def delete(self, request):
serializer = AuthTokenSerializer(data=request.data)
if not serializer.is_valid():
return Response(serializer.errors, status=HTTP_400_BAD_REQUEST)
try:
token = self.model.objects.get(
user=serializer.validated_data['user'])
token.delete()
except ExpiringToken.DoesNotExist:
raise Http404
return Response(status=HTTP_204_NO_CONTENT)
def login(request):
# check whether user data is valid, or raise exception
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
# get user from DB
user = serializer.validated_data['user']
# creates token if exists, or return existing
token, created = Token.objects.get_or_create(user=user)
data = {'token': token.key}
return Response(data, status=status.HTTP_200_OK)
def post(self, request, format=None):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
login(request, user)
token, created = Token.objects.get_or_create(user=user)
request.session[0] = user.username
return Response({
'token': token.key,
'user_id': user.pk,
'email': user.email,
'user_name': user.username
})
def post(self, request, format=None):
print("request data = ", request.data)
#encryptedpass = pbkdf2_sha256.encrypt(request.data['password'], rounds=12000, salt_size=32)
#print("encrypted pass = "******"mydata = ",mydata)
serializer = AuthTokenSerializer(data=request.data)
print("serializer = ", serializer)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
print("user login = ", user)
login(request, user)
return super(LoginAPI, self).post(request, format=None)
def get_token(self, request):
serializer = AuthTokenSerializer(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
# Get the user and get/create their token
user = serializer.validated_data['user']
token, created = Token.objects.get_or_create(user=user)
# Also treat this as a login
user.last_login = timezone.now()
user.save(update_fields=['last_login'])
return Response({'token': token.key})
def post(self, request, *args, **kwargs):
serializer = AuthTokenSerializer(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
if (self.organization.pk, ) not in user.organizations_pk:
message = _('User "{}" is not member '
'of "{}"').format(user.username, kwargs['slug'])
logger.warning(message)
raise ValidationError({'non_field_errors': [message]})
token, created = Token.objects.get_or_create(user=user)
context = {'view': self, 'request': request, 'token_login': True}
serializer = self.serializer_class(instance=token, context=context)
return Response(serializer.data)
def loginapi(request):
permission_classes = (permissions.AllowAny, )
serializer = AuthTokenSerializer(data=request.data)
if serializer.is_valid():
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
login(request, user)
return Response({
'user': user.username,
'user_id': user.id,
})
else:
return Response(" Please Enter correct Username or password"
) # where is virtual environment
def post(self, request):
# URL : /api/members/auth-token/
# username , password를받아 인증 성공하면
# 토근은 생성하거나 있으면 존재하는 걸 가져와서
# response로 돌려줌
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, _ = Token.objects.get_or_create(user=user)
data = {
'token': token.key,
'user': UserSerializer(user).data,
}
return Response(data)
def post(self, request, **kwargs):
serializer = AuthTokenSerializer(data=request.data)
if serializer.is_valid():
token, created = Token.objects.get_or_create(
user=serializer.validated_data['user'])
if not created and token.created < localtime(
) - datetime.timedelta(hours=EXPIRE_HOURS):
token.delete()
token = Token.objects.create(
user=serializer.validated_data['user'])
token.created = localtime()
token.save()
if token.user.company:
# check if company has code
if not token.user.company.company_code:
c = token.user.company
c.generate_code()
c.save()
return Response(
{
"auth_token":
token.key,
"company":
token.user.company.pk,
"company_name":
token.user.company.company_name,
"expiry_date":
token.created + datetime.timedelta(hours=EXPIRE_HOURS),
"id":
token.user.id
},
status=status.HTTP_200_OK)
else:
return Response(
{
"auth_token":
token.key,
"company":
token.user.company,
"id":
token.user.id,
'expiry_date':
token.created + datetime.timedelta(hours=EXPIRE_HOURS)
},
status=status.HTTP_200_OK)
return Response({"error": "Invalid Credentials"},
status=status.HTTP_400_BAD_REQUEST)
def create(self, request, pk=None, **kwargs):
null_response = {
"status": "error",
"type": "account",
"currentAuthority": "guest",
"token": "forguest"
}
# 检查是否为diypassword
password = request.data.get('password', None)
if password == "diypassword":
context = data_return(302, BASEAUTH_MSG.get(302), null_response)
return Response(context)
try:
serializer = AuthTokenSerializer(data=request.data)
if serializer.is_valid():
token, created = Token.objects.get_or_create(
user=serializer.validated_data['user'])
time_now = datetime.datetime.now()
if created or token.created < time_now - datetime.timedelta(
minutes=EXPIRE_MINUTES):
# 更新创建时间,保持token有效
token.delete()
token = Token.objects.create(
user=serializer.validated_data['user'])
token.created = time_now
token.save()
null_response['status'] = 'ok'
null_response[
'currentAuthority'] = 'admin' # 当前为单用户模式,默认为admin
null_response['token'] = token.key
# 成功登录通知
Notice.send_info(f"{serializer.validated_data['user']} 成功登录")
context = data_return(201, BASEAUTH_MSG.get(201),
null_response)
return Response(context)
else:
if Xcache.login_fail_count():
Notice.send_alert("Viper遭到暴力破解,服务器地址可能已经暴露")
context = data_return(301, BASEAUTH_MSG.get(301),
null_response)
return Response(context)
except Exception as E:
logger.error(E)
context = data_return(301, BASEAUTH_MSG.get(301), null_response)
return Response(context)
def post(self, request, *args, **kwargs):
serializer = AuthTokenSerializer(data=request.data)
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data
return Response({
"user":
UserSerializer(user, context=self.get_serializer_context()).data,
"myprofile":
ProfileSerializer(user.profile,
context=self.get_serializer_context()).data,
"token":
AuthToken.objects.create(user)[1]
})
def post(self, request):
serializer = AuthTokenSerializer(data=request.data)
if serializer.is_valid():
user = serializer.validated_data.get('user')
user.last_login = now()
user.save()
user_serializer = UserSerializer(instance=user)
token = generic_jwt(user)
return Response(data={
'token': token,
'user': user_serializer.data
})
else:
return Response(data={'message': '用户名或密码错误'},
status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
serializer = AuthTokenSerializer(data=request.data,
context={"request": request})
# print("="*500)
if serializer.is_valid():
user = serializer.validated_data.get("user")
# 更新最后登录时间
user.last_login = now()
# 保存模型的更新操作
user.save()
user_serializer = UserSerializer(user)
return Response(data={"user": user_serializer.data})
else:
print(serializer.errors)
return Response(data={"message": "数据提交错误"})
def post(self, request):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, created = Token.objects.get_or_create(user=user)
return Response({
'token': token.key,
'user': {
'id': user.id,
'email': user.email,
'first_name': user.first_name,
'last_name': user.last_name,
'is_active': user.is_active,
},
})
def login(request):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data.get('user')
user_obj = MyUser.objects.get(email=user)
user_obj.is_logged = True
token, created = Token.objects.get_or_create(user=user)
token_str = f"Token ${token}"
user_obj.token = token_str
user_obj.save()
context = {"token": token}
return Response(context,
headers={'Authorization': token_str},
template_name='main.html')
def create(self, request):
""" Register. """
success = True
error = ''
try:
new_user = models.User.objects.create_user(
email=request.data.get('email'),
password=request.data.get('password'),
)
new_user.name = request.data.get('name')
try:
# new_user.group = models.Group.objects.get(name='free')
print(new_user)
new_user.save()
except ObjectDoesNotExist:
new_user.delete()
error = 'Please contact our support team.'
serializer = AuthTokenSerializer(data={
'username':
request.data.get('email'),
'password':
request.data.get('password')
},
context={'request': request})
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, created = Token.objects.get_or_create(user=user)
token = token.key
message = {
'type': 'success',
'message': 'Registered successfully.'
}
except IntegrityError:
token = ''
success = False
message = {
'type': 'danger',
'message': 'Exist email address provided.'
}
error = 'Exist email address provided.'
return Response({
'success': success,
'token': token,
'error': error,
'message': message,
})
def post(self, request):
try:
user = DUser.objects.get(username=request.data['username'])
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
token, created = Token.objects.get_or_create(user=user)
circles = get_circle_of_user(user)
return JsonResponse({
"success": True,
'token': token.key,
"user": DUserSerializer(user).data,
"circles": circles
})
except Exception as e:
print(e)
return JsonResponse({"success": False, "message": e.__str__()})
def post(self, request, format=None):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
# 'token' is the token object, 'created' is a boolean indicating if a
# new token was created
token, created = Token.objects.get_or_create(user=user)
user_serializer = UserSerializer_RetrieveUpdateDestroy(user)
# Logic to retreive nested user fields/profiles perhaps here...
# Design decision whether or not to do this with a seperate view
# Maybe use: user_type = user_serializer.data['user_type']
return Response({
'token': token.key,
'user': user_serializer.data
},
status=status.HTTP_200_OK)
def post(self, request, format=None):
serializer = AuthTokenSerializer(data=request.data)
print("*****AuthTokenSerializer///////---",serializer)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
activeuser=User.objects.get(username=user.username)
datatest={}
datatest['is_staff']=activeuser.is_staff
login(request, user)
temp_list=super(LoginAPI, self).post(request, format=None)
temp_list.data["is_staff"]=activeuser.is_staff
temp_list.data["email"]=activeuser.email
temp_list.data["id"]=activeuser.pk
temp_list.data["username"]=activeuser.username
temp_list.data["last_login"]=activeuser.last_login
return Response({"data":temp_list.data})
def login(request):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data.get('user')
token, created = Token.objects.get_or_create(user=user)
return Response({'token': token.key})
# @api_view(['GET'])
# @permission_classes([IsAuthenticated])
# class UserList(APIView):
# def get(self, request):
# users = User.objects.all()
# serializer = UserSerializer(users, many=True)
# # permission_class = (IsAuthenticated,)
# return Response(serializer.data)
def post(self, request):
serializer = AuthTokenSerializer(data=request.data)
if serializer.is_valid(raise_exception=True):
user = serializer.validated_data['user']
token, _ = Token.objects.get_or_create(user=user)
data = {
'token': token.key,
}
return Response(data, status=status.HTTP_200_OK)
else:
return Response(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, created = Token.objects.get_or_create(user=user)
# Get User object to fetch thermostat id
queryset = User.objects.all()
# User should exist, so this should never return 404
userObject = get_object_or_404(queryset,
username=request.data['username'])
# Get thermostat object
queryset = Thermostat.objects.all()
thermostat = get_object_or_404(queryset, owner=userObject.id)
return Response({'token': token.key, 'thermostatId': thermostat.id})
def post(self, request):
serializer = AuthTokenSerializer(data=request.data,
context={"request": request})
if serializer.is_valid():
user = serializer.validated_data.get('user')
user.last_login = now()
user.save()
token = generate_jwt(user)
user_serializer = UserSerializer(user)
return Response(data={
"token": token,
"user": user_serializer.data
})
else:
print(serializer.errors)
return Response(data={"message": "数据提交错误!"})
def login(self, request, **kwargs):
serializer = UserLoginSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
data = {
'username': serializer.validated_data['username'],
'password': serializer.validated_data['password']
}
serializer = AuthTokenSerializer(data=data)
if not serializer.is_valid():
return Response(status=status.HTTP_403_FORBIDDEN, data={"detail": "Username or password is incorrect."})
user = serializer.validated_data['user']
Token.objects.get_or_create(user=user)
return Response(status=status.HTTP_200_OK, data={"auth_token": str(user.auth_token)})
def post(self, request):
serializer = AuthTokenSerializer(data=request.data)
if serializer.is_valid():
user = serializer.validated_data.get('user')
if user.is_staff == 1:
user.last_login = now()
user.save()
token = generate_jwt(user, 7)
# have to serializer user instance to get user data and send to frontend
user_serializer = ECUserSerializer(instance=user)
return Response({'user': user_serializer.data, 'token': token})
else:
return Response({'message': 'You don not have the permission to login management system'},
status=status.HTTP_400_BAD_REQUEST)
else:
return Response({'message': dict(serializer.errors)}, status=status.HTTP_400_BAD_REQUEST)
def authenticate(self, request):
# if the user has made no attempt to add
# credentials via the request body,
# pass through so other authentication
# can be tried
username = request.data.get('username', None)
password = request.data.get('password', None)
if not username and not password:
return None
serializer = AuthTokenSerializer(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
return (user, None)
def login(request):
serializer = AuthTokenSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
token, _ = Token.objects.get_or_create(user=user)
context = {
'key': token.key,
}
if user.user_type == CLIENT:
context['client_id'] = user.client.pk
elif user.user_type == MASTER:
context['master_id'] = user.master.pk
elif user.user_type == PARTNER:
context['partner_id'] = user.partner.pk
return Response(context)
def set_password(request, pk):
if request.method == 'POST':
old_password = request.data['old_password']
new_password = request.data['new_password']
user = CustomUser.objects.get(id=pk)
username = user.username
serializer = AuthTokenSerializer(data={
"username": username,
"password": old_password
})
serializer.is_valid(raise_exception=True)
user.set_password(new_password)
user.save()
return Response(status=status.HTTP_200_OK)
def post(self, request):
"""Respond to POSTed username/password with token."""
serializer = AuthTokenSerializer(data=request.data)
if serializer.is_valid():
token, _ = ExpiringToken.objects.get_or_create(
user=serializer.validated_data['user'])
token.delete()
token = ExpiringToken.objects.create(
user=serializer.validated_data['user'])
return Response({
'token': token.key,
'username': token.user.username,
})
return Response(serializer.errors, status=400)
def post(self, request):
try:
data = json.loads(request.body)
except:
return Response({'status': 'Params not set'},
status=status.HTTP_400_BAD_REQUEST)
serializer = AuthTokenSerializer(data=data)
if serializer.is_valid():
token, _ = ExpiringToken.objects.get_or_create(
user=serializer.validated_data['user'])
if token.expired():
token.delete()
token = ExpiringToken.objects.create(
user=serializer.validated_data['user'])
data = {'token': token.key}
return Response(data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
