryton ERP Configuration
 TRYTON_HOST=localhost
 TRYTON_DATABASE=tryton
 TRYTON_USERNAME=admin
 TRYTON_PASSWORD=admin
--- a/.env.production.example
+++ b/.env.production.example
@@ -0,0 +1,56 @@
 # Production Environment Variables - EXAMPLE
 # ¡IMPORTANTE! Copia este archivo a .env.production y completa con valores reales
 # NO commitees .env.production con valores sensibles a git
 # Django Environment
 DJANGO_ENV=production
 # Debug mode (MUST be False in production)
 DEBUG=False
 # Django Secret Key
 # ¡IMPORTANTE! Genera una clave única y segura para producción
 # Puedes generar una con: python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'
 SECRET_KEY=CHANGE-ME-TO-A-SECURE-RANDOM-SECRET-KEY-IN-PRODUCTION
 # Allowed hosts (comma-separated domains)
 # Ejemplo: ALLOWED_HOSTS=tiendailusion.com,www.tiendailusion.com,api.tiendailusion.com
 ALLOWED_HOSTS=tiendailusion.com,www.tiendailusion.com
 # CORS allowed origins (comma-separated URLs)
 # Ejemplo: CORS_ALLOWED_ORIGINS=https://tiendailusion.com,https://www.tiendailusion.com
 CORS_ALLOWED_ORIGINS=https://tiendailusion.com,https://www.tiendailusion.com
 # CSRF Trusted Origins (comma-separated URLs)
 # Debe incluir el protocolo (https://)
 CSRF_TRUSTED_ORIGINS=https://tiendailusion.com,https://www.tiendailusion.com
 # PostgreSQL Database Configuration
 DB_NAME=tienda_ilusion_prod
 DB_USER=tienda_ilusion_user
 DB_PASSWORD=CHANGE-ME-TO-A-SECURE-DATABASE-PASSWORD
 DB_HOST=postgres
 DB_PORT=5432
 # Email Configuration (para notificaciones y recuperación de contraseñas)
 EMAIL_HOST=smtp.gmail.com
 EMAIL_PORT=587
 EMAIL_USE_TLS=True
 EMAIL_HOST_USER=noreply@tiendailusion.com
 EMAIL_HOST_PASSWORD=CHANGE-ME-TO-YOUR-EMAIL-PASSWORD
 DEFAULT_FROM_EMAIL=noreply@tiendailusion.com
 # Admin notifications
 ADMIN_EMAIL=admin@tiendailusion.com
 # Tryton ERP Configuration (Production)
 TRYTON_HOST=tryton-production-server
 TRYTON_DATABASE=tryton_production
 TRYTON_USERNAME=tienda_ilusion_integration
 TRYTON_PASSWORD=CHANGE-ME-TO-TRYTON-PASSWORD
 # Optional: Redis URL for caching (if using Redis)
 # REDIS_URL=redis://redis:6379/1
 # Optional: Sentry DSN for error tracking
 # SENTRY_DSN=https://your-sentry-dsn@sentry.io/project-id
--- a/.env_example
+++ b/.env_example
@@ -1,4 +0,0 @@
 TRYTON_HOST=localhost
 TRYTON_DATABASE=tryton
 TRYTON_USERNAME=admin
 TRYTON_PASSWORD=admin
--- a/.gitignore
+++ b/.gitignore
@@ -327,9 +327,39 @@ pip-selfcheck.json
 # End of https://www.toptal.com/developers/gitignore/api/emacs,python,django,venv
 # Project-specific ignores
 /tienda_ilusion/don_confiao/static/frontend/
 /tienda_ilusion/don_confiao/frontend/don-confiao/.vite/
 /tienda_ilusion/don_confiao/frontend/don-confiao/.eslintrc.js
 /tienda_ilusion/don_confiao/frontend/don-confiao/.eslintrc-auto-import.json
 /tienda_ilusion/don_confiao/frontend/don-confiao/.editorconfig
 /tienda_ilusion/don_confiao/frontend/don-confiao/.browserslistrc
 # Environment files with sensitive data
 .env.production
 .env.local
 .env.*.local
 # Static files collected by Django
 /tienda_ilusion/staticfiles/
 staticfiles/
 # Media files uploaded by users
 /tienda_ilusion/media/
 # Application logs
 /tienda_ilusion/logs/
 *.log
 # Database backups
 backups/
 *.sql
 *.dump
 # Docker volumes and data
 postgres_data/
 pgdata/
 # IDE-specific
 .vscode/
 .idea/
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -0,0 +1,387 @@
 # Don Confiao Backend - Contexto del Proyecto
 ## Tipo de Proyecto
 Backend Django con Django REST Framework
 ## Estructura del Proyecto
 ```
 don_confiao_backend/
 ├── requirements.txt           # Dependencias Python
 ├── docker-compose.dev.yml     # Docker Compose para desarrollo
 ├── docker-compose.prod.yml    # Docker Compose para producción
 ├── django.Dockerfile          # Dockerfile Django
 ├── .env.development           # Variables de entorno desarrollo
 ├── .env.production.example    # Ejemplo variables de entorno producción
 ├── .env_example               # Ejemplo de variables de entorno
 ├── README.rst                 # Documentación básica
 ├── Rakefile                   # Tareas rake
 ├── doc/                       # Documentación adicional
 │   └── requests.org
 └── tienda_ilusion/            # Proyecto Django
    ├── manage.py
    ├── db.sqlite3             # Base de datos SQLite (desarrollo)
    ├── don_confiao/          # App principal
    │   ├── models.py          # Modelos: Customer, Product, Sale, SaleLine, Payment, ReconciliationJar, AdminCode
    │   ├── views.py
    │   ├── api_views.py
    │   ├── serializers.py
    │   ├── forms.py
    │   ├── admin.py
    │   ├── urls.py
    │   ├── export_csv.py
    │   ├── tests/             # Tests
    │   └── migrations/
    ├── users/                 # App de usuarios
    │   ├── models.py
    │   ├── views.py
    │   ├── serializers.py
    │   ├── urls.py
    │   └── tests/
    └── config/                # Configuración Django
        ├── settings/          # Settings por ambiente
        │   ├── __init__.py    # Detección automática de ambiente
        │   ├── base.py        # Configuración compartida
        │   ├── development.py # Configuración desarrollo
        │   └── production.py  # Configuración producción
        ├── urls.py
        ├── wsgi.py
        └── asgi.py
 ```
 ## Dependencias Principales
 - Django==5.0.6
 - djangorestframework
 - django-cors-headers
 - djangorestframework-simplejwt
 - sabatron-tryton-rpc-client==7.4.0 (integración con Tryton ERP)
 - psycopg2-binary (driver PostgreSQL para producción)
 - gunicorn (servidor WSGI para producción)
 - python-decouple (gestión de variables de entorno)
 ## Modelos Principales (don_confiao/models.py)
 - **Customer**: Clientes (name, address, email, phone, external_id)
 - **Product**: Productos (name, price, measuring_unit, categories)
 - **ProductCategory**: Categorías de productos
 - **Sale**: Ventas (customer, date, phone, description, payment_method, reconciliation)
 - **SaleLine**: Líneas de venta (sale, product, quantity, unit_price, description)
 - **Payment**: Pagos (date_time, type_payment, amount, reconciliation_jar)
 - **PaymentSale**: Relación muchos a muchos entre Payment y Sale
 - **ReconciliationJar**: Arqueo de caja (is_valid, date_time, reconcilier, cash_taken, cash_discrepancy)
 - **AdminCode**: Códigos de administrador
 ## Autenticación
 - JWT con djangorestframework-simplejwt
 - ACCESS_TOKEN_LIFETIME: 30 minutos
 - REFRESH_TOKEN_LIFETIME: 1 día
 ## API Endpoints
 - REST API en don_confiao/api_views.py y users/
 - URLs en don_confiao/urls.py y users/urls.py
 ## Ejecución con Docker Compose
 El proyecto se ejecuta con docker-compose. Todos los comandos `manage.py` deben ejecutarse dentro del contenedor:
 ### Desarrollo (Development)
 ```bash
 # Ejecutar tests
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py test
 # Migraciones
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py makemigrations
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py migrate
 # Servidor desarrollo
 docker-compose -f docker-compose.dev.yml up
 # Shell Django
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py shell
 # Crear superuser
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py createsuperuser
 ```
 ### Producción (Production)
 ```bash
 # Primero, copiar .env.production.example a .env.production y configurar variables
 cp .env.production.example .env.production
 # Editar .env.production con valores reales
 # Iniciar servicios (PostgreSQL + Django con Gunicorn)
 docker-compose -f docker-compose.prod.yml up -d
 # Migraciones
 docker-compose -f docker-compose.prod.yml run --rm django python manage.py migrate
 # Colectar archivos estáticos
 docker-compose -f docker-compose.prod.yml run --rm django python manage.py collectstatic --noinput
 # Crear superuser
 docker-compose -f docker-compose.prod.yml run --rm django python manage.py createsuperuser
 # Ver logs
 docker-compose -f docker-compose.prod.yml logs -f django
 # Detener servicios
 docker-compose -f docker-compose.prod.yml down
 ```
 Nota: El volumen monta `tienda_ilusion/` en `/app/`, por lo que el path correcto es `python manage.py` (no `python tienda_ilusion/manage.py`).
 ## Tests
 - Framework: Django unittest
 - Directorio: don_confiao/tests/
 - Ejecutar: `docker-compose -f docker-compose.dev.yml run --rm django python manage.py test`
 ## Comandos Útiles (dentro del contenedor)
 - Migraciones: `docker-compose -f docker-compose.dev.yml run --rm django python manage.py makemigrations && docker-compose -f docker-compose.dev.yml run --rm django python manage.py migrate`
 - Servidor desarrollo: `docker-compose -f docker-compose.dev.yml up`
 - Shell Django: `docker-compose -f docker-compose.dev.yml run --rm django python manage.py shell`
 - Superuser: `docker-compose -f docker-compose.dev.yml run --rm django python manage.py createsuperuser`
 ## Configuración de Ambientes
 El proyecto soporta dos ambientes diferentes mediante la variable `DJANGO_ENV`:
 ### Development (desarrollo local)
 - **Variable de ambiente**: `DJANGO_ENV=development`
 - **Archivo de configuración**: `.env.development`
 - **Base de datos**: SQLite (db.sqlite3)
 - **DEBUG**: True
 - **CORS**: Permisivo para desarrollo local
 - **Docker Compose**: `docker-compose.dev.yml`
 ### Production (producción)
 - **Variable de ambiente**: `DJANGO_ENV=production`
 - **Archivo de configuración**: `.env.production` (crear desde `.env.production.example`)
 - **Base de datos**: PostgreSQL
 - **DEBUG**: False
 - **Seguridad**: HTTPS, HSTS, secure cookies, CSRF protections
 - **Docker Compose**: `docker-compose.prod.yml`
 - **Servidor**: Gunicorn con 4 workers
 ### Cambiar entre ambientes
 La detección de ambiente es automática mediante la variable `DJANGO_ENV`. Docker Compose configura esta variable automáticamente según el archivo usado:
 - `docker-compose.dev.yml` → usa `.env.development` → carga `settings/development.py`
 - `docker-compose.prod.yml` → usa `.env.production` → carga `settings/production.py`
 ### Variables de entorno requeridas
 **Desarrollo** (`.env.development`):
 - `DJANGO_ENV=development`
 - `DEBUG=True`
 - `TRYTON_HOST`, `TRYTON_DATABASE`, `TRYTON_USERNAME`, `TRYTON_PASSWORD`
 **Producción** (`.env.production`):
 - `DJANGO_ENV=production`
 - `DEBUG=False`
 - `SECRET_KEY` (generar una nueva y segura)
 - `ALLOWED_HOSTS` (dominios separados por comas)
 - `CORS_ALLOWED_ORIGINS` (URLs separadas por comas)
 - `CSRF_TRUSTED_ORIGINS` (URLs separadas por comas)
 - `DB_NAME`, `DB_USER`, `DB_PASSWORD`, `DB_HOST`, `DB_PORT`
 - `EMAIL_HOST`, `EMAIL_PORT`, `EMAIL_HOST_USER`, `EMAIL_HOST_PASSWORD`
 - `TRYTON_HOST`, `TRYTON_DATABASE`, `TRYTON_USERNAME`, `TRYTON_PASSWORD`
 Ver `.env.production.example` para todos los detalles.
 ## Scripts Útiles
 El proyecto incluye scripts para facilitar operaciones comunes:
 ### Health Check
 Verifica el estado de todos los servicios:
 ```bash
 # Verificar ambiente de desarrollo
 ./scripts/health-check.sh dev
 # Verificar ambiente de producción
 ./scripts/health-check.sh prod
 ```
 ### Backup de Base de Datos (Producción)
 Crea un backup comprimido de la base de datos PostgreSQL:
 ```bash
 ./scripts/backup-db.sh
 ```
 Los backups se guardan en `backups/` y se mantienen por 7 días automáticamente.
 ### Restore de Base de Datos (Producción)
 Restaura un backup de la base de datos:
 ```bash
 ./scripts/restore-backup.sh <archivo_backup.sql.gz>
 ```
 **ADVERTENCIA**: Esto reemplazará la base de datos actual. Se crea un backup de seguridad antes de restaurar.
 ## Troubleshooting
 ### Errores Comunes
 #### 1. Error: "database 'tienda_ilusion_user' does not exist"
 **Síntoma**: Aparece en los logs de PostgreSQL
 ```
 FATAL: database "tienda_ilusion_user" does not exist
 ```
 **Causa**: Este es un comportamiento normal de PostgreSQL. Cuando te conectas sin especificar una base de datos, PostgreSQL intenta conectarse a una base con el mismo nombre del usuario.
 **Solución**: Este error NO afecta el funcionamiento de Django. Para verificar que la base de datos correcta existe:
 ```bash
 docker exec tienda_ilusion_postgres_prod psql -U tienda_ilusion_user -d tienda_ilusion_prod -c '\l'
 ```
 #### 2. Error: "required variable DB_PASSWORD is missing a value"
 **Síntoma**: Docker Compose falla al iniciar con error de variable faltante
 **Causa**: El archivo `.env.production` no existe o tiene valores placeholder
 **Solución**: 
 1. Copiar el archivo de ejemplo: `cp .env.production.example .env.production`
 2. Editar `.env.production` y reemplazar todos los valores `CHANGE-ME-...` con valores reales
 3. Generar SECRET_KEY segura:
   ```bash
   python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'
   ```
 #### 3. Error: "ModuleNotFoundError" o importación fallida
 **Síntoma**: Django no puede importar módulos después de cambiar configuración
 **Causa**: Dependencias no instaladas o contenedor con caché viejo
 **Solución**:
 ```bash
 # Reconstruir contenedores
 docker-compose -f docker-compose.dev.yml build --no-cache
 docker-compose -f docker-compose.dev.yml up
 # Para producción
 docker-compose -f docker-compose.prod.yml build --no-cache
 docker-compose -f docker-compose.prod.yml up -d
 ```
 #### 4. Error: "django.db.utils.OperationalError: could not connect to server"
 **Síntoma**: Django no puede conectarse a PostgreSQL
 **Causa**: PostgreSQL aún no está listo cuando Django intenta conectar
 **Solución**: El healthcheck en `docker-compose.prod.yml` maneja esto automáticamente. Si el problema persiste:
 ```bash
 # Verificar que PostgreSQL esté corriendo
 docker ps | grep postgres
 # Ver logs de PostgreSQL
 docker logs tienda_ilusion_postgres_prod
 # Reiniciar servicios en orden
 docker-compose -f docker-compose.prod.yml restart postgres
 docker-compose -f docker-compose.prod.yml restart django
 ```
 #### 5. Error: "CSRF verification failed"
 **Síntoma**: Errores CSRF en producción
 **Causa**: `CSRF_TRUSTED_ORIGINS` no configurado correctamente
 **Solución**: En `.env.production`, asegurar que `CSRF_TRUSTED_ORIGINS` incluya el protocolo:
 ```bash
 CSRF_TRUSTED_ORIGINS=https://tudominio.com,https://www.tudominio.com
 ```
 #### 6. Static files no se sirven en producción
 **Síntoma**: CSS/JS no cargan, errores 404 para archivos estáticos
 **Causa**: `collectstatic` no ejecutado o configuración de nginx incorrecta
 **Solución**:
 ```bash
 # Ejecutar collectstatic
 docker-compose -f docker-compose.prod.yml exec django python manage.py collectstatic --noinput
 # Verificar que los archivos existen
 docker exec tienda_ilusion_django_prod ls -la /app/staticfiles
 ```
 #### 7. Migraciones pendientes después de deployment
 **Síntoma**: Errores de base de datos o tablas faltantes
 **Causa**: Migraciones no aplicadas en producción
 **Solución**:
 ```bash
 # Ver estado de migraciones
 docker-compose -f docker-compose.prod.yml exec django python manage.py showmigrations
 # Aplicar migraciones pendientes
 docker-compose -f docker-compose.prod.yml exec django python manage.py migrate
 ```
 ### Comandos de Diagnóstico
 ```bash
 # Ver todos los contenedores
 docker ps -a
 # Ver logs en tiempo real
 docker-compose -f docker-compose.prod.yml logs -f
 # Ver logs solo de Django
 docker logs -f tienda_ilusion_django_prod
 # Ver logs solo de PostgreSQL
 docker logs -f tienda_ilusion_postgres_prod
 # Ejecutar shell en contenedor Django
 docker-compose -f docker-compose.prod.yml exec django bash
 # Ejecutar Django shell
 docker-compose -f docker-compose.prod.yml exec django python manage.py shell
 # Conectar a PostgreSQL
 docker exec -it tienda_ilusion_postgres_prod psql -U tienda_ilusion_user -d tienda_ilusion_prod
 # Verificar variables de entorno en contenedor
 docker-compose -f docker-compose.prod.yml exec django env | grep DJANGO
 ```
 ### Performance y Optimización
 Si experimentas problemas de rendimiento:
 1. **Verificar recursos del contenedor**:
   ```bash
   docker stats
   ```
 2. **Ajustar workers de Gunicorn** (editar `docker-compose.prod.yml`):
   ```yaml
   command: gunicorn config.wsgi:application --bind 0.0.0.0:8000 --workers 8 --timeout 120
   ```
   Regla general: `workers = (2 x CPU cores) + 1`
 3. **Habilitar persistent connections**: Ya configurado en `settings/production.py` con `CONN_MAX_AGE = 600`
 4. **Considerar agregar Redis para caché**: Descomentar sección de Redis en `settings/production.py`
 ### Seguridad
 Antes de ir a producción, verificar:
 - [ ] `DEBUG=False` en `.env.production`
 - [ ] `SECRET_KEY` único y seguro generado
 - [ ] `ALLOWED_HOSTS` configurado con dominios reales
 - [ ] `CORS_ALLOWED_ORIGINS` limitado a orígenes confiables
 - [ ] `CSRF_TRUSTED_ORIGINS` configurado correctamente
 - [ ] Contraseñas de base de datos seguras
 - [ ] `.env.production` NO commiteado a git
 - [ ] HTTPS habilitado (certificados SSL/TLS configurados)
 - [ ] Firewall configurado (solo puertos necesarios abiertos)
 - [ ] Backups automáticos configurados
 ## Integraciones
 - **Tryton ERP**: Integración mediante sabatron-tryton-rpc-client para sincronización de clientes, productos y ventas
--- a/README.md
+++ b/README.md
@@ -0,0 +1,269 @@
 # Don Confiao Backend - Tienda Ilusion
 Backend Django con Django REST Framework para el sistema de punto de venta Tienda Ilusion.
 ## Características
 - 🔐 Autenticación JWT con djangorestframework-simplejwt
 - 🗄️ Soporte multi-ambiente (desarrollo/producción)
 - 🐘 PostgreSQL para producción, SQLite para desarrollo
 - 🔄 Integración con Tryton ERP
 - 📦 Docker Compose para fácil deployment
 - 🛡️ Configuración de seguridad completa para producción
 - 📊 API REST completa para gestión de ventas, productos y clientes
 ## Requisitos Previos
 - Docker & Docker Compose
 - Python 3.11+ (para desarrollo local sin Docker)
 - Git
 ## Inicio Rápido
 ### Desarrollo Local
 1. **Clonar el repositorio**
   ```bash
   git clone <repository-url>
   cd don_confiao_backend
   ```
 2. **Iniciar servicios de desarrollo**
   ```bash
   docker-compose -f docker-compose.dev.yml up
   ```
 3. **Aplicar migraciones**
   ```bash
   docker-compose -f docker-compose.dev.yml run --rm django python manage.py migrate
   ```
 4. **Crear superusuario**
   ```bash
   docker-compose -f docker-compose.dev.yml run --rm django python manage.py createsuperuser
   ```
 5. **Acceder a la aplicación**
   - API: http://localhost:7000
   - Admin: http://localhost:7000/admin
 ### Producción
 1. **Configurar variables de entorno**
   ```bash
   cp .env.production.example .env.production
   # Editar .env.production con valores reales
   ```
 2. **Generar SECRET_KEY segura**
   ```bash
   python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'
   ```
 3. **Iniciar servicios**
   ```bash
   docker-compose -f docker-compose.prod.yml up -d
   ```
 4. **Las migraciones y collectstatic se ejecutan automáticamente**
   - Si necesitas ejecutarlas manualmente:
   ```bash
   docker-compose -f docker-compose.prod.yml exec django python manage.py migrate
   docker-compose -f docker-compose.prod.yml exec django python manage.py collectstatic --noinput
   ```
 5. **Crear superusuario**
   ```bash
   docker-compose -f docker-compose.prod.yml exec django python manage.py createsuperuser
   ```
 ## Estructura del Proyecto
 ```
 don_confiao_backend/
 ├── tienda_ilusion/           # Proyecto Django
 │   ├── config/               # Configuración principal
 │   │   └── settings/         # Settings por ambiente
 │   │       ├── base.py       # Configuración compartida
 │   │       ├── development.py # Desarrollo
 │   │       └── production.py # Producción
 │   ├── don_confiao/          # App principal
 │   └── users/                # App de usuarios
 ├── scripts/                  # Scripts de utilidad
 │   ├── health-check.sh       # Verificación de salud
 │   ├── backup-db.sh          # Backup de base de datos
 │   └── restore-backup.sh     # Restore de backup
 ├── docker-compose.dev.yml    # Docker Compose desarrollo
 ├── docker-compose.prod.yml   # Docker Compose producción
 └── requirements.txt          # Dependencias Python
 ```
 ## Ambientes
 ### Development
 - Base de datos: SQLite
 - Debug: Habilitado
 - CORS: Permisivo
 - Server: Django development server
 - Puerto: 7000
 ### Production
 - Base de datos: PostgreSQL
 - Debug: Deshabilitado
 - CORS: Configurado por dominio
 - Server: Gunicorn (4 workers)
 - Puerto: 8000
 - Seguridad: HTTPS, HSTS, secure cookies
 ## Comandos Útiles
 ### Desarrollo
 ```bash
 # Ejecutar tests
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py test
 # Shell de Django
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py shell
 # Crear migraciones
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py makemigrations
 # Ver logs
 docker-compose -f docker-compose.dev.yml logs -f
 ```
 ### Producción
 ```bash
 # Ver logs
 docker-compose -f docker-compose.prod.yml logs -f django
 # Backup de base de datos
 ./scripts/backup-db.sh
 # Restore de backup
 ./scripts/restore-backup.sh backups/tienda_ilusion_backup_YYYYMMDD_HHMMSS.sql.gz
 # Health check
 ./scripts/health-check.sh prod
 # Reiniciar servicios
 docker-compose -f docker-compose.prod.yml restart
 # Detener servicios
 docker-compose -f docker-compose.prod.yml down
 ```
 ## API Endpoints
 La API REST está disponible en `/api/`. Principales endpoints:
 - `/api/token/` - Obtener token JWT
 - `/api/token/refresh/` - Refrescar token JWT
 - `/api/customers/` - Gestión de clientes
 - `/api/products/` - Gestión de productos
 - `/api/sales/` - Gestión de ventas
 - `/admin/` - Panel de administración Django
 ## Integración con Tryton ERP
 El sistema se integra con Tryton ERP para sincronización de:
 - Clientes
 - Productos
 - Ventas
 Configurar las variables de entorno de Tryton en `.env.development` o `.env.production`:
 ```bash
 TRYTON_HOST=your-tryton-server
 TRYTON_DATABASE=your-database
 TRYTON_USERNAME=your-username
 TRYTON_PASSWORD=your-password
 ```
 ## Backup y Restore
 ### Crear Backup
 ```bash
 ./scripts/backup-db.sh
 ```
 Los backups se guardan en `backups/` y se mantienen por 7 días.
 ### Restaurar Backup
 ```bash
 ./scripts/restore-backup.sh backups/backup_file.sql.gz
 ```
 ## Troubleshooting
 Ver la sección de Troubleshooting en [AGENTS.md](AGENTS.md) para soluciones a problemas comunes.
 ### Problemas Comunes
 1. **Error de conexión a base de datos**: Verificar que PostgreSQL esté corriendo
 2. **CSRF errors**: Verificar `CSRF_TRUSTED_ORIGINS` en `.env.production`
 3. **Static files no cargan**: Ejecutar `collectstatic`
 4. **Errores de migración**: Verificar estado con `showmigrations`
 ## Seguridad
 ### Checklist de Producción
 Antes de desplegar a producción:
 - [ ] `DEBUG=False` en `.env.production`
 - [ ] `SECRET_KEY` única y segura generada
 - [ ] `ALLOWED_HOSTS` configurado correctamente
 - [ ] `CORS_ALLOWED_ORIGINS` limitado a dominios confiables
 - [ ] Contraseñas de base de datos seguras
 - [ ] HTTPS habilitado con certificados SSL/TLS válidos
 - [ ] Firewall configurado
 - [ ] Backups automáticos configurados
 - [ ] Monitoreo de logs configurado
 ## Desarrollo
 ### Agregar nuevas dependencias
 ```bash
 # Agregar a requirements.txt
 echo "nueva-dependencia==version" >> requirements.txt
 # Reconstruir contenedor
 docker-compose -f docker-compose.dev.yml build --no-cache
 ```
 ### Tests
 ```bash
 # Ejecutar todos los tests
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py test
 # Ejecutar tests de una app específica
 docker-compose -f docker-compose.dev.yml run --rm django python manage.py test don_confiao
 # Con coverage
 docker-compose -f docker-compose.dev.yml run --rm django coverage run --source='.' manage.py test
 docker-compose -f docker-compose.dev.yml run --rm django coverage report
 ```
 ## Contribuir
 1. Fork el proyecto
 2. Crear branch de feature (`git checkout -b feature/AmazingFeature`)
 3. Commit cambios (`git commit -m 'Add some AmazingFeature'`)
 4. Push al branch (`git push origin feature/AmazingFeature`)
 5. Abrir Pull Request
 ## Licencia
 [Especificar licencia]
 ## Contacto
 [Información de contacto]
 ## Documentación Adicional
 - [AGENTS.md](AGENTS.md) - Contexto completo del proyecto y troubleshooting
 - [.env.production.example](.env.production.example) - Ejemplo de variables de producción
--- a/doc/requests.org
+++ b/doc/requests.org
@@ -0,0 +1,78 @@
 * Requests
 Ejemplo de request contra la api usando [[https://github.com/federicotdn/verb][verb]]
 ** Autenticación :verb:
 template http://localhost:7000/api
 Content-Type: application/json;
 *** Solicitar token
 post /token/
 {
    "username": "admin",
    "password": "123"
 }
 **** respuesta
 #+begin_src json
 {
  "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTc3MTE4NzYxOSwiaWF0IjoxNzcxMTAxMjE5LCJqdGkiOiI5ZTgzNGRlM2QzMmQ0NmQyODEwZGQ2MjI2ODUwNjgzNyIsInVzZXJfaWQiOiIyIn0.JaUOqEAZ2T8vVT36mXfweMmYjEWsP7toD07jeeyrl1k",
  "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzMDE5LCJpYXQiOjE3NzExMDEyMTksImp0aSI6ImFmOWFjNGM1MzBiZjQ4ZGE4Yzg2MWFjYzIzNjQ3NjU3IiwidXNlcl9pZCI6IjIifQ.6wH5sx1fyFn3Wt3DVZGYbiYi79rGthUZkgGmTqzebXc"
 }
 #+end_src
 *** Perfil de usuario
 get /users/me/
 Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzMDE5LCJpYXQiOjE3NzExMDEyMTksImp0aSI6ImFmOWFjNGM1MzBiZjQ4ZGE4Yzg2MWFjYzIzNjQ3NjU3IiwidXNlcl9pZCI6IjIifQ.6wH5sx1fyFn3Wt3DVZGYbiYi79rGthUZkgGmTqzebXc
 **** Respuesta
 #+begin_src json
 {
  "id": 2,
  "username": "admin",
  "email": "correo@example.com",
  "first_name": "",
  "last_name": ""
 }
 #+end_src
 *** Renovar token
 post /token/refresh/
 {
   "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTc3MTE4NzYxOSwiaWF0IjoxNzcxMTAxMjE5LCJqdGkiOiI5ZTgzNGRlM2QzMmQ0NmQyODEwZGQ2MjI2ODUwNjgzNyIsInVzZXJfaWQiOiIyIn0.JaUOqEAZ2T8vVT36mXfweMmYjEWsP7toD07jeeyrl1k"
 }
 **** response
 #+begin_src json
 {
  "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzNjA1LCJpYXQiOjE3NzExMDE4MDUsImp0aSI6ImJjZTY5ZTA3MTIyOTQxMTg5NmFjYzk1ZDNiOThhMTI0IiwidXNlcl9pZCI6IjIifQ.b4Z1c_Yi5tsLZ-7F0KZcM2tai-f1VeaE881j2pKDwYA"
 }
 #+end_src
 ** Don confiao :verb:
 template http://localhost:7000/don_confiao/api/
 Content-Type: application/json;
 Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzcxMTAzNjA1LCJpYXQiOjE3NzExMDE4MDUsImp0aSI6ImJjZTY5ZTA3MTIyOTQxMTg5NmFjYzk1ZDNiOThhMTI0IiwidXNlcl9pZCI6IjIifQ.b4Z1c_Yi5tsLZ-7F0KZcM2tai-f1VeaE881j2pKDwYA
 *** todas las rutas
 get
 **** response
 #+begin_src json
 {
  "sales": "http://localhost:7000/don_confiao/api/sales/",
  "customers": "http://localhost:7000/don_confiao/api/customers/",
  "products": "http://localhost:7000/don_confiao/api/products/",
  "reconciliate_jar": "http://localhost:7000/don_confiao/api/reconciliate_jar/"
 }
 #+end_src
 *** customers
 get customers/
 **** response
 #+begin_src json
 [
  {
    "id": 1,
    "name": "Consumidor Final",
    "address": "",
    "email": "",
    "phone": "",
    "external_id": "2753"
  },
  ...
 ]
 #+end_src
 *** products
 get products/
--- a/docker-compose.dev.yml
+++ b/docker-compose.dev.yml
@@ -0,0 +1,24 @@
 version: '3.8'
 services:
  django:
    build:
      context: ./
      dockerfile: django.Dockerfile
    container_name: tienda_ilusion_django_dev
    env_file:
      - .env.development
    environment:
      - DJANGO_ENV=development
    volumes:
      - ./tienda_ilusion:/app/
    ports:
      - "7000:9090"
    networks:
      - tienda_network_dev
    command: python manage.py runserver 0.0.0.0:9090
 networks:
  tienda_network_dev:
    driver: bridge
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -0,0 +1,87 @@
 version: "3.8"
 services:
  postgres:
    image: postgres:15-alpine
    container_name: tienda_ilusion_postgres_prod
    environment:
      - POSTGRES_USER=${DB_USER:-tienda_ilusion_user}
      - POSTGRES_DB=${DB_NAME:-tienda_ilusion_prod}
      - POSTGRES_PASSWORD=${DB_PASSWORD:-tienda_ilusion_pass}
    env_file:
      - .env.production
    volumes:
      - postgres_data:/var/lib/postgresql/data
    ports:
      - "5432:5432"
    networks:
      - tienda_network
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-tienda_ilusion_user}"]
      interval: 10s
      timeout: 5s
      retries: 5
  django:
    build:
      context: ./
      dockerfile: django.Dockerfile
    container_name: tienda_ilusion_django_prod
    env_file:
      - .env.production
    environment:
      - DJANGO_ENV=production
      - DB_HOST=postgres
      - DB_USER=${DB_USER:-tienda_ilusion_user}
      - DB_NAME=${DB_NAME:-tienda_ilusion_prod}
      - DB_PASSWORD=${DB_PASSWORD:-tienda_ilusion_pass}
    volumes:
      - ./tienda_ilusion:/app/
      - static_volume:/app/staticfiles
      - media_volume:/app/media
      - logs_volume:/app/logs
    ports:
      - "8000:8000"
    depends_on:
      postgres:
        condition: service_healthy
    networks:
      - tienda_network
    restart: unless-stopped
    command: >
      sh -c "python manage.py migrate &&
             python manage.py collectstatic --noinput &&
             gunicorn config.wsgi:application --bind 0.0.0.0:8000 --workers 4 --timeout 120"
  # Optional: Nginx reverse proxy para servir archivos estáticos
  # nginx:
  #   image: nginx:alpine
  #   container_name: tienda_ilusion_nginx
  #   ports:
  #     - "80:80"
  #     - "443:443"
  #   volumes:
  #     - ./nginx.conf:/etc/nginx/nginx.conf:ro
  #     - static_volume:/var/www/static:ro
  #     - media_volume:/var/www/media:ro
  #     - ./ssl:/etc/nginx/ssl:ro
  #   depends_on:
  #     - django
  #   networks:
  #     - tienda_network
  #   restart: unless-stopped
 volumes:
  postgres_data:
    driver: local
  static_volume:
    driver: local
  media_volume:
    driver: local
  logs_volume:
    driver: local
 networks:
  tienda_network:
    driver: bridge
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,12 +0,0 @@
 services:
  django:
    build:
      context: ./
      dockerfile: django.Dockerfile
    env_file:
      - .env
    volumes:
      - ./tienda_ilusion:/app/
    ports:
      - "7000:9090"
--- a/poetry.lock
+++ b/poetry.lock
@@ -0,0 +1,157 @@
 # This file is automatically @generated by Poetry 2.3.2 and should not be changed by hand.
 [[package]]
 name = "asgiref"
 version = "3.11.1"
 description = "ASGI specs, helper code, and adapters"
 optional = false
 python-versions = ">=3.9"
 groups = ["main"]
 files = [
    {file = "asgiref-3.11.1-py3-none-any.whl", hash = "sha256:e8667a091e69529631969fd45dc268fa79b99c92c5fcdda727757e52146ec133"},
    {file = "asgiref-3.11.1.tar.gz", hash = "sha256:5f184dc43b7e763efe848065441eac62229c9f7b0475f41f80e207a114eda4ce"},
 ]
 [package.extras]
 tests = ["mypy (>=1.14.0)", "pytest", "pytest-asyncio"]
 [[package]]
 name = "django"
 version = "6.0.5"
 description = "A high-level Python web framework that encourages rapid development and clean, pragmatic design."
 optional = false
 python-versions = ">=3.12"
 groups = ["main"]
 files = [
    {file = "django-6.0.5-py3-none-any.whl", hash = "sha256:9d58a7cb49244e74c8e161d5e403a46d6209f1009ba40f5a66d6aa0d0786a8f0"},
    {file = "django-6.0.5.tar.gz", hash = "sha256:bc6d6872e98a2864c836e42edd644b362db311147dd5aa8d5b82ba7a032f5269"},
 ]
 [package.dependencies]
 asgiref = ">=3.9.1"
 sqlparse = ">=0.5.0"
 tzdata = {version = "*", markers = "sys_platform == \"win32\""}
 [package.extras]
 argon2 = ["argon2-cffi (>=23.1.0)"]
 bcrypt = ["bcrypt (>=4.1.1)"]
 [[package]]
 name = "django-cors-headers"
 version = "4.9.0"
 description = "django-cors-headers is a Django application for handling the server headers required for Cross-Origin Resource Sharing (CORS)."
 optional = false
 python-versions = ">=3.9"
 groups = ["main"]
 files = [
    {file = "django_cors_headers-4.9.0-py3-none-any.whl", hash = "sha256:15c7f20727f90044dcee2216a9fd7303741a864865f0c3657e28b7056f61b449"},
    {file = "django_cors_headers-4.9.0.tar.gz", hash = "sha256:fe5d7cb59fdc2c8c646ce84b727ac2bca8912a247e6e68e1fb507372178e59e8"},
 ]
 [package.dependencies]
 asgiref = ">=3.6"
 django = ">=4.2"
 [[package]]
 name = "djangorestframework"
 version = "3.17.1"
 description = "Web APIs for Django, made easy."
 optional = false
 python-versions = ">=3.10"
 groups = ["main"]
 files = [
    {file = "djangorestframework-3.17.1-py3-none-any.whl", hash = "sha256:c3c74dd3e83a5a3efc37b3c18d92bd6f86a6791c7b7d4dff62bb068500e76457"},
    {file = "djangorestframework-3.17.1.tar.gz", hash = "sha256:a6def5f447fe78ff853bff1d47a3c59bf38f5434b031780b351b0c73a62db1a5"},
 ]
 [package.dependencies]
 django = ">=4.2"
 [[package]]
 name = "djangorestframework-simplejwt"
 version = "5.5.1"
 description = "A minimal JSON Web Token authentication plugin for Django REST Framework"
 optional = false
 python-versions = ">=3.9"
 groups = ["main"]
 files = [
    {file = "djangorestframework_simplejwt-5.5.1-py3-none-any.whl", hash = "sha256:2c30f3707053d384e9f315d11c2daccfcb548d4faa453111ca19a542b732e469"},
    {file = "djangorestframework_simplejwt-5.5.1.tar.gz", hash = "sha256:e72c5572f51d7803021288e2057afcbd03f17fe11d484096f40a460abc76e87f"},
 ]
 [package.dependencies]
 django = ">=4.2"
 djangorestframework = ">=3.14"
 pyjwt = ">=1.7.1"
 [package.extras]
 crypto = ["cryptography (>=3.3.1)"]
 dev = ["Sphinx", "cryptography", "freezegun", "ipython", "pre-commit", "pytest", "pytest-cov", "pytest-django", "pytest-watch", "pytest-xdist", "python-jose (==3.3.0)", "pyupgrade", "ruff", "sphinx_rtd_theme (>=0.1.9)", "tox", "twine", "wheel", "yesqa"]
 doc = ["Sphinx", "sphinx_rtd_theme (>=0.1.9)"]
 lint = ["pre-commit", "pyupgrade", "ruff", "yesqa"]
 python-jose = ["python-jose (==3.3.0)"]
 test = ["cryptography", "freezegun", "pytest", "pytest-cov", "pytest-django", "pytest-xdist", "tox"]
 [[package]]
 name = "pyjwt"
 version = "2.12.1"
 description = "JSON Web Token implementation in Python"
 optional = false
 python-versions = ">=3.9"
 groups = ["main"]
 files = [
    {file = "pyjwt-2.12.1-py3-none-any.whl", hash = "sha256:28ca37c070cad8ba8cd9790cd940535d40274d22f80ab87f3ac6a713e6e8454c"},
    {file = "pyjwt-2.12.1.tar.gz", hash = "sha256:c74a7a2adf861c04d002db713dd85f84beb242228e671280bf709d765b03672b"},
 ]
 [package.extras]
 crypto = ["cryptography (>=3.4.0)"]
 dev = ["coverage[toml] (==7.10.7)", "cryptography (>=3.4.0)", "pre-commit", "pytest (>=8.4.2,<9.0.0)", "sphinx", "sphinx-rtd-theme", "zope.interface"]
 docs = ["sphinx", "sphinx-rtd-theme", "zope.interface"]
 tests = ["coverage[toml] (==7.10.7)", "pytest (>=8.4.2,<9.0.0)"]
 [[package]]
 name = "sabatron-tryton-rpc-client"
 version = "7.4.0"
 description = "Python RPC Client for Tryton"
 optional = false
 python-versions = ">=3.6"
 groups = ["main"]
 files = [
    {file = "sabatron_tryton_rpc_client-7.4.0-py3-none-any.whl", hash = "sha256:131d8d9d6a1dc1d556d4806fa7750ca637247f021881dca5c2855d8a44e4bd45"},
    {file = "sabatron_tryton_rpc_client-7.4.0.tar.gz", hash = "sha256:3d3ededd1a8488463d6338cd7d8b2a271834ba42fc220ebb8e15e983c0e5b19d"},
 ]
 [[package]]
 name = "sqlparse"
 version = "0.5.5"
 description = "A non-validating SQL parser."
 optional = false
 python-versions = ">=3.8"
 groups = ["main"]
 files = [
    {file = "sqlparse-0.5.5-py3-none-any.whl", hash = "sha256:12a08b3bf3eec877c519589833aed092e2444e68240a3577e8e26148acc7b1ba"},
    {file = "sqlparse-0.5.5.tar.gz", hash = "sha256:e20d4a9b0b8585fdf63b10d30066c7c94c5d7a7ec47c889a2d83a3caa93ff28e"},
 ]
 [package.extras]
 dev = ["build"]
 doc = ["sphinx"]
 [[package]]
 name = "tzdata"
 version = "2026.2"
 description = "Provider of IANA time zone data"
 optional = false
 python-versions = ">=2"
 groups = ["main"]
 markers = "sys_platform == \"win32\""
 files = [
    {file = "tzdata-2026.2-py2.py3-none-any.whl", hash = "sha256:bbe9af844f658da81a5f95019480da3a89415801f6cc966806612cc7169bffe7"},
    {file = "tzdata-2026.2.tar.gz", hash = "sha256:9173fde7d80d9018e02a662e168e5a2d04f87c41ea174b139fbef642eda62d10"},
 ]
 [metadata]
 lock-version = "2.1"
 python-versions = ">=3.14"
 content-hash = "f477382ae6c0dca55653b5c1b6784e0988a757c44c8d4e5d08417295c666cbc0"
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -0,0 +1,21 @@
 [project]
 name = "don-confiao-backend"
 version = "0.1.0"
 description = "Shop for Recreo store"
 authors = [
    {name = "aserrador",email = "alejandro.ayala@onecluster.org"}
 ]
 license = {text = "GPL-3.0-or-later"}
 requires-python = ">=3.14"
 dependencies = [
    "django (>=6.0.5,<7.0.0)",
    "djangorestframework (>=3.17.1,<4.0.0)",
    "django-cors-headers (>=4.9.0,<5.0.0)",
    "djangorestframework-simplejwt (>=5.5.1,<6.0.0)",
    "sabatron-tryton-rpc-client (>=7.4.0,<8.0.0)"
 ]
 [build-system]
 requires = ["poetry-core>=2.0.0,<3.0.0"]
 build-backend = "poetry.core.masonry.api"
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,17 @@
 Django==5.0.6
 djangorestframework
 django-cors-headers
 djangorestframework-simplejwt
 sabatron-tryton-rpc-client==7.4.0
 # Database drivers
 psycopg2-binary  # PostgreSQL driver for production
 # Production server
 gunicorn  # WSGI HTTP Server for production
 # Environment variable management
 python-decouple  # Manage environment variables and settings
 # Optional: Static files serving in production
 # whitenoise  # Serve static files efficiently
--- a/tienda_ilusion/tienda_ilusion/init.py
+++ b/tienda_ilusion/tienda_ilusion/init.py
--- a/tienda_ilusion/tienda_ilusion/asgi.py
+++ b/tienda_ilusion/tienda_ilusion/asgi.py
@@ -11,6 +11,6 @@ import os
 from django.core.asgi import get_asgi_application
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'tienda_ilusion.settings')
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings")
 application = get_asgi_application()
--- a/tienda_ilusion/config/settings/init.py
+++ b/tienda_ilusion/config/settings/init.py
@@ -0,0 +1,36 @@
 """
 Settings module for tienda_ilusion project.
 This module automatically loads the appropriate settings based on the DJANGO_ENV
 environment variable. Valid values are:
 - 'development' (default): Development settings
 - 'production': Production settings
 Usage:
    Set DJANGO_ENV environment variable before running Django:
    Development:
        export DJANGO_ENV=development
        python manage.py runserver
    Production:
        export DJANGO_ENV=production
        gunicorn config.wsgi:application
 """
 import os
 # Determine which environment settings to load
 DJANGO_ENV = os.environ.get("DJANGO_ENV", "development")
 if DJANGO_ENV == "production":
    from .production import *
 elif DJANGO_ENV == "development":
    from .development import *
 else:
    # Fallback to development if unknown environment
    from .development import *
    print(
        f"Warning: Unknown DJANGO_ENV '{DJANGO_ENV}', falling back to development settings"
    )
--- a/tienda_ilusion/config/settings/base.py
+++ b/tienda_ilusion/config/settings/base.py
@@ -0,0 +1,175 @@
 """
 Django settings for tienda_ilusion project.
 Generated by 'django-admin startproject' using Django 5.0.6.
 For more information on this file, see
 https://docs.djangoproject.com/en/5.0/topics/settings/
 For the full list of settings and their values, see
 https://docs.djangoproject.com/en/5.0/ref/settings/
 """
 import os
 from datetime import timedelta
 from pathlib import Path
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 # BASE_DIR apunta a tienda_ilusion/ (3 niveles arriba desde settings/base.py)
 BASE_DIR = Path(__file__).resolve().parent.parent.parent
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/5.0/howto/deployment/checklist/
 # SECURITY WARNING: keep the secret key used in production secret!
 # This will be overridden in production settings
 SECRET_KEY = os.environ.get(
    "SECRET_KEY",
    "django-insecure-zh6rinl@8y7g(cf781snisx2j%p^c#d&b2@@9cqe!v@4yv8x=v",
 )
 # SECURITY WARNING: don't run with debug turned on in production!
 # This will be overridden in each environment
 DEBUG = True
 # This will be overridden in each environment
 ALLOWED_HOSTS = []
 # This will be overridden in each environment
 CORS_ALLOWED_ORIGINS = []
 # Application definition
 INSTALLED_APPS = [
    "don_confiao.apps.DonConfiaoConfig",
    "django.contrib.admin",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "rest_framework",
    "rest_framework.authtoken",
    "corsheaders",
    "users",
    # 'don_confiao'
 ]
 MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
    "corsheaders.middleware.CorsMiddleware",
 ]
 ROOT_URLCONF = "config.urls"
 TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "DIRS": [os.path.join(BASE_DIR, "tienda_ilusion/templates")],
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
            ],
        },
    },
 ]
 WSGI_APPLICATION = "config.wsgi.application"
 # Database
 # https://docs.djangoproject.com/en/5.0/ref/settings/#databases
 # This will be overridden in each environment
 DATABASES = {
    "default": {
        "ENGINE": "django.db.backends.sqlite3",
        "NAME": BASE_DIR / "db.sqlite3",
    }
 }
 # Password validation
 # https://docs.djangoproject.com/en/5.0/ref/settings/#auth-password-validators
 AUTH_PASSWORD_VALIDATORS = [
    {
        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
    },
 ]
 # Internationalization
 # https://docs.djangoproject.com/en/5.0/topics/i18n/
 LANGUAGE_CODE = "en-us"
 TIME_ZONE = "UTC"
 USE_I18N = True
 USE_TZ = True
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/5.0/howto/static-files/
 STATIC_URL = "static/"
 STATIC_ROOT = BASE_DIR / "staticfiles"
 # Default primary key field type
 # https://docs.djangoproject.com/en/5.0/ref/settings/#default-auto-field
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 FIXTURE_DIRS = ["don_confiao/tests/Fixtures"]
 REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": [
        "rest_framework_simplejwt.authentication.JWTAuthentication",
    ],
    "DEFAULT_PERMISSION_CLASSES": [
        "rest_framework.permissions.IsAuthenticated",
    ],
 }
 SIMPLE_JWT = {
    "ACCESS_TOKEN_LIFETIME": timedelta(minutes=30),
    "REFRESH_TOKEN_LIFETIME": timedelta(days=1),
    "AUTH_HEADER_TYPES": ("Bearer",),
 }
 # Logging configuration (can be overridden in environment settings)
 LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "handlers": {
        "console": {
            "class": "logging.StreamHandler",
        },
    },
    "root": {
        "handlers": ["console"],
        "level": "INFO",
    },
 }
--- a/tienda_ilusion/config/settings/development.py
+++ b/tienda_ilusion/config/settings/development.py
@@ -0,0 +1,92 @@
 """
 Development settings for tienda_ilusion project.
 This file contains settings specific to local development environment.
 Uses SQLite database and permissive CORS settings for easier development.
 """
 import os
 from .base import *
 # SECURITY WARNING: don't use this in production!
 DEBUG = True
 # SECRET_KEY for development (insecure, but convenient for development)
 SECRET_KEY = os.environ.get(
    "SECRET_KEY",
    "django-insecure-development-key-zh6rinl@8y7g(cf781snisx2j%p^c#d&b2@@9cqe!v@4yv8x=v",
 )
 # Allow all hosts in development for easier testing
 ALLOWED_HOSTS = os.environ.get("ALLOWED_HOSTS", "localhost,127.0.0.1,0.0.0.0").split(
    ","
 )
 # CORS settings for development
 CORS_ALLOWED_ORIGINS = os.environ.get(
    "CORS_ALLOWED_ORIGINS",
    "http://localhost:3000,http://localhost:7001,http://localhost:5173",
 ).split(",")
 # Allow credentials in CORS for development
 CORS_ALLOW_CREDENTIALS = True
 # Database - SQLite for development
 DATABASES = {
    "default": {
        "ENGINE": "django.db.backends.sqlite3",
        "NAME": BASE_DIR / "db.sqlite3",
    }
 }
 # Email backend for development (prints to console)
 EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
 # Enhanced logging for development
 LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "formatters": {
        "verbose": {
            "format": "[{levelname}] {asctime} {module} {message}",
            "style": "{",
        },
    },
    "handlers": {
        "console": {
            "class": "logging.StreamHandler",
            "formatter": "verbose",
        },
    },
    "root": {
        "handlers": ["console"],
        "level": "DEBUG",
    },
    "loggers": {
        "django": {
            "handlers": ["console"],
            "level": "INFO",
            "propagate": False,
        },
        "django.db.backends": {
            "handlers": ["console"],
            "level": "DEBUG",
            "propagate": False,
        },
    },
 }
 # Development-only apps (optional)
 # Uncomment to add django-debug-toolbar or other dev tools
 # INSTALLED_APPS += [
 #     'debug_toolbar',
 # ]
 # MIDDLEWARE += [
 #     'debug_toolbar.middleware.DebugToolbarMiddleware',
 # ]
 # INTERNAL_IPS for debug toolbar
 # INTERNAL_IPS = [
 #     '127.0.0.1',
 # ]
--- a/tienda_ilusion/config/settings/production.py
+++ b/tienda_ilusion/config/settings/production.py
@@ -0,0 +1,180 @@
 """
 Production settings for tienda_ilusion project.
 This file contains settings specific to production environment.
 Uses PostgreSQL database and strict security settings.
 IMPORTANT: All sensitive values MUST be provided via environment variables.
 """
 import os
 from .base import *
 # SECURITY WARNING: DEBUG must be False in production!
 DEBUG = False
 # SECRET_KEY must be provided via environment variable in production
 SECRET_KEY = os.environ.get("SECRET_KEY")
 if not SECRET_KEY:
    raise ValueError("SECRET_KEY environment variable must be set in production!")
 # ALLOWED_HOSTS must be provided via environment variable
 ALLOWED_HOSTS = os.environ.get("ALLOWED_HOSTS", "").split(",")
 if not ALLOWED_HOSTS or ALLOWED_HOSTS == [""]:
    raise ValueError("ALLOWED_HOSTS environment variable must be set in production!")
 # CORS settings for production
 CORS_ALLOWED_ORIGINS = os.environ.get("CORS_ALLOWED_ORIGINS", "").split(",")
 if not CORS_ALLOWED_ORIGINS or CORS_ALLOWED_ORIGINS == [""]:
    raise ValueError(
        "CORS_ALLOWED_ORIGINS environment variable must be set in production!"
    )
 CORS_ALLOW_CREDENTIALS = True
 # Database - PostgreSQL for production
 DATABASES = {
    "default": {
        "ENGINE": "django.db.backends.postgresql",
        "NAME": os.environ.get("DB_NAME", "tienda_ilusion"),
        "USER": os.environ.get("DB_USER", "postgres"),
        "PASSWORD": os.environ.get("DB_PASSWORD"),
        "HOST": os.environ.get("DB_HOST", "localhost"),
        "PORT": os.environ.get("DB_PORT", "5432"),
        "CONN_MAX_AGE": 600,  # Persistent connections
    }
 }
 if not DATABASES["default"]["PASSWORD"]:
    raise ValueError("DB_PASSWORD environment variable must be set in production!")
 # Security settings for HTTPS
 SECURE_SSL_REDIRECT = True
 SESSION_COOKIE_SECURE = True
 CSRF_COOKIE_SECURE = True
 SECURE_BROWSER_XSS_FILTER = True
 SECURE_CONTENT_TYPE_NOSNIFF = True
 X_FRAME_OPTIONS = "DENY"
 # HTTP Strict Transport Security (HSTS)
 SECURE_HSTS_SECONDS = 31536000  # 1 year
 SECURE_HSTS_INCLUDE_SUBDOMAINS = True
 SECURE_HSTS_PRELOAD = True
 # Proxy headers for deployment behind reverse proxy (nginx, etc.)
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 # Email configuration for production
 # Adjust based on your email service
 EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
 EMAIL_HOST = os.environ.get("EMAIL_HOST", "smtp.gmail.com")
 EMAIL_PORT = int(os.environ.get("EMAIL_PORT", "587"))
 EMAIL_USE_TLS = os.environ.get("EMAIL_USE_TLS", "True") == "True"
 EMAIL_HOST_USER = os.environ.get("EMAIL_HOST_USER", "")
 EMAIL_HOST_PASSWORD = os.environ.get("EMAIL_HOST_PASSWORD", "")
 DEFAULT_FROM_EMAIL = os.environ.get("DEFAULT_FROM_EMAIL", "noreply@tiendailusion.com")
 # Static files configuration for production
 # Serve static files using WhiteNoise or CDN
 STATIC_ROOT = BASE_DIR / "staticfiles"
 STATIC_URL = "/static/"
 # Media files configuration
 MEDIA_ROOT = BASE_DIR / "media"
 MEDIA_URL = "/media/"
 # Optional: WhiteNoise configuration for serving static files
 # Uncomment if using WhiteNoise
 # MIDDLEWARE.insert(1, 'whitenoise.middleware.WhiteNoiseMiddleware')
 # STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
 # Production logging - log to file and console
 LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "formatters": {
        "verbose": {
            "format": "[{levelname}] {asctime} {name} {message}",
            "style": "{",
        },
        "simple": {
            "format": "[{levelname}] {message}",
            "style": "{",
        },
    },
    "handlers": {
        "console": {
            "class": "logging.StreamHandler",
            "formatter": "simple",
        },
        "file": {
            "class": "logging.handlers.RotatingFileHandler",
            "filename": BASE_DIR / "logs" / "django.log",
            "maxBytes": 1024 * 1024 * 15,  # 15MB
            "backupCount": 10,
            "formatter": "verbose",
        },
    },
    "root": {
        "handlers": ["console", "file"],
        "level": "INFO",
    },
    "loggers": {
        "django": {
            "handlers": ["console", "file"],
            "level": "INFO",
            "propagate": False,
        },
        "django.security": {
            "handlers": ["console", "file"],
            "level": "WARNING",
            "propagate": False,
        },
    },
 }
 # Create logs directory if it doesn't exist
 import pathlib
 logs_dir = BASE_DIR / "logs"
 pathlib.Path(logs_dir).mkdir(parents=True, exist_ok=True)
 # Admin email notifications for errors (optional)
 ADMINS = [
    ("Admin", os.environ.get("ADMIN_EMAIL", "admin@tiendailusion.com")),
 ]
 MANAGERS = ADMINS
 # Cache configuration (optional - adjust based on your setup)
 # Using local memory cache by default
 CACHES = {
    "default": {
        "BACKEND": "django.core.cache.backends.locmem.LocMemCache",
        "LOCATION": "unique-snowflake",
    }
 }
 # For Redis cache (recommended for production):
 # CACHES = {
 #     "default": {
 #         "BACKEND": "django_redis.cache.RedisCache",
 #         "LOCATION": os.environ.get("REDIS_URL", "redis://127.0.0.1:6379/1"),
 #         "OPTIONS": {
 #             "CLIENT_CLASS": "django_redis.client.DefaultClient",
 #         }
 #     }
 # }
 # Session configuration
 SESSION_ENGINE = "django.contrib.sessions.backends.db"
 SESSION_COOKIE_AGE = 86400  # 24 hours
 SESSION_COOKIE_HTTPONLY = True
 SESSION_COOKIE_SAMESITE = "Lax"
 # CSRF configuration
 CSRF_COOKIE_HTTPONLY = True
 CSRF_COOKIE_SAMESITE = "Lax"
 CSRF_TRUSTED_ORIGINS = os.environ.get("CSRF_TRUSTED_ORIGINS", "").split(",")
 # Performance optimizations
 CONN_MAX_AGE = 600  # Database connection pooling
--- a/tienda_ilusion/tienda_ilusion/urls.py
+++ b/tienda_ilusion/tienda_ilusion/urls.py
@@ -16,11 +16,19 @@ Including another URLconf
 """
 from django.contrib import admin
 from django.urls import include, path
-
+from rest_framework_simplejwt.views import (
    TokenObtainPairView,
    TokenRefreshView,
 )
 app_name = "don_confiao"
 urlpatterns = [
    path("don_confiao/", include("don_confiao.urls")),
    path('admin/', admin.site.urls),
    path('api/token/', TokenObtainPairView.as_view(),
         name='token_obtain_pair'),
    path('api/token/refresh/', TokenRefreshView.as_view(),
         name='token_refresh'),
    path('api/users/', include('users.urls')),
 ]
--- a/tienda_ilusion/tienda_ilusion/wsgi.py
+++ b/tienda_ilusion/tienda_ilusion/wsgi.py
@@ -11,6 +11,6 @@ import os
 from django.core.wsgi import get_wsgi_application
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'tienda_ilusion.settings')
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings")
 application = get_wsgi_application()
--- a/tienda_ilusion/don_confiao/api_views.py
+++ b/tienda_ilusion/don_confiao/api_views.py
@@ -3,10 +3,12 @@ from rest_framework.response import Response
 from rest_framework.status import HTTP_400_BAD_REQUEST
 from rest_framework.views import APIView
 from rest_framework.pagination import PageNumberPagination
 from rest_framework.permissions import IsAuthenticated
 from .models import Sale, SaleLine, Customer, Product, ReconciliationJar, PaymentMethods, AdminCode
 from .serializers import SaleSerializer, ProductSerializer, CustomerSerializer, ReconciliationJarSerializer, PaymentMethodSerializer, SaleForRenconciliationSerializer, SaleSummarySerializer
 from .views import sales_to_tryton_csv
 from .permissions import IsAdministrator
 from decimal import Decimal
 from sabatron_tryton_rpc_client.client import Client
@@ -74,6 +76,8 @@ class CustomerView(viewsets.ModelViewSet):
 class ReconciliateJarView(APIView):
    permission_classes = [IsAuthenticated, IsAdministrator]
    def post(self, request):
        data = request.data
        cash_purchases_id = data.get('cash_purchases')
@@ -131,6 +135,8 @@ class PaymentMethodView(APIView):
 class SalesForReconciliationView(APIView):
    permission_classes = [IsAuthenticated, IsAdministrator]
    def get(self, request):
        sales = Sale.objects.filter(reconciliation=None)
        grouped_sales = {}
@@ -152,6 +158,8 @@ class SaleSummary(APIView):
 class AdminCodeValidateView(APIView):
    permission_classes = [IsAuthenticated, IsAdministrator]
    def get(self, request, code):
        codes = AdminCode.objects.filter(value=code)
        return Response({'validCode': bool(codes)})
@@ -161,9 +169,12 @@ class ReconciliateJarModelView(viewsets.ModelViewSet):
    queryset = ReconciliationJar.objects.all().order_by('-date_time')
    pagination_class = Pagination
    serializer_class = ReconciliationJarSerializer
    permission_classes = [IsAuthenticated, IsAdministrator]
 class SalesForTrytonView(APIView):
    permission_classes = [IsAuthenticated, IsAdministrator]
    def get(self, request):
        sales = Sale.objects.all()
        csv = self._generate_sales_CSV(sales)
@@ -180,6 +191,8 @@ class SalesForTrytonView(APIView):
 class SalesToTrytonView(APIView):
    permission_classes = [IsAuthenticated, IsAdministrator]
    def post(self, request):
        tryton_client = Client(
            hostname=TRYTON_HOST,
@@ -269,6 +282,8 @@ class TrytonLineSale:
 class ProductsFromTrytonView(APIView):
    permission_classes = [IsAuthenticated, IsAdministrator]
    def post(self, request):
        tryton_client = Client(
            hostname=TRYTON_HOST,
@@ -362,6 +377,8 @@ class ProductsFromTrytonView(APIView):
 class CustomersFromTrytonView(APIView):
    permission_classes = [IsAuthenticated, IsAdministrator]
    def post(self, request):
        tryton_client = Client(
            hostname=TRYTON_HOST,
--- a/tienda_ilusion/don_confiao/migrations/0044_alter_payment_type_payment_alter_sale_payment_method.py
+++ b/tienda_ilusion/don_confiao/migrations/0044_alter_payment_type_payment_alter_sale_payment_method.py
@@ -0,0 +1,23 @@
 # Generated by Django 5.0.6 on 2026-03-15 04:39
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('don_confiao', '0043_customer_address_external_id'),
    ]
    operations = [
        migrations.AlterField(
            model_name='payment',
            name='type_payment',
            field=models.CharField(choices=[('CASH', 'Efectivo'), ('CONFIAR', 'Confiar'), ('BANCOLOMBIA', 'Bancolombia'), ('CREDIT', 'Crédito')], default='CASH', max_length=30),
        ),
        migrations.AlterField(
            model_name='sale',
            name='payment_method',
            field=models.CharField(choices=[('CASH', 'Efectivo'), ('CONFIAR', 'Confiar'), ('BANCOLOMBIA', 'Bancolombia'), ('CREDIT', 'Crédito')], default='CASH', max_length=30),
        ),
    ]
--- a/tienda_ilusion/don_confiao/models.py
+++ b/tienda_ilusion/don_confiao/models.py
@@ -7,25 +7,30 @@ from datetime import datetime
 class PaymentMethods(models.TextChoices):
-    CASH = 'CASH', _('Efectivo')
+    CASH = "CASH", _("Efectivo")
-    CONFIAR = 'CONFIAR', _('Confiar')
+    CONFIAR = "CONFIAR", _("Confiar")
-    BANCOLOMBIA = 'BANCOLOMBIA', _('Bancolombia')
+    BANCOLOMBIA = "BANCOLOMBIA", _("Bancolombia")
    CREDIT = "CREDIT", _("Crédito")
 class Customer(models.Model):
-    name = models.CharField(max_length=100, default=None, null=False, blank=False)
+    name = models.CharField(
        max_length=100, default=None, null=False, blank=False
    )
    address = models.CharField(max_length=100, null=True, blank=True)
    email = models.CharField(max_length=100, null=True, blank=True)
    phone = models.CharField(max_length=100, null=True, blank=True)
    external_id = models.CharField(max_length=100, null=True, blank=True)
-    address_external_id = models.CharField(max_length=100, null=True, blank=True)
+    address_external_id = models.CharField(
        max_length=100, null=True, blank=True
    )
    def __str__(self):
        return self.name
 class MeasuringUnits(models.TextChoices):
-    UNIT = 'UNIT', _('Unit')
+    UNIT = "UNIT", _("Unit")
 class ProductCategory(models.Model):
@@ -41,9 +46,11 @@ class Product(models.Model):
    measuring_unit = models.CharField(
        max_length=20,
        choices=MeasuringUnits.choices,
-        default=MeasuringUnits.UNIT
+        default=MeasuringUnits.UNIT,
    )
    unit_external_id = models.CharField(
        max_length=100, null=True, blank=True
    )
    unit_external_id = models.CharField(max_length=100, null=True, blank=True)
    categories = models.ManyToManyField(ProductCategory)
    external_id = models.CharField(max_length=100, null=True, blank=True)
@@ -60,7 +67,8 @@ class Product(models.Model):
                "name": product.name,
                "price_list": product.price,
                "uom": product.measuring_unit,
-                "categories": [c.name for c in product.categories.all()]
+                "external_id": product.external_id,
                "categories": [c.name for c in product.categories.all()],
            }
            products_list.append(rproduct)
        return products_list
@@ -73,7 +81,9 @@ class ReconciliationJar(models.Model):
    reconcilier = models.CharField(max_length=255, null=False, blank=False)
    cash_taken = models.DecimalField(max_digits=9, decimal_places=2)
    cash_discrepancy = models.DecimalField(max_digits=9, decimal_places=2)
-    total_cash_purchases = models.DecimalField(max_digits=9, decimal_places=2)
+    total_cash_purchases = models.DecimalField(
        max_digits=9, decimal_places=2
    )
    def clean(self):
        self._validate_taken_ammount()
@@ -101,13 +111,13 @@ class Sale(models.Model):
        choices=PaymentMethods.choices,
        default=PaymentMethods.CASH,
        blank=False,
-        null=False
+        null=False,
    )
    reconciliation = models.ForeignKey(
        ReconciliationJar,
        on_delete=models.RESTRICT,
-        related_name='Sales',
+        related_name="Sales",
-        null=True
+        null=True,
    )
    external_id = models.CharField(max_length=100, null=True, blank=True)
@@ -120,7 +130,9 @@ class Sale(models.Model):
    def clean(self):
        if self.payment_method not in PaymentMethods.values:
-            raise ValidationError({'payment_method': "Invalid payment method"})
+            raise ValidationError(
                {"payment_method": "Invalid payment method"}
            )
    @classmethod
    def sale_header_csv(cls):
@@ -132,8 +144,12 @@ class Sale(models.Model):
 class SaleLine(models.Model):
    sale = models.ForeignKey(Sale, on_delete=models.CASCADE)
-    product = models.ForeignKey(Product, null=False, blank=False, on_delete=models.CASCADE)
+    product = models.ForeignKey(
-    quantity = models.DecimalField(max_digits=10, decimal_places=2, null=True)
+        Product, null=False, blank=False, on_delete=models.CASCADE
    )
    quantity = models.DecimalField(
        max_digits=10, decimal_places=2, null=True
    )
    unit_price = models.DecimalField(max_digits=9, decimal_places=2)
    description = models.CharField(max_length=255, null=True, blank=True)
@@ -141,7 +157,7 @@ class SaleLine(models.Model):
        return f"{self.sale} - {self.product}"
-class ReconciliationJarSummary():
+class ReconciliationJarSummary:
    def __init__(self, payments):
        self._validate_payments(payments)
        self._payments = payments
@@ -163,7 +179,7 @@ class Payment(models.Model):
    type_payment = models.CharField(
        max_length=30,
        choices=PaymentMethods.choices,
-        default=PaymentMethods.CASH
+        default=PaymentMethods.CASH,
    )
    amount = models.DecimalField(max_digits=9, decimal_places=2)
    reconciliation_jar = models.ForeignKey(
@@ -171,7 +187,7 @@ class Payment(models.Model):
        null=True,
        default=None,
        blank=True,
-        on_delete=models.RESTRICT
+        on_delete=models.RESTRICT,
    )
    description = models.CharField(max_length=255, null=True, blank=True)
@@ -179,8 +195,7 @@ class Payment(models.Model):
    def get_reconciliation_jar_summary(cls):
        return ReconciliationJarSummary(
            cls.objects.filter(
-                type_payment=PaymentMethods.CASH,
+                type_payment=PaymentMethods.CASH, reconciliation_jar=None
                reconciliation_jar=None
            )
        )
--- a/tienda_ilusion/don_confiao/permissions.py
+++ b/tienda_ilusion/don_confiao/permissions.py
@@ -0,0 +1,6 @@
 from rest_framework.permissions import BasePermission
 class IsAdministrator(BasePermission):
    def has_permission(self, request, view):
        return request.user and request.user.is_staff
--- a/tienda_ilusion/don_confiao/serializers.py
+++ b/tienda_ilusion/don_confiao/serializers.py
@@ -21,7 +21,7 @@ class SaleSerializer(serializers.ModelSerializer):
 class ProductSerializer(serializers.ModelSerializer):
    class Meta:
        model = Product
-        fields = ['id', 'name', 'price', 'measuring_unit', 'categories']
+        fields = ['id', 'name', 'price', 'measuring_unit', 'categories', 'external_id']
 class CustomerSerializer(serializers.ModelSerializer):
--- a/tienda_ilusion/don_confiao/tests/Mixins.py
+++ b/tienda_ilusion/don_confiao/tests/Mixins.py
@@ -0,0 +1,19 @@
 from django.contrib.auth.models import User
 from rest_framework_simplejwt.tokens import RefreshToken
 from rest_framework.test import APIClient
 class LoginMixin:
    def login(self):
        self.user = User.objects.create_superuser(
            username='admin',
            email='admin@example.com',
            password='adminpass'
        )
        refresh = RefreshToken.for_user(self.user)
        self.access_token = str(refresh.access_token)
        self.client = APIClient()
        self.client.credentials(
            HTTP_AUTHORIZATION=f'Bearer {self.access_token}')
--- a/tienda_ilusion/don_confiao/tests/test_admin_code.py
+++ b/tienda_ilusion/don_confiao/tests/test_admin_code.py
@@ -1,20 +1,21 @@
-from django.test import TestCase, Client
+from django.test import TestCase
 from ..models import AdminCode
 from .Mixins import LoginMixin
 import json
-class TestAdminCode(TestCase):
+class TestAdminCode(TestCase, LoginMixin):
    def setUp(self):
        self.login()
        self.valid_code = 'some valid code'
        admin_code = AdminCode()
        admin_code.value = self.valid_code
        admin_code.clean()
        admin_code.save()
        self.client = Client()
    def test_validate_code(self):
        url = '/don_confiao/api/admin_code/validate/' + self.valid_code
        response = self.client.get(url)
--- a/tienda_ilusion/don_confiao/tests/test_api.py
+++ b/tienda_ilusion/don_confiao/tests/test_api.py
@@ -2,14 +2,16 @@ import json
 import csv
 import io
 from django.urls import reverse
 from rest_framework import status
 from rest_framework.test import APITestCase
 from ..models import Sale, Product, Customer
 from .Mixins import LoginMixin
-class TestAPI(APITestCase):
+class TestAPI(APITestCase, LoginMixin):
    def setUp(self):
        self.login()
        self.product = Product.objects.create(
            name='Panela',
            price=5000,
--- a/tienda_ilusion/don_confiao/tests/test_customers_from_tryton.py
+++ b/tienda_ilusion/don_confiao/tests/test_customers_from_tryton.py
@@ -1,12 +1,15 @@
 import json
 from unittest.mock import patch
-from django.test import Client, TestCase
+from django.test import TestCase
 from ..models import Customer
 from .Mixins import LoginMixin
-class TestCustomersFromTryton(TestCase):
+class TestCustomersFromTryton(TestCase, LoginMixin):
    def setUp(self):
        self.login()
        self.customer = Customer.objects.create(
            name='Calos',
            external_id=5
--- a/tienda_ilusion/don_confiao/tests/test_exportar_ventas_para_tryton.py
+++ b/tienda_ilusion/don_confiao/tests/test_exportar_ventas_para_tryton.py
@@ -2,13 +2,16 @@ import csv
 import json
 from unittest.mock import patch
-from django.test import TestCase, Client
+from django.test import TestCase
 from django.urls import reverse
 from ..models import Sale, SaleLine, Product, Customer
 from .Mixins import LoginMixin
-class TestExportarVentasParaTryton(TestCase):
+
 class TestExportarVentasParaTryton(TestCase, LoginMixin):
    def setUp(self):
        self.login()
        self.product = Product.objects.create(
            name='Panela',
            price=5000,
@@ -41,9 +44,8 @@ class TestExportarVentasParaTryton(TestCase):
        )
    def test_exportar_ventas_para_tryton(self):
        client = Client()
        url = '/don_confiao/exportar_ventas_para_tryton'
-        response = client.get(url)
+        response = self.client.get(url)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response['Content-Type'], 'text/csv')
        csv_content = response.content.decode('utf-8')
@@ -82,12 +84,11 @@ class TestExportarVentasParaTryton(TestCase):
    @patch('sabatron_tryton_rpc_client.client.Client.call')
    @patch('sabatron_tryton_rpc_client.client.Client.connect')
    def test_send_sales_to_tryton(self, mock_connect, mock_call):
        client = Client()
        external_id = '23423'
        url = '/don_confiao/api/enviar_ventas_a_tryton'
        mock_connect.return_value = None
        mock_call.return_value = [external_id]
-        response = client.post(url)
+        response = self.client.post(url)
        self.assertEqual(response.status_code, 200)
        content = json.loads(response.content.decode('utf-8'))
--- a/tienda_ilusion/don_confiao/tests/test_jar_reconciliation.py
+++ b/tienda_ilusion/don_confiao/tests/test_jar_reconciliation.py
@@ -1,18 +1,19 @@
-from django.test import TestCase, Client
+from django.test import TestCase
 from django.core.exceptions import ValidationError
 from ..models import Sale, Product, SaleLine, Customer, ReconciliationJar
 from .Mixins import LoginMixin
 import json
-class TestJarReconcliation(TestCase):
+class TestJarReconcliation(TestCase, LoginMixin):
    def setUp(self):
        self.login()
        customer = Customer()
        customer.name = 'Alejo Mono'
        customer.save()
        self.client = Client()
        purchase = Sale()
        purchase.customer = customer
        purchase.date = "2024-07-30"
--- a/tienda_ilusion/don_confiao/tests/test_payment_methods.py
+++ b/tienda_ilusion/don_confiao/tests/test_payment_methods.py
@@ -1,10 +1,10 @@
-from django.test import Client, TestCase
+from django.test import TestCase
 from .Mixins import LoginMixin
 # from ..models import PaymentMethods
-class TestPaymentMethods(TestCase):
+class TestPaymentMethods(TestCase, LoginMixin):
    def setUp(self):
-        self.client = Client()
+        self.login()
    def test_keys_in_payment_methods_to_select(self):
        response = self.client.get(
@@ -21,3 +21,4 @@ class TestPaymentMethods(TestCase):
        self.assertIn('CASH', [method.get('value') for method in methods])
        self.assertIn('CONFIAR', [method.get('value') for method in methods])
        self.assertIn('BANCOLOMBIA', [method.get('value') for method in methods])
        self.assertIn('CREDIT', [method.get('value') for method in methods])
--- a/tienda_ilusion/don_confiao/tests/test_products_from_tryton.py
+++ b/tienda_ilusion/don_confiao/tests/test_products_from_tryton.py
@@ -2,12 +2,15 @@ import json
 from decimal import Decimal
 from unittest.mock import patch
-from django.test import Client, TestCase
+from django.test import TestCase
-from ..models import ProductCategory, Product
+from ..models import Product
 from .Mixins import LoginMixin
-class TestProductsFromTryton(TestCase):
+class TestProductsFromTryton(TestCase, LoginMixin):
    def setUp(self):
        self.login()
        self.product = Product.objects.create(
            name='Panela',
            price=5000,
--- a/tienda_ilusion/don_confiao/tests/test_summary_view_purchase.py
+++ b/tienda_ilusion/don_confiao/tests/test_summary_view_purchase.py
@@ -1,14 +1,16 @@
-from django.test import TestCase, Client
+from django.test import TestCase
 from ..models import Sale, Product, SaleLine, Customer
 from .Mixins import LoginMixin
-class TestSummaryViewPurchase(TestCase):
+class TestSummaryViewPurchase(TestCase, LoginMixin):
    def setUp(self):
        self.login()
        customer = Customer()
        customer.name = 'Alejo Mono'
        customer.save()
        self.client = Client()
        purchase = Sale()
        purchase.customer = customer
        purchase.date = "2024-07-30"
--- a/tienda_ilusion/manage.py
+++ b/tienda_ilusion/manage.py
@@ -1,12 +1,13 @@
 #!/usr/bin/env python
 """Django's command-line utility for administrative tasks."""
 import os
 import sys
 def main():
    """Run administrative tasks."""
-    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'tienda_ilusion.settings')
+    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings")
    try:
        from django.core.management import execute_from_command_line
    except ImportError as exc:
@@ -18,5 +19,5 @@ def main():
    execute_from_command_line(sys.argv)
-if __name__ == '__main__':
+if __name__ == "__main__":
    main()
--- a/tienda_ilusion/tienda_ilusion/settings.py
+++ b/tienda_ilusion/tienda_ilusion/settings.py
@@ -1,136 +0,0 @@
 """
 Django settings for tienda_ilusion project.
 Generated by 'django-admin startproject' using Django 5.0.6.
 For more information on this file, see
 https://docs.djangoproject.com/en/5.0/topics/settings/
 For the full list of settings and their values, see
 https://docs.djangoproject.com/en/5.0/ref/settings/
 """
 import os
 from pathlib import Path
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/5.0/howto/deployment/checklist/
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = os.environ.get(
    "SECRET_KEY",
    "django-insecure-zh6rinl@8y7g(cf781snisx2j%p^c#d&b2@@9cqe!v@4yv8x=v"
 )
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True if os.environ.get("DEBUG", 'False') in ['True', '1'] else False
 ALLOWED_HOSTS = os.environ.get('ALLOWED_HOSTS', 'localhost').split(',')
 CORS_ALLOWED_ORIGINS = os.environ.get(
    'CORS_ALLOWED_ORIGINS',
    'http://localhost:3000,http://localhost:7001').split(',')
 # Application definition
 INSTALLED_APPS = [
    'don_confiao.apps.DonConfiaoConfig',
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',
    'corsheaders',
    # 'don_confiao'
 ]
 MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.common.CommonMiddleware',
 ]
 ROOT_URLCONF = 'tienda_ilusion.urls'
 TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
 ]
 WSGI_APPLICATION = 'tienda_ilusion.wsgi.application'
 # Database
 # https://docs.djangoproject.com/en/5.0/ref/settings/#databases
 DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': BASE_DIR / 'db.sqlite3',
    }
 }
 # Password validation
 # https://docs.djangoproject.com/en/5.0/ref/settings/#auth-password-validators
 AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
 ]
 # Internationalization
 # https://docs.djangoproject.com/en/5.0/topics/i18n/
 LANGUAGE_CODE = 'en-us'
 TIME_ZONE = 'UTC'
 USE_I18N = True
 USE_TZ = True
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/5.0/howto/static-files/
 STATIC_URL = 'static/'
 # Default primary key field type
 # https://docs.djangoproject.com/en/5.0/ref/settings/#default-auto-field
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
 FIXTURE_DIRS = ['don_confiao/tests/Fixtures']
--- a/tienda_ilusion/users/init.py
+++ b/tienda_ilusion/users/init.py
--- a/tienda_ilusion/users/admin.py
+++ b/tienda_ilusion/users/admin.py
@@ -0,0 +1,3 @@
 from django.contrib import admin
 # Register your models here.
--- a/tienda_ilusion/users/apps.py
+++ b/tienda_ilusion/users/apps.py
@@ -0,0 +1,5 @@
 from django.apps import AppConfig
 class UsersConfig(AppConfig):
    name = 'users'
--- a/tienda_ilusion/users/migrations/init.py
+++ b/tienda_ilusion/users/migrations/init.py
--- a/tienda_ilusion/users/models.py
+++ b/tienda_ilusion/users/models.py
@@ -0,0 +1,3 @@
 from django.db import models
 # Create your models here.
--- a/tienda_ilusion/users/serializers.py
+++ b/tienda_ilusion/users/serializers.py
@@ -0,0 +1,13 @@
 from django.contrib.auth.models import User
 from rest_framework import serializers
 class UserSerializer(serializers.ModelSerializer):
    role = serializers.SerializerMethodField()
    class Meta:
        model = User
        fields = ('id', 'username', 'email', 'first_name', 'last_name', 'role')
    def get_role(self, obj):
        return 'administrator' if obj.is_staff else 'user'
--- a/tienda_ilusion/users/tests.py
+++ b/tienda_ilusion/users/tests.py
@@ -0,0 +1,98 @@
 from django.test import TestCase
 from django.urls import reverse
 from django.contrib.auth.models import User
 from rest_framework.test import APIClient
 from rest_framework_simplejwt.tokens import RefreshToken
 class MeEndpointTests(TestCase):
    def setUp(self):
        self.user = User.objects.create_superuser(
            username='admin',
            email='admin@example.com',
            password='adminpass'
        )
        refresh = RefreshToken.for_user(self.user)
        self.access_token = str(refresh.access_token)
        self.client = APIClient()
        self.client.credentials(
            HTTP_AUTHORIZATION=f'Bearer {self.access_token}')
    def test_me_endpoint_returns_correct_user_data(self):
        """
        Verifica que GET /api/users/me/ devuelve los datos del usuario
        autenticado.
        """
        url = reverse('current-user')
        response = self.client.get(url)
        self.assertEqual(response.status_code, 200)
        expected_fields = {'id', 'username', 'email',
                           'first_name', 'last_name', 'role'}
        self.assertTrue(expected_fields.issubset(response.json().keys()))
        data = response.json()
        self.assertEqual(data['username'], self.user.username)
        self.assertEqual(data['email'], self.user.email)
        self.assertEqual(data['first_name'], self.user.first_name)
        self.assertEqual(data['last_name'], self.user.last_name)
        self.assertEqual(data['role'], 'administrator')
    def test_regular_user_role_is_user(self):
        """
        Verifica que un usuario sin permisos de staff recibe role 'user'.
        """
        regular_user = User.objects.create_user(
            username='regular',
            email='regular@example.com',
            password='regularpass',
            is_staff=False
        )
        refresh = RefreshToken.for_user(regular_user)
        access_token = str(refresh.access_token)
        client = APIClient()
        client.credentials(HTTP_AUTHORIZATION=f'Bearer {access_token}')
        url = reverse('current-user')
        response = client.get(url)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.json()['role'], 'user')
    def test_staff_user_role_is_administrator(self):
        """
        Verifica que un usuario con is_staff=True recibe role 'administrator'.
        """
        staff_user = User.objects.create_user(
            username='staff',
            email='staff@example.com',
            password='staffpass',
            is_staff=True
        )
        refresh = RefreshToken.for_user(staff_user)
        access_token = str(refresh.access_token)
        client = APIClient()
        client.credentials(HTTP_AUTHORIZATION=f'Bearer {access_token}')
        url = reverse('current-user')
        response = client.get(url)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.json()['role'], 'administrator')
    def test_me_endpoint_requires_authentication(self):
        """
        Sin token el endpoint debe devolver 401 Unauthorized.
        """
        client_no_auth = APIClient()
        url = reverse('current-user')
        response = client_no_auth.get(url)
        self.assertEqual(response.status_code, 401)
--- a/tienda_ilusion/users/urls.py
+++ b/tienda_ilusion/users/urls.py
@@ -0,0 +1,6 @@
 from django.urls import path
 from .views import CurrentUserView
 urlpatterns = [
    path('me/', CurrentUserView.as_view(), name='current-user'),
 ]
--- a/tienda_ilusion/users/views.py
+++ b/tienda_ilusion/users/views.py
@@ -0,0 +1,12 @@
 from rest_framework.views import APIView
 from rest_framework.response import Response
 from rest_framework.permissions import IsAuthenticated
 from .serializers import UserSerializer
 class CurrentUserView(APIView):
    permission_classes = [IsAuthenticated]
    def get(self, request):
        serializer = UserSerializer(request.user)
        return Response(serializer.data)
Author	SHA1	Message	Date
aserrador	294dbdee91	feat: Add deploy environment, Add pyprojectoml	2026-05-09 19:09:31 -05:00
aserrador	6bc76282d1	chore: Add external_id to representation	2026-05-09 15:52:56 -05:00
Aserrador	d45dbc4658	Merge pull request 'feat/add_external_id_serializer' (#38 ) from feat/add_external_id_serializer into main Reviewed-on: #38	2026-04-11 16:49:46 -05:00
mono	1d7beadf96	Merge pull request 'Agregar método de pago crédito #20 ' (#36 ) from add_credit_pay_method_#20 into main Reviewed-on: #36	2026-03-14 23:46:27 -05:00
mono	5442a52ff6	feat(Payment): add CREDIT payment method	2026-03-14 23:45:52 -05:00
mono	b852772c76	Merge pull request 'Agregando rol administrativo #31 ' (#35 ) from add_administrative_rol_#31 into main Reviewed-on: #35	2026-03-14 18:26:31 -05:00
aserrador	1e16e6e983	feat: Add exernal_id to serializer issue #34	2026-03-14 18:07:44 -05:00
aserrador	648207192c	doc: products endpoint	2026-03-14 18:06:38 -05:00
mono	0d5a34d366	feat: add IsAdministrator permission and protect admin endpoints	2026-03-14 16:37:44 -05:00
mono	7e2c03c81b	test: add tests for user role field	2026-03-14 16:27:44 -05:00
mono	83029afd5b	feat: add role field to user serializer for menu control - Endpoint /me/ now returns 'role': 'administrator' or 'role': 'user' - Uses Django's is_staff to determine administrator role	2026-03-07 17:58:12 -05:00
mono	2ab328b913	docs: add AGENTS.md with project context for opencode	2026-03-07 17:52:48 -05:00
mono	a05061c14e	Merge pull request 'Cambiando autenticación de api a JWT #29 ' (#33 ) from add_jwt_authentication_#29 into main Reviewed-on: #33	2026-02-14 15:57:03 -05:00
Mono Mono	7c0047b4d3	fix: rm duplicate file.	2026-02-14 15:55:59 -05:00
Mono Mono	c021104b62	doc(API): add sample requests.	2026-02-14 15:50:30 -05:00
Mono Mono	7a9034943a	feat(API): change to jwt authentication.	2026-02-14 15:12:32 -05:00
mono	4812160ea2	Merge pull request 'Se adiciona autenticación a django' (#30 ) from add_authentication_#29 into main Reviewed-on: #30	2025-12-13 17:35:34 -05:00
Mono Mono	fb4c82a94c	#29 refactor(Tests): extract to mixin class.	2025-12-13 17:35:20 -05:00
Mono Mono	fb3124246c	#29 refactor(Tests): extract to mixin class.	2025-12-13 17:34:40 -05:00
Mono Mono	f3d3681bc4	#29 fix(Tests): add auth to tests.	2025-12-13 17:10:00 -05:00
Mono Mono	e6d2160d2e	#29 feat(Auth): add logout and profile.	2025-12-13 16:31:20 -05:00
Mono Mono	f323873d80	#29 feat(Auth): add logout and profile.	2025-12-13 16:30:53 -05:00
Mono Mono	b730d24855	#29 feat(Auth): add login.	2025-12-13 12:24:35 -05:00
		`@@ -0,0 +1,3 @@`
							`from django.contrib import admin`

							`# Register your models here.`
		`@@ -0,0 +1,3 @@`
							`from django.db import models`

							`# Create your models here.`