def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if settings.JWT_AUTH['JWT_AUTH_COOKIE']:
expiration = (datetime.utcnow() +
settings.JWT_AUTH['JWT_EXPIRATION_DELTA'])
response.set_cookie(settings.JWT_AUTH['JWT_AUTH_COOKIE'],
token,
domain=settings.SESSION_COOKIE_DOMAIN,
expires=expiration,
httponly=True)
response.data = {
'code': 20000,
'data': response.data,
}
return response
return Response(
{
'code': 50008,
'message': 'Unable to log in with provided credentials.'
},
status=status.HTTP_400_BAD_REQUEST)
def login(request, *args, **kw):
"""
Authenticate and return a valid JSONWebToken
"""
gas_list = list(GAS.objects.all())
gas_list.sort(cmp_orders)
kw['extra_context'] = {
'VERSION': settings.VERSION,
'THEME': settings.THEME,
'MAINTENANCE_MODE': settings.MAINTENANCE_MODE,
'gas_list': gas_list,
}
if settings.MAINTENANCE_MODE:
if request.method == "POST" and \
request.POST.get('username') != settings.INIT_OPTIONS['su_username']:
return HttpResponse(
_("Maintenance in progress, please retry later..."))
tmpl_response = django_auth_login(request, *args, **kw)
if tmpl_response.status_code == 302:
accept = request.META.get('HTTP_ACCEPT', '')
if accept and accept.startswith('application/json'):
# Return a valid JSONWebToken
payload = jwt_payload_handler(request.user)
payload['orig_iat'] = timegm(datetime.utcnow().utctimetuple())
token = jwt_encode_handler(payload)
response_data = jwt_response_payload_handler(
token, request.user, request)
return HttpResponse(json.dumps(response_data))
return tmpl_response
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response_data['info'] = UserSerializer(user).data
update_last_login(None, user)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request):
serializer = self.serializer_class(data=request.data)
# TODO: Check if google token is active
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request):
"""
User login view.
Based on JSONWebTokenAPIView from rest_framework_jwt.
"""
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response_data['info'] = UserSerializer(user).data
update_last_login(None, user)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def custom_jwt_response_payload_handler(token, user=None, request=None):
"""
This method creates a custom response on successful login
:param token:
:param user:
:param request:
:return: dict
"""
data = jwt_response_payload_handler(token, user, request)
response_data = {
"user": CreateUserSerializer(instance=user).data,
"access_token": "Bearer " + data["token"],
"expires_in": "24hrs",
}
return response_data
def post(self, request):
"""
User login view.
Based on JSONWebTokenAPIView from rest_framework_jwt.
"""
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
log.warning(message='Authentication failed.', details={'http_status_code': status.HTTP_401_UNAUTHORIZED})
return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request):
"""
User login view.
Based on JSONWebTokenAPIView from rest_framework_jwt.
"""
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
log.warning(message='Authentication failed.',
details={'http_status_code': status.HTTP_401_UNAUTHORIZED})
return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def create(self, request, *args, **kwargs):
username = request.data["username"]
password = request.data["password"]
keys = red_user_cache.keys()
try:
for single_key in keys:
user_info = red_user_cache.get(single_key)
redis_username, redis_password, redis_email = json.loads(
user_info)
if redis_username == username:
return Response({"non_field_errors": ["账号未激活,请先激活账号"]},
status=status.HTTP_400_BAD_REQUEST)
except Exception as e:
pass
user = User.objects.filter(username=username).first()
if not user:
return Response({"non_field_errors": ["账号或者密码错误"]},
status=status.HTTP_400_BAD_REQUEST)
if not user.check_password(password):
return Response({"non_field_errors": ["账号或者密码错误"]},
status=status.HTTP_400_BAD_REQUEST)
if not user.has_active:
return Response({"non_field_errors": ["账号未激活,请先激活账号"]},
status=status.HTTP_400_BAD_REQUEST)
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
#采用jwt模式认证
serializer_instance = JSONWebTokenSerializer(data=request.data)
if serializer_instance.is_valid():
user = serializer_instance.object.get('user') or request.user
token = serializer_instance.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
# 合并购物车数据
merge_cart_cookie_to_redis(request, user, response)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
token_data = jwt_response_payload_handler(token, user, request)
response_data = {'code': 20000, 'data': token_data}
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=False)
return response
return Response({
"code": 50001,
"message": "User or Password is invaild."
})
def post(self, request, *args, **kwargs):
"""用户登录"""
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
is_remember = serializer.object.get('is_remember')
next = serializer.object.get('next')
# 加密,如果配置中支持刷新,则更新token,将user调用中间件赋给request.user
response_data = jwt_response_payload_handler(token, user, request)
response_data.update({'next': next})
response = Response(response_data)
self.remember_username(response, is_remember, user.get_username()) # 设置cookie,记住用户名
# 将token存到response的cookie中,设置有效的日期
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
# 对应配置中的Token名称
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
def create(self, request):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.validated_data['user']
token = serializer.validated_data['token']
response_data = jwt_response_payload_handler(token, user, request)
response_data['depository'] = serializer.validated_data.get(
'depository', '')
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (timezone.now() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(
api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True,
)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def create_jwt(user):
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
response = jwt_response_payload_handler(token, user)
return response
def test_jwt_response_payload(self):
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
response_data = utils.jwt_response_payload_handler(token)
self.assertEqual(response_data, dict(token=token))
def handle_user_login(self, request, serializer, *args, **kwargs):
token = jwt_encode_handler(jwt_payload_handler(serializer.user))
return Response(
jwt_response_payload_handler(token, serializer.user, request))
