def authenticate_credentials(self, key): cache_user = cache.get(key) if cache_user: return key, cache_user model = self.get_model() try: token = model.objects.select_related('user').get(key=key) # 自定义处理相关数据 time_now = datetime.now() if token: if token.started <= time_now <= token.expires: if token.user.category == '0': token.expires = time_now + timedelta(hours=12) elif token.user.category == '1': token.expires = time_now + timedelta(days=15) else: raise exceptions.AuthenticationFailed(_('user type invalid.')) token.save() else: raise exceptions.AuthenticationFailed(_('token expired.')) if token: cache.set(key, token.user, 30 * 60) return token, token.user else: raise exceptions.AuthenticationFailed(_('Invalid token.')) except model.DoesNotExist: raise exceptions.AuthenticationFailed(_('Invalid token.'))
def sendConfirmInfo(request): token = request.query_params['token'] try: tokenVaild = Token.objects.get(key=token) except: raise exceptions.AuthenticationFailed('token does not right') data = request.data confirmList = data['confirmList'] try: for c in confirmList: confirmId = c.get('confirmId') status = c.get('status') server_money = c.get('server_money') total_money = c.get('total_money') confirmOrderInfo = ConfirmOrderInfo.objects.filter( id=confirmId).update(status=status, server_money=server_money, total_money=total_money) data['sccess'] = 1 data['detail'] = u'成功' return Response(data) except: traceback.print_exc() return Response(data={"detail:error"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def authenticate(self, request): auth = get_authorization_header(request).split() if not auth or auth[0].lower() != self.keyword.lower().encode(): return None if len(auth) == 1: msg = _('Invalid token header. No credentials provided.') raise exceptions.AuthenticationFailed(msg) elif len(auth) > 2: msg = _('Invalid token header. Token string should not contain spaces.') raise exceptions.AuthenticationFailed(msg) try: token = auth[1].decode() except UnicodeError: msg = _('Invalid token header. Token string should not contain invalid characters.') raise exceptions.AuthenticationFailed(msg) return self.authenticate_credentials(token)
def get_token(self, request): """ 获取用力的token :param request: :return: """ # 向注册中心请求用户信息 user_data = sdc_carrier_client.verify_user_ticket(request.user.get('ticket')) user = self._process_user_info(user_data) if user and user.is_active: try: token = AuthToken.objects.filter(user=user) # 自定义处理相关数据 time_now = datetime.now() if token.started > time_now or token.expires < time_now: if cache.has_key(token.key): cache.delete(token.key) token.delete() token = AuthToken(user=user) except AuthToken.DoesNotExist: token = AuthToken(user=user) except: token = None if token: if token.user.category == '0': token.expires = datetime.now() + timedelta(hours=12) elif token.user.category == '1': token.expires = datetime.now() + timedelta(days=15) else: token.expires = datetime.now() token.save() cache.set(token.key, user, 30 * 60) return token.key elif user and user.is_active: AuthToken.objects.filter(user=user).delete() raise exceptions.AuthenticationFailed(_('User inactive or deleted.')) else: raise exceptions.AuthenticationFailed(_('Invalid ticket.'))
def _request(self, op, url, data=None, blocking=True, retry_after_auth=False): retried = 0 while True: try: if (op.upper() == 'GET'): (status, content) = self._http_get(url, headers=self._headers, query_params=data) elif (op.upper() == 'POST'): (status, content) = self._http_post(url, body=data, headers=self._headers) elif (op.upper() == 'DELETE'): (status, content) = self._http_delete(url, body=data, headers=self._headers) elif (op.upper() == 'PUT'): (status, content) = self._http_put(url, body=data, headers=self._headers) else: raise ValueError except ConnectionError as e: if not blocking: raise retried += 1 time.sleep(1) self._create_api_server_session() continue if status == 200: return content # Exception Response, see if it can be resolved if status == 401: if retry_after_auth: raise exceptions.AuthenticationFailed(content) else: self._headers = self._authenticate(content, self._headers) # Recursive call after authentication (max 1 level) content = self._request(op, url, data=data, retry_after_auth=True) return content elif status == 404: raise exceptions.NoIdError( 'Error: oper %s url %s body %s response %s' % (op, url, data, content)) elif status == 403: raise exceptions.PermissionDenied(content) elif status == 409: raise exceptions.RefsExistError(content) elif status == 504: # Request sent to API server, but no response came within lb timeout raise exceptions.TimeOutError('Gateway Timeout 504') elif status in [502, 503]: # 502: API server died after accepting request, so retry # 503: no API server available even before sending the request if not blocking: raise exceptions.ServiceUnavailableError( 'Service Unavailable Timeout %d' % status) retried += 1 time.sleep(1) continue elif status == 400: raise exceptions.BadRequest(status, content) else: # Unknown Error raise exceptions.HttpError(status, content)
def authenticate(self, request): if not request.jwt_user: msg = u'请先授权' raise exceptions.AuthenticationFailed(msg) return (request.jwt_user, request.jwt_user.uuid)