增加apilogin

2022-03-28 21:58:45 +08:00 · 2022-03-28 21:58:45 +08:00 · a752d2e79d
parent 558ac98b2d
commit a752d2e79d
2 changed files with 22 additions and 2 deletions
--- a/safesite/urls.py
+++ b/safesite/urls.py
@ -182,6 +182,7 @@ urlpatterns = [
    path('gchandle',views.gchandle),
    path('menutree',views.menutree),
    path('setup',views.setup),
+    path('api/login', views.apilogin),
    path('api/company',views.apicompany),
    path('drapi',views.drapi),
    path('api/miss',views.apimiss),
--- a/safesite/views.py
+++ b/safesite/views.py
@ -663,7 +663,26 @@ def init_permission(user,req):
                                        })
    req.session['permissions'] = permission_dict

-
+def apilogin(req):
+    """
+    json登录
+    """
+    data = json.loads(req.body.decode('utf-8'))
+    username = data['username']
+    password = data['password']
+    user = User.objects.filter(username=username, deletemark=1, usecomp__enabled=True)
+    if user.exists():
+        if check_password(password, user[0].epassword):
+            req.session['userid'] = user[0].userid
+            req.session.set_expiry(60*40)
+            init_permission(user[0],req)
+            return JsonResponse({'code':1})
+        else:
+            msg = '密码错误'
+            return JsonResponse({'code':0, 'msg':msg})
+    else:
+        msg = '用户不存在或被禁用'
+        return JsonResponse({'code':0, 'msg':msg})
        
 def login(req):
    if req.session.get('userid', None):