def authenticate(self, request=None, code=None, is_wechat=True):
"""
is_wechat 参数是为了使得 WeixinBackend 与其他 Backend 参数个数不同,在框架选择
认证 backend 时,快速定位
"""
logger.debug(u"进入 WEIXIN 认证 Backend")
if not code:
return None
result, user_info = self.verify_weixin_code(code)
logger.debug(u"微信 CODE 验证结果,result:%s,user_info:%s" %
(result, user_info))
if not result:
return None
user_model = get_user_model()
try:
user, _ = user_model.objects.get_or_create(
username=user_info['username'])
user.nickname = user_info['username']
user.avatar_url = user_info['avatar']
user.save()
except Exception:
logger.exception(u"自动创建 & 更新 User Model 失败")
else:
return user
def authenticate(self, request=None):
logger.debug(u"进入 BK_JWT 认证 Backend")
try:
verify_data = self.verify_bk_jwt_request(request)
except Exception as e:
logger.exception(u"[BK_JWT]校验异常: %s" % e)
return None
if not verify_data['result'] or not verify_data['data']:
logger.error(u"BK_JWT 验证失败: %s" % (verify_data))
return None
user_info = verify_data['data']['user']
user_model = get_user_model()
try:
user, _ = user_model.objects.get_or_create(
username=user_info['bk_username'])
user.nickname = user_info['bk_username']
user.save()
except Exception as e:
logger.exception(u"自动创建 & 更新 User Model 失败: %s" % e)
return None
return user
def authenticate(self, request=None):
logger.debug(u"进入 BK_JWT 认证 Backend")
try:
verify_data = self.verify_bk_jwt_request(request)
except Exception as err: # pylint: disable=broad-except
logger.exception(u"[BK_JWT]校验异常: %s" % err)
return None
if not verify_data["result"] or not verify_data["data"]:
logger.error(u"BK_JWT 验证失败: %s" % verify_data)
return None
user_info = verify_data["data"]["user"]
user_model = get_user_model()
try:
user, _ = user_model.objects.get_or_create(
username=user_info["bk_username"])
user.nickname = user_info["bk_username"]
user.save()
except Exception as err: # pylint: disable=broad-except
logger.exception(u"自动创建 & 更新 User Model 失败: %s" % err)
return None
return user
def get_bk_user(request):
bkuser = None
if request.weixin_user and not isinstance(request.weixin_user, AnonymousUser):
user_model = get_user_model()
try:
user_property = UserProperty.objects.get(key='wx_userid', value=request.weixin_user.userid)
except UserProperty.DoesNotExist:
logger.warning('user[wx_userid=%s] not in UserProperty' % request.weixin_user.userid)
else:
bkuser = user_model.objects.get(username=user_property.user.username)
return bkuser or AnonymousUser()
def authenticate(self, request=None, bk_token=None):
logger.debug(u"Enter in TokenBackend")
# 判断是否传入验证所需的bk_token,没传入则返回None
if not bk_token:
return None
verify_result, username = self.verify_bk_token(bk_token)
# 判断bk_token是否验证通过,不通过则返回None
if not verify_result:
return None
user_model = get_user_model()
try:
user, _ = user_model.objects.get_or_create(username=username)
get_user_info_result, user_info = self.get_user_info(bk_token)
# 判断是否获取到用户信息,获取不到则返回None
if not get_user_info_result:
return None
user.set_property(key='qq', value=user_info.get('qq', ''))
user.set_property(key='language',
value=user_info.get('language', ''))
user.set_property(key='time_zone',
value=user_info.get('time_zone', ''))
user.set_property(key='role', value=user_info.get('role', ''))
user.set_property(key='phone', value=user_info.get('phone', ''))
user.set_property(key='email', value=user_info.get('email', ''))
user.set_property(key='wx_userid',
value=user_info.get('wx_userid', ''))
user.set_property(key='chname', value=user_info.get('chname', ''))
# 用户如果不是管理员,则需要判断是否存在平台权限,如果有则需要加上
if not user.is_superuser and not user.is_staff:
role = user_info.get('role', '')
is_admin = True if str(role) == ROLE_TYPE_ADMIN else False
user.is_superuser = is_admin
user.is_staff = is_admin
user.save()
return user
except IntegrityError:
logger.exception(traceback.format_exc())
logger.exception(
u"get_or_create UserModel fail or update_or_create UserProperty"
)
return None
except Exception:
logger.exception(traceback.format_exc())
logger.exception(u"Auto create & update UserModel fail")
return None
def get_component_client_common_args():
"""
获取ComponentClient需要的common_args
@return:
{
bk_username = '******'
}
@rtype: dict
"""
try:
last_login_user = get_user_model().objects.all().order_by("-last_login")[0]
except IndexError:
logger.exception("There is not a last_login_user")
raise IndexError("There is not a last_login_user")
username = last_login_user.username
return dict(bk_username=username)
def get_component_client_common_args():
"""
获取ComponentClient需要的common_args
@return:
{
access_token = 'xxx'
}
@rtype: dict
"""
try:
last_login_user = get_user_model().objects.all().order_by("-last_login")[0]
except IndexError:
logger.warn("There is not a last_login_user")
raise IndexError("There is not a last_login_user")
access_token = get_access_token_by_user(last_login_user.username).access_token
return dict(access_token=access_token)
def get_user(self, user_id):
user_model = get_user_model()
try:
return user_model.objects.get(pk=user_id)
except user_model.DoesNotExist:
return None
