app端密钥登录

apps/auth1/serializers.py

@@ -23,3 +23,8 @@ class PwResetSerializer(serializers.Serializer):
     phone = serializers.CharField(label="手机号")
     code = serializers.CharField(label="验证码")
     password = serializers.CharField(label="新密码")
+
+
+class SecretLoginSerializer(serializers.Serializer):
+    username = serializers.CharField(label="用户名")
+    secret = serializers.CharField(label="密钥")

apps/auth1/urls.py

@@ -3,7 +3,7 @@ from django.urls import path
 from rest_framework_simplejwt.views import (TokenObtainPairView,
                                             TokenRefreshView)
 
-from apps.auth1.views import CodeLogin, LoginView, LogoutView, PwResetView, SendCode, TokenBlackView, WxLogin, WxmpLogin
+from apps.auth1.views import CodeLogin, LoginView, LogoutView, PwResetView, SecretLogin, SendCode, TokenBlackView, WxLogin, WxmpLogin
 
 API_BASE_URL = 'api/auth/'
 urlpatterns = [
@@ -11,6 +11,7 @@ urlpatterns = [
     path(API_BASE_URL + 'token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
     path(API_BASE_URL + 'token/black/', TokenBlackView.as_view(), name='token_black'),
     path(API_BASE_URL + 'login/', LoginView.as_view(), name='session_login'),
+    path(API_BASE_URL + 'login_secret/', SecretLogin.as_view(), name='secret_login'),
     path(API_BASE_URL + 'login_wxmp/', WxmpLogin.as_view(), name='login_wxmp'),
     path(API_BASE_URL + 'login_wx/', WxLogin.as_view(), name='login_wx'),
     path(API_BASE_URL + 'login_sms_code/', CodeLogin.as_view(), name='login_sms_code'),

apps/auth1/views.py

@@ -19,9 +19,10 @@ from apps.utils.tools import rannum
 from apps.utils.wxmp import wxmpClient
 from apps.utils.wx import wxClient
 from django.contrib.auth.hashers import make_password
+from django.db.models import Q
 
 
-from apps.auth1.serializers import CodeLoginSerializer, LoginSerializer, PwResetSerializer, SendCodeSerializer, WxCodeSerializer
+from apps.auth1.serializers import CodeLoginSerializer, LoginSerializer, PwResetSerializer, SecretLoginSerializer, SendCodeSerializer, WxCodeSerializer
 from apps.system.models import User
 from apps.utils.viewsets import CustomGenericViewSet, CustomModelViewSet
 
@@ -176,6 +177,26 @@ class CodeLogin(CreateAPIView):
         raise ParseError('账户不存在或已禁用')
 
 
+class SecretLogin(CreateAPIView):
+    """App端密钥登录
+
+    App端密钥登录
+    """
+    authentication_classes = []
+    permission_classes = []
+    serializer_class = SecretLoginSerializer
+
+    def post(self, request):
+        username = request.data['username']
+        secret = request.data['secret']
+        user = User.objects.filter(Q(username=username) | Q(phone=username) | Q(
+            employee__id_number=username)).filter(secret=secret).first()
+        if user:
+            ret = get_tokens_for_user(user)
+            return Response(ret)
+        raise ParseError('登录失败')
+
+
 class PwResetView(CreateAPIView):
     """重置密码
 

apps/system/migrations/0006_user_secret.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.12 on 2022-08-04 09:06
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('system', '0005_alter_userpost_post'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='secret',
+            field=models.CharField(blank=True, max_length=100, null=True, verbose_name='密钥'),
+        ),
+    ]

apps/system/models.py

@@ -135,6 +135,7 @@ class User(AbstractUser, CommonBModel):
     roles = models.ManyToManyField(Role, verbose_name='关联角色')
 
     # 关联账号
+    secret = models.CharField('密钥', max_length=100, null=True, blank=True)
     wx_openid = models.CharField('微信公众号OpenId', max_length=100, null=True, blank=True)
     wx_nickname = models.CharField('微信昵称', max_length=100, null=True, blank=True)
     wx_headimg = models.CharField('微信头像', max_length=100, null=True, blank=True)

apps/system/serializers.py

@@ -302,7 +302,7 @@ class UserListSerializer(CustomModelSerializer):
 
     class Meta:
         model = User
-        exclude = ['password']
+        exclude = ['password', 'secret']
 
 # def phone_check(phone):
 #     re_phone = '^1[358]\d{9}$|^147\d{8}$|^176\d{8}$'

apps/system/views.py

@@ -262,6 +262,7 @@ class DictViewSet(CustomModelViewSet):
     update_serializer_class = DictCreateUpdateSerializer
     partial_update_serializer_class = DictCreateUpdateSerializer
     search_fields = ['name']
+    ordering = ['sort', 'create_time']
 
 
 class PostViewSet(CustomModelViewSet):
@@ -512,6 +513,19 @@ class UserViewSet(CustomModelViewSet):
                 user.save()
         return Response({'wx_openid': openid})
     
+    @action(methods=['post'], detail=False, permission_classes=[IsAuthenticated])
+    def bind_secret(self, request, pk=None):
+        """创建密钥
+
+        创建密钥
+        """
+        secret = request.data['secret']
+        if secret:
+            user = request.user
+            user.secret = secret
+            user.save()
+        return Response()
+
 
 class FileViewSet(CustomCreateModelMixin, RetrieveModelMixin, ListModelMixin, CustomGenericViewSet):
     """文件上传