def post(self, request):
post_vars = request.DATA
if 'phone' not in post_vars or not post_vars['phone']:
raise error.Error(error.MISSING_PARAMETER, u'缺少参数phone')
phone_number = post_vars['phone']
if not PHONE_NUMBER_RE.match(phone_number):
raise error.Error(error.PHONE_NUMBER_FORMAT_ERROR, u'手机号格式错误')
if 'authtoken' not in post_vars or not post_vars['authtoken']:
raise error.Error(error.MISSING_PARAMETER, u'缺少参数authtoken')
authtoken = decode(post_vars['authtoken'])
tokens = authtoken.split('#')
if not authtoken or (len(tokens) != 3):
raise error.Error(error.AUTHTOKEN_FORMAT_ERROR, u'authtoken格式错误')
t_phone_number, t_uuid, t_timestamp = tokens
if phone_number != t_phone_number:
logging.error('api请求手机号:{} token手机号:{}, 可能盗用短信接口'.format(phone_number, t_phone_number))
raise error.Error(error.AUTHTOKEN_FORMAT_ERROR, u'authtoken错误')
if SMSValidate.objects.filter(token=authtoken).exists():
raise error.Error(error.AUTHTOKEN_OUT_OF_DATE, u'authtoken过期')
if 'check_phone_type' not in post_vars or not post_vars['check_phone_type']:
# raise error.Error(error.MISSING_PARAMETER, u'缺少参数check_phone_type) # blocked for another field check_phone_type check
pass
else:
check_phone_type = post_vars.get('check_phone_type')
exist = UserProfile.objects.filter(phone_number=phone_number).exists()
if check_phone_type == '1': # register
if exist:
raise error.Error(error.PHONE_NUMBER_EXIST, u'该手机已被注册或绑定')
elif check_phone_type == '2': # forget
if not exist:
raise error.Error(error.PHONE_NUMBER_DONT_EXIST, u'该手机号尚未注册')
elif check_phone_type == '3': # bind
if exist:
raise error.Error(error.PHONE_ALREADY_BIND, u'该手机号已经被绑定过了喔')
else: # unsupported type
raise error.Error(error.INVALID_PARAMETER, u'参数错误:check_phone_type({})'.format(check_phone_type))
if 'check_phone_type' not in post_vars: # need to keep it for old app client
check_phone_registed = post_vars.get('check_phone_registed')
if check_phone_registed == '1' or check_phone_registed == 'true':
if UserProfile.objects.filter(phone_number=phone_number).exists():
raise error.Error(error.PHONE_NUMBER_EXIST, u'该手机已被注册或绑定')
sms_list = SMSValidate.objects.filter(status=SMS_WAIT_TO_CHECK, phone_number=phone_number).order_by('-created_at')
# 防止用户恶意注册
if sms_list.exists():
sms_obj = sms_list[0]
if sms_obj.is_too_frequently():
raise error.Error(error.SMS_TOO_FREQUENTLY, SMSValidate.STATUS[SMS_TOO_FREQUENTLY])
obj = SMSValidate.new(phone_number, token=authtoken)
resp = sms_send(phone_number, obj.validate)
sms_response = json.loads(resp)
# 状态码0为成功
# http://www.yunpian.com/api/retcode.html
if sms_response['code']:
raise error.Error(error.SMS_SEND_FAILED, u'验证码发送失败')
logging.info('api.sms.validate.send phone [{}] result [{}]'.format(phone_number, resp))
return Response(status=status.HTTP_204_NO_CONTENT)
def check_phone_number(post_vars):
if 'phone' not in post_vars:
raise error.Error(error.MISSING_PARAMETER, u'缺少参数phone')
if 'validate' not in post_vars:
raise error.Error(error.MISSING_PARAMETER, u'缺少参数validate')
phone_number = post_vars['phone']
validate = post_vars['validate']
if not PHONE_NUMBER_RE.match(phone_number):
raise error.Error(error.PHONE_NUMBER_FORMAT_ERROR, u'手机号格式错误')
