216 lines
		
	
	
		
			6.1 KiB
		
	
	
	
		
			Python
		
	
	
		
			Executable File
		
	
	
			
		
		
	
	
			216 lines
		
	
	
		
			6.1 KiB
		
	
	
	
		
			Python
		
	
	
		
			Executable File
		
	
	
| 
 | |
| from rest_framework.exceptions import ParseError
 | |
| from rest_framework.views import APIView
 | |
| from rest_framework.response import Response
 | |
| from rest_framework import status
 | |
| from django.contrib.auth import authenticate, login, logout
 | |
| from rest_framework.generics import CreateAPIView
 | |
| from rest_framework.permissions import IsAuthenticated
 | |
| from apps.auth1.errors import USERNAME_OR_PASSWORD_WRONG
 | |
| from rest_framework_simplejwt.tokens import RefreshToken
 | |
| from django.core.cache import cache
 | |
| from apps.auth1.services import check_phone_code
 | |
| from apps.utils.sms import send_sms
 | |
| from apps.utils.tools import rannum
 | |
| from apps.utils.wxmp import wxmpClient
 | |
| from apps.utils.wx import wxClient
 | |
| from django.contrib.auth.hashers import make_password
 | |
| from django.db.models import Q
 | |
| 
 | |
| 
 | |
| from apps.auth1.serializers import (CodeLoginSerializer, LoginSerializer,
 | |
|                                     PwResetSerializer, SecretLoginSerializer, SendCodeSerializer, WxCodeSerializer)
 | |
| from apps.system.models import User
 | |
| 
 | |
| # Create your views here.
 | |
| 
 | |
| 
 | |
| def get_tokens_for_user(user: User):
 | |
|     refresh = RefreshToken.for_user(user)
 | |
|     return {
 | |
|         'refresh': str(refresh),
 | |
|         'access': str(refresh.access_token),
 | |
|     }
 | |
| 
 | |
| 
 | |
| class TokenBlackView(APIView):
 | |
|     permission_classes = [IsAuthenticated]
 | |
| 
 | |
|     def post(self, request, *args, **kwargs):
 | |
|         """
 | |
|         Token拉黑
 | |
| 
 | |
| 
 | |
|         Token拉黑
 | |
|         """
 | |
|         return Response(status=status.HTTP_200_OK)
 | |
| 
 | |
| 
 | |
| class LoginView(CreateAPIView):
 | |
|     """
 | |
|     Session登录
 | |
| 
 | |
| 
 | |
|     账户密码Session登录
 | |
|     """
 | |
|     authentication_classes = []
 | |
|     permission_classes = []
 | |
|     serializer_class = LoginSerializer
 | |
| 
 | |
|     def create(self, request, *args, **kwargs):
 | |
|         serializer = self.get_serializer(data=request.data)
 | |
|         serializer.is_valid(raise_exception=True)
 | |
|         vdata = serializer.validated_data
 | |
|         user = authenticate(username=vdata.get('username'),
 | |
|                             password=vdata.get('password'))
 | |
|         if user is not None:
 | |
|             login(request, user)
 | |
|             return Response(status=201)
 | |
|         raise ParseError(**USERNAME_OR_PASSWORD_WRONG)
 | |
| 
 | |
| 
 | |
| class LogoutView(APIView):
 | |
|     authentication_classes = []
 | |
|     permission_classes = []
 | |
| 
 | |
|     def post(self, request, *args, **kwargs):
 | |
|         """
 | |
|         退出登录
 | |
| 
 | |
| 
 | |
|         退出登录
 | |
|         """
 | |
|         logout(request)
 | |
|         return Response()
 | |
| 
 | |
| 
 | |
| class WxmpLogin(CreateAPIView):
 | |
|     """微信小程序自动登录
 | |
| 
 | |
|     微信小程序自动登录
 | |
|     """
 | |
|     authentication_classes = []
 | |
|     permission_classes = []
 | |
|     serializer_class = WxCodeSerializer
 | |
| 
 | |
|     def post(self, request):
 | |
|         code = request.data['code']
 | |
|         info = wxmpClient.get_basic_info(code=code)
 | |
|         openid = info['openid']
 | |
|         session_key = info['session_key']
 | |
|         try:
 | |
|             user = User.objects.get(wxmp_openid=openid, is_active=True)
 | |
|             ret = get_tokens_for_user(user)
 | |
|             ret['wxmp_session_key'] = session_key
 | |
|             ret['wxmp_openid'] = openid
 | |
|             cache.set(code, ret, 60*5)
 | |
|             return Response(ret)
 | |
|         except Exception:
 | |
|             return Response({'wxmp_openid': openid, 'wxmp_session_key': session_key}, status=400)
 | |
| 
 | |
| 
 | |
| class WxLogin(CreateAPIView):
 | |
|     """微信公众号授权登录
 | |
| 
 | |
|     微信公众号授权登录
 | |
|     """
 | |
|     authentication_classes = []
 | |
|     permission_classes = []
 | |
|     serializer_class = WxCodeSerializer
 | |
| 
 | |
|     def post(self, request):
 | |
|         code = request.data['code']
 | |
|         info = wxClient.get_basic_info(code=code)
 | |
|         openid = info['openid']
 | |
|         access = info['access_token']
 | |
|         try:
 | |
|             user = User.objects.get(wx_openid=openid, is_active=True)
 | |
|             ret = get_tokens_for_user(user)
 | |
|             ret['wx_token'] = access
 | |
|             ret['wx_openid'] = openid
 | |
|             cache.set(code, ret, 60*5)
 | |
|             return Response(ret)
 | |
|         except Exception:
 | |
|             return Response({'wx_openid': openid, 'wx_token': access}, status=400)
 | |
| 
 | |
| 
 | |
| class SendCode(CreateAPIView):
 | |
|     authentication_classes = []
 | |
|     permission_classes = []
 | |
|     serializer_class = SendCodeSerializer
 | |
| 
 | |
|     def post(self, request):
 | |
|         """短信验证码发送
 | |
| 
 | |
|         短信验证码发送
 | |
|         """
 | |
|         phone = request.data['phone']
 | |
|         code = rannum(6)
 | |
|         is_ok, _ = send_sms(phone, 505, {'code': code})
 | |
|         cache.set(phone, code, 60*5)
 | |
|         if is_ok:
 | |
|             return Response()
 | |
|         raise ParseError('短信发送失败,请确认手机号')
 | |
| 
 | |
| 
 | |
| class CodeLogin(CreateAPIView):
 | |
|     """手机验证码登录
 | |
| 
 | |
|     手机验证码登录
 | |
|     """
 | |
|     authentication_classes = []
 | |
|     permission_classes = []
 | |
|     serializer_class = CodeLoginSerializer
 | |
| 
 | |
|     def post(self, request):
 | |
|         phone = request.data['phone']
 | |
|         code = request.data['code']
 | |
|         check_phone_code(phone, code)
 | |
|         user = User.objects.filter(phone=phone).first()
 | |
|         if user:
 | |
|             ret = get_tokens_for_user(user)
 | |
|             return Response(ret)
 | |
|         raise ParseError('账户不存在或已禁用')
 | |
| 
 | |
| 
 | |
| class SecretLogin(CreateAPIView):
 | |
|     """App端密钥登录
 | |
| 
 | |
|     App端密钥登录
 | |
|     """
 | |
|     authentication_classes = []
 | |
|     permission_classes = []
 | |
|     serializer_class = SecretLoginSerializer
 | |
| 
 | |
|     def post(self, request):
 | |
|         username = request.data['username']
 | |
|         secret = request.data['secret']
 | |
|         user = User.objects.filter(Q(username=username) | Q(phone=username) | Q(
 | |
|             employee__id_number=username)).filter(secret=secret).first()
 | |
|         if user:
 | |
|             ret = get_tokens_for_user(user)
 | |
|             return Response(ret)
 | |
|         raise ParseError('登录失败')
 | |
| 
 | |
| 
 | |
| class PwResetView(CreateAPIView):
 | |
|     """重置密码
 | |
| 
 | |
|     重置密码
 | |
|     """
 | |
|     authentication_classes = []
 | |
|     permission_classes = []
 | |
|     serializer_class = PwResetSerializer
 | |
| 
 | |
|     def post(self, request):
 | |
|         sr = PwResetSerializer(data=request.data)
 | |
|         sr.is_valid(raise_exception=True)
 | |
|         vdata = sr.validated_data
 | |
|         check_phone_code(vdata['phone'], vdata['code'])
 | |
|         user = User.objects.filter(phone=vdata['phone']).first()
 | |
|         if user:
 | |
|             user.password = make_password(vdata['password'])
 | |
|             user.save()
 | |
|             return Response()
 | |
|         raise ParseError('账户不存在或已禁用')
 |