mat/backend/apps/authentication/serializers.py

from rest_framework import serializers
from django.contrib.auth import get_user_model
from rest_framework_simplejwt.serializers import TokenObtainPairSerializer

User = get_user_model()


class UserSerializer(serializers.ModelSerializer):
    """
    用户序列化器
    """
    factory_name = serializers.CharField(source='factory.factory_name', read_only=True, allow_null=True)

    class Meta:
        model = User
        fields = ['id', 'username', 'email', 'first_name', 'last_name', 'role', 
                  'factory', 'factory_name', 'phone', 'is_active', 'date_joined']
        read_only_fields = ['id', 'date_joined']


class UserCreateSerializer(serializers.ModelSerializer):
    """
    用户创建序列化器
    """
    password = serializers.CharField(write_only=True, required=True, style={'input_type': 'password'})
    password_confirm = serializers.CharField(write_only=True, required=True, style={'input_type': 'password'})

    class Meta:
        model = User
        fields = ['id', 'username', 'email', 'first_name', 'last_name', 'role', 
                  'factory', 'phone', 'password', 'password_confirm']

    def validate(self, attrs):
        if attrs['password'] != attrs['password_confirm']:
            raise serializers.ValidationError({"password": "密码字段不匹配。"})
        role = attrs.get('role', 'user')
        factory = attrs.get('factory')
        if role == 'user' and not factory:
            raise serializers.ValidationError({"factory": "普通账号必须绑定所属工厂。"})
        if role == 'admin' and factory:
            raise serializers.ValidationError({"factory": "管理员账号不应绑定工厂。"})
        return attrs

    def create(self, validated_data):
        validated_data.pop('password_confirm')
        password = validated_data.pop('password')
        user = User.objects.create(**validated_data)
        user.set_password(password)
        user.save()
        return user


class CustomTokenObtainPairSerializer(TokenObtainPairSerializer):
    """
    自定义JWT令牌序列化器
    """
    @classmethod
    def get_token(cls, user):
        token = super().get_token(user)

        # 添加自定义声明
        token['role'] = user.role
        token['factory_id'] = user.factory_id if user.factory else None

        return token

    def validate(self, attrs):
        data = super().validate(attrs)

        # 添加用户信息到响应
        data['user'] = UserSerializer(self.user).data

        return data