From 0789752dc66b77dd6648a5a13ef2e5eba0421a97 Mon Sep 17 00:00:00 2001
From: Flatlogic Bot <support@flatlogic.com>
Date: Fri, 17 Apr 2026 04:26:07 +0000
Subject: [PATCH] Auto commit: 2026-04-17T04:26:07.442Z

---
 config/__pycache__/settings.cpython-311.pyc   | Bin 5707 -> 6111 bytes
 config/settings.py                            |   5 +
 core/__pycache__/forms.cpython-311.pyc        | Bin 12104 -> 12489 bytes
 core/__pycache__/jwt_auth.cpython-311.pyc     | Bin 0 -> 7198 bytes
 core/__pycache__/models.cpython-311.pyc       | Bin 10951 -> 12454 bytes
 core/__pycache__/urls.cpython-311.pyc         | Bin 2067 -> 2274 bytes
 core/__pycache__/views.cpython-311.pyc        | Bin 30507 -> 36763 bytes
 core/forms.py                                 |  13 +-
 core/jwt_auth.py                              | 112 +++++++++
 ...02_businessprofile_mobile_token_version.py |  18 ++
 ...ofile_mobile_token_version.cpython-311.pyc | Bin 0 -> 843 bytes
 core/models.py                                |  21 ++
 core/urls.py                                  |   3 +
 core/views.py                                 | 230 +++++++++++++++---
 requirements.txt                              |   1 +
 15 files changed, 368 insertions(+), 35 deletions(-)
 create mode 100644 core/__pycache__/jwt_auth.cpython-311.pyc
 create mode 100644 core/jwt_auth.py
 create mode 100644 core/migrations/0002_businessprofile_mobile_token_version.py
 create mode 100644 core/migrations/__pycache__/0002_businessprofile_mobile_token_version.cpython-311.pyc

diff --git a/config/__pycache__/settings.cpython-311.pyc b/config/__pycache__/settings.cpython-311.pyc
index f942531228ecd43acd3e249cfe73c399d5b3fead..9a65d4dc191f34ea440b742ac233d0dd4fa3ad7a 100644
GIT binary patch
delta 468
zcmX@Db6=ltIWI340}$L?_%Jh8a3Y@s(=67F8ZTJHm>5#kftWc9EDchU;-2C$xq(?$
z+!%|TCq&NQ1Wk`uiuW=m28Pu@3;|K5XexYCe9=^xrT9ger!WUIX!>uKVx7cQe@ntE
zJS5)H+1WKXI6lPR+tn}L*V8XF#5MR9ld-`qF_3JKt6Pw3um@Dy#W6DY78gj|GdMWZ
zHRu*sZhmflPHIYeYSAqouxX(#p00k*u2q5v8Qt9cq|BVuD%q5*#Ju!;y_6)q-29Z(
z$$R((7%euR<#%HeDRKpRqsSdZcz_5mATe23NRPV&$Y2EG;#ii=K0@!AOQq#z7|*Dj
zQ8cIWf~NC<kc;wOSLD4eN_$_C_P)R%aYIsOhVYEY89{R*FR0re5V<Jpc170hqNMv3
zN%sp3VmEljI)Zv4C)6y6xyWmDh1aNo>ju9>M^R7Z47m%MHW&GAukhP8@H`MTxxgR<
JK}CW<+W|xUf&l;k

delta 94
zcmcbwe_DrcIWI340}wFIe3%(7Fp*D!=^e{PjTbCjDeh6mDa^qPnjV{vu}<Qed|W_*
p(PZ-r0XL?}PQrTJc_2MNT>OK1bG7h$W&u%?3k*UKR3r$L0094`8HNA=

diff --git a/config/settings.py b/config/settings.py
index c03dda4..04d1f85 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -152,4 +152,9 @@ LOGIN_URL = 'login'
 LOGIN_REDIRECT_URL = 'home'
 LOGOUT_REDIRECT_URL = 'home'
 
+JWT_ACCESS_TOKEN_MINUTES = int(os.getenv('JWT_ACCESS_TOKEN_MINUTES', '30'))
+JWT_REFRESH_TOKEN_DAYS = int(os.getenv('JWT_REFRESH_TOKEN_DAYS', '30'))
+JWT_ISSUER = os.getenv('JWT_ISSUER', 'momoledger')
+JWT_AUDIENCE = os.getenv('JWT_AUDIENCE', 'momoledger-mobile')
+
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
diff --git a/core/__pycache__/forms.cpython-311.pyc b/core/__pycache__/forms.cpython-311.pyc
index 9ff84cf382612afd02b5d4b98e6dba9f2127a7f4..1d0225ec6fdf0b24d173f3f7b444e05e3b3080d9 100644
GIT binary patch
delta 1216
zcmah|TWk|o5WTbZZj2o}5WBY5yH0Fs)VRTILi&&rsQQtj3J_A1HY!3T+1d+oaO~vn
zA}F;~Xay-MeU1qdMJOO15fAmTmHO9;KN|G|Dob_EPy17eKO?Brk5=N&20|sMI?_Fw
zGjsOt(d_KC9X}eO3&EhDiTHN@_u@#`*P%NRc^@z~i}UTO)BVJYAcqT)lajM7x(Y_6
zrthsiR<UeaR?}B3TeeZon|UF3LlP*9(;?2CF#*TmIIBXHjf;FKs*+$2^h{#5j5j*t
zn<qWX0#A`uy=UQL09Ih5EDKw+UcOtjd5NHppkF{%;RBREY&}QxdHf-xVl@6_h`N6r
zV2ya{1Mkrwz8oKxP676JzJOOcL%0~9PF2~YSBTs=C{<yU*?|X~u}KAARr{e0_p2KC
z@P-n>i)tEH;7`l^Z?y(~{45cJ5}r-Gp;W}vd>SQf2xjmlEup+F3f4{Bp>6m57U(#-
z;d&s0jy5Ol1l+9m>B0cb%#DMa{>|n+?hC)ugLqjVOA4EpmaRTw^N7AT+;(0O8gZ6F
z49<t)<TLM13(m<`Q!ZC*(-Omchf2$JUKLaf)1BjbYCW#sw$%4gpT0v=-7{S<Y;(L+
z*|p0ojN9BOTSne4R?2*cMD4C9kB5?RJd+$yb_#A?#hc0QZH@brXoO?64Znm3e+~~e
z^i*BXElkz*^^KTTkM%6X>#=o>^qP8l-SvT2>gkP*Xrdl{YN4$j?Q5-Ik)hj6j)d+K
zw3r+W{n^e|YWPobZx^|5whx>6;*?R^STsuoPRqq<AH}!%ylXJwj>Gqwxz9GZX}AM$
zSBlTzmPl8}1SttNiDO-M!rfb8{HsEXdE}@62mBqf-eQk|)vIKGi~Tn^-=|Ik%sLaR
z7Xd!O-b_)MAsZY|WD<cIrN;>7XuZX9{hHB~S+aLZELYs=Tr=iLx+*I2BLcF}^cIY_
zty{Dc{6jp{lS!YTy2MXXg>wFpfLq;^-M@XYM+1(3^rTf+^o3|;W%oyG%63KE$7`6%
zZUJ<rvU3nPK##shP{UAfV&&2;#9jC2a3rGo4-+TY?`-cK0XU3T)_w`^<D0px$Y*m&
f_{KSx8-TSr5HordJ~eBTx2b;jVRHh#&ko-MG!!RF

delta 993
zcmah{OH31C5dNoSmr@>;Qn1~Y^3q}(EG77eVxl4%gM@@gI7oaHXiO_o*sbDYC6It<
zL?sM9FvNfwHEL9{@#@Kgj~F5GU>Y&uNK8x(9z6Qbw%|dHll<R)^Udtc>_7V^`1(-J
zgY0ZG;|3E8;Xc<)&XP?y35*TnRF*?4%HIq|+azeM1-VcIaZ}p~CEOKKly;t?8$AVn
zEc`6(<!}vdFcnmGnDe9=Sj>oXR(oT_uq>&DFjI~9;0gfiVEdUD8ofsO7!S(<f+`MP
zL9QmQs~d=IB-q43p^g}^`_n5p`Pt8~(_RN7IAed26U*RI$|3@ucT^RM%f6a+hSLrs
zmE@%gR5q24J>~hh=qLsgnk6SB{Tc}&13yTs@vGD<c2RN^cROpK8wZ?{*vtjxJx)7Y
z(d-&Eyka=%3gpCSs+2{Hs229-iT8Q$$1DB$ho+<G_HT*uG?~iAg|28Uq<F>TXKo{%
zW|UVl<g?u6ccEW{2_L%41i6Mw_|9Fuu8k9gBK_=>C2!<hf<eYEn75Y9mhPOh)_%0s
z&SurlTO?GAdfikvo>doW4<8S9?g@uFJ7go5<Q9S`<`!?2^pQ->p;NJ-917~K^<Bu_
z*kE&8j!-5+JwM7LZLGKv4knmE@cjo&S%NFU{sJzuU{0`qgSNeN8em9UD0>TV8K0~T
zi`_It4>~<k<`_{V7{?tR2j9*Ck5g1>xZ8X?b`3o(#zH-7h_Z$`cp;wF5j?Fd(pKb)
zDEiiv+$7x~-y(&$e2K$i5wTSDeLg4j;89<RLr<FEq168w7h+LfPaeZ*UjtmwzWJ_0
zW*@!UPcVj8E2LG)D&*_a-^C`I!#qenK~(!((F8Dve*ZHVz%PC;=cdX+c&>RWt6_a9
e@H_ewMnmI~@1+0u9jpg@8YsY*0TJ&6%6|cIpyqD?

diff --git a/core/__pycache__/jwt_auth.cpython-311.pyc b/core/__pycache__/jwt_auth.cpython-311.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..0e0dd5dcac968b092a00640687b3720b32879cdd
GIT binary patch
literal 7198
zcmb_hU2GdycAg=J<nV7O>W{Kj%R|W<hjv4|UdQPsv13W563em@OV&D(y`7ABM-m;1
zRPGEdTT8`U!$6e6K;6QvwObcegI&j2Yq5DL;K!s7MIL8_0n82{z(tXVeJG%XQy>UX
zpy%G1p)|Cex<IdnXYSv*bAQhH&N)|~#p4kM(!c%FzZd?bg<<}K6x<YaGLQciGPfDT
zAhyWNv6C!I^1h;P(g$yU(Lcvca<q;s2Ihj3L7EQ~Lv#Ej5BVSp6~l9p$q38%m^T^3
zUuRHQiQe@y%zgOTX)=Z)*O|#UiYh@AQz9s?2-86%T<0beq;A@W5|D2}EsB7W(8i%w
zC?`=HaJ8a#sPUl=sA)r;G@pWeyTjQ9`3~e8XEHnfKt7jYt*};@Q;<^B<WVT`s-kIy
z(u@juZbDTssUtlW%O&Lxtj&@bsHlaKqN?xU@^qo7<n5W;G~^T>ABN1wuw4o>$sz`}
zh($i+zvDxk;zt4a1r=^OxXetmD0E$z3@kI3*~uVGjkjXM=g#(5wAmcSWo*T@@&`&u
zDwHnC#R4k)HOwO8v$%X2DOOa~WUZn~v=EwuImt5$j=`sK97x{h%!a(l7L(s&4ancJ
zw;7GB$4PhLecvrGtJ_){l}wer3-$LKZ7kGO8Oi+yQ}scqagbF%lsK0gG2_hV>}V!n
z1=PyCf-PQx6%{l|!UFW!nlkj@RHZoGRBeSNDPNRTRg%;IFo=+9-yb|MTb@%6RHiB=
zt#UxQtmG?N86Q|E;}6t%Ij<bZm$7o-;({j0u$|fYE4USS7dy7^Z`Pd%*){bQAm7!P
z4L<%!=tk%v-?h$nt)vV-ZSrZIPuEjD%iN7vy}b)w;d=KA%bdw~>GXLFtV||ER#uYd
z6iKook~CLFl_JT<B<aJ7Ty$Fes)j9pp`_6XS#f7^d8JsCqzsGO$y~@rAIBX)F;PxR
zqNITc98A*vs~;ZJ-#x#{aDlyBWYtge_ww|mk4<bfJ#P+ox?jyV&KzpUnNm4A0U56p
zRi7a_Ug`2m(Kv$va6qJSH@s|p1gV~z2h|IJ$X67)5hC3P*ixd6v>l7kzYTusP9Sh*
zQDM3AS6Bb?s*w=QglI(5W;CsHX}S!HtAI9Jp?O<nt%$8u+Ld|5qa<Xb>EgbHjCXMt
z8=K%=&Jw2)iF8txx!6zv??R!4Y#mLYD(uAumqv8eNmb6v_55vB|00ah#7&gTNf&uH
zr){qdyS0eD69)M4jb_4@U#(18JlQfLuog%5$pxZI3RVl{5{R#?S^m=0wB=VW&qGmF
zEx%krnFtQTn9x*Sz~pEw-~0#o1(Io>D^CGnO7`YE1JQHDWNWMlD5i9Be0(A|MnO>O
zpEz+cH#(Th1aKNU;9f%dNY^-gvw#&<qS%eIP}cwkM^@s}l&mV!ynLltmJud^oFd)w
zKtNm~tvCMklkAObZSb2!>&?TrUiqYYqY9dR>vX+kXMKlg?s$14v16t0ldCtbdNZqW
zW9LgoB5NkH8;O*e=%sYeW?Li{++=JL2vWK8Xbw35DqJzZOb{+8x@k+eRvUQgwvl(0
zS!+Vy3(#+gUGizJ#erU0<A@n%OT5;6UZGg>Ka+<X98GKfCLT^pxNT%MRTgno|61TK
zoZJ0|ST6;h=oPGTPxK0E$*r+2HUzL5@XVh&B%~h-t?^zbVJY;C5rWS>0$&YPc@)-&
zL^!GHUnMr+iR4vx@4k5Wx&J#qirfi+(nUu<XQ_k(=!NDArHZCd7X-;yR4XXw^I+Kl
zA&KPU9|N&MSeXXtpS1#SjURgX2(X3a;!GJAwAnc;IH1TFe3t<J31N7Z5UMmudnC!#
zokGcKbq3m2mx*H{M^>mjby3M{suiD6G^vcGJXT~)!9;{@eeELp+CMm$8y}a>zI`e;
zDxE$#I&n5PZgrBDvE0yDZu~8$=|ul~<5USPKUicdsFbMJ5*g18j^)lur*iMv76AMm
zO)g5Rk}sE#nh9@dzQsyb!dXJGFs%?%V70glXw(Q!7f11}gxkZdh&df73|VovnHE(d
zj>Nm5$u>GI0Bsc)wdUml#&1I>f@tc00s$;Zie~b~hsh)B$s-R==*c5SvfoVh|6;iI
z=JJ`1&fUM`%@<GVox?`wu-Q3WdwU}#{$|#EA*ZK?jMR{s8q&G;jgH>c!}n4T-qk0N
z-k}&BirJymMmIY9R!`j9`=Fqoo6$RGjm}xKa~4Ku>%8^qO6hmAX14$9b9&o^(KcbW
zP1Hs<+EcfNSFZjuZyp@{dO>eLXSAO)+t1ZbKWgo%w~6)6o{e4N>h6c>W9#W-M*6s!
zK5p#lH+S`K^rZFPLl1k8ulF7|dI!wj0i$Qo>>1pQ1_`R!#6dMH;A|ZT5=e-GBx*=q
z14-TuL;4YvZZlzzx4DIORYq%|2VfQvEt(KJ!+Kg8y*#xI6N-E@5Q2Ql7T7iJE}+=`
z29hoLN~in0SlejZ!{8L4;WlJL0Tf&d-34sD-@xIj{~821Oa71i3#<pT8)*BKaR6I>
zXq*M+vj071fvx&h8~Eq0oxD-Ri!)1Hm8-HJ(EY(3o*750?B6pe_78p(Z~o#n7$49@
z7{#x_m;^LFtbozX1o3_-;|wAD2>B5qdkJ|FNQSc_4Kz_L9*lYcv{kW!R1v_9D$i@+
z0;r39XGv@#+IWJp;yXnJOs-fg&xnPRD9^}+Qr7hwoK66A1Z5Y6lXgHOQc=oc;@Q$E
zEJkyVREe^<7;@UJR@#pWni~s&r*Q(ftRMocKnleqJVeGhM980!whkB!mW;*=GbIR>
zutI|>>PuTmX9{!?cCh6Kr~}-5hwz^v{2>=Kz{$x|6m51hV)oZ<rv}TwM1lzQzk$@4
zO<yc9!fv#7+}c-<B{yR2W^8x8Yxm778y&mMj(r<#-DcYh^^P80oN%7@pKiuOZIM4R
zK)xkpIkX)5?!Q`?Si+3%*<{#&%x<R}!cM*W_?K68;hZ6yGlg^d&)(Ph_rHS#9<dn}
zN#_yD;!?`8|BC~<FklD+rZDieU*}H|j!i%5OEN*Gb;s@Qzv*82sgc}cCim2a>!IY$
zpRI>_^-wPz;Ej8`^zJvDXJ}Fv&KtscQ#h~l=j+kd+NjzGJ8<o2Kf`>*BnBe>uM(~O
zY5!O0R+9g5>p;N&FM$B$JuVVaXd>i~->0zQQ8%cu)3aQpRjM9tFZYd_94F)h=f<Pp
zs||2*dC2=N{I){kCAP}ek{XdxCm{|6)`H%VuCdxS7h((MR<}86E<d<YEGR6jYAd9s
zPMvSbU-fNy>kw2ueO<hl*8vCb9K$H`<QySv_e~REh>lXtKMStK0hpE*E~t{6*9w=E
z#T2>y5W!HEA+{DvWlfxh9Lib(i3%jBkZ1*d4;b+gLI`v$W^F_$sK5g_P=f0SkzQQ<
zFgRf45+DfzYfmHq9|vLu;c^As4g43R5ST7t2%3pmq237wxnl4^AQ=uzB%davmyoxB
zsN_tE4Yy5r2XSHO%%^dAt`QT=LZ=bZ``1872${I?`on0?dbDSC?`Qiz-G5IpdJmhu
zhri_XXpa%inbF+C=&AMSDI<E?jGnHYsE4ApDpiNW`fI0jVZ;zdOkqUlN51(XpP(KR
z%uwIz!e>AK^ygo^VeB0=_YSUy2KCS&9qW`nChNkKAxxRVl+I5*iY9KRmXGROmmSQ;
zW)&ImPNLzlM}Nqwss8*q$klCd)YatnYaVh5)hzvBB%Tqrqo!E&0*p*T4v<gw={o4u
z85FQ(Qf&v<`l&MP?cX$4xG#KiuG%(p`Fx`yel6_PQi#~M>2Y(!4SEq7UF;$ka7sxl
z<Yi*&M8|Z30>sH(lH``D{D04iR&a_s-HW}TI3i&NXMB<JzAD=OxcE9XVaKvo8y&(q
zMCW3U`s!dDiPZrEO$6Nv&&yaVkndZ8VtD~BFan?hg?VaaFcDs`RRz*BsOD#tIfaV8
zZM}$2G@Gh4`L44lh2DuZCMnso!31&NC9Ho3q{h^vDPliPvs5l$e(?5o5r35GdzgA@
zJ@wMPypcL&rVbfgdu?dBf4Nc*#XqiItN!An>mRLjt%uTjD1EQv_uaqk{(RTkE-2Ur
zL?1e@3l|LGf+<|k`3v6&J6B%*$Jc)K+AojZIr@Otg?>ZmH--M%n;TJaHDyFIW;CO7
z8T(#p6z2DI(Z2yL&nx=cHn9XXX!v|EL?d~H6p?t=V?LJH?eTQ;Eh&goaCC9!m>sX#
z-i!$F=n7DFD}r&WY)qwLTN!2n07qd@hCIfE(3AIJvIP|TR5EWD>UMe#*%RF01?Y$1
zrxMU3r`ttNcg#NBSM+1==)xI8IAaQDbp8xEkE0K}v+Lbiqx+!Qeelb$E({yOuqi-b
z^OQ4r`f=QWPyK&gc2wER?6x4mw+J_9dEd56XZGo~9QhG9<AZ|(RNS(*<N})>k8Qt*
zjiwgGid5ziM7l_lHHfU^c1fBpC`AZJ1GfD+PI~t@SU6R_q-6ZfR)~mK!w5mFO{|=4
zhbR`PxC$ML@KeWt{4bGYor~(6Xma9ezrp>;&O+VCBiBZB@yLUizB^YNF}NX<gMe~~
zI$=~-GMyGr)<fcDJ9<9>AG4z9qFkCOXCcm>w&VGoTQvYPQ&}QOS-8ShiYm3sR?O*8
z(F#x%B%=hKcAgZ%xyyNl#s;>?icm@K0BPV)!{#mQqF6&klJ3IijIG$@!uxyvb^GT0
z7`_fgI5kH75GeSkEL&%Kbno+siPY#{oe_2KQ)l+;-lxu_b?@_t>C?T>W-!3QW%`rk
z=1=}eYQNoTYGK)4P$HM`F*dluZ8Gp$y-HtSs`S-NdIacrc$0xwGwE$*+g9NI9$xo=
x8D7m~Uzpvo$uvk;nBDiqAgS2bOu7Q>KJrfhcr}w24nA`h{u@BXe+HpP@;?qEU!VX0

literal 0
HcmV?d00001

diff --git a/core/__pycache__/models.cpython-311.pyc b/core/__pycache__/models.cpython-311.pyc
index fb3db03b115396ea7f7b4b5d27fb5bd370fda0ab..c0adb4c8669c5964a0c36df76eeed7a1d0802140 100644
GIT binary patch
delta 3157
zcmai0Yj7J^72YdpWyz8)`61a_$+G<R+KKaUF@1!%hO|jYV&h31mz1z5+O@4jmh8K0
z$95FlrfzUcJIVBBh71HI<&n~93N2!o!gL0QKg{rhkusWzyG&;&Gcfd5ouT~U2XM|^
zzmvip?YH-y``vTzp7ZTl{eI|Hy!?%_vQh!s2d{sW{Bh&E<vwDI*>d${ip+a&m)#<Q
z@D^NFJ5^;9H2c}=wXy2BUA~PGc!1&C#t7PkgM#W`5Y&oWHt-JDs`nbTazQv%tA*66
z1>u&k8z$H0gi{ijtI@p08dd|aB%%h73vvx>u>acoF`iZ?Gz>Rp+CLH-pi|A39Q95a
zdbE@Mu_VO)?Kn?5*tFO}YS<02jmX^kp?I>T3rJ?!sAec5Q>m1aj*n|}7cPY32s%2C
z(GK>Eb0?A5Wv2`)-*NujyJhlRNhgW2@09d#w<l^Ifkm>zEXz!2>129T(Gqcej6TX9
zbA>A&d%(5kdWtl%w_I&ic;0@wjy5Bw1)-Jw)zw<TkLdo=Se!nc)KV(l$s+Fd-hD{;
z0>YyR=-90ON=8o_$!YCy+R#Qdi*HtsXU-&3nqp+mX=!Czqk1xvX2b6GzD``Z7gxF_
zC>)m>v$O|ok0b0yXh-0Y?7$vshl2|``tR71`=5bu&-I>SxaYmee7LU=?kk4-@{U^e
z%hLBD9+RFZF>+Tu?RM5*?mW_^wW{q}t=b0nU0UmiOWnKR+?L~=ntT@b;!W*-Km%Rs
zBar>i<qGB1gw(OW`JRn70eAaJ`Lo4g;xJSE4Qpb!?0>ssbMkN@24Jr01dXTlc*20#
zbSa8%P(?Y)PFFk*4{^QXXFEoKv?d4Wnofmgrqb$M<(75aHo$0QTP?=S^cx#q6=N16
ztmWRVOxZ}1MFTA)#SR1%=QuE_#@-C<0ge7C&`pl#e8FA<8xPckJeYl|B3#VrHE-DV
zd=nj)Ca4xSG*vk>YfWm%Ku>15uF>gaLQ@i;7!bilc0~H(-gS}C!$5kIm}OHFDtJ&v
zP*b|>q8HFZ3c=#C-%5?6=W&cX(v5ShZ$&TS#4N%b!VJPCgaw2b5MBf@MJ;X6S=|Ty
z*w#id(`JZe!XXw9w~>k5OW_?Pg279yR|*)Q-0X1u<IDD3A##C`C3Y;DJMK}%b6|yi
zd`2Dba8R9Fi_j&K^?nAkWIL1nC)!JVtfDU9ab?|EPqsAcz3pO3eW>A1)|MrTe{G+v
z9Yz)FBXYBn-50A5jtZ*#hvatYR>wrh5|FK@A3|@NI0qGrNA(aaH*HCk;=|4zIx&{i
zW01G>sK(w8#X4fibZj;=MPr+E6a$Wtp|f3c1DolegxZe$Pr5A9=V22oK|D7+OPC;f
z8R1(1a+URpzr_5pi2o{@xg@M=!}i4@-CQS@W^vjHU^*=^ZImMVZFE*fE&Z^|v92dx
zLH7R_i(Ur2Eh2&X`$_DnlJA0Df19x9o9oy!4OwTv-L)bFnA!04JwECB;LG!i^B)FV
z@~snv;AAm4nfFgF`|56zyS|3JuYu2;F9c_b!I`{&hJC*Ak|i>%@Yo!y7Z=&D2rEQ}
zSVvPNEM`eoP(;oF$O>oifq7#Sp&<KvrN12rs88NN6oTSjA30!zHIp|s5Up(mdDuW6
z_6Ov#$@5Jw>W_U;?UOEwo3}i>c3k0R8LNl}N*tCO=4omm<!onDXx^E1W<^!JVFR@}
z`{@<fS$1rz5!Q=~`KHg|yp7`dxgurXssPaN8Uh0_J!hu$WLnd81+<FQ$aE`8A{7UN
zVku;`D$K(QUKUUQ^n1vJf|Sw{hC;OzmMn^@l1u0wB%mw0x^!(NFK|ApjZjS=gA!*I
zj}l<6%3`%>tQN3TW^@!-t8WM!Xs)b(=nPi&JK#kB1ADHy>rl9L(NT2OE(fJ+>3hM>
zyTQ(%K3xcQ7lYl4j#oU(vE4Xbw;YgQSi0=;UU9$d&c{w#zeRV!HC%KJ=Uv0>PIKVE
zvJ}11Rg`w$lX~w;y-VJLbgU>HyC)6al?L-eUo8%OEiVlgq|-&|^rG+2;g03n*otWP
zm#zpFxJ#*=`%R-r$Q8EK6g-I`klhc<1pPin3`1x-Rfwyh(I21%BQ4vlpz_M{BQWTw
zW(e9^m5n!t*zx8zl4lp1C!fF~+b{3h{C@*1bOIrRpd(BoPy_>E3SpYHwY1MaiCw-I
zz8+jjv=4hcsRyvPky$*6Re!iT_*dcuv@IaKh;R@A3nJy;ZvMZ-s~d46nHblMv5d-v
zW_q~n#<d|dnRfV6o1!r_k<zR$7%JIx#*NH)GC^NOZx|Z-I>Jv7+7a;Cc~t08>>;$l
zrO)J|t$(r2H;c9J)UOC|+kpFa!CA5J?1~MoM+ppyV$Cu&Rs^pIiClyC?7Y7;%y0Q`
zB&>TXvq9lKbXN-=R&2O3V!2zfxzHEeEr+dtEJxX(JX_Dtxb@usa_t+>s8cCzKm7&!
tSROqeAy1MO;o*37<XY-JpZjz(V?VVK*zMtXwe{ML`+V-x&tUK%{ue_a<Yxc?

delta 1907
zcmai!YfKzf6oBW>va`D^EW0cVEDP)cUD)ASif^zWNVS>}v8_oVVY2KDFm>6bcZMR5
z3azA3;{$UVZTmwTV`vQ6O4r1g{_=<K#NRq5CivIJK&<{~8sj~8%cG>mN%q@w&+FcM
z&Y4+`e{;-pB|kq`V9(JH*7eTHHBSK%{~?($nI!W$t9i>r5LVbP`waL+L9?AG+*+$S
ztND98ibUZlLG>&OYQeI|V%hI*Y(Vuc3IoMjiRxPvmYH&8%OnhxGHu~rt!E&p`dLVs
zT69E^1JGmp0-QPP_6Upf!yh?eDaIsP4|g0vXtYle89uT{NilqHuOl(8bxSWqo0yZ8
zKdPC^$Ye69q~hZmZN|VB1_SRFp)#D4nn(~nlVle8t8^{z9^*wv1F3+o91rodM@bv>
zI|BzE#>9d2gqG4%qsqkCw4o>BNhJ|C#^@t^H$dMK_|jPd*PJq`f}fprems7k9HKSo
zyblotzpK{APweU$i_=58mQ-mYJmZS_+tHx|fgAH3V9gbKq8?YR43=|(veQs=nm&lS
zM-h)B>JYqGGD_HQ4kr_gRVd5-3!?5D>~ibwO44yXFJ=oK*xQYPCbf;V;epI_K@lP4
z@RoP5vKkZZNzRWm#0*b^!&kM{qGsPGzTG9oz*e~FD<#i@z3?%%bywllyab+St0T7y
z!=w+&{B@;xa?5Mdc*=+;Og)`a%xQMd;mmP=QY0hrbs$P~xEWBS6PR}x`iooHFuYRS
zMxM`nUffBdJcA$;%brS`nqfJICk;KN83x5#(>P)#6DqwTw$9>axe2PpO-)sXr?bXk
z^uX+v$I$30J)tQH)}K+0&cL5#-R|v{&_mD_D)GLA{yHLSfzeQPw~1@aziZd+#B>G?
zrw~(!NyI$j3}OLs7JdkY+0A|r^^$a^wY-tA!VOgf#lJ;J#g1iutf(c9cTd~rgv)Mt
zr!oNE@CCRNK1e)#^;{&E*kLddta@)woFhsB%gLWP8(Vp|SLCt}`h7*tQ9+eHB&!Zs
ziv(n6-^aufCtj3E_6ohs-4b<Gw$qoHm_6zOlVG8$$R!tMr|cZ8R+W3-L<e4t>=46G
zRprgRMA?Qhvn5SVsI25W!%bghYB`@~s|Iz|&F!yYp8qKkb20K6BD){<f-hC~N*B>M
z3%^uflDw|w4Z#buHACRucZS3=M`Cs|{|0lAMa#2$)^wF$Sa#jL5p$t$BbFE}_tqpS
z%n$ErNvf9AOwDpBN+KCI3`L<Am|nKg{TRjje~C$kje#AK;yY;tF$%tuJID=?>QA=g
z#P-R}yT1)gL&p(G!~`ORNFz=nD8hj2^|AR*6!~6ulujeM5Pa5qP}&(iJV~~Td<gl}
zEufB%-dU8ML}1S;f5G|pCeJYArk)tr%(1k}`)j%RmB%$W-r(!x9d@!9ONyK6aXmp_
z#{^gn`aWXMr{gf{5Vh=Q$eF7Rzlk+rd+Dd)4T1gbVACc@zQw@}5w+a}#Fkk0LvtAR
zw@in5o_llOc6N-X)ybrGkgmYDEu&K*(nU6e`*UgJd~%c9ZteEy7!pbDhH!r_)t+zM
N<hEP?;lV$^{{oN2uGjzo

diff --git a/core/__pycache__/urls.cpython-311.pyc b/core/__pycache__/urls.cpython-311.pyc
index af00d75d72dc7d2f152a6d87593ca8ba5faf3ac7..613461a76cb0ae9977256f828625b7b9327bb023 100644
GIT binary patch
delta 678
zcmbO%@JLW&IWI340}$L?_%Jhuje+4Yhyw#+P{wC7rimJ10=dFb!i)?|45^GMEU8>6
ztdkuWMJLWTV`fR=0Wq0*Q`skekYr{}5dd*n1yk8lguoKQshpGT7$uoGQpCVA;;8~D
z5@42ODtC$$m?fRclOh9FEt|?a`2eFavv7(MSVlQjC`AR#QcdMgQ3J7z)l>OWG}f>!
zV`gAj4a5+TE)*q_q8ZGfsr3>hpvicPr692+<0T`ABRJWP$yG=!u^=<PBtJVfFTN->
ztthoPV{$FiJw~3%G0Zm3TtG>Eu%!MieuToD{PfJcDj|d<RHyzeL4+cx*yicXJ&cT^
zlT}zVnTkXwcd-W4>jP~Exu7_fiGkq*Gb1D84F;JDsOSTW5F^tE23ipHG%*#;P%Q>l
z&IXqbp^lIlY!_JMFS5vAVUfSV!T}VUe2z^+O=d#f1s&T9EOr-J?5?obfn_dm%3hE+
jy<p>ifhFJ~OTZPDfXyG+L>T#1h54BpxIwT;7Z_{+G-0OM

delta 473
zcmaDPI9WhrIWI340}zDFf0((Bm4V?ghyw#6P{!wfj1x7&co-R&7*ZKiSW-DtSSJfG
zicVZ?#>|?+17foBrn05*fmqD^sT`B}7$uq6Q-r`W!m0czB4CziDp!gam?fUdogx8N
zEt$$Qc>++iK#B}lMmAL_MGnN8e49~*nJ+~N#5Pt=<xNpp!?ui>fnhZeLqNJflyHh_
zFoUMrOOSvj<1Lng#FC7cj3AD{<T57L$(NaKFmg{`!)&uzhozg5QDpKC*38LjY`$DN
xKs6wB#p;u5*<|Vk8JRvX3>;xfj_n$g!`YoSA7$rb<X05rXKLUE!6Gf7rvRl5U*7-#

diff --git a/core/__pycache__/views.cpython-311.pyc b/core/__pycache__/views.cpython-311.pyc
index 6e6731f0f518a590b2b582ba720a6a0c37b3947d..381280198752f7b9195a30de076b7ae043fb97c6 100644
GIT binary patch
delta 11552
zcmb_i32<B2b^RZ}$G(tQNNgm*T@WQ|m#D>DBvA_`QL;#Dfn*~fKS+YYLcb46mI4{{
zL^Fja9!K_5Z8c?LO~$pYT5+AIX*9_su@%ROon;6GQ?aPksO_Y+(n(6k@r;|v(tF>>
z!bR>(rujo2yyd?4?_2JD_ultk{T2V$FDT3}n@oBRp8xvNzea+?&zPNxPUSPpI@3HS
za-uq_i|GUUm?2<@83RUEriq$j=75={wNXo~B2dB7x@cw08nDJ}0UOKfqxP61;D}WP
zs$$iFYF1{5I%BSYE9MTkW1fJAl^LVnSWTdYrA^V=SY4nl<_n~KvHCzgD>O$NVvT`D
zNL$2;Xj7~?&>U+Cw8UBit+8c+Wifxi&+00p%VTYUw%CfmirC7)%2<1#J+>;aiq%=8
zt7B^dYhr5yYawsDzy;QccEI(b18{>_1-MaMC01YH1DizW1uh-v5M5BXS#$$#37bXF
z1@0x7r&n>Z*b~?arQRi_+n}^&N$CSnTDzpQ6H4orly*VsQQwl{ZYZu_QraUn0E64b
zM!+3n6X4Epo!GpDt~Xp0_K7X@uA){O*u^rfa%MNnER!>P!gb;Gq8~H9z+R|Xui(P<
z;&QQVRPhoI!-s$Q5mx}w%DTQH%_t|X{1U&2rX6XP?GyO{&cFH|HthE+@>(&J3@0P8
za9)LYmCp-jNN7U3zCwADPYZct-_gOI$>dlsAqkSN4?!{<Pez8JRS+`?5;+%2MiTMh
zSU4nxN#4DHgoH;(SQ-l^6Q{!Qd__c(Cc|<jI1!4Fyp@DcLsf863KO|p0;Vk6C#6U{
zEYW9G4SFSTivJ(pq~CbhV<(yvH;&x1XMls8f}T85OJl1l)Dyg@xT2yT9BWMTDPB^D
z+yIv}6p1-5wP;dKDmd=E;=D4YNO8duSxNy@r0maI_Y4jm3idoSxaZ*Ey@8&=y$AdA
zoL`++A-6afHUq`!5c8@7y@Ne@<!CsW7dA*q5}6<k(5YXQ*O2g|lVK^DH!YYm(gxLe
zJ}9Z+*9Q;1C9F=np@U#(BC@b|HbrDT5PIQX8UvW(W;Nyushp;1j^hRItflIy)Qr}1
z*WtZ%^0uS-mZN#5WlPqvHRsqm<LJ3TZrk_VvhT^-`*QZasROeHCpNRsT5Or*&&{h|
zH)YM8Idf<FiQQ8>Gxf8!>Z#oq_RktDQ~N%ImvO_T?FO0BqHKfAUvSTJ$$7O;atpU!
zh8y8U{(^R)%$|o8f_YZ-FX&jq**LBaI{on90REDHp3_0!^!E?D)901(t&Lm~maO<R
zaismcDk&8694GQA)i^T89!TTNvPV=*D<NN^y{3E#dV00g+pyv|sM+(X$5jJ`-!uFf
z?lI+Y?hKz&PC1f8rKb2AQ6&o4rKn!q(Ez95o)l8tD2(q*{9!J_r4%pnPvclM{kyIz
z^NPf&ybxycq#90$D06Bl8A?t{^pN0A%X=h<J0?QH;=N~JX8mfm@}wSyLaYFJO)M-)
zq0uneiaCSaK8W1`?P@Gjg~+IsSD!kAzw%B~h94Ww>rO|)XM!V>@nJ~~bhzz&Q)C_M
z6hxn@)&BHy$Vu-3d_2X?sWiIQJGPatjAm^cbGD6{otd2<-?4b+I6>E1hC8;p*(%Sh
z%RB9vb$X_?a~f5>d5%NSa@Foji8-Ch-ueLt@EZiEGJO)%n_54HXHE%kz+W?GtjKID
zzG2<0vz3}oHSv0STJ1|qZs7AX78^(PJqG0$8hg~rH#r`XZ>j}Ag3IPtkY4y9y8t9y
z@=y8X5nEBtqKVN+yfootH#R`RjQ}tKcLaTAb5?NV1jn4BLRdG)&4=oBA1FC>RjIOx
zGuo#5$%gB{Q>PV<z0d{e1IQ~uA&`BT-A^y-8an$ic@W_c!h;Bh5e5(j0rFbZGx1O?
zOmK*KT{JNqilUY#579YYEx(Rh^d8|P)OFKU`WyTP`o2D)MV;bTk`@{?)UIU;Ml(SY
zBavvBtc5BGr302+9=`!~O|g0iY7Wyc8&>iguK%;4UvMB7WIqC9oUy!@c2-8*Sa=nt
zHLqx2omY~?88)lfD}AeS3qMT%Sm}3cz?P_}2u?W}K^UbESY7-+depknAQvzqdfEB_
zUrYbd+RD4>AFLDg7A!U+v;yRfgU1i`26yZ^xOYeI0BMIJ`Z-&(17|I78lEHsv~Vyy
z9FoS!0DZ?+;|yVqdLl$ZF^Le!kV%Bo^bfWwUZM{BrtJwVh%&llA{mNGd1DlgH3>S3
zC&^iI2J0UKkWk`a$`(B^)~D?r;W?;0di^!~%L-Tk%MsW0M72u6uck@YelJeoJ=}nW
z!D9+1#4muLz2`cdMomX*5OAf)3ItpRg1zR|lM{G6lP9p`GYAd<ze*Nx&2S=~3_q46
zY^)X%o=A{nP>RFpJ(ft8&J=l}RbvU*H!nl;DfpLu!V-7sm)$=CuAi=RU8kOxcq7*5
zRfi4^43bA^Z%r>BqMxmKI*s#}SH(cNkiUW?`8<H%GLL0Dma?&2MN)Mv43>dN&SFL-
zg-(Y_3sT?_OFo5wb}rEZ<TcXd@G$5yd1y*DG<m^rMvA+&xLu{lXnb-ah$@VH1?n#$
zO_r`~XrTGp>#%R1u1oVa90rKItOj8QL*y#;)h}27EtC^IJybuMzJ?^m#Y12#fkPm#
zAt3*Z)w~wv1jUgtO<u<ewifbR7{etIfXcjHRw|6quR*~}@GpHGKt8nT#)hxL#NTUp
zv6C^YA_l0FXG9f=k0c12(#zP22PlpodQD6w<?-Ku@_(Q|Y}`~>L2uJBp1(>bn|H&q
zeXChsHnutDt(sBZUTn8{@s(`Bgk5|0gItvd{dZV}>mv`9F~i1NSRmYT@}L)}6JtS@
zFb37+TR`<KI@1CR!}i!0TIYBxHiaWkJ0#n961jT)1wYTHzX|1jbD6!osYnrII*@UL
zGbm4u4^xYligC@>W-r#x6Bc<Im>xI*Rf~k98f1vpwK;^hpzg<XbKAeePO4ea#>*OT
zA9mJ{z`707hgV)mvl(~-3zG<CxzLt}Fi&tZNK{s8OIVYNJuPC*0j$NP&@eNxqY+R}
zY)ie3cFkQXwo{nekJ~@g4nqDaPxjIeS6vDrZ+XMKmh;%t%wrEsEp8r<$P_sWP|z^s
zCKj-PE}As@{^}axU8wyP)vuWX7Op((qA#v_PW=UJ@kQFbcGAGw$<spLSnGO-sWrCm
zm~K<<?j2mRLV0abeUZO`o)*o8QC4x1JO!x2eoNceMGBkiE9;cz;`_hRv!3_R|L%Fg
zI0;neRK8@w2fF|B+rN1nwfZ^hj%Wfrj8Wgj*jWjjndlZD)AZ-egXQU#pl}SS&AUlL
zl6;|9VltkDLOi$5nFqq;bYwW}8wrPza+JQdqmwt&U+!pk<Bqt8f<f3BGl40#i5{gJ
zb~eEAb8P3QH_t$6zFHnqG&Iy6jSRI<fJG-o&V?nC#ai3K+R1n%DUn;$*xSJWl&<Qn
zTAo8HUGHPV;R)Ozq!Qn>aH7eNuuMY}y@zbyMRG&pOdOmocx5<Bj?r7aW9cJEf;I*@
zj_?qYX~A9@Va5jT2xh~uG31reaGao|fo2bfPmu~p`m1HVjbmc0lUtbjDFX6Hb|SDH
z@ncBk)kBjbBj7_RC&Ur*FYJK)8U6OI<wx;2Cb-$y%;j~l&||?f5ivPNehGzAHNc`%
zxR{lXx#B4Z{mQ$flIJ)Lf4ysWmrg~NgV~Ti^y!sMZ7kNUm0&DL;M9UaI1xG<O@u@O
zQ4ubFz4gKKd>!dVrp5u_U^#_p3sja=KK=gTE&MsE7-)vwxNM-s$5c%nkmQAtNH{8z
zdL&1wMTWt2h!1!K2&8al=+gryK;8Uez{4M1tZDE)%t}&VY7_x?B$y9RV0w{K!DR&Q
zLRf`cu*}`bhw6l8c-iB0>Y=CA8=!8Or*{o@{&&=WBuKw#G`hi$#&uxNxVo5{SefGJ
zCTBg}YPO(vEnLyjH@h3?*$#7+sGb%UI(q2h(7!*j(?$Hy0Zuovx*2}*%Fx6F%puhr
zt^1UoxiGR(tBfbkkN{Gsh7yVByaRb9cF~To3SsebS#Y5s<`7Me$t%4A#`jtHmy-0+
zqb(hGTs4<Rr=z*rtuwWgZ)n~!-tInhtNYN*gW+uVNUnQiraL+_9=+Wq-RhFEU6Z-4
z$*k*i&UKnr#9Ru(&MU<h1^wp3Zui2FL!1XU5q!I;8%Y8EQkovt(CK4F>JmJv6ow!8
z4GxET;mp9)X|4zmm}uo$y-mBcp7tECR`Q~bdIjgMqzMLHcv4&nT-R&*mq4YwifV;D
zj0byCQ_M53)F3LS6{7K)AUn4-am<;9pa*Q9vZo7CH`93`t`N=Vg(PZ>!m~Iya$cRp
z1LBivH49#CNeL-_TwkUhHx$y~|MKI;QiXcFG%~SbT9wj>mD8$)lL6bv+P~|!*1hr5
zp=d<(^$i^C_YEb)v+Y+EY&VfD(A~X@u-If9q{uOZ<sAJ^V7;29*U<k7G^V?t_*~_F
z^zM8GD|2Kr+J4U36D1I=I_m>#YBVhRBJuXYt19_$XU%_){h_jiQrx|=@V7xKuV#@f
z2@Dm?$_6{C33*GGx2ulh(gib@>EkA(X6D1fH~6)(=472~ii$@b1a{kv?Lr9aAuDMi
zg$e{8S>u_@9xSsAHUimmNcvnoAh_>p&f7S>E$8W&F>KFldTLu{+YNDQ=Ut6qDn;pd
z=ixa$=kPwi@7aA<^jUjb&fYd-U-JsNZR@yY>&V)+<ZN3q+F6_X`K`}xy?icfTb{Em
zpRuieWhkS)YpDh=Ugx>|82c&u=biLHbz{><dalBIdG{-0Z#ZWxeOXIi&eE4rK{%=G
z$af%N4-o3inbC{Mtk#>;dS|rWS!;7flhNF@wq!IvH@hx3WzBUtbKTVLJEoe;V%F4{
zGc``_x?`xGHCur*I`Xiu&dAwZb2hz8J;woj!0C;e-ylF%(8%Jf&BKIXqza{0TM!>5
zH481O6n{l=U$Lz!*3e^4iwdMzOD9%T(Ys9+K>>j&9sNbzeS}33mFHC~JXI0_j$`2|
zAz6}G7M>Ey$~7g7m!wzJL3m0S$Mt2;HG%$6T)t~TW4&ldDaT=F$q%GUFN1VZ-Z+SI
zmBdXnPOFk0`iGc1Et>8lXXgH0q#dS(Ky02Ps}WG5@}`A>TZmt>I4)D^qys1h&(#cK
zOxIVa0Wm6zSoCZ=f#5zz)&YR1pn#+oOGqR1A_ug(F|`$;2jM<aLQs4Pfi1EDd+tDB
zA{fFpI|0h!tb%A%p=dC9h2V}?4n#8<*#eEf5C77BfGO@HHQjl#CtX$Z{E25zT&c@C
z*5n*(W*iT`e)Q`nzIx&fS9Zg`+=hKn@B;{;9=l~fmbC|R_Q2GEIfX`OyyIN^`U6>K
zPtMu%q$#7yjAlkZhP?@qF`=;x5HOpyR?j+|mrl&ut1s<=@K}u=#0Egi*{UwBn%kjM
zRWw3;tfCR(V-?U;rTb(kgvW$NNPGn0F((s+wIB+0qaT4RG+tSswJyt9mwlp4NVPC!
zZ#G+dI=DAG^xIb}Zz>wMw<&Kn^O$ZE02c*j3t{*zu%GWMMeP`hhfdj34#Kk2vsBJb
zPX$QT{f|kMH&%o4h6ab0otiEBsRvU^au7t$gqv9wIYmL_%*B^}qR5rR3Ph|VKLwF1
z$q*B{HjQE`4FfUIgRAQ3d&jIwnS;i(I;Ca|xXN!!Ejr~3*9o#B__J|UILfnPbB$uk
zx<DfsL?eiG;Wmg`{MGcMxW&t}OOYa*^H#!=tO4CuGdN!(8ANlri((r%fi3sf46@*D
z2DvHg0%q;e?nj*I(qVbd563P<D&{GLcHe=-5JVxt7X!T^f#SfMAF&+*N#z5ye5jU>
z(oa+r%tCAco=G!;fdj|EuaVDFrX*NzOjE2y0#p)Y4S<Ad7mrYQ3VuW36fFf;w!sMB
zM-{OLwr)v9-0vivh12s-)En&Zy=<CFfdYZpde!RJYqC{cxvH)wcV~89tiM?Q3Gwyx
zpDVz=B)+aSPNimDzG?4mm;aW_KeN0u>*~t6x@KIxZ>+uT+<(itKkMvI=bZf+6T3Ll
z>e_&LQ`;T))*A=1?!KJ6?-|WS)y2@o(8pj1fZ{W?mElfx<E*=Gw#GMoV%A$XjoPo-
z3K|YT%Xw<2SHb0gvkjD=vkjD=6I!Y&?*r~aVL|(u+T_atWS;);k(P8d7!fLOPUW3Z
zdFNk^IqzuAnKMsXp0Z>tKQEXKopXW`tp$J&I3-#O0FV_l5}tr>c3QVrayKjWJ9NsM
zp2i(2<;_kW(%)4Hh+Wp5R_-mUzE`h&%iGv1DBtShd$oGy_XGiouGa@Wigek~`yFn)
z?;`LhI0}T%V)iM3yq-m$gDiN>TyMP`_7#JnB)D@-rb0mIx6X6zt=Rm2Z(zPWzUGld
z?;)M|+J#;|^SnqGRKSZ?W0&}%lHUmFd<9Cz{IDMB26B&rx`yr=(36w{3|DE*3fJ|T
z;iRhjDiq$=svzHin%`QFpi$56jC~^^PzYlCRb|<%Cv`MCx=bxk5B=ll`hBIDVk5XJ
zJCw3v{0?%c9STK5afl%^r}rK!6QYq=Bzez{{CN=GLl}fOm7P92wy}8}vVNYN#Gisc
z56WY~$Vn~z<ybpEM!k{cX&h+5l_e99CVO!*(aC0>xW8uJ(!7SHWtHZ`>{$eK_gUnG
zpbI1idm&&U8zv(p5ete#j3vSrao)J?*b*K1yfOlJ6F<V{?ew1_o}*KkOatUq7#)=3
z0-wP`4UiYTix3ttmB``}I8<31vSCP&UF2ENed8YWgV4ho#r5d;uN5{33F2Gx%0mwg
z=7mE&gFE)nM`E>#3N?M9wT*VJ8fcjxK@gRv*pW}h<~y>YDrv#vn|?cPp}*ER>38C0
z`f|LJ7wCV)>-_4a2I_)7HK)0YJb4`KSuo(&o>!$*Q}zYjYek)?2mjY_&A8Czh0g?(
z<7Rp>?ocYnE%ecjss<>ifB~@w(j`9_&E)e!O1NUB&unvSTI8DYT(Y&;3O*+g;KKps
zHS;3J94rOevjM#X^M0ve5r>v!+q@1I84%zREAPj>j!UVpR3SsOFX&Ed;$3hNjwfW{
z0Z(J?dF{eCrL^PDVm&d<&xw^~8wTt#>;31fa3QXJT+1%R;kS4pz8-GGHKMKD$$16j
z?ep@=1+1t<$N#nN%BpFBMvm1`UA#i0gP|&~xY#Eg`akP1tN+wtE{9?27Y=jLu$(C!
zP`F$i?5ygg8#?WtUbMboS9$u`<u3UFtPK;XLDGwoT8K2D_9DBXfGL+w6e4mMvjYJ4
z)vD0452^Mc>_<2V09x%03ueB7upN8Y0gBZw%4dsj-sM0$c>`(i&FAXp#lL-pV`!cY
zhmPGY=<8g~j>KeC^u-fNpBRpYlVH`A1Ly6uEzxAY3H^b~wi)||z~4|}b-FYzzk8m(
z#30i=y~WfgJKj(`FHwa!64ZpUhP}_o$&1*`hj135taa70+NC!VwQ0XWKJSoAIljV_
zBI?Mz8E#4;E>sEwqt48m<k<jEQksk=W$k$csZH_(6e=VG5QAA+d}Q;|!#vUQ3<YWT
zgwb#knnz)UrSB{0qvH-5ooKS%g)e#@zwEfBsh!c(GN-YMzJKb#vPvDgivS;Rx(dT@
z5Fo2F%vEt(%Z0~hz-H6<vl>5!bOz^)oVPybS#hVzb-8(ZMYgInSJgV}YtH#L&N|$e
zPR!{9H}nROF$1lx`nI;_mKNfrS#3*B+cKkVxnrrl{P+#c51MBzhq9JKIm;pXpW_GZ
zUf&CQKfm|N=!?;;cU{iAE^{DrfcBj_YqR;T=yTS#jApi?=5j1ou_7bTpPdSZArOPy
z0ze=}XZXm;c~-wJWZfHc?u|35>N$m4sGfD!+;(od<=m8YZq7M3XG|FrIM8me0R@aN
z6`<fiFKfGIoN*k#IB@CYmHJD;i@}*K$7%3nlb=)SfO;v&wj%U`wxW@<c<EOsPN$iT
z_q`T3Z05Il{jLX;ZyQ>7btvCn%VWAj0DMPh-&@PQQ>*WDE8khx+UHQdYvCdNu0sIy
z^Zow)#DN<Ty(yx?J)*;}YLXDfmIy}B^NL7<psSHLi{qjAXrdi&>`7#Z@LGEEQI|o7
zEz$oZ20Ha<Q`(5MRV7*yZif$c<f|Qt*$nxLLZvv=j@R+<A~QBeNzWS!bz{lo1iO`y
zuY*vOO6}mw0FoS@gli-wb<93;Ab}Se(_O@&9+t=msiK{vA&s{!1kVtHsy%Nk^go%5
zz<be<gu9Idf$uB4NW<>VF{mJa2;jqd?f4n^lnp);lmk5tSj*hGCQPB%2Hy(E<7mMW
zJX_^2op!VMDboN$Soj>m%LrdV_!`0u1iWJ=Zy~&m@Ginn5GrwPm>I@20Mi+GM?f|r
zU<inylgG?if~F2Zd1O~SgxR(3b<oXkwcCKf$!NHfM4=k~IEkp}K52P{XNFtwcU_WN
z_%v*3UNOi0f5FW0Yi79BOaJE7dcFdLsR(X6Z=2&vz_(w&nN0HO6+AdI0Pt~=!hFGt
zKc)+wITe;a!b4`3H_a)$NCmK%3d=i-MD0ifu$TzThvcqobBao&0zfKzj(+a+!+U3{
lHpzckz9YwX%qb4@NQ8(~o1sjm=56?k{He<%G9g=v{{`1Q#E}31

delta 6964
zcmZ`-eN<b=m48p)LLh;JKp=#~Hv$`jF%Ub6KWZE7*v8&K)~@VW2)zf$)|2FUPsSfm
zkqu4kI3G?X>v&u0q&bP}e4W(g?55i`ZT8RIX1k_kPsrQjQ+N05Y280syh(F%b~k7D
z-gy$pV)xnnG;`<9%$<Ah+_^K~epUC*A9(xsN=k}2_=aEoP3)z?7wsP1?{qJ=Zp}#6
zkX0%Q74e+F38uJBDh?I1vN>KN*+X_#w!|G$X{b~x3zf0DHSUyLA(vDhDwo_LH=`BB
zE2PR$rQ`{Dq^eLAquJusk~idK<>Gja<O}(v+EA_J5BV9bB%TRKb)h<_*ab(tUTO$6
zNR6RJsVUSXHHVs|mQV|8D~-2G!B9|Y3$;PLY?ceP3r@gwf(vlH&@PnE@}UmF4YdtI
z1z@L83D_kT3!Yi-IxPGhTs`|j8-ZG-Q8RhuZXj2$VcrB(?;2_kP;1sudx7d(L+t}<
z?HcL>f*%A7ZWaRYvqh)_d{FcW^=lX(61`%r&_G9Ye)Geu+{nsXMW5I%G-27l4e0GU
zPV@`SLd&@BIuGlGKkXA*fv1+HbPnJ46~5p&U%=It<MQti_#rO1?k;v84C+*i5K%-W
zCW)#6asHD27*CHG*KO4SgC71qa{@fgy~17K#(06BwM_F<ID~F6x*`Q|7~#*4?8gB9
zlBd7+dkk{9Vx;%Rnln1?qJD}ShmNoFk8&|?O7{l;JPu+S>_6w(kya+egc6HJlvpwm
zAmXWXjEF+VTRK&jJgFK*LXza}i!j?;ylRq_h?16rdexAYMWU9*<Zxtl08t>NAVAQd
znsFRaR#Zd8PsU}{baFC+zt+<+aWXuXPDEt`a0UW_8TzrQlYYm#zTOQ4`8dFrGu)D+
z;@PQ1$GT<CVD;X1`IjoZOI6+UyH7Rp7WzU_AoCgUac_YlNCy;1CxDDf8wrpN@S{2-
zsaQCk9FHZ!xh0WqXedX<1^}33S!XhKFLVC~lyb$cnL*M8eD~?u0R(22`Qx@Rox2CB
zq!&Qd%L*ZVSbczgT2jAt3l<+lcnINPgslkM5VixT7Sv!OB8kL<RckyMjl|Il$PT*M
zUR%eO;Rc>qBpy2_h7}S?$dM>oiR^(M0eZ&%L%xf4Ig*wj)Ps8Br#Bq6omf%LDUuwE
z#YL45%P28uT2qW|TvWo@Msg5ZHqtL0>-nzv=F&l<dpi)w0|;y}Y#BZDqC4he#EsAb
zZma9)RP`h|$uy1w)8dLP{7yPh5!`?}Bab1VImi&gFhJ0#>Q9PiRbxCdD#le~G?`8)
zq>sK@(Q8{_B9GBK6%X?@w6?N^_t5^zR9y)UP>c`&P>YAZerR`i=bnRmckUii^{^QF
zNoA886|9y-(}aL8hs9__o*>(3na8)`0JfM?5fYJPg5E_U2%|{0fIAZ<EGVi;ObGBx
z!t`-ZpXn%a9HHOxRNJCh6aZu=J+#kVuPM<znvTT<@T^o4`pbz(N}fn6<VoP`oBzV|
zJss%tn%Ae}+v!hy`)jrX{Vwj&Rdp~G1&!nYZLEE?--m5p1T-FLLqOZG5mi$<g>iyN
zNJ%2N0D=b64nL|nnoKC-83l&=No{Q@a~s1%68z|8Xda=zul)qP<W67J{J;3G^TkM1
z4Tla64U<Rcb9KA<1N2vQ&u36GszFK$B6$jm<Y|DQBTpO*M1;wC1zAm!s7xdUB4WiL
zM^1|b0}$DVuphyKU;<Fhayl9nWmywj&&1YDfvaWi>0R|tIX0e1r@|O0$TetJ=zrC#
z*%kb;VT^a-3Si%}#T!5|5pso2G_{#t0XnhJt4-sXze1McLg|@;QF`)i1QeY~sakMP
z;C5v4lJ8&xQ?WJ+lXb<{p;0Z;A`6r8bs(V1<PQKKa+&S3^c&4Tz@6Fh##Sb*fmoqU
zQ-&dy7)uhS&2M5a4CA@238N;{injDOfqsR$TKlp~7g~?-{1y6PZ~!c3Y||`8(7W>t
zR;+mqbE0Z&Vzx5&@7=$9C~who*o3Chmdb=->&@DRjfx&|f9NRAh7Bg5jl2yEs4Dqw
zdUInr?P~v4R@8rQU*?@S2Amj{(X<>(pz*KF|8_mkXKnyJXkV36Ey;0&SukW`y#Y*`
zj%u+~U^6B@GZG8Hd7DAg2TD!`0CHzcR=<@HLh1MhxA7*ly+@ze@NXdS<x^Gj-{^Gm
zTIkD*dN|0V^v$l>C{u@o^$`R#wzfYktINpSoM~(?L11BPjd)>f8Ue@?k3PH6Yn%t#
zNA%r|6vW!z{h4Ju)ZgMs4}Eac%MlbpwdEfIt8$q0<R}BaJYjHlvJ)U1F39^xU@I!n
z5bf;o6`>FR0{-MlX48{B;~>kgdfqoZgWWFC3%%(K>%21gxw2@Ih#Ry}D0fUKQXIk>
z3tr3(F(#_|f!)LTL5m3h;WrmJU&1M~2|?Ca#n}<H-SA@^1(`-T`h$%w`a<6!2(fqi
zYV0}5bp4z7D%#ioYB9$5bB2JD43JU!ul+yfqx9N<ryYa%Is5SHDJpLXuqb@aK0uPP
z9EeDGBmr@V{$`+@AEsXnY~_n-&z_Fz5$JnY4?vD097ABP@;IH|Q_qL#YkSV~AJUq=
zKJQPVO?7F)!%^1}kBxSu6EQ_5KcmBY>vw#F?WL>jDPe3}Opw1rvUT^FsF-3WyaVb5
zS|opqG$Z|B?;+Rsk=>S@Oo$}R4pg#>RzEV4`5LldK0$UP>_9d+<;WOIEYJ^FzQTl8
z^>LUOHxmSKQ9McPPz+XT;rT;k#kG*1A$)|uWYmjiqMHBw2xzKlG(9#3nV=rlL4IyT
zwvVZ4Uz_&`7SY9+%2cZqITN0Y3CaXf>Arn|8g@=OG(Ci&vu5Z2feydr=AYiT&C09v
zABNAbXM4XeQkKDaE{kEz@luhq@nl3GaL?if=gDK!e1mG1AmBvCMY0iwgQMawit!b|
zN)V^^!&~?e-FvtR{5yHLxrxOL2aKT_$6{h!AaEZmbV)b$A9kCF3tA4-e?EK^Jh1DC
zm(LUi4V-NVfn`9$Si*z|wuOY{g7|<Y0~y(_8iDePj8Imqv_vCs+lS?}Bt^(s0+&PX
zI0{LB{`F^I71z8~{8Ka)3a^{uPT*c*-w8Ac`vk+B@&1bmTmg*q)X`lIkgO4SRDC3s
zA|*Wi#Zmu06HDc_+*F@PPLh7$$U9LBP2xafOo))ePH3it%PDsf<=aIM9BZ~LRR!j1
z7OQ&c-1#aUVF`)uFLd-?gSTv#vLYnMf$$uSlvVy2ub4H#5d~h*VN32?UEqDxm2sx{
z6Q&%mpr6yj;`Q{286W-cQx)y`;~E8%V4l+nmUpe!!Cdd4$=Ejp_oUY>^t;_|`pkrr
zx6zyH8coys72@&Dj!cRdY}1A*J<(0!b?g3dOa8xc6?bk9T<w&8%J8oJIs}(@Fu<^H
z+BjvLDICwi#w*Q}GsBpNIHfY%4}M@k<NXWax%<>x-~-czYA%~Hp1^a9eNbNUBq$fC
z7q>Wkf^*J*`d#B(uEF7R&K+?gMuf8g$Zf_&ArMP+z(r*jbR)k<z(58BbU*OCtcTG+
z*j-5)fOhvX(ps>U_2GFs6y9WFWj}o`+`u=}o8gKKoNhfUOsfNz<T)%ml1kSyvB*JW
zXi$w1DPt*ucGS{W95ZOrA|h^3xK?GujV3`(;1U_V4RToc;5Kx5q&!m(ZKvT+{wV<5
zHBFqwF*~(rZd~SyjJDfO-_`NC_=2;2(b;~%eB0q&a#k!=w%@5~nA^Wt)0N#V?Mrp7
zi*>!rW`o-fS789N#aFb<0o>y(rMAxzplY@Ksho2JUNbM)TNmxEGXqPs_hk3MGS4fv
zmuy!bStxB;EN!_}y8gz-PaK<m>DaX3=v{R5&g_9}_6z5qIe&G_f}?rS(R|CX?neF0
zo;x-dOlGXS`T+Z3!c{K0x6p{#(D<h!uGn+ce53V;M{e2r7i|5Dw*Hx2OJ>{5RE}{I
zGPVMvvFJj}<xL9)&!WL|%iy_fue#c}VD~TD{WAl%ZIw%Q=aQ?L7L5ja%+@N?G6!&v
zvlg2_M}Vr)y!Hx?K8PFTvl$M8M|Fkl%y(~$6R_WP)Z17~zdB{7#-`GYU_jCu_cWq=
z4kiP5r#>wPWH>Y6ZruT~xDm!@-gwTrpQYr1><wlt9q#~FV~I^0GBJN*$^AE>nxD+G
zc*qj^rff#v2#)YJdc-KOGLI;BJ^Rq2trfLwdr4~Uv|Z?X;^6GTnS(jyv@9F-s2G5I
zoE{Ye0M)Ew=HHXNx(stg=JR(^B-~Nt4+wumID>E&KrK>|N+cd;cjFz5pxrBla74*1
z8l61o%u759Hq7b_cx<t0ju*^BnqiFvIf!<6z>8z<;>M1<`%b!2c9?6A7TN*Q3hY1P
z>6@uLwl18Er9W5ZFQ0nOupP64e&WNKFienIEU_^0E>zDs{~X>-;A)63T4ND-1`#mo
zFtauxyMsP{y49qqhF&_oY2S*LnDp86Pzy+Z10CQR6NyI>aEWD!``y1snlT=eV#?ie
z9Iy%jsbo7XntY^*B_2F`r^)3X1JIhkVq&LfCp&mEy)oIA!3E}KW!Ys1E@%V?#GE1M
z%QFePykfeed0#Cui3pgOuzZf#u!<o`g$!$qi1I{uj3lM7Fv>(C%y@Zg&R|bWC{%q6
zUS*i3SwyrBpG}Fo@d;2Z0-dI{GKu5(Cvkj3JO)7%Wz=3KK8I4!vKlc-9S+U1D^vja
z0)Z_KuR$_C5<tvsg}>Ybl^Y!)FX53jZ|H?_Zt?S9p7{?Q{px%zf0brB*U>#wL-f<`
z68iC!LpN=pVba`+ho_)NgJ|EhPQhe4`#~%)P8op1L^DrJgZ2+j`<pFurZv&QI!Lxd
zAM)1-?*R<c`X?J*?_;$cWPxKL8z$)Rlby}$aG4{}7%a&%RT*-xDrXP1&elGrnXS+S
z*dHyBJ8sxS2e3cW+h%A|O9U}4Dk8i)$?3Rq|C#gRY@O|4V6y2zt^dT)4`(;m->%;9
zed9uP?_zcDEkor}dDSQ7-M=jFUMTNbEbo~)uw?hr(hH~kEXW4=!Qj`30mZ=ZN(=z1
zE|!D~$Gr>XP0X2G!ih*?JlTOSP6X~X`1G51T3Tt_#YVn}9=uo+LJw3+v;4wn2fi%D
zW$i{>f^D{J+k~Q|*v*5Wm6&c;`oW_bQKD(MJ26FS?-cZR7k#FvOvXq#6zemXO_2%&
zOoP<o?6_$q2J?B4WP}G7c>H4zB3@*yLGU5q=7F~?O*lVN0tnp*_{gf+@<}YcjBpL%
zb%Zw&-sZRrM{Z(q9^nH7ysHwt$Y_}b+m&cpf*CQvynx_QKrp@$bZdfkV|Nv13HHSJ
zpO%L}s&ri3O7=l3{O9CP!7$5up68c1+YI}+#5K^KOO^A-FE#S|C9aeH<Fl0xD-Xx_
z3V7yq&nf)Q4LqD10QdBq&OTd%KP9u?WdqU$9x6+G$+FIdTmXe!NUx#4eqP>o`OM`L
h3w+%oU$?9)Lv8@%t_KSKmM`+I+~B4h1LI<A`(JaPR*(Py

diff --git a/core/forms.py b/core/forms.py
index f3cfd94..c074c9b 100644
--- a/core/forms.py
+++ b/core/forms.py
@@ -77,8 +77,9 @@ class TransactionForm(forms.Form):
     transaction_type = forms.ChoiceField(choices=Transaction.TYPE_CHOICES, widget=forms.Select(attrs={'class': SELECT_CLASS}))
     notes = forms.CharField(required=False, widget=forms.Textarea(attrs={'class': 'form-control momo-input', 'rows': 3, 'placeholder': 'Optional note about the transaction'}))
 
-    def __init__(self, *args, business=None, **kwargs):
+    def __init__(self, *args, business=None, instance=None, **kwargs):
         self.business = business
+        self.instance = instance
         super().__init__(*args, **kwargs)
 
     def clean(self):
@@ -88,6 +89,9 @@ class TransactionForm(forms.Form):
         if not self.business or not transaction_type or amount is None:
             return cleaned_data
 
+        if self.instance is not None:
+            return cleaned_data
+
         ecash_delta, physical_delta, _ = Transaction.calculate_effect(transaction_type, amount)
         if self.business.current_ecash + ecash_delta < 0:
             self.add_error('amount', 'Not enough e-cash for this transaction.')
@@ -98,6 +102,13 @@ class TransactionForm(forms.Form):
     def save(self, user):
         if not self.business:
             raise ValidationError('Business profile is required.')
+        if self.instance is not None:
+            return self.instance.update_logged_transaction(
+                client_name=self.cleaned_data['client_name'],
+                amount=self.cleaned_data['amount'],
+                transaction_type=self.cleaned_data['transaction_type'],
+                notes=self.cleaned_data['notes'],
+            )
         return Transaction.create_logged_transaction(
             business=self.business,
             user=user,
diff --git a/core/jwt_auth.py b/core/jwt_auth.py
new file mode 100644
index 0000000..36fab82
--- /dev/null
+++ b/core/jwt_auth.py
@@ -0,0 +1,112 @@
+from datetime import timedelta
+
+import jwt
+from django.conf import settings
+from django.contrib.auth.models import User
+from django.utils import timezone
+
+from .models import BusinessProfile
+
+
+class JWTAuthError(Exception):
+    def __init__(self, message: str, *, code: str = 'token_invalid', status_code: int = 401):
+        super().__init__(message)
+        self.message = message
+        self.code = code
+        self.status_code = status_code
+
+
+def _timestamp(value):
+    return int(value.timestamp())
+
+
+def _base_payload(user: User, profile: BusinessProfile, *, token_type: str, expires_delta):
+    now = timezone.now()
+    return {
+        'sub': str(user.pk),
+        'username': user.username,
+        'type': token_type,
+        'token_version': profile.mobile_token_version,
+        'iat': _timestamp(now),
+        'nbf': _timestamp(now),
+        'exp': _timestamp(now + expires_delta),
+        'iss': settings.JWT_ISSUER,
+        'aud': settings.JWT_AUDIENCE,
+    }
+
+
+def issue_token_pair(user: User):
+    profile, _ = BusinessProfile.objects.get_or_create(user=user)
+    access_lifetime = timedelta(minutes=settings.JWT_ACCESS_TOKEN_MINUTES)
+    refresh_lifetime = timedelta(days=settings.JWT_REFRESH_TOKEN_DAYS)
+    access_payload = _base_payload(user, profile, token_type='access', expires_delta=access_lifetime)
+    refresh_payload = _base_payload(user, profile, token_type='refresh', expires_delta=refresh_lifetime)
+    access_token = jwt.encode(access_payload, settings.SECRET_KEY, algorithm='HS256')
+    refresh_token = jwt.encode(refresh_payload, settings.SECRET_KEY, algorithm='HS256')
+    return {
+        'access': access_token,
+        'refresh': refresh_token,
+        'token_type': 'Bearer',
+        'access_expires_in': int(access_lifetime.total_seconds()),
+        'refresh_expires_in': int(refresh_lifetime.total_seconds()),
+    }
+
+
+def decode_token(token: str, *, expected_type: str):
+    try:
+        payload = jwt.decode(
+            token,
+            settings.SECRET_KEY,
+            algorithms=['HS256'],
+            audience=settings.JWT_AUDIENCE,
+            issuer=settings.JWT_ISSUER,
+            options={'require': ['exp', 'iat', 'nbf', 'sub', 'type', 'token_version']},
+        )
+    except jwt.ExpiredSignatureError as exc:
+        raise JWTAuthError('Token expired. Please log in again.', code='token_expired') from exc
+    except jwt.InvalidTokenError as exc:
+        raise JWTAuthError('Invalid token.', code='token_invalid') from exc
+
+    token_type = payload.get('type')
+    if token_type != expected_type:
+        raise JWTAuthError(f'Expected a {expected_type} token.', code='token_type_invalid')
+    return payload
+
+
+def get_user_from_payload(payload):
+    user = User.objects.filter(pk=payload.get('sub'), is_active=True).first()
+    if user is None:
+        raise JWTAuthError('User account not found.', code='user_not_found')
+
+    profile, _ = BusinessProfile.objects.get_or_create(user=user)
+    if profile.mobile_token_version != payload.get('token_version'):
+        raise JWTAuthError('Token is no longer valid. Please log in again.', code='token_revoked')
+
+    return user, profile
+
+
+def authenticate_authorization_header(header_value: str):
+    if not header_value:
+        raise JWTAuthError('Authentication required.', code='auth_required')
+
+    scheme, _, token = header_value.partition(' ')
+    if scheme.lower() != 'bearer' or not token.strip():
+        raise JWTAuthError('Use Authorization: Bearer <token>.', code='auth_header_invalid')
+
+    payload = decode_token(token.strip(), expected_type='access')
+    return get_user_from_payload(payload)
+
+
+def authenticate_refresh_token(refresh_token: str):
+    if not refresh_token:
+        raise JWTAuthError('Refresh token is required.', code='refresh_required')
+
+    payload = decode_token(refresh_token.strip(), expected_type='refresh')
+    return get_user_from_payload(payload)
+
+
+def revoke_user_tokens(user: User):
+    profile, _ = BusinessProfile.objects.get_or_create(user=user)
+    profile.mobile_token_version += 1
+    profile.save(update_fields=['mobile_token_version', 'updated_at'])
+    return profile
diff --git a/core/migrations/0002_businessprofile_mobile_token_version.py b/core/migrations/0002_businessprofile_mobile_token_version.py
new file mode 100644
index 0000000..636adc1
--- /dev/null
+++ b/core/migrations/0002_businessprofile_mobile_token_version.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.2.7 on 2026-04-17 02:58
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='businessprofile',
+            name='mobile_token_version',
+            field=models.PositiveIntegerField(default=1),
+        ),
+    ]
diff --git a/core/migrations/__pycache__/0002_businessprofile_mobile_token_version.cpython-311.pyc b/core/migrations/__pycache__/0002_businessprofile_mobile_token_version.cpython-311.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..1148ed54637618b9d34e60f39324649f0d880159
GIT binary patch
literal 843
zcmZuuF>ljA6uz?^$FWjDtw;rx1qnetv<^%eDkK&V2r8sX3>MPK$z6j}+ZWDufh_|A
zW46vLMW`M4DMiW<-G-PdF}O;nPP}vCA_#Z(yZ7$ByZ3$HeOXzt5sY7-e}rR<&`%Xq
zqqcBn+u$4`iYSgyjC~wyzJ`&8o*=4yL{w*ZpjU^Ez&pN*e4QG*$gQ2Jw5v%w4*Md=
zLY}13j5%dd+N(~gwY~^uJ~)SnAs<uZYZUjfuWN`Ig9;S1rfSC=RA&%1PHIO$;u!w<
zI5Gc*1GiYT4uCA#cu^q%SVoTvCY$Yc`#uSiFbji7UhC#*n6NY*3ceRcOtxa)g_UG{
zpC#mgi4<s@sa`IYb;|aFJjz@hI4WKw31TLV($@Au7SSEIAuUqw6C!Owpe~2|h-?z_
zHV-0It0KyVETJsvg)9|HN@+c!^s%}_7%FVN<SBqWU{8~b^_eJB(&j_9(Do~uDFH5D
zdvAEmyu6zyS?;m-te0n8c<;E_PlrK|d5X99=S@6N-~suEIN)67y*2zGOlVOW<)ph{
zMpv^iQR8-@Yb|s1ys%N@)+c*ntxwlBrmOd+&gS^;#M%57oI0KFPG{nDin`IT&k>jl
zWeVMN%+WJ7#f_@Vj%&yU9Rx|AZ_#ckOex14$C@fDYj1*gX>HHdeJIu;RF9Ot0#oQ1
gW59;pQ?#-C6=oBg1zI*^dvg8Gxk_C8CtLRY4R)H{{r~^~

literal 0
HcmV?d00001

diff --git a/core/models.py b/core/models.py
index e3297bd..c58636f 100644
--- a/core/models.py
+++ b/core/models.py
@@ -13,6 +13,7 @@ class BusinessProfile(models.Model):
     opening_physical_cash = models.DecimalField(max_digits=12, decimal_places=2, default=Decimal('0.00'))
     current_ecash = models.DecimalField(max_digits=12, decimal_places=2, default=Decimal('0.00'))
     current_physical_cash = models.DecimalField(max_digits=12, decimal_places=2, default=Decimal('0.00'))
+    mobile_token_version = models.PositiveIntegerField(default=1)
     created_at = models.DateTimeField(auto_now_add=True)
     updated_at = models.DateTimeField(auto_now=True)
 
@@ -168,6 +169,11 @@ class Transaction(models.Model):
             ecash_after = cls._round(ecash_before + ecash_delta)
             physical_after = cls._round(physical_before + physical_delta)
 
+            if ecash_after < 0:
+                raise ValidationError('This change would make e-cash go below zero in your transaction history.')
+            if physical_after < 0:
+                raise ValidationError('This change would make physical cash go below zero in your transaction history.')
+
             cls.objects.filter(pk=entry.pk).update(
                 service_charge=fee,
                 ecash_before=ecash_before,
@@ -184,6 +190,21 @@ class Transaction(models.Model):
         business.save(update_fields=['current_ecash', 'current_physical_cash', 'updated_at'])
         return business
 
+    @transaction.atomic
+    def update_logged_transaction(self, *, client_name: str, amount: Decimal, transaction_type: str, notes: str = ''):
+        business = BusinessProfile.objects.select_for_update().get(pk=self.business_id)
+        self.client_name = client_name
+        self.amount = self.__class__._round(amount)
+        self.transaction_type = transaction_type
+        self.notes = notes
+        self.save(update_fields=['client_name', 'amount', 'transaction_type', 'notes'])
+        business = self.__class__.rebalance_business_ledger(business)
+        refreshed_entry = self.__class__.objects.select_related('created_by').get(pk=self.pk)
+        return {
+            'transaction': refreshed_entry,
+            'business': business,
+        }
+
     @transaction.atomic
     def delete_logged_transaction(self):
         business = BusinessProfile.objects.select_for_update().get(pk=self.business_id)
diff --git a/core/urls.py b/core/urls.py
index 8a01ab5..29185be 100644
--- a/core/urls.py
+++ b/core/urls.py
@@ -5,6 +5,7 @@ from .views import (
     api_login_view,
     api_logout_view,
     api_profile_view,
+    api_token_refresh_view,
     api_transaction_detail_view,
     api_transactions_view,
     home,
@@ -23,6 +24,8 @@ urlpatterns = [
     path('', home, name='home'),
     path('api/health/', api_health_view, name='api_health'),
     path('api/login/', api_login_view, name='api_login'),
+    path('api/token/', api_login_view, name='api_token_login'),
+    path('api/token/refresh/', api_token_refresh_view, name='api_token_refresh'),
     path('api/logout/', api_logout_view, name='api_logout'),
     path('api/profile/', api_profile_view, name='api_profile'),
     path('api/transactions/', api_transactions_view, name='api_transactions'),
diff --git a/core/views.py b/core/views.py
index 6c79b4c..e34b7a2 100644
--- a/core/views.py
+++ b/core/views.py
@@ -1,5 +1,6 @@
 import json
 from datetime import datetime, time
+from functools import wraps
 from io import BytesIO
 
 from django.contrib import messages
@@ -14,15 +15,46 @@ from django.views.decorators.http import require_GET, require_POST, require_http
 from django.utils import timezone
 
 from .forms import BusinessProfileForm, LoginForm, ReportFilterForm, SignUpForm, TransactionForm
+from .jwt_auth import (
+    JWTAuthError,
+    authenticate_authorization_header,
+    authenticate_refresh_token,
+    issue_token_pair,
+    revoke_user_tokens,
+)
 from .models import BusinessProfile, Transaction
 
 
+def get_api_authenticated_user(request):
+    if request.user.is_authenticated:
+        return request.user
+
+    authorization = (request.META.get('HTTP_AUTHORIZATION') or '').strip()
+    if not authorization:
+        return None
+
+    user, _ = authenticate_authorization_header(authorization)
+    request.user = user
+    return user
+
+
 def api_login_required(view_func):
+    @wraps(view_func)
     def wrapped(request, *args, **kwargs):
-        if not request.user.is_authenticated:
+        try:
+            user = get_api_authenticated_user(request)
+        except JWTAuthError as exc:
+            return JsonResponse({
+                'ok': False,
+                'error': exc.message,
+                'code': exc.code,
+            }, status=exc.status_code)
+
+        if user is None:
             return JsonResponse({
                 'ok': False,
                 'error': 'Authentication required.',
+                'code': 'auth_required',
             }, status=401)
         return view_func(request, *args, **kwargs)
 
@@ -367,25 +399,62 @@ def api_health_view(request):
         'app': 'MoMoLedger API',
         'message': 'Android backend starter endpoints are available.',
         'server_time': timezone.now().isoformat(),
-        'authenticated': request.user.is_authenticated,
+        'authenticated': bool(request.user.is_authenticated or (request.META.get('HTTP_AUTHORIZATION') or '').strip()),
     })
 
 
 @csrf_exempt
 @require_POST
 def api_login_view(request):
-    if request.user.is_authenticated:
-        profile = get_profile(request.user)
-        return JsonResponse({
-            'ok': True,
-            'message': 'Already logged in.',
-            'user': {
-                'username': request.user.username,
-                'email': request.user.email,
-                'business_name': profile.business_name,
-            },
-        })
+    user = request.user if request.user.is_authenticated else None
 
+    if user is None:
+        payload = parse_api_payload(request)
+        if payload is None:
+            return JsonResponse({
+                'ok': False,
+                'error': 'Invalid JSON body.',
+            }, status=400)
+
+        username = (payload.get('username') or '').strip()
+        password = payload.get('password') or ''
+
+        if not username or not password:
+            return JsonResponse({
+                'ok': False,
+                'error': 'Username and password are required.',
+            }, status=400)
+
+        user = authenticate(request, username=username, password=password)
+        if user is None:
+            return JsonResponse({
+                'ok': False,
+                'error': 'Invalid username or password.',
+            }, status=401)
+
+        login(request, user)
+        message = 'Login successful.'
+    else:
+        message = 'Already logged in.'
+
+    profile = get_profile(user)
+    tokens = issue_token_pair(user)
+    return JsonResponse({
+        'ok': True,
+        'message': message,
+        'user': {
+            'id': user.id,
+            'username': user.username,
+            'email': user.email,
+            'business_name': profile.business_name,
+        },
+        'tokens': tokens,
+    })
+
+
+@csrf_exempt
+@require_POST
+def api_token_refresh_view(request):
     payload = parse_api_payload(request)
     if payload is None:
         return JsonResponse({
@@ -393,49 +462,77 @@ def api_login_view(request):
             'error': 'Invalid JSON body.',
         }, status=400)
 
-    username = (payload.get('username') or '').strip()
-    password = payload.get('password') or ''
-
-    if not username or not password:
+    refresh_token = (payload.get('refresh_token') or payload.get('refresh') or '').strip()
+    try:
+        user, profile = authenticate_refresh_token(refresh_token)
+    except JWTAuthError as exc:
         return JsonResponse({
             'ok': False,
-            'error': 'Username and password are required.',
-        }, status=400)
+            'error': exc.message,
+            'code': exc.code,
+        }, status=exc.status_code)
 
-    user = authenticate(request, username=username, password=password)
-    if user is None:
-        return JsonResponse({
-            'ok': False,
-            'error': 'Invalid username or password.',
-        }, status=401)
-
-    login(request, user)
-    profile = get_profile(user)
     return JsonResponse({
         'ok': True,
-        'message': 'Login successful.',
+        'message': 'Token refreshed successfully.',
         'user': {
             'id': user.id,
             'username': user.username,
             'email': user.email,
             'business_name': profile.business_name,
         },
+        'tokens': issue_token_pair(user),
     })
 
 
 @csrf_exempt
 @require_POST
 def api_logout_view(request):
-    if not request.user.is_authenticated:
+    payload = parse_api_payload(request)
+    if payload is None:
+        return JsonResponse({
+            'ok': False,
+            'error': 'Invalid JSON body.',
+        }, status=400)
+
+    user = request.user if request.user.is_authenticated else None
+    refresh_token = (payload.get('refresh_token') or payload.get('refresh') or '').strip()
+
+    if user is None and refresh_token:
+        try:
+            user, _ = authenticate_refresh_token(refresh_token)
+        except JWTAuthError as exc:
+            return JsonResponse({
+                'ok': False,
+                'error': exc.message,
+                'code': exc.code,
+            }, status=exc.status_code)
+
+    if user is None:
+        authorization = (request.META.get('HTTP_AUTHORIZATION') or '').strip()
+        if authorization:
+            try:
+                user, _ = authenticate_authorization_header(authorization)
+            except JWTAuthError as exc:
+                return JsonResponse({
+                    'ok': False,
+                    'error': exc.message,
+                    'code': exc.code,
+                }, status=exc.status_code)
+
+    if user is None:
         return JsonResponse({
             'ok': True,
             'message': 'No active session.',
         })
 
-    logout(request)
+    revoke_user_tokens(user)
+    if request.user.is_authenticated:
+        logout(request)
+
     return JsonResponse({
         'ok': True,
-        'message': 'Logout successful.',
+        'message': 'Logout successful. Mobile tokens revoked.',
     })
 
 
@@ -522,12 +619,77 @@ def api_transactions_view(request):
 
 @csrf_exempt
 @api_login_required
-@require_http_methods(['DELETE'])
+@require_http_methods(['GET', 'PUT', 'PATCH', 'DELETE'])
 def api_transaction_detail_view(request, transaction_id):
     profile = get_profile(request.user)
     entry = get_object_or_404(profile.transactions.select_related('created_by'), id=transaction_id)
+
+    if request.method == 'GET':
+        return JsonResponse({
+            'ok': True,
+            'transaction': serialize_transaction(entry),
+            'balances': {
+                'current_ecash': str(profile.current_ecash),
+                'current_physical_cash': str(profile.current_physical_cash),
+                'total_cash': str(profile.total_cash),
+            },
+            'summary': build_transaction_summary(profile),
+        })
+
+    if request.method in {'PUT', 'PATCH'}:
+        payload = parse_api_payload(request)
+        if payload is None:
+            return JsonResponse({
+                'ok': False,
+                'error': 'Invalid JSON body.',
+            }, status=400)
+
+        merged_payload = {
+            'client_name': entry.client_name,
+            'amount': str(entry.amount),
+            'transaction_type': entry.transaction_type,
+            'notes': entry.notes,
+        }
+        merged_payload.update(payload)
+        form = TransactionForm(merged_payload, business=profile, instance=entry)
+        if not form.is_valid():
+            return JsonResponse({
+                'ok': False,
+                'error': 'Validation failed.',
+                'errors': serialize_form_errors(form),
+            }, status=400)
+
+        try:
+            update_result = form.save(request.user)
+        except ValidationError as exc:
+            return JsonResponse({
+                'ok': False,
+                'error': exc.messages[0] if exc.messages else 'Could not update transaction.',
+            }, status=400)
+
+        profile = update_result['business']
+        entry = update_result['transaction']
+        return JsonResponse({
+            'ok': True,
+            'message': 'Transaction updated successfully.',
+            'transaction': serialize_transaction(entry),
+            'balances': {
+                'current_ecash': str(profile.current_ecash),
+                'current_physical_cash': str(profile.current_physical_cash),
+                'total_cash': str(profile.total_cash),
+            },
+            'summary': build_transaction_summary(profile),
+        })
+
     deleted_transaction = serialize_transaction(entry)
-    delete_result = entry.delete_logged_transaction()
+    try:
+        delete_result = entry.delete_logged_transaction()
+    except ValidationError as exc:
+        return JsonResponse({
+            'ok': False,
+            'error': exc.messages[0] if exc.messages else 'Could not delete transaction.',
+        }, status=400)
+
     profile = delete_result['business']
     return JsonResponse({
         'ok': True,
diff --git a/requirements.txt b/requirements.txt
index 6cf2a72..b2b934c 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,3 +2,4 @@ Django==5.2.7
 mysqlclient==2.2.7
 python-dotenv==1.1.1
 reportlab==4.4.1
+PyJWT==2.10.1