def auth_token_for_91(request,access_token,openid,uuid,mktid,version,client_type,macaddr,idfa,ios_ver):
"""验证91平台
"""
fg = False
pid = ''
subarea = request.REQUEST.get("subarea", "1")
OPEN_URL = 'http://service.sj.91.com/usercenter/AP.aspx'
#request_url = '%s?AppId=%s&Act=4&Uin=%s&SessionId=%s&Sign=%s'
sign = md5.new(settings.APP_ID_91 + '4' + openid + access_token\
+ settings.APP_KEY_91).hexdigest()
data = dict(
AppId = settings.APP_ID_91,
Act = '4',
Uin = openid,
SessionId = access_token,
Sign = sign,
)
pairs = urllib.urlencode(data)
request_url = OPEN_URL + '?' + pairs
url_request = urllib2.urlopen(request_url, timeout=12)
rc,res = url_request.code, url_request.read()
res_dict = json.loads(res)
if rc == 200 and res_dict['ErrorCode'] == '1':
fg = True
pid = md5.md5('91'+str(openid)).hexdigest()
#给request安装用户
request.rk_user = UserBase._install(pid, '91',uuid,mktid,version,client_type,macaddr,idfa,ios_ver, subarea=subarea)
#检查用户是否账户被冻结
if not request.rk_user.frozen:
#更新用户的openid和access_token
request.rk_user.account.update_info(openid,access_token)
#更新用户平台信息
request.rk_user.update_user_from_91(openid)
return fg,pid
def get_access_token(request):
#用于刷新access_token用的refresh token
data = {
'rc':0,
'data':{}
}
para_pid = request.REQUEST.get('pid',None)
para_platform = request.REQUEST.get('platform',None)
session_dic = Session.new_get(para_platform+':'+para_pid)
pid = session_dic['pid']
access_token = session_dic['access_token']
refresh_token = session_dic['refresh_token']
expires_time = session_dic['expires_time']
if not pid and not access_token and not refresh_token and not expires_time:
data = {
'rc':8,
'data':{
'msg':get_msg('login','server_exception'),
'server_now':int(time.time()),
}
}
return HttpResponse(
json.dumps(data, indent=1),
content_type='application/x-javascript',
)
else:
if expires_time > time.time():
data['data']['access_token'] = access_token
data['data']['pid'] = request.rk_user.account.openid
data['data']['uid'] = request.rk_user.uid
data['data']['nickname'] = request.rk_user.baseinfo['username']
else:
client_id = settings.APP_KEY_360
client_secret = settings.APP_SECRET_KEY_360
oauth2_url = "https://openapi.360.cn/oauth2/access_token?grant_type=refresh_token&refresh_token=%s&client_id=%s&client_secret=%s&scope=basic" %(refresh_token, client_id, client_secret)
url_request = urllib2.urlopen(oauth2_url, timeout=12)
code, res = url_request.code, url_request.read()
if code == 200:
res_dict = json.loads(res)
data['data']['access_token'] = str(res_dict['access_token'])
data['data']['pid'] = request.rk_user.account.openid
data['data']['uid'] = request.rk_user.uid
data['data']['nickname'] = request.rk_user.baseinfo['username']
expires_time = time.time() + float(res_dict['expires_in'])
Session.set(para_platform, pid, str(res_dict['access_token']), str(res_dict['refresh_token']), expires_time)
else:
data = {
'rc':8,
'data':{
'msg':get_msg('login','server_exception'),
'server_now':int(time.time()),
}
}
data['data']['server_now'] = int(time.time())
return HttpResponse(
json.dumps(data, indent=1),
content_type='application/x-javascript',
)
def auth_token_for_360(request, access_token, openid, uuid, mktid, version,
client_type, macaddr, idfa, ios_ver):
#print '##### in auth_token_for_360'
fg = False
pid = ''
subarea = request.REQUEST.get("subarea", "1")
#360平台验证
if not 'access_token' in request.REQUEST:
return fg, pid
else:
access_token = str(request.REQUEST['access_token'])
platform = str(request.REQUEST['platform'])
if access_token:
url_360 = 'https://openapi.360.cn/user/me.json'
code_url = '%s?access_token=%s&fields=id,name,avatar,sex,area' % (
url_360, access_token)
url_request = urllib2.urlopen(code_url, timeout=12)
code, res = url_request.code, url_request.read()
#print '#### 360, code, res=', code, res
#可能360不需要refresh_token ?
#refresh_token = str(request.REQUEST['refresh_token'])
refresh_token = ''
#print '#### refresh_token=', refresh_token
#expires_in = float(request.REQUEST['expires_in']) # "['123.45']" ?
#print '#### expires_in=', request.REQUEST['expires_in']
expires_in = 24 * 3600
if code == 200:
res_dict = json.loads(res)
#print '#### 360, res_dict=', res_dict
fg = True
openid = str(res_dict['id'])
pid = md5.md5('360' + openid).hexdigest()
request.rk_user = UserBase._install(pid,
platform,
uuid,
mktid,
version,
client_type,
macaddr,
idfa,
ios_ver,
subarea=subarea)
#检查用户是否账户被冻结
if not request.rk_user.frozen:
#更新用户的openid和access_token
request.rk_user.account.update_info(openid, access_token)
request.rk_user.update_user_from_360(res_dict)
expires_time = time.time() + expires_in
#print '##### 360 start set session'
Session.set(platform, pid, access_token, refresh_token,
expires_time)
return fg, pid
def auth_token_for_mi(request, access_token, openid, uuid, mktid, version,
client_type, macaddr, idfa, ios_ver):
fg = False
pid = ''
subarea = request.REQUEST.get("subarea", "1")
#mi平台验证
client_id = settings.MI_APP_ID
url_mi = 'http://mis.migc.xiaomi.com/api/biz/service/verifySession.do'
ready_signature = 'appId=%s&session=%s&uid=%s' % (client_id, access_token,
openid)
signature = hmac.new(settings.MI_SECRET_KEY, ready_signature,
hashlib.sha1).hexdigest()
data = dict(
appId=client_id,
session=access_token,
uid=openid,
signature=signature,
)
pairs = urllib.urlencode(data)
code_url = url_mi + '?' + pairs
url_request = urllib2.urlopen(code_url, timeout=12)
code, res = url_request.code, url_request.read()
res_dict = json.loads(res)
if code == 200 and res_dict['errcode'] == 200:
pid = md5.md5('mi' + str(openid)).hexdigest()
request.rk_user = UserBase._install(pid,
'mi',
uuid,
mktid,
version,
client_type,
macaddr,
idfa,
ios_ver,
subarea=subarea)
#数据校正
if request.rk_user.baseinfo['platform'] != 'mi':
request.rk_user.baseinfo['platform'] = 'mi'
#检查用户是否账户被冻结
if not request.rk_user.frozen:
#更新用户的openid和access_token
request.rk_user.account.update_info(openid, access_token)
res_dict['openid'] = openid
request.rk_user.update_user_from_mi(res_dict)
fg = True
return fg, pid
def auth_token_for_360(request,access_token,openid,uuid,mktid,version,client_type,macaddr,idfa,ios_ver):
#print '##### in auth_token_for_360'
fg = False
pid = ''
subarea = request.REQUEST.get("subarea", "1")
#360平台验证
if not 'access_token' in request.REQUEST:
return fg, pid
else:
access_token = str(request.REQUEST['access_token'])
platform = str(request.REQUEST['platform'])
if access_token:
url_360 = 'https://openapi.360.cn/user/me.json'
code_url = '%s?access_token=%s&fields=id,name,avatar,sex,area' % (url_360, access_token)
url_request = urllib2.urlopen(code_url, timeout=12)
code, res = url_request.code, url_request.read()
#print '#### 360, code, res=', code, res
#可能360不需要refresh_token ?
#refresh_token = str(request.REQUEST['refresh_token'])
refresh_token = ''
#print '#### refresh_token=', refresh_token
#expires_in = float(request.REQUEST['expires_in']) # "['123.45']" ?
#print '#### expires_in=', request.REQUEST['expires_in']
expires_in = 24*3600
if code == 200:
res_dict = json.loads(res)
#print '#### 360, res_dict=', res_dict
fg = True
openid = str(res_dict['id'])
pid = md5.md5('360' + openid).hexdigest()
request.rk_user = UserBase._install(pid, platform,uuid,mktid,version,client_type,macaddr,idfa,ios_ver, subarea=subarea)
#检查用户是否账户被冻结
if not request.rk_user.frozen:
#更新用户的openid和access_token
request.rk_user.account.update_info(openid,access_token)
request.rk_user.update_user_from_360(res_dict)
expires_time = time.time() + expires_in
#print '##### 360 start set session'
Session.set(platform, pid, access_token, refresh_token, expires_time)
return fg,pid
def auth_token_for_91(request, access_token, openid, uuid, mktid, version,
client_type, macaddr, idfa, ios_ver):
"""验证91平台
"""
fg = False
pid = ''
subarea = request.REQUEST.get("subarea", "1")
OPEN_URL = 'http://service.sj.91.com/usercenter/AP.aspx'
#request_url = '%s?AppId=%s&Act=4&Uin=%s&SessionId=%s&Sign=%s'
sign = md5.new(settings.APP_ID_91 + '4' + openid + access_token\
+ settings.APP_KEY_91).hexdigest()
data = dict(
AppId=settings.APP_ID_91,
Act='4',
Uin=openid,
SessionId=access_token,
Sign=sign,
)
pairs = urllib.urlencode(data)
request_url = OPEN_URL + '?' + pairs
url_request = urllib2.urlopen(request_url, timeout=12)
rc, res = url_request.code, url_request.read()
res_dict = json.loads(res)
if rc == 200 and res_dict['ErrorCode'] == '1':
fg = True
pid = md5.md5('91' + str(openid)).hexdigest()
#给request安装用户
request.rk_user = UserBase._install(pid,
'91',
uuid,
mktid,
version,
client_type,
macaddr,
idfa,
ios_ver,
subarea=subarea)
#检查用户是否账户被冻结
if not request.rk_user.frozen:
#更新用户的openid和access_token
request.rk_user.account.update_info(openid, access_token)
#更新用户平台信息
request.rk_user.update_user_from_91(openid)
return fg, pid
def auth_token_for_mi(request,access_token,openid,uuid,mktid,version,client_type,macaddr,idfa,ios_ver):
fg = False
pid = ''
subarea = request.REQUEST.get("subarea", "1")
#mi平台验证
client_id = settings.MI_APP_ID
url_mi = 'http://mis.migc.xiaomi.com/api/biz/service/verifySession.do'
ready_signature = 'appId=%s&session=%s&uid=%s' % (client_id, access_token, openid)
signature = hmac.new(settings.MI_SECRET_KEY, ready_signature, hashlib.sha1).hexdigest()
data = dict(
appId = client_id,
session = access_token,
uid = openid,
signature = signature,
)
pairs = urllib.urlencode(data)
code_url = url_mi + '?' + pairs
url_request = urllib2.urlopen(code_url, timeout=12)
code, res = url_request.code, url_request.read()
res_dict = json.loads(res)
if code == 200 and res_dict['errcode'] == 200:
pid = md5.md5('mi' + str(openid)).hexdigest()
request.rk_user = UserBase._install(pid, 'mi',uuid,mktid,version,client_type,macaddr,idfa,ios_ver, subarea=subarea)
#数据校正
if request.rk_user.baseinfo['platform'] != 'mi':
request.rk_user.baseinfo['platform'] = 'mi'
#检查用户是否账户被冻结
if not request.rk_user.frozen:
#更新用户的openid和access_token
request.rk_user.account.update_info(openid,access_token)
res_dict['openid'] = openid
request.rk_user.update_user_from_mi(res_dict)
fg = True
return fg, pid
