added bearer token authentication

app/api/middlewares/__init__.py

@@ -1,3 +1,3 @@
 from .verify_api_key import require_api_key
 from .app_id_checker import require_app_id
-from .cors import enforce_json
+from .cors import enforce_json

app/api/middlewares/cors.py

@@ -1,4 +1,5 @@
 from flask import request, jsonify
+from app.utils.logger import logger
 
 
 def enforce_json():

app/api/routes/__init__.py

@@ -1 +1,2 @@
 from .routes import api 
+from .authentication import auth_bp

app/api/routes/authentication.py

@@ -0,0 +1,24 @@
+from flask import Blueprint, request, jsonify
+from app.utils.logger import logger
+from app.api.middlewares import  enforce_json
+from app.api.services.generate_token import GenerateTokenService
+
+
+auth_bp = Blueprint("api/Auth", __name__)
+
+# Enforce json
+@auth_bp.before_request
+def cors_middleware():
+    """Middleware applied globally to all API routes in this blueprint"""
+    return enforce_json()
+
+@auth_bp.route('/generate-token', methods=['POST'])
+def get_token():
+    try:
+        data = request.get_json()
+        logger.info(f"GenerateToken request received: {data}")
+        response = GenerateTokenService.process_request(data)
+        return response
+    except Exception as e:
+        logger.exception("Unhandled exception in /GenerateToken route", exc_info=e)
+        return jsonify({"message": "Unhandled server error"}), 500

app/api/routes/routes.py

@@ -14,7 +14,9 @@ from app.api.services import (
     CompleteRACcheckService
 )
 from app.utils.logger import logger
-from app.api.middlewares import require_api_key, require_app_id, enforce_json 
+from app.api.middlewares import  enforce_json
+from flask_jwt_extended import (jwt_required)
+
 
 
 
@@ -43,10 +45,11 @@ def serve_paths(filename):
 
 # RACCheck Endpoint
 @api.route('/rac-check', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def rac_check():
+    logger.info("RACCheck request received")
     try:
+        logger.info("RACCheck inside try request received")
         data = request.get_json()
         response = RACCheckService.process_request(data)
         return response
@@ -56,8 +59,7 @@ def rac_check():
 
 # CompleteRACcheck Endpoint
 @api.route('/CompleteRACcheck', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def complete_rac_check():
     try:
         data = request.get_json()
@@ -69,8 +71,7 @@ def complete_rac_check():
 
 # Disbursement Endpoint
 @api.route('/DisburseLoan', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def disbursement():
     try:
         data = request.get_json()
@@ -83,8 +84,7 @@ def disbursement():
 
 # CollectLoan Endpoint
 @api.route('/CollectLoan', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def collect_loan():
     try:
         data = request.get_json()
@@ -97,8 +97,7 @@ def collect_loan():
 
 # TransactionVerify Endpoint
 @api.route('/TransactionVerify', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def transaction_verify():
     try:
         data = request.get_json()
@@ -111,8 +110,7 @@ def transaction_verify():
 
 # PenalCharge Endpoint
 @api.route('/CollectPenalFee', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def penal_charge():
     try:
         data = request.get_json()
@@ -126,8 +124,7 @@ def penal_charge():
 
 # RevokeEnableConsent Endpoint
 @api.route('/RevokeEnableConsent', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def revoke_enable_consent():
     data = request.get_json()
     # logger.info(f"RevokeEnableConsent request received: {data}")
@@ -136,8 +133,7 @@ def revoke_enable_consent():
 
 # TokenValidation Endpoint
 @api.route('/TokenValidation', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def token_validation():
     data = request.get_json()
     # logger.info(f"TokenValidation request received: {data}")
@@ -146,8 +142,7 @@ def token_validation():
 
 # LienCheck Endpoint
 @api.route('/LienCheck', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def lien_check():
     data = request.get_json()
     # logger.info(f"LienCheck request received: {data}")
@@ -156,8 +151,7 @@ def lien_check():
 
 # NewTransactionCheck Endpoint
 @api.route('/NewTransactionCheck', methods=['POST'])
-@require_api_key
-@require_app_id
+@jwt_required()
 def new_transaction_check():
     data = request.get_json()
     # logger.info(f"NewTransactionCheck request received: {data}")
@@ -167,6 +161,7 @@ def new_transaction_check():
 
 # Health Check Endpoint
 @api.route('/system-health-check', methods=['GET'])
+@jwt_required()
 def health_check():
     """Basic system health check"""
     try:

app/api/schemas/generate_token.py

@@ -0,0 +1,18 @@
+from marshmallow import Schema, fields
+
+
+class GenerateTokenRequestSchema(Schema):
+    username = fields.Str(required=True)
+    password = fields.Str(required=True)
+    grant_type = fields.Str(required=True)
+    
+
+class GenerateTokenResponseSchema(Schema):
+    access_token = fields.Str(required=True)
+    token_type = fields.Str(required=True)
+    expires_in = fields.Int(required=True)
+    userName = fields.Str(required=False, allow_none=True)
+    ipaddress = fields.Str(required=False, allow_none=True)
+    errorMessage = fields.Str(required=False, allow_none=True)
+    issued = fields.DateTime(required=False, allow_none=True)
+    expires = fields.DateTime(required=False, allow_none=True)

app/api/services/__init__.py

@@ -8,3 +8,4 @@ from app.api.services.token_validation import TokenValidationService
 from app.api.services.lien_check import LienCheckService
 from app.api.services.new_transaction_check import NewTransactionCheckService
 from app.api.services.complete_rac_check_service import CompleteRACcheckService
+from app.api.services.generate_token import GenerateTokenService

app/api/services/generate_token.py

@@ -0,0 +1,89 @@
+import datetime
+from datetime import timedelta
+from flask import request, jsonify
+from marshmallow import ValidationError
+from app.utils.logger import logger
+from app.api.helpers.response_helper import ResponseHelper
+from app.api.schemas.generate_token import GenerateTokenRequestSchema, GenerateTokenResponseSchema
+from app.config import Config
+from flask_jwt_extended import (
+    create_access_token,
+)
+
+
+class GenerateTokenService:
+    USERNAME = Config.BANK_CALL_BASIC_AUTH_USERNAME
+    PASSWORD = Config.BANK_CALL_BASIC_AUTH_PASSWORD
+    TYPE = Config.BANK_GRANT_TYPE
+    @staticmethod
+    def process_request(data):
+        """
+        Process the GenerateToken request.
+
+        Args:
+            data (dict): The request JSON payload.
+
+        Returns:
+            tuple: (JSON response, status code)
+        """
+        try:
+            logger.info("Processing GenerateToken request")
+
+            # Step 1: Validate input using schema
+            schema = GenerateTokenRequestSchema()
+            validated_data = schema.load(data)
+            
+            logger.info(f"Validated data: {validated_data}")
+
+            username = validated_data.get("username")
+            password = validated_data.get("password")
+            grant_type = validated_data.get("grant_type")
+            
+            if password != GenerateTokenService.PASSWORD or username != GenerateTokenService.USERNAME or grant_type != GenerateTokenService.TYPE:
+                return {
+                    "message": "Invalid credentials",
+                    "status": 401
+                }
+               
+            expires_in = 1800
+            identity = username
+            # Step 2: Generate JWT token
+            access_token = create_access_token(identity=identity, expires_delta=timedelta(seconds=expires_in))
+
+            # Step 3: Get client IP address
+            ipaddress = request.remote_addr or "127.0.0.1"
+
+            # Step 4: Build response timestamps
+            issued_time = datetime.datetime.utcnow()
+            expires_time = issued_time + datetime.timedelta(seconds=expires_in)
+
+            # Step 5: Construct response payload
+            response_data = {
+                "access_token": access_token,
+                "token_type": "bearer",
+                "expires_in": expires_in,
+                "userName": username,
+                "ipaddress": ipaddress,
+                "errorMessage": "",
+                "issued": issued_time,
+                "expires": expires_time
+            }
+
+            # Serialize with response schema
+            response_schema = GenerateTokenResponseSchema()
+            response_json = response_schema.dump(response_data)
+
+            return jsonify(response_json), 200
+
+        except ValidationError as err:
+            logger.error(f"Validation Error: {err.messages}")
+            return jsonify({
+                "message": "Validation exception",
+                "errors": err.messages
+            }), 422
+
+        except Exception as e:
+            logger.error(f"An error occurred while generating token: {str(e)}", exc_info=True)
+            return jsonify({
+                "message": "Internal Server Error"
+            }), 500