增加手机验证码重置密码

2022-08-02 14:52:17 +08:00 · 2022-08-02 14:52:17 +08:00 · 012e3e35a4
parent 741aaf0844
commit 012e3e35a4
7 changed files with 50 additions and 30 deletions
--- a/apps/am/serializers.py
+++ b/apps/am/serializers.py
@ -14,7 +14,7 @@ class AreaSimpleSerializer(CustomModelSerializer):

 class AreaSerializer(CustomModelSerializer):
    manager_name = serializers.CharField(source='manager.name', read_only=True)
-
+    belong_dept_name = serializers.CharField(source='belong_dept.name', read_only=True)
    class Meta:
        model = Area
        fields = '__all__'
--- a/apps/auth1/serializers.py
+++ b/apps/auth1/serializers.py
@ -16,4 +16,10 @@ class CodeLoginSerializer(serializers.Serializer):


 class WxCodeSerializer(serializers.Serializer):
-    code = serializers.CharField(label="code")
+    code = serializers.CharField(label="code")
+
+
+class PwResetSerializer(serializers.Serializer):
+    phone = serializers.CharField(label="手机号")
+    code = serializers.CharField(label="验证码")
+    password = serializers.CharField(label="新密码")
--- a/apps/auth1/urls.py
+++ b/apps/auth1/urls.py
@ -3,7 +3,7 @@ from django.urls import path
 from rest_framework_simplejwt.views import (TokenObtainPairView,
                                            TokenRefreshView)

-from apps.auth1.views import CodeLogin, GetTokenFromCache, LoginView, LogoutView, SendCode, TokenBlackView, WxLogin, WxmpLogin
+from apps.auth1.views import CodeLogin, LoginView, LogoutView, PwResetView, SendCode, TokenBlackView, WxLogin, WxmpLogin

 API_BASE_URL = 'api/auth/'
 urlpatterns = [
@ -15,6 +15,6 @@ urlpatterns = [
    path(API_BASE_URL + 'login_wx/', WxLogin.as_view(), name='login_wx'),
    path(API_BASE_URL + 'login_sms_code/', CodeLogin.as_view(), name='login_sms_code'),
    path(API_BASE_URL + 'sms_code/', SendCode.as_view(), name='sms_code_send'),
-    path(API_BASE_URL + 'code_cache_token/', GetTokenFromCache.as_view(), name='code_cache_token'),
    path(API_BASE_URL + 'logout/', LogoutView.as_view(), name='session_logout'),
+    path(API_BASE_URL + 'reset_password/', PwResetView.as_view(), name='reset_password'),
 ]
--- a/apps/auth1/views.py
+++ b/apps/auth1/views.py
@ -18,9 +18,10 @@ from apps.utils.sms import send_sms
 from apps.utils.tools import rannum
 from apps.utils.wxmp import wxmpClient
 from apps.utils.wx import wxClient
+from django.contrib.auth.hashers import make_password


-from apps.auth1.serializers import CodeLoginSerializer, LoginSerializer, SendCodeSerializer, WxCodeSerializer
+from apps.auth1.serializers import CodeLoginSerializer, LoginSerializer, PwResetSerializer, SendCodeSerializer, WxCodeSerializer
 from apps.system.models import User
 from apps.utils.viewsets import CustomGenericViewSet, CustomModelViewSet

@ -136,21 +137,6 @@ class WxLogin(CreateAPIView):
            return Response({'wx_openid': openid, 'wx_token': access}, status=400)


-class GetTokenFromCache(CreateAPIView):
-    """以code获取token
-
-    以code获取token
-    """
-    authentication_classes = []
-    permission_classes = []
-    serializer_class = WxCodeSerializer
-
-    def post(self, request):
-        code = request.data['code']
-        ret = cache.get(code, {})
-        return Response(ret)
-
-
 class SendCode(CreateAPIView):
    authentication_classes = []
    permission_classes = []
@ -162,7 +148,7 @@ class SendCode(CreateAPIView):
        短信验证码发送
        """
        phone = request.data['phone']
-        code = rannum(4)
+        code = rannum(6)
        is_ok, _ = send_sms(phone, 505, {'code': code})
        cache.set(phone, code, 60*5)
        if is_ok:
@ -188,3 +174,25 @@ class CodeLogin(CreateAPIView):
            ret = get_tokens_for_user(user)
            return Response(ret)
        raise ParseError('账户不存在或已禁用')
+
+
+class PwResetView(CreateAPIView):
+    """重置密码
+
+    重置密码
+    """
+    authentication_classes = []
+    permission_classes = []
+    serializer_class = PwResetSerializer
+
+    def post(self, request):
+        sr = PwResetSerializer(data=request.data)
+        sr.is_valid(raise_exception=True)
+        vdata = sr.validated_data
+        check_phone_code(vdata['phone'], vdata['code'])
+        user = User.objects.filter(phone=vdata['phone']).first()
+        if user:
+            user.password = make_password(vdata['password'])
+            user.save()
+            return Response()
+        raise ParseError('账户不存在或已禁用')
--- a/apps/hrm/views.py
+++ b/apps/hrm/views.py
@ -39,14 +39,14 @@ class EmployeeViewSet(CustomModelViewSet):
    create_serializer_class = EmployeeCreateUpdateSerializer
    update_serializer_class = EmployeeCreateUpdateSerializer
    partial_update_serializer_class = EmployeeCreateUpdateSerializer
-    search_fields = ['name', 'number', 'user__username']
+    search_fields = ['name', 'number', 'user__username', 'id_number']
    ordering = ['-pk']

-    def filter_queryset(self, queryset):
-        if not self.detail:
-            self.request.query_params._mutable = True
-            self.request.query_params.setdefault('type', 'employee')
-        return super().filter_queryset(queryset)
+    # def filter_queryset(self, queryset):
+    #     if not self.detail:
+    #         self.request.query_params._mutable = True
+    #         self.request.query_params.setdefault('type', 'employee')
+    #     return super().filter_queryset(queryset)

    @action(methods=['get'], detail=False, perms_map={'get': '*'},
            serializer_class=serializers.Serializer)
@ -227,8 +227,8 @@ class NotWorkRemarkViewSet(ListModelMixin, CustomGenericViewSet):


 class CertificateViewSet(CustomModelViewSet):
-    queryset = Certificate.objects.filter(employee__type='employee')
+    queryset = Certificate.objects.all()
    create_serializer_class = CertificateCreateUpdateSerializer
    update_serializer_class = CertificateCreateUpdateSerializer
    serializer_class = CertificateSerializer
-    filterset_fields = ['employee__user', 'employee']
+    filterset_fields = ['employee__user', 'employee', 'employee__type']
--- a/apps/rpm/views.py
+++ b/apps/rpm/views.py
@ -36,6 +36,11 @@ class RpartyViewSet(CustomModelViewSet):
        serializer = UserCreateSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        ins = serializer.save(type='remployee')
+        UserPost.objects.get_or_create(user=ins, dept=obj.dept,
+                                       defaults={
+                                           'user': ins,
+                                           'dept': obj.dept
+                                       })
        obj.admin = ins
        obj.save()
        return Response()
--- a/apps/system/views.py
+++ b/apps/system/views.py
@ -314,7 +314,7 @@ class DeptViewSet(CustomModelViewSet):
    partial_update_serializer_class = DeptCreateUpdateSerializer
    filterset_fields = ['type']
    search_fields = ['name']
-    ordering = ['sort', 'create_time']
+    ordering = ['type', 'sort', 'create_time']

    # def filter_queryset(self, queryset):
    #     if not self.detail:
@ -404,6 +404,7 @@ class UserViewSet(CustomModelViewSet):
    search_fields = ['username', 'name', 'phone', 'email']
    select_related_fields = ['superior', 'belong_dept']
    prefetch_related_fields = ['posts', 'roles', 'depts']
+    ordering = ['type']

    # def filter_queryset(self, queryset):
    #     if not self.detail: