def login(request):
form, error = JsonParser(Argument('username', help='请输入用户名'),
Argument('password', help='请输入密码'),
Argument('type')).parse(request.body)
if error is None:
x_real_ip = request.headers.get('x-real-ip', '')
user = User.objects.filter(username=form.username,
type=form.type).first()
if user and not user.is_active:
return json_response(error="账户已被系统禁用")
if form.type == 'ldap':
ldap = LDAP()
is_success, message = ldap.valid_user(form.username, form.password)
if is_success:
if not user:
user = User.objects.create(username=form.username,
nickname=form.username,
type=form.type)
return handle_user_info(user, x_real_ip)
elif message:
return json_response(error=message)
else:
if user and user.deleted_by is None:
if user.verify_password(form.password):
return handle_user_info(user, x_real_ip)
value = cache.get_or_set(form.username, 0, 86400)
if value >= 3:
if user and user.is_active:
user.is_active = False
user.save()
return json_response(error='账户已被系统禁用')
cache.set(form.username, value + 1, 86400)
return json_response(error="用户名或密码错误,连续多次错误账户将会被禁用")
def login(request):
form, error = JsonParser(Argument('username', help='请输入用户名'),
Argument('password', help='请输入密码'),
Argument('type')).parse(request.body)
if error is None:
user = User.objects.filter(username=form.username)
if form.type == 'ldap':
u = LDAP()
valid = u.valid_user(form.username, form.password)
if valid['status']:
user = user.filter(type='LDAP').first()
if user:
if not user.is_active:
return json_response(error="账户已被系统禁用")
if not user.role_id:
return json_response(error="LDAP用户角色未分配")
x_real_ip = request.headers.get('x-real-ip', '')
ret = handle_user_info(user, form.username, x_real_ip)
return json_response(ret)
x_real_ip = request.headers.get('x-real-ip', '')
form.access_token = uuid.uuid4().hex
form.nickname = form.username
form.token_expired = time.time() + 8 * 60 * 60
form.last_login = human_datetime()
form.last_ip = x_real_ip
form.type = 'LDAP'
form.pop('password')
User.objects.create(**form)
return json_response({
'access_token': form.access_token,
'nickname': form.username,
'is_supper': False,
'has_real_ip': True if x_real_ip else False,
'permissions': []
})
return json_response(error=valid['info'])
else:
user = user.filter(type='系统用户').first()
if user and user.deleted_by is None:
if not user.is_active:
return json_response(error="账户已被系统禁用")
if user.verify_password(form.password):
cache.delete(form.username)
x_real_ip = request.headers.get('x-real-ip', '')
ret = handle_user_info(user, form.username, x_real_ip)
return json_response(ret)
value = cache.get_or_set(form.username, 0, 86400)
if value >= 3:
if user and user.is_active:
user.is_active = False
user.save()
return json_response(error='账户已被系统禁用')
cache.set(form.username, value + 1, 86400)
return json_response(error="用户名或密码错误,连续多次错误账户将会被禁用")
return json_response(error=error)
def login(request):
form, error = JsonParser(Argument('username', help='请输入用户名'),
Argument('password', help='请输入密码'),
Argument('captcha', required=False),
Argument('type',
required=False)).parse(request.body)
if error is None:
user = User.objects.filter(username=form.username,
type=form.type).first()
if user and not user.is_active:
return json_response(error="账户已被系统禁用")
if form.type == 'ldap':
config = AppSetting.get_default('ldap_service')
if not config:
return json_response(error='请在系统设置中配置LDAP后再尝试通过该方式登录')
ldap = LDAP(**config)
is_success, message = ldap.valid_user(form.username, form.password)
if is_success:
if not user:
user = User.objects.create(username=form.username,
nickname=form.username,
type=form.type)
return handle_user_info(request, user, form.captcha)
elif message:
return json_response(error=message)
else:
if user and user.deleted_by is None:
if user.verify_password(form.password):
return handle_user_info(request, user, form.captcha)
value = cache.get_or_set(form.username, 0, 86400)
if value >= 3:
if user and user.is_active:
user.is_active = False
user.save()
return json_response(error='账户已被系统禁用')
cache.set(form.username, value + 1, 86400)
return json_response(error="用户名或密码错误,连续多次错误账户将会被禁用")
return json_response(error=error)
