def update(self, request, *args, **kwargs): data = request.data # 修改角色 if data.get('role_user'): user = self.get_object() role = UserRole.objects.filter(user=user).first() role.role_id = 2 role.save() return Response({ 'code': 2000, 'message': '修改成功', }) # 修改用户信息 if data: if data.get('password'): password = data.get('password') old_password = data.get('oldPassword') user = User.objects.filter(userid=kwargs['pk']).first() if user.password == to_md5_hex(old_password): user.password = to_md5_hex(password) user.save() res = Response({ 'code': 2000, 'message': '密码修改成功', }) else: res = Response({ 'code': 4000, 'message': '密码不正确', }) return res else: user = User.objects.filter(userid=kwargs['pk']) user.update(**data) res = Response({ 'code': 2000, 'message': '修改成功', }) return res # 删除用户 else: instance = self.get_object() instance.status = False instance.save() res = Response({ 'code': 2000, 'message': '删除成功', }) return res
def login(request): resp_dict = {'code': 30000, 'message': '用户登录成功'} username = request.data.get('username', '') password = request.data.get('password', '') password = to_md5_hex(password) user = User.objects.filter(username=username, password=password) \ .only('userid').first() if user: request.session['userid'] = user.userid request.session['realname'] = user.realname with transaction.atomic(): resp_dict['token'] = token = uuid1().hex UserToken.objects.update_or_create(user=user, defaults={'token': token}) current_time = timezone.now() delta = current_time - user.lastvisit if delta.days >= 1: user.point += 5 user.lastvisit = current_time user.save() log = LoginLog() log.user = user log.ipaddr = get_ip_address(request) log.save() else: resp_dict['code'] = '30001' resp_dict['message'] = '用户名或密码错误' return Response(resp_dict)
def login(request): """用户登录""" if request.method == 'GET': return render(request, 'login.html') else: if request.session['captcha'] == request.POST['captcha'].lower(): username = request.POST['username'] password = request.POST['password'] try: user = User.objects.get(username=username) except User.DoesNotExist: hint = '用户名或密码错误' else: if user and user.password == to_md5_hex(password): request.session['userid'] = user.userid request.session['realname'] = user.realname delta = timezone.now() - user.lastvisit if delta.days >= 1: user.point += randint(1, 10) user.lastvisit = timezone.now() user.save() ipaddr = get_ip_address(request) log = LoginLog(user=user, ipaddr=ipaddr) log.save() return redirect('/') else: hint = '用户名或密码错误' else: hint = '请输入正确的图片验证码' return render(request, 'login.html', {'hint': hint})
def test_to_md5_hex(self): pass_pairs = { '123456': 'e10adc3949ba59abbe56e057f20f883e', '123123': '4297f44b13955235245b2497399d7a93', '1qaz2wsx': '1c63129ae9db9c60c3e8aa94d3e00495', } for key, value in pass_pairs.items(): self.assertEqual(value, to_md5_hex(key))
def create(self, validated_data): del validated_data['code'] validated_data['password'] = to_md5_hex(validated_data['password']) with atomic(): user = User.objects.create(**validated_data) role = Role.objects.get(roleid=1) UserRole.objects.create(user=user, role=role) return user
def create(self, validated_data): del validated_data['code'] caches['default'].delete(f'{validated_data["tel"]}:valid') validated_data['password'] = to_md5_hex(validated_data['password']) with atomic(): user = User.objects.create(**validated_data) role = Role.objects.get(roleid=1) UserRole.objects.create(user=user, role=role) return user
def upload_house_photo(request): file_obj = request.FILES.get('mainphoto') if file_obj and len(file_obj) < MAX_PHOTO_SIZE: prefix = to_md5_hex(file_obj.file) filename = f'{prefix}{os.path.splitext(file_obj.name)[1]}' upload_stream_to_qiniu.delay(file_obj, filename, len(file_obj)) # photo = HousePhoto() # photo.path = f'http://q69nr46pe.bkt.clouddn.com/{filename}' # photo.ismain = True # photo.save() resp = DefaultResponse( *FILE_UPLOAD_SUCCESS, data={'url': f'http://q6i8nba3h.bkt.clouddn.com/{filename}'}) else: resp = DefaultResponse(*FILE_SIZE_EXCEEDED) return resp
def login(request): """登录(获取用户身份令牌)""" username = request.data.get('username') password = request.data.get('password') if (check_tel(username) or check_email(username) or check_username(username)) and len(password) >= 6: password = to_md5_hex(password) q = Q(username=username, password=password) | \ Q(tel=username, password=password) | \ Q(email=username, password=password) user = User.objects.filter(q)\ .only('username', 'realname').first() if user: if user.status: # 用户登录成功通过JWT生成用户身份令牌 payload = { 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=1), 'data': { 'userid': user.userid, 'realname': user.realname, 'roleid': user.roles.get_queryset().first().roleid } } token = jwt.encode(payload, SECRET_KEY, algorithm='HS256').decode() with atomic(): current_time = timezone.now() if not user.lastvisit or \ (current_time - user.lastvisit).days >= 1: user.point += 2 user.lastvisit = current_time user.save() loginlog = LoginLog() loginlog.user = user loginlog.logdate = current_time loginlog.ipaddr = get_ip_address(request) loginlog.save() resp = DefaultResponse(*USER_LOGIN_SUCCESS, data={'token': token}) else: resp = DefaultResponse(*USER_LOGIN_STATUS) else: resp = DefaultResponse(*USER_LOGIN_FAILED) else: resp = DefaultResponse(*INVALID_LOGIN_INFO) return resp
def login(request): """登录(获取用户身份令牌)""" username = request.data.get('username') password = request.data.get('password') if username and password: password = to_md5_hex(password) user = User.objects.filter( Q(username=username, password=password) | Q(tel=username, password=password) | Q(email=username, password=password) ).first() if user: # roles = RoleSimpleSerializer(user.roles.all(), many=True).data # 用户登录成功通过JWT生成用户身份令牌 payload = { 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=1), 'data': {'userid': user.userid, } } token = jwt.encode(payload, SECRET_KEY, algorithm='HS256').encode() with atomic(): current_time = timezone.now() if not user.lastvisit or \ (current_time - user.lastvisit).days >= 1: user.point += 2 user.lastvisit = current_time user.save() loginlog = LoginLog() loginlog.user = user loginlog.logdate = current_time loginlog.ipaddr = get_ip_address(request) loginlog.save() resp = DefaultResponse(*USER_LOGIN_SUCCESS, data={'token': token}) else: resp = DefaultResponse(*USER_LOGIN_FAILED) else: resp = DefaultResponse(*INVALID_LOGIN_INFO) return resp
def save(self, is_insert=False): if is_insert: self.password = to_md5_hex(self.password) return super().save()