def login(request:HttpRequest) -> HttpResponse:
"""登入"""
hint = request.GET.get('hint') or ''
returnurl = request.GET.get('returnurl', '/')
if returnurl != '/':
# 将百分号编码还原原始的字符串
returnurl = unquote(returnurl)
if request.method == 'POST':
returnurl = request.POST.get('returnurl', '/')
captcha_from_serv = request.session.get('captcha', '0')
captcha_from_user = request.POST.get('captcha', '1').lower()
if captcha_from_serv == captcha_from_user:
username = request.POST.get('username')
password = request.POST.get('password')
if check_username(username) and check_password(password):
password = gen_md5_digest(password)
user = User.objects.filter(Q(username=username) | Q(tel=username)).filter(password=password).first()
if user:
request.session['userid'] = user.no
request.session['username'] = user.username
return redirect(returnurl)
else:
hint = '用户或密码错误'
else:
hint = '请输入有效的用户名'
else:
hint = '请输入有效的验证码'
return render(request, 'login.html', {'hint': hint, 'returnurl': returnurl})
def check_unique(request):
flag = False
username = request.GET.get('username', '').strip()
if check_username(username):
user = User.objects.filter(username=username).first()
flag = user is None
return JsonResponse({'is_valid': flag})
def login(request: HttpRequest) -> HttpResponse:
"""登录"""
hint = request.GET.get('hint') or ''
if request.method == 'POST':
username = request.data.get('username', '').strip()
password = request.data.get('password', '')
if check_username(username) and check_password(password):
password = gen_sha256_digest(password)
user = User.objects.filter(Q(username=username) | Q(tel=username)) \
.filter(password=password).first()
if user:
user.last_visit = timezone.now()
user.save()
payload = {
'userid': user.no,
'exp': timezone.now() + timedelta(days=1)
}
# 通过PyJWT的encode函数生成用户身份令牌(bytes,可以通过decode方法处理成str)
token = jwt.encode(payload,
settings.SECRET_KEY,
algorithm='HS256')
return Response({
'code': 40000,
'hint': '登录成功',
'token': token,
'username': user.username
})
else:
hint = '登录失败,用户名或密码错误'
else:
hint = '请输入有效的登录信息'
return Response({'code': 40001, 'hint': hint})
def is_unique_username(request: HttpRequest) -> HttpResponse:
"""检查用户名唯一性"""
username = request.GET.get('username')
if check_username(username):
if User.objects.filter(username=username).exists():
data = {'code': 30001, 'message': '用户名已被注册'}
else:
data = {'code': 30000, 'message': '用户名可以使用'}
else:
data = {'code': 30002, 'message': '无效的用户名'}
return JsonResponse(data)
def register(request: HttpRequest) -> HttpResponse:
"""注册"""
hint = ''
if request.method == 'POST':
agreement = request.POST.get('agreement')
if agreement == 'on':
code_from_user = request.POST.get('mobilecode','0')
code_from_sess = request.session.get('mobilecode','1')
if code_from_user == code_from_sess:
username = request.POST.get('username')
password = request.POST.get('password')
tel = request.POST.get('tel')
if check_username(username):
if check_password(password):
if tel:
user = User()
user.username = username
user.password = gen_md5_digest(password)
user.tel = tel
try:
user.save()
except DatabaseError:
hint = '用户或手机号已被注册,请尝试其他的用户名或手机号'
else:
hint = '注册成功,请登录'
return redirect(f'/login/?hint={hint}')
else:
hint = '电话号码错误'
else:
hint = '密码少于8位'
else:
hint = '用户名少于6位数'
else:
hint = '请输入正确的手机验证码'
else:
hint = '请勾选同意网站用户协议及隐私政策'
return render(request, 'register.html', {'hint': hint})
def register(request):
"""用户注册"""
username, tel, hint = '', '', ''
if request.method == 'POST':
agreement = request.data.get('agreement')
if agreement:
username = request.data.get('username', '').strip()
password = request.data.get('password', '')
tel = request.data.get('tel', '').strip()
redis_cli = get_redis_connection()
code_from_user = request.data.get('mobilecode', '0')
code_from_redis = redis_cli.get(f'mobile:valid:{tel}').decode()
if code_from_user == code_from_redis:
if check_username(username) and check_password(
password) and check_tel(tel):
password = gen_sha256_digest(password)
try:
user = User(username=username,
password=password,
tel=tel)
user.last_visit = timezone.now()
user.save()
# 验证码只能消费一次,注册成功用过的验证码立即失效
redis_cli.delete(f'mobile:valid:{tel}')
hint = '注册成功,请登录'
# return redirect(f'/login/?hint={hint}')
return Response({'code': 30000, 'mesg': hint})
except DatabaseError:
hint = '注册失败,用户名或手机号已被使用'
else:
hint = '请输入有效的注册信息'
else:
hint = '请输入正确的手机验证码'
else:
hint = '请勾选同意网站用户协议及隐私政策'
# return render(request, 'register.html', {'hint': hint, 'username': username, 'tel': tel})
return Response({'code': 30001, 'mesg': hint})