from rest_framework import serializers from django.contrib.auth import get_user_model from .models import VerificationCode User = get_user_model() class RegisterSerializer(serializers.Serializer): """邮箱验证码注册 serializer""" username = serializers.CharField(max_length=150) email = serializers.EmailField() phone = serializers.CharField(max_length=20) code = serializers.CharField(max_length=6, min_length=6) def validate_username(self, value): """验证用户名是否已存在""" if User.objects.filter(username=value).exists(): raise serializers.ValidationError('用户名已存在') return value def validate_email(self, value): """验证邮箱是否已存在""" if User.objects.filter(email=value).exists(): raise serializers.ValidationError('邮箱已被注册') return value def validate(self, attrs): """验证邮箱和验证码""" email = attrs.get('email') code = attrs.get('code') # 检查验证码 try: vc = VerificationCode.objects.filter(email=email).latest('created_at') except VerificationCode.DoesNotExist: raise serializers.ValidationError({'code': '请先获取验证码'}) # 检查验证码是否有效 if not vc.is_valid(): raise serializers.ValidationError({'code': '验证码已过期或已使用'}) # 验证码是否正确 if vc.code != code: vc.increment_attempts() raise serializers.ValidationError({'code': '验证码错误'}) attrs['vc'] = vc return attrs def create(self, validated_data): """创建用户并标记验证码为已使用""" vc = validated_data.pop('vc') user = User.objects.create_user( username=validated_data['username'], email=validated_data['email'], phone=validated_data['phone'], role='seeker' ) vc.mark_as_verified() return user class UserSerializer(serializers.ModelSerializer): class Meta: model = User fields = ['id', 'username', 'email', 'phone', 'role', 'organization'] read_only_fields = ['role'] class AdminUserSerializer(serializers.ModelSerializer): """超管用于创建/管理公司管理员账号""" password = serializers.CharField(write_only=True, min_length=6) class Meta: model = User fields = ['id', 'username', 'email', 'phone', 'role', 'organization', 'password', 'is_active'] def create(self, validated_data): password = validated_data.pop('password') user = User(**validated_data) user.set_password(password) user.save() return user class SendCodeSerializer(serializers.Serializer): """发送验证码 serializer""" email = serializers.EmailField() def validate_email(self, value): """验证邮箱是否存在于系统""" if not User.objects.filter(email=value).exists(): raise serializers.ValidationError('该邮箱未在系统中注册') return value class LoginSerializer(serializers.Serializer): """邮箱验证码登入 serializer""" email = serializers.EmailField() code = serializers.CharField(max_length=6, min_length=6) def validate(self, attrs): """验证邮箱和验证码""" email = attrs.get('email') code = attrs.get('code') # 检查用户是否存在 try: user = User.objects.get(email=email) except User.DoesNotExist: raise serializers.ValidationError('用户不存在') # 检查验证码 try: vc = VerificationCode.objects.filter(email=email).latest('created_at') except VerificationCode.DoesNotExist: raise serializers.ValidationError('请先获取验证码') # 检查是否被锁定 if vc.locked_until: from django.utils import timezone if timezone.now() < vc.locked_until: raise serializers.ValidationError('验证码错误次数过多,请10分钟后重试') # 检查验证码是否有效 if not vc.is_valid(): raise serializers.ValidationError('验证码已过期或已使用') # 验证码是否正确 if vc.code != code: vc.increment_attempts() raise serializers.ValidationError('验证码错误') attrs['user'] = user attrs['vc'] = vc return attrs