Merge pull request #33 from dsaub/development

Fix mobile header alignment and improve navbar responsiveness
Merge pull request #22 from dsaub/development
2026-04-20 15:57:04 +02:00 · 2026-04-20 12:25:33 +02:00
45 changed files with 198642 additions and 465 deletions
@@ -2,7 +2,6 @@
 SECRET_KEY=django-insecure-change-me
 DEBUG=True
 ALLOWED_HOSTS=localhost,127.0.0.1
 S3_ENABLE=False
 # PostgreSQL (por defecto habilitado; si POSTGRES_ENABLED=False se usa SQLite)
 POSTGRES_ENABLED=True
@@ -15,17 +14,6 @@ POSTGRES_PORT=5432
 # Redis
 REDIS_URL=redis://127.0.0.1:6379/1
 # S3 (activar con S3_ENABLE=True)
 AWS_STORAGE_BUCKET_NAME=
 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
 AWS_S3_REGION_NAME=
 AWS_S3_ENDPOINT_URL=
 AWS_S3_CUSTOM_DOMAIN=
 AWS_S3_USE_SSL=True
 AWS_QUERYSTRING_AUTH=False
 AWS_DEFAULT_ACL=public-read
 # Stripe
 STRIPE_PUBLISHABLE_KEY=
 STRIPE_SECRET_KEY=
@@ -35,7 +35,6 @@ Templates use Django's inheritance pattern:
 - **Image uploads**: Organized in `tienda/static/media/images/` via `upload_to='images/'` in ImageField
 - **Access**: Media files served automatically in development via Django's static file handler
 - **Image model**: Located in [tienda/models.py](tienda/models.py) with `ImageField(upload_to='images/')`
 - **S3 mode**: if `S3_ENABLE=True` (case-insensitive), static and media switch to S3 storages instead of the local filesystem; Nginx should proxy the app only and the browser should load asset URLs from the bucket or CDN
 ## Shipping Restrictions
 - **Zona de envío**: Solo se vende/envía dentro de la provincia de Almería
@@ -1,33 +0,0 @@
 name: opencode
 on:
  issue_comment:
    types: [created]
  pull_request_review_comment:
    types: [created]
 jobs:
  opencode:
    if: |
      contains(github.event.comment.body, ' /oc') ||
      startsWith(github.event.comment.body, '/oc') ||
      contains(github.event.comment.body, ' /opencode') ||
      startsWith(github.event.comment.body, '/opencode')
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      contents: read
      pull-requests: read
      issues: read
    steps:
      - name: Checkout repository
        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Run opencode
        uses: anomalyco/opencode/github@latest
        env:
          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
        with:
          model: openai/gpt-5.3-codex
@@ -7,5 +7,3 @@ __pycache__/
 *.pyc
 tienda/__pycache__/
 proyecto/__pycache__/
 media
 staticfiles
@@ -1,61 +0,0 @@
 # AGENTS.md - Django Tienda Project
 ## Commands
 ```bash
 # Run tests (runs tienda/tests.py by default)
 make test
 # Or manually
 python manage.py test
 # Run dev server
 python manage.py runserver
 # Run migrations
 python manage.py migrate
 # Static files (production)
 python manage.py collectstatic
 ```
 ## Prerequisites
 - **Redis**: Must be running on `redis://127.0.0.1:6379/1` for sessions and caching
  - Start: `sudo systemctl start redis-server` (Linux) or `brew services start redis` (macOS)
  - Verify: `redis-cli ping` → PONG
 - **PostgreSQL**: Default database; set `POSTGRES_ENABLED=False` to use SQLite
 - **Environment**: Copy `.env.example` to `.env` and configure required vars
 ## Important Quirks
 1. **Migrations**: If `makemigrations` fails with error code 130, **check `tienda/migrations/`** - the file is often created despite the error
 2. **Test DB**: Uses SQLite regardless of POSTGRES_ENABLED (hardcoded in settings.py)
 3. **App URL**: Not at `/` - access at `http://localhost:8000/tienda/`
 4. **Admin**: At `/admin/` (not `/tienda/admin/`)
 5. **Custom User Model**: AUTH_USER_MODEL = 'tienda.User' - use for all user-related queries
 ## Architecture
 - `proyecto/` - Django settings, URLs, WSGI/ASGI
 - `tienda/` - Main app (models, views, admin, templates)
 - `tienda/static/` - CSS, JS, images, fonts
 - Templates extend `tienda/templates/tienda/base.html`
 ## Shipping Restrictions
 Only sells to Almería province, Spain (postal codes 04xxx). All addresses saved with country "España".
 ## External Services
 - **Payment**: Stripe + PayPal (configured via .env)
 - **Storage**: S3 support - set `S3_ENABLE=True` to enable
 - **Email**: SMTP required (see .env.example)
 - **Async**: Celery uses Redis broker
 ## Useful References
 - Full developer docs: `.github/copilot-instructions.md`
 - Redis setup: `docs/REDIS_SETUP.md`
 - PayPal: `docs/PAYPAL_SETUP.md`, `docs/PAYPAL_TROUBLESHOOTING.md`
 - View documentation: `docs/views/`
@@ -34,9 +34,7 @@ http {
        listen 80;
        server_name _;
-        # Modo local: sirve static/media desde volúmenes montados.
+        # Archivos estáticos generados por collectstatic.
        # Si S3_ENABLE=True, estos bloques no se usan y el navegador debe
        # cargar los assets directamente desde el bucket o CDN.
        location /static/ {
            alias /static/;
            expires 30d;
@@ -44,7 +42,7 @@ http {
            access_log off;
        }
-        # Archivos subidos por usuarios en modo local.
+        # Archivos subidos por usuarios.
        location /media/ {
            alias /media/;
            expires 7d;
@@ -53,21 +53,6 @@ def env_int(name: str, default: int) -> int:
        return default
    return int(value)
 def env_str(name: str, default: str = '') -> str:
    value = os.getenv(name)
    if value is None:
        return default
    return value.strip()
 def env_optional_str(name: str) -> str | None:
    value = os.getenv(name)
    if value is None:
        return None
    value = value.strip()
    return value or None
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 load_dotenv(BASE_DIR / '.env')
@@ -81,8 +66,6 @@ SECRET_KEY = os.getenv('SECRET_KEY', 'django-insecure-#g((q@lvnkt(j6)2(gvtn0px)r
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = env_bool('DEBUG', True)
 S3_ENABLE = env_bool('S3_ENABLE', False)
 S3_USE_LOCAL_URLS = env_bool('S3_USE_LOCAL_URLS', False)
 ALLOWED_HOSTS = env_list('ALLOWED_HOSTS', [
    '192.168.1.142',
@@ -104,11 +87,9 @@ INSTALLED_APPS = [
    'compressor',
 ]
 if S3_ENABLE:
    INSTALLED_APPS.append('storages')
 MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'whitenoise.middleware.WhiteNoiseMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
@@ -117,9 +98,6 @@ MIDDLEWARE = [
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 if not S3_ENABLE:
    MIDDLEWARE.insert(1, 'whitenoise.middleware.WhiteNoiseMiddleware')
 ROOT_URLCONF = 'proyecto.urls'
 TEMPLATES = [
@@ -233,27 +211,6 @@ STORAGES = {
    },
 }
 if S3_ENABLE:
    AWS_STORAGE_BUCKET_NAME = env_str('AWS_STORAGE_BUCKET_NAME') or None
    AWS_ACCESS_KEY_ID = env_optional_str('AWS_ACCESS_KEY_ID')
    AWS_SECRET_ACCESS_KEY = env_optional_str('AWS_SECRET_ACCESS_KEY')
    AWS_S3_REGION_NAME = env_optional_str('AWS_S3_REGION_NAME')
    AWS_S3_ENDPOINT_URL = env_optional_str('AWS_S3_ENDPOINT_URL')
    AWS_S3_CUSTOM_DOMAIN = env_optional_str('AWS_S3_CUSTOM_DOMAIN')
    AWS_S3_USE_SSL = env_bool('AWS_S3_USE_SSL', True)
    AWS_QUERYSTRING_AUTH = env_bool('AWS_QUERYSTRING_AUTH', False)
    AWS_DEFAULT_ACL = env_str('AWS_DEFAULT_ACL', 'public-read') or None
    AWS_S3_OBJECT_PARAMETERS = {}
    STORAGES = {
        'default': {
            'BACKEND': 'tienda.storage_backends.MediaStorage',
        },
        'staticfiles': {
            'BACKEND': 'tienda.storage_backends.StaticStorage',
        },
    }
 STATICFILES_FINDERS = [
    'django.contrib.staticfiles.finders.FileSystemFinder',
    'django.contrib.staticfiles.finders.AppDirectoriesFinder',
@@ -428,3 +385,5 @@ SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 USE_X_FORWARDED_HOST = True
 SECURE_REFERER_POLICY = "strict-origin-when-cross-origin"
 print(f"DEBUG: ALLOWED_HOSTS is {ALLOWED_HOSTS}")
@@ -26,7 +26,5 @@ urlpatterns = [
    path('tienda/', include('tienda.urls'))
 ]
-if settings.DEBUG and (
+if settings.DEBUG:
    not settings.S3_ENABLE or getattr(settings, 'S3_USE_LOCAL_URLS', False)
 ):
    urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
@@ -14,7 +14,6 @@ Django==6.0.4
 django-appconf==1.2.0
 django-redis==5.4.0
 django_compressor==4.6.0
 django-storages[boto3]==1.14.6
 gunicorn==25.1.0
 idna==3.11
 Jinja2==3.1.6
@@ -23,7 +22,6 @@ MarkupSafe==3.0.3
 packaging==26.0
 paypalrestsdk==1.13.3
 pillow==12.2.0
 boto3==1.42.97
 prompt_toolkit==3.0.52
 pycparser==3.0
 pyOpenSSL==26.0.0
@@ -25,11 +25,6 @@ class User(AbstractUser):
        choices = RegisterStatus.choices,
        default = RegisterStatus.CONFIRMATION_REQUIRED
    )
    def to_dict(self):
        return {
            "username": self.username,
            "fullname": self.get_full_name()
        }
 class VerificationCode(models.Model):
    class VerificationModes(models.TextChoices):
@@ -46,7 +41,7 @@ class VerificationCode(models.Model):
    def generate(user: User, code_mode: str) -> VerificationCode:
        while True:
-            code = "".join(random.choices(string.ascii_letters+string.digits, k=64))
+            code = "".join(random.choices(string.ascii_letters+string.digits+string.punctuation))
            if not VerificationCode.objects.filter(code=code).exists():
                return VerificationCode.objects.create(
                    code = code,
@@ -61,11 +56,6 @@ class Category(models.Model):
    def __str__(self):
        return self.name
    def to_dict(self):
        return {
            "name": self.name
        }
 class Image(models.Model):
    name = models.CharField(max_length=200, default="")
    image = models.ImageField(upload_to='images/')
@@ -74,13 +64,6 @@ class Image(models.Model):
    def __str__(self):
        return self.name
    def to_dict(self):
        return {
            "name": self.name,
            "image": self.image.url,
            "alt": self.alt
        }
 class Product(models.Model):
    name = models.CharField(max_length=200, default="")
    description = models.TextField(default = "")
@@ -103,19 +86,6 @@ class Product(models.Model):
        """Retorna la cantidad de IVA"""
        return round(self.price * VAT_RATE, 2)
    def to_dict(self):
        return {
            "name": self.name,
            "description": self.description,
            "briefdesc": self.briefdesc,
            "price": self.price,
            "stock": self.stock,
            "category": self.category.to_dict(),
            "primary_image": self.primary_image.to_dict() if self.primary_image else None,
            "secondary_images": [secondary_image.to_dict() for secondary_image in self.secondary_images.all()],
            "creator": self.creator.to_dict() if self.creator else None
        }
 class StockReservation(models.Model):
    STATUS_ACTIVE = "active"
@@ -1,28 +1,3 @@
 .skip-link {
  position: fixed;
  top: -100%;
  left: 50%;
  transform: translateX(-50%);
  background: #fff;
  color: #513CB0;
  padding: 8px 24px;
  font-weight: 700;
  font-size: 0.9rem;
  z-index: 10001;
  text-decoration: none;
  border-radius: 0 0 8px 8px;
  border: 2px solid #513CB0;
  border-top: none;
  box-shadow: 0 4px 12px rgba(81, 60, 176, 0.25);
  transition: top 0.2s ease;
  outline: none;
  white-space: nowrap;
 }
 .skip-link:focus,
 .skip-link:focus-visible {
  top: 0;
 }
@media (min-width: 1250px) {
  .grid {
    display: grid;
@@ -88,9 +63,8 @@ p.price {
 .navbar.header .site-title-mobile {
  color: #FFF;
  position: absolute;
  top: calc(var(--bs-navbar-padding-y) + 20px);
  left: 50%;
-  transform: translate(-50%, -50%);
+  transform: translateX(-50%);
  margin: 0;
  max-width: calc(100% - 9rem);
  overflow: hidden;
@@ -1,44 +0,0 @@
 from __future__ import annotations
 import os
 from django.utils.encoding import iri_to_uri
 from storages.backends.s3 import S3Storage
 def _use_local_asset_urls() -> bool:
    return os.getenv('S3_USE_LOCAL_URLS', '').strip().lower() in {'1', 'true', 'yes', 'on'}
 def _local_asset_url(prefix: str, name: str) -> str:
    return iri_to_uri(f'/{prefix}/{name.lstrip("/")}')
 class StaticStorage(S3Storage):
    location = 'static'
    default_acl = 'public-read'
    querystring_auth = False
    file_overwrite = True
    object_parameters = {
        'CacheControl': 'public, max-age=31536000, immutable',
    }
    def url(self, name: str) -> str:
        if _use_local_asset_urls():
            return _local_asset_url('static', name)
        return super().url(name)
 class MediaStorage(S3Storage):
    location = 'media'
    default_acl = 'public-read'
    querystring_auth = False
    file_overwrite = False
    object_parameters = {
        'CacheControl': 'public, max-age=604800',
    }
    def url(self, name: str) -> str:
        if _use_local_asset_urls():
            return _local_asset_url('media', name)
        return super().url(name)
@@ -33,11 +33,7 @@ def enviar_correo_confirmacion(id: int):
@shared_task
 def enviar_correo_recuperacion(email: str):
    usuario: User | None
    try:
    usuario = User.objects.get(email=email)
    except User.DoesNotExist as e:
        usuario = None
    if usuario is not None:
        ver_code = VerificationCode.objects.create(
            code_mode = VerificationCode.VerificationModes.RESET_PASSWORD,
@@ -57,8 +53,7 @@ def enviar_correo_recuperacion(email: str):
        )
        send_hemail(email, "Reset de Contraseña", html_content, "Estas reseteando la contraseña...")
-    else:
+
        print("User does not exist, Cancelling TASK.")
 # Purchased items should be a list of dictionary, the dictionary must follow this tags: amount, product name, price (each)
@shared_task
@@ -50,11 +50,8 @@
            transition: background-color 0.2s;
        }
-        .search-suggestion-item:hover,
+        .search-suggestion-item:hover {
        .search-suggestion-item.active {
            background-color: #f8f9fa;
            outline: 2px solid #0d6efd;
            outline-offset: -2px;
        }
        .search-suggestion-item:last-child {
@@ -81,7 +78,6 @@
    {% block head %}{% endblock %}
 </head>
 <body class="d-flex flex-column min-vh-100">
    <a href="#main-content" class="skip-link">Saltar al contenido</a>
    {% cache 500 sidebar request.user.username %}
    <nav class="navbar navbar-expand-md header" role="banner">
        <div class="container-fluid">
@@ -111,10 +107,10 @@
                <!-- Barra de búsqueda con sugerencias -->
                <form class="search-suggestions-container" method="GET" action="{% url 'search' %}" role="search" id="searchForm">
                    <div class="input-group">
-                        <input class="form-control" type="search" name="q" id="searchInput" placeholder="Buscar productos..." aria-label="Buscar" autocomplete="off" role="combobox" aria-expanded="false" aria-autocomplete="list" aria-controls="searchSuggestions" aria-activedescendant="" aria-haspopup="listbox">
+                        <input class="form-control" type="search" name="q" id="searchInput" placeholder="Buscar productos..." aria-label="Buscar" autocomplete="off">
-                        <button class="btn btn-outline-primary" type="submit" aria-label="Buscar productos">🔍 Buscar</button>
+                        <button class="btn btn-outline-primary" type="submit">🔍</button>
                    </div>
-                    <div class="search-suggestions" id="searchSuggestions" role="listbox" aria-label="Sugerencias de búsqueda"></div>
+                    <div class="search-suggestions" id="searchSuggestions"></div>
                </form>
                <div class="navbar-nav ms-auto d-flex align-items-md-center gap-2 flex-wrap" role="navigation">
@@ -141,7 +137,7 @@
    </nav>
    {% endcache %}
-    <div id="main-content" class="container-fluid flex-grow-1 d-flex flex-column" role="main">
+    <div class="container-fluid flex-grow-1 d-flex flex-column" role="main">
        <!-- Mensajes -->
        {% if messages %}
        <div class="row mt-3">
@@ -205,35 +201,6 @@
        const searchSuggestions = document.getElementById('searchSuggestions');
        const searchForm = document.getElementById('searchForm');
        let searchTimeout;
        let currentFocusIndex = -1;
        // Helpers para gestionar el estado ARIA del combobox
        function openSuggestions() {
            searchSuggestions.classList.add('show');
            searchInput.setAttribute('aria-expanded', 'true');
        }
        function closeSuggestions() {
            searchSuggestions.classList.remove('show');
            searchInput.setAttribute('aria-expanded', 'false');
            searchInput.setAttribute('aria-activedescendant', '');
            currentFocusIndex = -1;
        }
        function updateFocus(options) {
            options.forEach((option, index) => {
                const active = index === currentFocusIndex;
                option.classList.toggle('active', active);
                option.setAttribute('aria-selected', active ? 'true' : 'false');
            });
            if (currentFocusIndex >= 0) {
                const activeOption = options[currentFocusIndex];
                searchInput.setAttribute('aria-activedescendant', activeOption.id);
                activeOption.scrollIntoView({ block: 'nearest' });
            } else {
                searchInput.setAttribute('aria-activedescendant', '');
            }
        }
        // Escuchar cambios en el input
        searchInput.addEventListener('input', function() {
@@ -241,7 +208,7 @@
            const query = this.value.trim();
            if (query.length < 2) {
-                closeSuggestions();
+                searchSuggestions.classList.remove('show');
                return;
            }
@@ -251,31 +218,6 @@
            }, 300);
        });
        // Navegación por teclado (ArrowDown/ArrowUp/Enter/Escape)
        searchInput.addEventListener('keydown', function(event) {
            const options = searchSuggestions.querySelectorAll('[role="option"]');
            if (!options.length || !searchSuggestions.classList.contains('show')) {
                return;
            }
            if (event.key === 'ArrowDown') {
                event.preventDefault();
                currentFocusIndex = Math.min(currentFocusIndex + 1, options.length - 1);
                updateFocus(options);
            } else if (event.key === 'ArrowUp') {
                event.preventDefault();
                currentFocusIndex = Math.max(currentFocusIndex - 1, -1);
                updateFocus(options);
            } else if (event.key === 'Enter' && currentFocusIndex >= 0) {
                event.preventDefault();
                const selected = options[currentFocusIndex];
                window.location.href = selected.dataset.href;
            } else if (event.key === 'Escape') {
                closeSuggestions();
                searchInput.focus();
            }
        });
        // Función para obtener sugerencias del servidor
        function fetchSuggestions(query) {
            fetch(`{% url 'search_suggestions' %}?q=${encodeURIComponent(query)}`)
@@ -285,37 +227,33 @@
                })
                .catch(error => {
                    console.error('Error fetching suggestions:', error);
-                    closeSuggestions();
+                    searchSuggestions.classList.remove('show');
                });
        }
        // Función para mostrar las sugerencias
        function displaySuggestions(suggestions, query) {
            currentFocusIndex = -1;
            if (suggestions.length === 0) {
                searchSuggestions.innerHTML = '<div class="search-suggestion-item text-muted">No se encontraron productos</div>';
-                openSuggestions();
+                searchSuggestions.classList.add('show');
                return;
            }
            let html = '';
-            suggestions.forEach((suggestion, index) => {
+            suggestions.forEach(suggestion => {
                // Resaltar la coincidencia en el nombre
                const highlightedName = highlightMatch(suggestion.name, query);
                const priceWithVAT = (suggestion.price * 1.21).toFixed(2);
                html += `
-                    <div class="search-suggestion-item" role="option" id="search-option-${index}"
+                    <a href="/tienda/producto/${suggestion.id}" class="search-suggestion-item text-decoration-none">
                         aria-selected="false" tabindex="-1"
                         data-href="/tienda/producto/${suggestion.id}"
                         onclick="window.location.href=this.dataset.href">
                        <span class="suggestion-name">${highlightedName}</span>
                        <span class="suggestion-price">€${priceWithVAT}</span>
-                    </div>
+                    </a>
                `;
            });
            searchSuggestions.innerHTML = html;
-            openSuggestions();
+            searchSuggestions.classList.add('show');
        }
        // Función para resaltar el texto que coincide
@@ -327,19 +265,19 @@
        // Cerrar sugerencias cuando se hace clic fuera
        document.addEventListener('click', function(event) {
            if (!searchForm.contains(event.target)) {
-                closeSuggestions();
+                searchSuggestions.classList.remove('show');
            }
        });
        // Cerrar sugerencias al enviar el formulario
        searchForm.addEventListener('submit', function() {
-            closeSuggestions();
+            searchSuggestions.classList.remove('show');
        });
        // Mostrar sugerencias al hacer clic en el input (si hay texto)
        searchInput.addEventListener('focus', function() {
            if (this.value.trim().length >= 2 && searchSuggestions.innerHTML) {
-                openSuggestions();
+                searchSuggestions.classList.add('show');
            }
        });
    </script>
@@ -51,7 +51,7 @@
              <td>
                <form method="post" action="{% url 'update_cart_item' item.id %}" class="d-flex align-items-center" style="max-width: 150px;">
                  {% csrf_token %}
-                  <input type="number" name="quantity" value="{{ item.quantity }}" min="1" max="{{ item.product.stock }}" class="form-control form-control-sm me-2" style="width: 70px;" aria-label="Cantidad para {{ item.product.name }}">
+                  <input type="number" name="quantity" value="{{ item.quantity }}" min="1" max="{{ item.product.stock }}" class="form-control form-control-sm me-2" style="width: 70px;">
                  <button type="submit" class="btn btn-sm btn-primary">Actualizar</button>
                </form>
              </td>
@@ -59,7 +59,7 @@
                {% if item.product.stock > 0 %}
                {{ item.product.stock }}
                {% else %}
-                <span class="text-danger" role="status"><span aria-hidden="true">✗</span> Sin stock</span>
+                <span class="text-danger">0</span>
                {% endif %}
              </td>
              <td class="price">{{ item.get_subtotal_with_vat|format_price }} €</td>
@@ -89,7 +89,7 @@
        </div>
        <div class="d-flex justify-content-between mb-2">
          <span>IVA (21%)</span>
-          <span class="price text-success"><span aria-hidden="true">ℹ️</span> {{ cart.get_vat_amount|format_price }} €</span>
+          <span class="price text-success">{{ cart.get_vat_amount|format_price }} €</span>
        </div>
        <div class="d-flex justify-content-between mb-2">
          <span>Envío</span>
@@ -127,25 +127,22 @@
                <!-- Tabs -->
                <ul class="nav nav-tabs mb-3" id="paymentTabs" role="tablist">
                    <li class="nav-item" role="presentation">
-                        <button class="nav-link active" id="tab-card" data-tab="pane-card" type="button"
+                        <button class="nav-link active" id="tab-card" data-tab="pane-card" type="button" role="tab">
                                role="tab" aria-selected="true" aria-controls="pane-card" tabindex="0">
                            💳 Tarjeta
                        </button>
                    </li>
                    <li class="nav-item" role="presentation">
-                        <button class="nav-link" id="tab-paypal" data-tab="pane-paypal" type="button"
+                        <button class="nav-link" id="tab-paypal" data-tab="pane-paypal" type="button" role="tab">
                                role="tab" aria-selected="false" aria-controls="pane-paypal" tabindex="-1">
                            🅿️ PayPal
                        </button>
                    </li>
                </ul>
                <!-- Tarjeta tab -->
-                <div id="pane-card" class="payment-tab-content active"
+                <div id="pane-card" class="payment-tab-content active">
                     role="tabpanel" aria-labelledby="tab-card" tabindex="0">
                    {% if saved_cards %}
-                    <fieldset class="mb-3">
+                    <div class="mb-3">
-                        <legend class="fw-semibold fs-6 mb-2">Selección de tarjeta</legend>
+                        <p class="fw-semibold">Tarjetas guardadas:</p>
                        {% for card in saved_cards %}
                        <div class="form-check mb-2">
                            <input class="form-check-input" type="radio" name="saved_card_choice" id="card-{{ card.id }}" value="{{ card.id }}" data-pm-id="{{ card.stripe_payment_method_id }}" {% if card.is_default %}checked{% endif %}>
@@ -159,7 +156,7 @@
                            <input class="form-check-input" type="radio" name="saved_card_choice" id="card-new" value="new">
                            <label class="form-check-label" for="card-new">Usar nueva tarjeta</label>
                        </div>
-                    </fieldset>
+                    </div>
                    {% endif %}
                    <div id="new-card-section" {% if saved_cards %}style="display:none;"{% endif %}>
@@ -186,8 +183,7 @@
                </div>
                <!-- PayPal tab -->
-                <div id="pane-paypal" class="payment-tab-content"
+                <div id="pane-paypal" class="payment-tab-content">
                     role="tabpanel" aria-labelledby="tab-paypal" tabindex="0">
                    {% if saved_paypal %}
                    <div class="alert alert-light border mb-3">
                        <small class="text-muted">Cuenta PayPal guardada:</small>
@@ -200,7 +196,6 @@
                            Guardar esta cuenta de PayPal para futuras compras
                        </label>
                    </div>
                    <div id="paypal-errors" class="alert alert-danger d-none mt-2" role="alert"></div>
                    <div id="paypal-button-container"></div>
                    {% if not addresses or stock_issues %}
                    <div class="alert alert-warning mt-2">Selecciona una dirección de envío válida para activar el pago.</div>
@@ -226,42 +221,12 @@ const HAS_STOCK_ISSUES = {{ stock_issues|yesno:"true,false" }};
 const HAS_ADDRESS = {{ addresses|yesno:"true,false" }};
 // ---- Tab switching ----
-const paymentTabs = Array.from(document.querySelectorAll('#paymentTabs .nav-link[role="tab"]'));
+document.querySelectorAll('#paymentTabs .nav-link').forEach(btn => {
-
+    btn.addEventListener('click', () => {
-function activateTab(tab) {
+        document.querySelectorAll('#paymentTabs .nav-link').forEach(b => b.classList.remove('active'));
    paymentTabs.forEach(b => {
        const isSelected = b === tab;
        b.classList.toggle('active', isSelected);
        b.setAttribute('aria-selected', isSelected ? 'true' : 'false');
        b.setAttribute('tabindex', isSelected ? '0' : '-1');
    });
        document.querySelectorAll('.payment-tab-content').forEach(p => p.classList.remove('active'));
-    document.getElementById(tab.dataset.tab).classList.add('active');
+        btn.classList.add('active');
-}
+        document.getElementById(btn.dataset.tab).classList.add('active');
 paymentTabs.forEach(btn => {
    btn.addEventListener('click', () => activateTab(btn));
    btn.addEventListener('keydown', e => {
        const idx = paymentTabs.indexOf(e.currentTarget);
        if (e.key === 'ArrowRight') {
            e.preventDefault();
            const next = paymentTabs[(idx + 1) % paymentTabs.length];
            activateTab(next);
            next.focus();
        } else if (e.key === 'ArrowLeft') {
            e.preventDefault();
            const prev = paymentTabs[(idx - 1 + paymentTabs.length) % paymentTabs.length];
            activateTab(prev);
            prev.focus();
        } else if (e.key === 'Home') {
            e.preventDefault();
            activateTab(paymentTabs[0]);
            paymentTabs[0].focus();
        } else if (e.key === 'End') {
            e.preventDefault();
            activateTab(paymentTabs[paymentTabs.length - 1]);
            paymentTabs[paymentTabs.length - 1].focus();
        }
    });
 });
@@ -289,13 +254,10 @@ document.getElementById('pay-card-btn').addEventListener('click', async () => {
    const addressId = document.getElementById('shipping-address').value;
    if (!addressId) {
-        const cardErrors = document.getElementById('card-errors');
+        alert('Selecciona una dirección de envío para continuar.');
        if (cardErrors) cardErrors.textContent = 'Selecciona una dirección de envío para continuar.';
        return;
    }
    const cardErrorsEl = document.getElementById('card-errors');
    if (cardErrorsEl) cardErrorsEl.textContent = '';
    const btn = document.getElementById('pay-card-btn');
    const spinner = document.getElementById('card-spinner');
    btn.disabled = true;
@@ -373,15 +335,9 @@ paypal.Buttons({
    createOrder: async () => {
        const addressId = document.getElementById('shipping-address').value;
        if (!addressId) {
-            const paypalErrors = document.getElementById('paypal-errors');
+            alert('Selecciona una dirección de envío para continuar.');
            if (paypalErrors) {
                paypalErrors.textContent = 'Selecciona una dirección de envío para continuar.';
                paypalErrors.classList.remove('d-none');
            }
            return Promise.reject(new Error('Sin dirección'));
        }
        const paypalErrorsEl = document.getElementById('paypal-errors');
        if (paypalErrorsEl) paypalErrorsEl.classList.add('d-none');
        const resp = await fetch('{% url "crear_orden_paypal" %}', {
            method: 'POST',
            headers: { 'Content-Type': 'application/json', 'X-CSRFToken': CSRF_TOKEN },
@@ -403,11 +359,7 @@ paypal.Buttons({
        showSuccess(result.transaction_code);
    },
    onError: (err) => {
-        const paypalErrors = document.getElementById('paypal-errors');
+        alert('Error en el pago con PayPal: ' + err);
        if (paypalErrors) {
            paypalErrors.textContent = 'Error en el pago con PayPal: ' + err;
            paypalErrors.classList.remove('d-none');
        }
    },
 }).render('#paypal-button-container');
 {% endif %}
@@ -196,11 +196,9 @@
                                <a href="{% url 'producto' product.id %}" class="btn btn-primary btn-sm flex-grow-1">
                                    Ver detalles
                                </a>
-                                <form method="post" action="{% url 'add_to_cart' product.id %}" style="display:inline;">
+                                <a href="{% url 'add_to_cart' product.id %}" class="btn btn-outline-primary btn-sm">
-                                    {% csrf_token %}
+                                    🛒
-                                    <input type="hidden" name="quantity" value="1">
+                                </a>
                                    <button type="submit" class="btn btn-outline-primary btn-sm">🛒</button>
                                </form>
                            </div>
                        </div>
                    </div>
@@ -34,16 +34,16 @@
            <div class="small text-primary font-weight-bold mb-2">Precio total (IVA incluido):</div>
            <span class="price" style="font-size: 2rem; color: #28a745;">€{{ product.get_price_with_vat|format_price }}</span>
-            <div class="small text-success mt-2"><span aria-hidden="true">ℹ️</span> IVA incluido: €{{ product.get_vat_amount|format_price }}</div>
+            <div class="small text-success mt-2">IVA: €{{ product.get_vat_amount|format_price }}</div>
        </div>
        <div id="descripcion" class="texto-ajustado">
            {{ product.briefdesc }}
        </div>
        <div class="mt-3">
            {% if product.stock > 0 %}
-            <span class="badge bg-success" role="status"><span aria-hidden="true">✓</span> Stock disponible: {{ product.stock }}</span>
+            <span class="badge bg-success">Stock disponible: {{ product.stock }}</span>
            {% else %}
-            <span class="badge bg-danger" role="status"><span aria-hidden="true">✗</span> Sin stock</span>
+            <span class="badge bg-danger">Sin stock</span>
            {% endif %}
        </div>
@@ -36,7 +36,7 @@
          <div class="mb-3 form-check">
            <input type="checkbox" class="form-check-input" id="acceptTerms" name="terms" required>
            <label class="form-check-label" for="acceptTerms">
-              Acepto los <a href="{% url 'terminos' %}" target="_blank">términos y condiciones</a>
+              Acepto los <a href="#" target="_blank">términos y condiciones</a>
            </label>
          </div>
@@ -79,11 +79,9 @@
                                    <a href="{% url 'producto' product.id %}" class="btn btn-primary btn-sm flex-grow-1">
                                        Ver detalles
                                    </a>
-                                    <form method="post" action="{% url 'add_to_cart' product.id %}" style="display:inline;">
+                                    <a href="{% url 'add_to_cart' product.id %}" class="btn btn-outline-primary btn-sm">
-                                        {% csrf_token %}
+                                        🛒
-                                        <input type="hidden" name="quantity" value="1">
+                                    </a>
                                        <button type="submit" class="btn btn-outline-primary btn-sm">🛒</button>
                                    </form>
                                </div>
                            </div>
                        </div>
@@ -1,6 +1,4 @@
 import json
 from pathlib import Path
 import re
 from unittest.mock import MagicMock, patch
 from django.test import TestCase, override_settings
@@ -1373,16 +1371,6 @@ class EndpointViewTests(TestCase):
        self.assertEqual(response.status_code, 200)
        self.assertContains(response, 'site-title-mobile d-md-none')
        self.assertContains(response, 'site-title-desktop')
    def test_mobile_site_title_css_keeps_title_pinned_to_header_row(self):
        css_path = Path(__file__).resolve().parent / "static" / "css" / "custom.css"
        css_content = css_path.read_text(encoding="utf-8")
        selector_match = re.search(r"\.navbar\.header \.site-title-mobile\s*\{(?P<body>[^}]*)\}", css_content, re.DOTALL)
        self.assertIsNotNone(selector_match)
        rule_block = selector_match.group("body")
        self.assertRegex(rule_block, r"top:\s*calc\(var\(--bs-navbar-padding-y\)\s*\+\s*20px\);")
        self.assertRegex(rule_block, r"transform:\s*translate\(-50%,\s*-50%\);")
    def test_home_mobile_welcome_title_centered(self):
        response = self.client.get(reverse("home"))
        html = response.content.decode()
@@ -16,7 +16,6 @@ from .vars import (
 )
 from django.conf import settings
 from django.views.decorators.csrf import csrf_exempt
 from django.views.decorators.http import require_POST
 from django.urls import reverse
 from django.utils import timezone
 from decimal import Decimal, ROUND_HALF_UP
@@ -240,26 +239,6 @@ def login(request: HttpRequest):
        # Autenticar usuario
        user = authenticate(request, username=username, password=password)
        if user is None:
            data: str = cache.get(f"tries_login_{username}")
            logins: int
            if data is None:
                logins = int(data)
            else:
                logins = 0
            if logins >= 5:
                # Si ha fallado 5 intentos de login...
                audit_logger.info(
                    "LOGIN_FAILED email=%s reason=rate_limited", username
                )
                messages.error(request, "Has sufrido de Rate Limit por fallar 5 veces la contraseña")
                return render(request, "tienda/login.html")
            logins+=1
            cache.set(f"tries_login_{username}", str(logins), 600)
            messages.error(request, "Correo electrónico o contraseña incorrectos.")
            return render(request, "tienda/login.html") 
        user = User.objects.get(username=user.username)
        if user.registration_status == "CR":
            audit_logger.info(
@@ -725,7 +704,6 @@ def create_order_from_cart(request, payment_method, payment_reference="", shippi
    return order, ""
@require_POST
 def add_to_cart(request: HttpRequest, product_id: int):
    """Agrega un producto al carrito"""
    try:
@@ -2275,6 +2253,13 @@ def verify(request: HttpRequest, code: str):
        return HttpResponse("<h1>Error</h1><p>No existe el codigo de verificación</p>")
 def reset_password(request: HttpRequest):
    if request.user.is_authenticated:
        return redirect("index")
    return render(request, "tienda/reset_password", {})
 def rgpd(request: HttpRequest):
    return render(request, "tienda/rgpd.html", {})
@@ -2327,7 +2312,6 @@ def reset_password_phase2(request: HttpRequest, code: str):
        user = ver_code.user
        user.set_password(password)
        user.save()
        ver_code.delete() # Delete Verification code after changing password
        messages.success(request, "Se ha cambiado la contraseña!")
        return redirect(reverse("index"))
Author	SHA1	Message	Date
Daniel (elordenador)	27c06fe0b5	Merge pull request #33 from dsaub/development Build and Push Docker Image / test (push) Waiting to run Build and Push Docker Image / docker (push) Blocked by required conditions Fix mobile header alignment and improve navbar responsiveness	2026-04-20 15:57:04 +02:00
Daniel (elordenador)	44bf6df686	Merge pull request #22 from dsaub/development Enhance stock management, payment systems, and testing coverage	2026-04-20 12:25:33 +02:00