def register(request):
request_data = json.loads(request.body.decode('utf-8'))
username = request_data['username']
password = request_data['password']
try:
user = User.objects.get(username=username)
except ObjectDoesNotExist as e:
user = User(username=username)
user.set_password(password)
user.is_active = False
user.save()
account = Account(user=user)
account.nickname = username
account.save()
account_confirm_code = AccountConfirmCode(
account=account, code=generate_account_confirm_code())
account_confirm_code.save()
else:
if user.is_active:
return JsonResponse(
get_json_dict(data={}, err_code=-1, message="您已注册过"))
user.set_password(password)
user.save()
account_confirm_code = user.account.account_confirm_code
account_confirm_code.code = generate_account_confirm_code()
account_confirm_code.save()
send_confirm_code_to_fdu_mailbox(username, account_confirm_code.code)
return JsonResponse(get_json_dict(data={}))
def user_login(request):
def get_user_login_success_response(user):
expires = timezone.now() + timezone.timedelta(days=7)
jwt_payload = get_user_private_dict(user.account)
jwt_payload['expires'] = expires.strftime("%Y-%m-%d %H:%M:%S")
jwt_token = jwt.encode(jwt_payload, PRIVATE_KEY,
algorithm="RS256").decode("utf-8")
response = JsonResponse(
get_json_dict(data={}, err_code=0, message="Login success"))
response.set_cookie('jwt', jwt_token, max_age=604800)
return response
received_data = json.loads(request.body.decode('utf-8'))
username = received_data['username']
password = received_data['password']
json_dict = get_json_dict(data={})
user = authenticate(username=username, password=password)
if user: # user auth success
if user.is_active: # user have confirmed its email, login success
response = get_user_login_success_response(user)
return response
else: # user have not confirmed its email
json_dict['err_code'] = -1
json_dict['message'] = "请验证您的学号邮箱"
response = JsonResponse(json_dict)
response.status_code = 403
return response
else: # user auth fail
try:
User.objects.get(username=username)
except ObjectDoesNotExist as e: # user object does not exist
if (re.match("\d{3,11}", username)
): # username is the form of a student/staff account
nickname = check_fdu_auth(
username, password
) # check username and password via mail.fudan.edu.cn
if nickname != None: # check success, create user
user = User(username=username)
user.set_password(password)
user.is_active = True
user.save()
account = Account(user=user)
account.nickname = nickname
account.save()
user_icon_response = requests.get(
"https://www.gravatar.com/avatar/{0}?s=256&d=identicon&r=PG"
.format(user.username))
account.icon.save(name='default_icon',
content=ContentFile(
user_icon_response.content))
return get_user_login_success_response(user)
# user does not exists
json_dict['err_code'] = -1
json_dict['message'] = "用户不存在"
response = JsonResponse(json_dict)
response.status_code = 403
return response
else: # user exists, password is incorrect
json_dict['err_code'] = -1
json_dict['message'] = "密码错误"
response = JsonResponse(json_dict)
response.status_code = 403
return response
