def post(self, request, *args, **kwargs):
"""
back manager get access token for console
---
parameters:
- name: username
description: 用户名
required: true
type: string
paramType: path
- name: password
description: 密码
required: true
type: string
paramType: form
- name: enterprise_id
description: 企业ID
required: true
type: string
paramType: form
- name: enterprise_alias
description: 企业别名
required: true
type: string
paramType: form
"""
try:
auth = request.data.get('Authorization', '')
if auth != settings.MANAGE_SECRET_KEY:
return Response(
generate_result("0401", "authorization error", "验证未通过"))
username = request.data.get("username", None)
password = request.data.get("password", None)
enterprise_id = request.data.get("enterprise_id", None)
enterprise_alias = request.data.get("enterprise_alias", None)
user_obj = user_repo.get_user_by_user_name(username)
if user_obj:
return Response(
generate_result("1004", "user already exists",
"用户名在控制台已存在"))
if not username or not password or not enterprise_id or not enterprise_alias:
return Response(generate_result("1003", "params error",
"参数错误"))
# get or create enterprise info
enterprise = enterprise_services.get_enterprise_first()
if not enterprise:
enterprise = enterprise_services.create_tenant_enterprise(
enterprise_id, enterprise_alias, enterprise_alias, False)
token = auth_service.create_token_auth_user(username, password)
bean = {
"console_access_token": token.key,
"enterprise_info": enterprise.to_dict()
}
result = generate_result("0000", "success", "信息获取成功", bean)
except Exception as e:
logger.exception(e)
result = generate_error_result()
return Response(result)
def post(self, request, *args, **kwargs):
try:
# 获取sso的user_id
sso_user_id = request.data.get('uid')
sso_user_token = request.data.get('token')
sso_enterprise_id = request.data.get('eid')
rf = request.data.get('rf') or 'sso'
market_client_id = request.data.get('eid')
market_client_token = request.data.get('etoken')
if not market_client_id or not market_client_token:
msg = "no market_client_id or market_client_token"
logger.debug('account.login', msg)
return Response({'success': False, 'msg': msg})
rf_username = request.data.get('rf_username') or ''
logger.debug(
'account.login',
'request.sso_user_id:{0} request.sso_user_token:{1} request.sso_enterprise_id:{2}'
.format(sso_user_id, sso_user_token, sso_enterprise_id))
is_pass, msg = self.__check_params(sso_user_id, sso_user_token,
sso_enterprise_id)
if not is_pass:
return Response({'success': False, 'msg': msg})
is_pass, msg, sso_user = self.__get_auth_user_token(
sso_user_id, sso_user_token)
if not is_pass:
return Response({'success': False, 'msg': msg})
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
sso_user.get('eid'))
if not enterprise:
sso_company = sso_user.get('company')
enterprise = enterprise_services.create_tenant_enterprise(
sso_user.get('eid'), sso_company, sso_company, True)
user = self.__update_user_info(sso_user, sso_user_id,
sso_user_token, rf)
# 保存访问云市的token
domain = os.getenv('GOODRAIN_APP_API',
settings.APP_SERVICE_API["url"])
client_auth_service.save_market_access_token(
enterprise.enterprise_id, domain, market_client_id,
market_client_token)
key = request.data.get('key')
logger.debug('invite key: {0}'.format(key))
if key:
logger.debug('account.login',
'invite register: {}'.format(key))
data = AuthCode.decode(str(key), 'goodrain').split(',')
logger.debug(data)
action = data[0]
if action == 'invite_tenant':
self.__process_invite_tenant(user, data)
elif action == 'invite_service':
self.__process_invite_service(user, data)
user.is_active = True
user.save()
logger.debug('account.login',
'user invite register successful')
else:
logger.debug(
'account.login',
'register/login user.is_active:{}'.format(user.is_active))
if not user.is_active:
# 如果注册用户是通过云市私有交付创建的企业客户, 则将厂商账户加入到其客户企业的管理员列表
agent_sso_user_id = request.data.get('agent_sid')
logger.debug('account.login',
'agent_sid: {}'.format(agent_sso_user_id))
if agent_sso_user_id:
code, msg, team = self.__init_and_create_user_tenant(
user, enterprise)
if code != 200:
return Response({
'success': False,
'msg': msg
},
status=500)
agent_user = user_services.get_user_by_sso_user_id(
agent_sso_user_id)
if agent_user:
# 创建用户在团队的权限
perm_info = {
"user_id": agent_user.user_id,
"tenant_id": team.ID,
"identity": "admin",
"enterprise_id": enterprise.pk
}
perm_services.add_user_tenant_perm(perm_info)
logger.debug(
'account.login',
'agent manage team success: {}'.format(
perm_info))
else:
user_services.make_user_as_admin_for_enterprise(
user.user_id, enterprise.enterprise_id)
user.is_active = True
user.save()
logger.debug('account.login',
"enterprise id {0}".format(enterprise.enterprise_id))
teams = team_services.get_enterprise_teams(
enterprise.enterprise_id)
data_list = [{
'uid': user.sso_user_id,
'tenant_id': t.tenant_id,
'tenant_name': t.tenant_name,
'tenant_alias': t.tenant_alias,
'eid': t.enterprise_id
} for t in teams]
return Response({'success': True, 'list': data_list}, status=200)
except Exception as e:
logger.exception(e)
return Response({'success': False, 'msg': e.message}, status=500)