登陆设置
This commit is contained in:
parent
d6691be728
commit
a6f8ccb384
|
|
@ -142,4 +142,7 @@ CELERYD_MAX_TASKS_PER_CHILD = 10
|
|||
CELERY_TIMEZONE='Asia/Shanghai'
|
||||
CELERY_ENABLE_UTC=True
|
||||
|
||||
##配置session
|
||||
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
|
||||
SESSION_SAVE_EVERY_REQUEST = True
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,12 @@
|
|||
function photoCompress(file, w, objDiv) {
|
||||
var csrftoken = $.cookie('csrftoken');
|
||||
$.ajaxSetup({
|
||||
beforeSend: function(xhr, settings) {
|
||||
if (!csrfSafeMethod(settings.type) && !this.crossDomain) {
|
||||
xhr.setRequestHeader("X-CSRFToken", csrftoken);
|
||||
}
|
||||
}
|
||||
});
|
||||
function photoCompress(file, w, objDiv) {
|
||||
var ready = new FileReader();
|
||||
/*开始读取指定的Blob对象或File对象中的内容. 当读取操作完成时,readyState属性的值会成为DONE,如果设置了onloadend事件处理程序,则调用之.同时,result属性中将包含一个data: URL格式的字符串以表示所读取文件的内容.*/
|
||||
ready.readAsDataURL(file);
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@
|
|||
</div>
|
||||
<div style="text-align: center;position: fixed;width: 500px;height: 70px;top: 40px;right: 60px;">
|
||||
<a style="color: #eee5e7;cursor: pointer;" class="easyui-linkbutton" iconCls="fa-sign-out" plain=true
|
||||
onclick="loginout()">安全退出</a>
|
||||
onclick="logout()">安全退出</a>
|
||||
<a style="color: #eee5e7;cursor: pointer;" id="bindwx" class="easyui-linkbutton" iconCls="fa-weixin" plain=true
|
||||
onclick="bindwx()">绑定微信</a>
|
||||
<a style="color: #eee5e7;cursor: pointer;" class="easyui-linkbutton" iconCls="fa-key" plain=true
|
||||
|
|
@ -167,10 +167,10 @@
|
|||
if (issuper == 1) { $('#setupb').show() }
|
||||
if (openid == 0 && issuper != 1) { $('#wxdg').dialog(); } else { $('#bindwx').text('解绑微信'); };
|
||||
if (headimgurl != 0) { $('#headimg').attr('src', headimgurl); }
|
||||
function loginout() {
|
||||
function logout() {
|
||||
$.messager.confirm('系统提示', '您确定要退出本次登录吗?', function (r) {
|
||||
if (r) {
|
||||
location.href = 'loginout';
|
||||
location.href = 'logout';
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -122,6 +122,7 @@
|
|||
企业安全生产管理系统
|
||||
</div>
|
||||
<form id="dlform" action="{% url 'login' %}" method="post">
|
||||
{% csrf_token %}
|
||||
<div class="login-center clearfix">
|
||||
<div class="login-center-img"><img src="/static/safesite/mystatic/images/name.png" /></div>
|
||||
<div class="login-center-input">
|
||||
|
|
|
|||
|
|
@ -5,8 +5,10 @@ from django.conf import settings
|
|||
from django.conf.urls.static import static
|
||||
|
||||
urlpatterns = [
|
||||
path('', views.login,name='login'),
|
||||
path('loginout',views.loginout,name='loginout'),
|
||||
path('', views.index,name='index'),
|
||||
path('login',views.login,name='login'),
|
||||
path('index', views.index,name='index'),
|
||||
path('logout',views.logout,name='logout'),
|
||||
path('changepwd',views.changepwd),
|
||||
path('reporthtml',views.reporthtml),
|
||||
path('troublehtml',views.troublehtml),
|
||||
|
|
|
|||
|
|
@ -239,28 +239,26 @@ def check_login(func):
|
|||
else:
|
||||
try:
|
||||
auth = request.META.get('HTTP_AUTHORIZATION').split()
|
||||
# 用户通过 API 获取数据验证流程
|
||||
if auth[0].lower() == 'token':
|
||||
try:
|
||||
dict = jwt.decode(auth[1], 'safeyun', algorithms=['HS256'])
|
||||
userid = dict.get('data').get('userid')
|
||||
except jwt.ExpiredSignatureError:
|
||||
return JsonResponse({"status_code": 401, "message": "Token expired"})
|
||||
except jwt.InvalidTokenError:
|
||||
return JsonResponse({"status_code": 401, "message": "Invalid token"})
|
||||
except Exception as e:
|
||||
return JsonResponse({"status_code": 401, "message": "Can not get user object"})
|
||||
try:
|
||||
user = User.objects.get(userid=userid)
|
||||
except user.DoesNotExist:
|
||||
return JsonResponse({"status_code": 401, "message": "User Does not exist"})
|
||||
else:
|
||||
return JsonResponse({"status_code": 401, "message": "Not support auth type"})
|
||||
except AttributeError:
|
||||
return JsonResponse({"code": 401, "message": "No authenticate header"})
|
||||
|
||||
# 用户通过 API 获取数据验证流程
|
||||
if auth[0].lower() == 'token':
|
||||
try:
|
||||
dict = jwt.decode(auth[1], 'safeyun', algorithms=['HS256'])
|
||||
userid = dict.get('data').get('userid')
|
||||
except jwt.ExpiredSignatureError:
|
||||
return JsonResponse({"status_code": 401, "message": "Token expired"})
|
||||
except jwt.InvalidTokenError:
|
||||
return JsonResponse({"status_code": 401, "message": "Invalid token"})
|
||||
except Exception as e:
|
||||
return JsonResponse({"status_code": 401, "message": "Can not get user object"})
|
||||
try:
|
||||
user = User.objects.get(userid=userid)
|
||||
except user.DoesNotExist:
|
||||
return JsonResponse({"status_code": 401, "message": "User Does not exist"})
|
||||
else:
|
||||
return JsonResponse({"status_code": 401, "message": "Not support auth type"})
|
||||
|
||||
#return redirect("login.html")
|
||||
#return JsonResponse({"code": 401, "message": "No authenticate header"})
|
||||
return redirect('login')
|
||||
return warpper
|
||||
|
||||
#存储文件
|
||||
|
|
@ -283,22 +281,51 @@ def login(req):
|
|||
user = User.objects.filter(username__exact = username, password__exact = password,deletemark=1)
|
||||
if user:
|
||||
#比较成功,跳转index
|
||||
userid = user[0].userid
|
||||
name = user[0].name
|
||||
openid=user[0].openid
|
||||
headimgurl=user[0].headimgurl
|
||||
nickname=user[0].nickname
|
||||
issuper = user[0].issuper
|
||||
req.session['userid'] = userid
|
||||
#req.session.set_expiry(3600)
|
||||
companyid = getcompany(userid)
|
||||
companyname = Partment.objects.get(partid=companyid).partname
|
||||
return render(req, 'index.html',{'username':name,'userid':userid,'openid':openid,'headimgurl':headimgurl,'nickname':nickname,'companyname':companyname,'issuper':issuper,'token':user[0].token})
|
||||
req.session['userid'] = user[0].userid
|
||||
req.session.set_expiry(60*30)
|
||||
return redirect('index')
|
||||
else:
|
||||
return render(req,'login.html',{'msg':'用户名或密码错误!'})
|
||||
else:
|
||||
return render(req,'login.html')
|
||||
|
||||
@check_login
|
||||
def index(req):
|
||||
userid = req.session['userid']
|
||||
user=User.objects.get(userid=userid)
|
||||
companyname = user.usecomp.partname
|
||||
name = user.name
|
||||
openid=user.openid
|
||||
headimgurl=user.headimgurl
|
||||
nickname=user.nickname
|
||||
issuper = user.issuper
|
||||
return render(req, 'index.html',{'username':name,'userid':userid,'openid':openid,'headimgurl':headimgurl,'nickname':nickname,'companyname':companyname,'issuper':issuper,'token':user.token})
|
||||
|
||||
def logout(req):
|
||||
#清理cookie里保存username
|
||||
#del req.session['username']
|
||||
# if "userid" in req.session:
|
||||
# del req.session['userid']
|
||||
req.session.flush()
|
||||
#req.session.flush()
|
||||
#req.session.delete("session_key")
|
||||
return render(req,'login.html')
|
||||
|
||||
@check_login
|
||||
def changepwd(req):
|
||||
#if 'userid' in req.session:
|
||||
userid = req.session['userid']
|
||||
oldpassword = req.POST.get('oldpassword')
|
||||
newpassword = req.POST.get('newpassword')
|
||||
a = User.objects.get(userid=userid)
|
||||
if a.password == oldpassword:
|
||||
a.password = newpassword
|
||||
a.save()
|
||||
del req.session['userid']
|
||||
return JsonResponse({"code":1})
|
||||
else:
|
||||
return JsonResponse({"code":2})
|
||||
|
||||
@check_login
|
||||
def mainhtml(req):
|
||||
#计算一些数据
|
||||
|
|
@ -494,40 +521,6 @@ def apirights(req):
|
|||
allrights = Group.objects.get(usecomp__partid=companyid,grouptype=0).menulink.split(',')
|
||||
return JsonResponse({'code':1,'rights':allrights})
|
||||
|
||||
def loginout(req):
|
||||
#清理cookie里保存username
|
||||
#del req.session['username']
|
||||
# if "userid" in req.session:
|
||||
# del req.session['userid']
|
||||
req.session.flush()
|
||||
#req.session.flush()
|
||||
#req.session.delete("session_key")
|
||||
return render(req,'login.html')
|
||||
|
||||
def index(req):
|
||||
try:
|
||||
userid = req.session['userid']
|
||||
except:
|
||||
return render(req,'login.html')
|
||||
user=User.objects.get(userid=userid)
|
||||
return render(req, 'index.html',{'username':user.name,'userid':user.userid,'openid':user.openid,'headimgurl':user.headimgurl,'nickname':nickname})
|
||||
|
||||
@check_login
|
||||
def changepwd(req):
|
||||
#if 'userid' in req.session:
|
||||
userid = req.session['userid']
|
||||
oldpassword = req.POST.get('oldpassword')
|
||||
newpassword = req.POST.get('newpassword')
|
||||
a = User.objects.get(userid=userid)
|
||||
if a.password == oldpassword:
|
||||
a.password = newpassword
|
||||
a.save()
|
||||
del req.session['userid']
|
||||
return JsonResponse({"code":1})
|
||||
else:
|
||||
return JsonResponse({"code":2})
|
||||
|
||||
|
||||
def addyh(req):
|
||||
userid=req.session['userid']
|
||||
user=User.objects.get(userid=userid)
|
||||
|
|
@ -2582,7 +2575,7 @@ def gchandle(req):
|
|||
elif a == 'listsearch':
|
||||
startnum,endnum=fenye(req)
|
||||
a = Observe.objects.filter(usecomp=Partment.objects.get(partid=companyid),deletemark=1)
|
||||
print(req.GET.get('qssj'))
|
||||
#print(req.GET.get('qssj'))
|
||||
if req.GET.get('gcr'):
|
||||
a = a.filter(looker__userid=req.GET.get('gcr'))
|
||||
if req.GET.get('gcbm'):
|
||||
|
|
@ -4119,7 +4112,7 @@ def apioperation(req):
|
|||
return JsonResponse({"code":1})
|
||||
elif a == 'gbzy':#关闭作业
|
||||
data = json.loads(req.body.decode('utf-8'))
|
||||
print(data)
|
||||
#print(data)
|
||||
zyid = data['zyid']
|
||||
zyimg2 = data['zyimg2']
|
||||
obj = Operation.objects.get(zyid=zyid)
|
||||
|
|
@ -4526,7 +4519,7 @@ def apiexamtest(req):
|
|||
return JsonResponse({"code":1})
|
||||
elif a == 'add2':
|
||||
data = json.loads(req.body.decode('utf-8'))
|
||||
print(data)
|
||||
#print(data)
|
||||
obj = ExamTest()
|
||||
obj.num='KS'+time.strftime('%Y%m%d%H%M%S')
|
||||
obj.name = data['name']
|
||||
|
|
@ -5466,7 +5459,6 @@ def apiriskcheck2(req):
|
|||
user = User.objects.get(userid=userid)
|
||||
objs = RiskActTask.objects.filter(riskact__id=data['riskact'],usable=1,user=None,istask=1)#匹配未处理的任务
|
||||
if objs.exists():
|
||||
print('xx')
|
||||
obj=objs[0]
|
||||
obj.user=user
|
||||
obj.taskdo=nowtime
|
||||
|
|
|
|||
Loading…
Reference in New Issue