def validate(self, attrs): phone = attrs.get("phone") password = attrs.get("password") sms_code = attrs.get("code") username = attrs.get("username") # 验证手机号格式 if not re.match(r'^1[3-9]\d{9}$', phone): raise serializers.ValidationError("手机号格式错误") if not re.match(r'^[0-pa-zA-Z]{3,16}$', username): raise serializers.ValidationError("用户名格式错误") if not re.match(r'^[0-pa-zA-Z.+*@#]{3,16}$', password): raise serializers.ValidationError("密码格式错误") # 验证手机号是否被注册 try: user_phone = get_user_by_account(phone) except UserInfo.DoesNotExist: user_phone = None try: user_name = get_user_by_account(username) except UserInfo.DoesNotExist: user_name = None if user_phone: raise serializers.ValidationError("当前手机号已经被注册") if user_name: raise serializers.ValidationError("当前用户名已经被使用") redis_connection = get_redis_connection("sms_code") mobile_code = redis_connection.get("mobile_%s" % phone) if not mobile_code: raise serializers.ValidationError("验证码失效,请重新获取") if mobile_code.decode() != sms_code: redis_connection.incr('mobile_%s_time' % phone, 1) times = redis_connection.get('mobile_%s_time' % phone).decode() if times == 3: redis_connection.delete('mobile_%s_time') redis_connection.delete('mobile_%s') raise serializers.ValidationError("错误次数过多,请重新获取验证码") # 代表验证码有误 # 为了防止暴力破解 可以设置一个手机号只能验证n次 累加 raise serializers.ValidationError("验证码不一致") # 验证通过后将redis的验证码的删除 redis_connection.delete("mobile_%s" % phone) return attrs
def validate(self, attrs): ''' 验证手机好 :param attrs: :return: ''' phone = attrs.get('phone') password = attrs.get("password") sms_code = attrs.get("sms_code") print(sms_code) # # # 验证手机号格式 if not re.match(r'^1[35789]\d{9}$', phone): raise serializers.ValidationError("手机号格式错误") # 验证手机号是否重反复 try: user = get_user_by_account(phone) except: user = None if user: raise serializers.ValidationError("当前手机号已被注册") #验证手机号验证码是否正确 redis_connection = get_redis_connection('sms_code') phone_code = redis_connection.get("mobile_%s" % phone) if phone_code.decode() != sms_code: raise serializers.ValidationError("验证码不一致") #删除验证码 cache.delete_pattern("mobile_%s" % phone) return attrs
def validate(self, attrs): """验证手机号与密码""" phone = attrs.get("phone") # print(len(phone)) password = attrs.get("password") code = attrs.get('code') # print(len(password)) # print(123) if not re.match(r'^1[3-9]\d{9}$', phone): raise serializers.ValidationError('手机号格式不正确') redis_connection = get_redis_connection('sms_code') phone_code = redis_connection.get("exp_%s" % phone) if phone_code.decode() != code: # 为了防止暴力破解,可以设置一个手机号只能验证n次 累加器 raise serializers.ValidationError("验证码输入错误") if not re.match( r'^(?![0-9]+$)(?![a-z]+$)(?![A-Z]+$)(?!([^(0-9a-zA-Z)])+$).{8,16}$', password): raise serializers.ValidationError( '密码格式不正确,密码格式为包含数字, 英文, 字符中的两种以上,且长度为8-16') # 验证手机号是否被注册 try: user = get_user_by_account(phone) except UserInfo.DoesNotExist: user = None if user: raise serializers.ValidationError('当前手机号已经被注册') return attrs
def validate(self, attrs): """验证用户提交的注册信息是否合法""" phone = attrs.get("phone") password = attrs.get("password") code = attrs.get("sms_code") #验证手机号的格式 if not re.match(r'^1[356789]\d{9}$', phone): raise serializers.ValidationError("手机号格式有误") # 手机号是否被注册 try: user = get_user_by_account(account=phone) except: user = None if user: return serializers.ValidationError("当前手机号已经被注册") #验证密码 if not re.match(r'^(?![0-9]+$)(?![a-zA-Z]+$)[0-9A-Za-z]{6,16}$', password): raise serializers.ValidationError("密码格式有误") from django_redis import get_redis_connection connection = get_redis_connection("sms_code") redis_code = connection.get(f"mobile_{phone}") if redis_code.decode() != code: raise serializers.ValidationError("验证码不正确") return attrs
def post(self,request): phone = request.data.get("phone") code = request.data.get("code") if not re.match(r'^1[3-9]\d{9}$', phone): return Response({"message":"手机号码格式错误"}) try: user = get_user_by_account(phone) except UserInfo.DoesNotExist: return Response({"message":"当前手机号不存在"}) # TODO 检验密码的格式 # TODO 校验验证码是否一致 redis_connection = get_redis_connection("sms_code") mobile_code = redis_connection.get("mobile_%s" % phone) if mobile_code.decode() != code: # 代表验证码有误 # 为了防止暴力破解 可以设置一个手机号只能验证n次 累加 return Response({"message":"验证码错误"}) # 验证通过后将redis的验证码的删除 else: payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) return Response(jwt_response_payload_handler( token, user, request))
def validate(self, attrs): phone = attrs.get('phone') passward = attrs.get('passward') user = UserInfo.objects.filter(phone=phone) if user: raise exceptions.ValidationError('用户已存在') # 验证手机号格式 密码格式 if not re.match(r"1[3-9]\d{9}$", phone): raise serializers.ValidationError("手机号格式不正确") # 验证手机号是否被注册 try: user = get_user_by_account(phone) except UserInfo.DoesNotExist: user = None if user: raise serializers.ValidationError("当前手机号已经被注册") #验证密码是否符合 # if not re.match(r"/^\w{5,16}$/", passward): # raise serializers.ValidationError("密码不符合要求,请重新输入") return attrs
def validate(self, attrs): """验证手机号与密码""" phone = attrs.get("phone") password = attrs.get("password") code = attrs.get("code") # 验证手机号格式 if not re.match(r'^1[3-9]\d{9}$', phone): raise serializers.ValidationError("手机号格式错误") # # TODO 比对用户输入的手机验证码是否正确 # redis_connection = get_redis_connection('sms_code') # phone_code = redis_connection.get("exp_%s" % phone) # if phone_code.decode() != code: # # 为了防止暴力破解,可以设置一个手机号只能验证n次 累加器 # raise serializers.ValidationError("验证码输入错误") # 验证成功后需要将验证码删除 # TODO 验证密码格式 if not re.match(r'^(?=.*[0-9])(?=.*[a-zA-Z])([a-zA-Z0-9]{6,20})$', password): raise serializers.ValidationError("密码由6到20位字符必须包含字母和数字组成") # 验证手机号是否注册过 try: user = get_user_by_account(phone) except UserInfo.DoesNotExist: user = None if user: raise serializers.ValidationError('当前手机号已经被注册') return attrs
def validate(self, attrs): """验证手机号""" phone = attrs.get("phone") password = attrs.get("password") sms_code = attrs.get("sms_code") # 用户提交的验证码 # 验证手机号格式 if not re.match(r'^1[3-9]\d{9}$', phone): raise serializers.ValidationError("手机号格式错误") # 验证手机号是否被注册 try: user = get_user_by_account(phone) except: user = None if user: raise serializers.ValidationError("当前手机号已经被注册") # TODO 验证手机号短信验证码是否正确 redis_connection = get_redis_connection("sms_code") phone_code = redis_connection.get("mobile_%s" % phone) print(phone_code) num = 0 if phone_code.decode() != sms_code: num = num + 1 if num > 10: raise serializers.ValidationError("验证码发送频繁,请稍后再试") raise serializers.ValidationError("验证码不一致") del phone_code return attrs
def validate(self, attrs): phone = attrs.get("phone") password = attrs.get("password") sms_code = attrs.get("sms_code") print(sms_code) if not re.match(r'^1[3-9]\d{9}$', phone): raise serializers.ValidationError("手机号格式有误") try: user = get_user_by_account(phone) except: user = None if user: raise serializers.ValidationError("该手机号已被注册") # 验证手机号短信验证码是否正确 redis_connection = get_redis_connection("sms_code") phone_code = redis_connection.get("mobile_%s" % phone) if phone_code.decode() != sms_code: raise serializers.ValidationError("验证码不一致") # 删除验证码 else: cache.delete_pattern("mobile_%s" % phone) return attrs
def validate(self, attrs): print(123) phone = attrs.get("account") code = attrs.get("code") print(code, phone) try: user = get_user_by_account(phone) print(user) except UserInfo.DoesNotExist: user = None if not user: raise serializers.ValidationError("此手机号没有被注册") redis_connection = get_redis_connection("sms_code") phone_code = redis_connection.get("exp_%s" % phone) print(phone_code) if phone_code.decode() != code: raise serializers.ValidationError("验证码错误") user_obj = UserInfo.objects.get(phone=phone) print(user_obj) if user_obj and phone_code.decode() == code: from rest_framework_jwt.settings import api_settings jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user_obj) token = jwt_encode_handler(payload) self.obj = user_obj self.token = token return attrs
def validate(self, attrs): phone = attrs.get("phone") # password = attrs.get("password") sms_code = attrs.get('code') # 手机验证码 # 验证手机号格式 if not re.match(r'^1[3456789]\d{9}$', phone): raise serializers.ValidationError("手机号格式错误") # 验证手机号是否被注册 try: user = get_user_by_account(phone) except UserInfo.DoesNotExist: user = None if user: raise serializers.ValidationError("当前手机号已经被注册") # TODO 检验密码的格式 # TODO 校验验证码是否一致 with get_redis_connection("sms_code") as redis_connection: mobile_code = redis_connection.get(f"mobile_{phone}") if mobile_code.decode() != sms_code: # 代表验证码有误 # 为了防止暴力破解 可以设置一个手机号只能验证n次 累加 raise serializers.ValidationError("验证码不一致") # 验证通过后将redis的验证码的删除 redis_connection.delete(f"mobile_{phone}") return attrs
def validate(self, attrs): phone = attrs.get("phone") password = attrs.get("password") code = attrs.get("code") print(password, type(code), code) print(phone) if not re.match( r"^(13[0-9]|14[01456879]|15[0-3,5-9]|16[2567]|17[0-8]|18[0-9]|19[0-3,5-9])\d{8}$", phone): raise serializers.ValidationError("手机号格式错误") try: user = get_user_by_account(phone) print(user) except UserInfo.DoesNotExist: user = None if user: raise serializers.ValidationError("手机号已经被注册") # 验证密码格式 if not re.match(r"^[a-zA-Z\d_]{8,16}$", password): print(password) raise serializers.ValidationError("密码格式错误") redis_connection = get_redis_connection("sms_code") phone_code = redis_connection.get("exp_%s" % phone) print(phone_code) if phone_code.decode() != code: print(phone_code.decode()) raise serializers.ValidationError("验证码输入错误") return attrs
def get(self, request, *args, **kwargs): """获取验证码""" # 能够实现并发吗?多用户登入,在验证的时候,会错乱吧??? # global USER_ID # USER_ID = 0 # global STATUS # STATUS = False username = request.query_params.get("username") # 通过user下的utils的自定义函数,获取用户,这个自定义函数,可以实现账号和密码登入 user = get_user_by_account(username) # 判断用户是否存在 if user is None: return Response({'message': "用户不存在"}, status=http_status.HTTP_400_BAD_REQUEST) # 通过定义的全局的id和key,在极验获取相应的对象和数据 gt = GeetestLib(pc_geetest_id, pc_geetest_key) # 获取redis连接 redis_connection = get_redis_connection('ji_yan') # 将验证码对应的值,存储在redis中,并且设置存活时间 redis_connection.setex("jy_%s" % username, constants.JI_YAN_TIME, "%s_%s" % (user.id, gt.pre_process(user.id))) # 获取challenge # 源码 self._response_str = self._make_response_format(status, challenge, new_captcha) response_str = gt.get_response_str() return Response(response_str)
def validate(self, attrs): phone = attrs.get('phone') code = attrs.get('code') if not re.match(r'^1[3-9][0-9]{9}$', phone): raise serializers.ValidationError('手机号格式有误') redis_connection = get_redis_connection('sms_code') phone_code = redis_connection.get('exp_%s' % phone) print(phone_code) if phone_code.decode() != code: raise serializers.ValidationError('验证码输入错误') try: user = get_user_by_account(phone) except UserInfo.DoesNotExist: user = None if user: raise serializers.ValidationError('当前手机号已经被注册') user_obj = UserInfo.objects.filter(phone=phone) from rest_framework_jwt.settings import api_settings jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload_handler = jwt_payload_handler(user_obj) user_obj.token = jwt_encode_handler(payload_handler) return user_obj, attrs
def validate(self, attrs): print(attrs) phone = attrs.get("phone") sms_code = attrs.get("code") if not re.match(r'^1[3-9]\d{9}$', phone): raise serializers.ValidationError("手机号格式错误") try: user = get_user_by_account(phone) except UserInfo.DoesNotExist: raise serializers.ValidationError("当前手机号不存在") # TODO 检验密码的格式 # TODO 校验验证码是否一致 redis_connection = get_redis_connection("sms_code") mobile_code = redis_connection.get("mobile_%s" % phone) if mobile_code.decode() != sms_code: # 代表验证码有误 # 为了防止暴力破解 可以设置一个手机号只能验证n次 累加 raise serializers.ValidationError("验证码不一致") # 验证通过后将redis的验证码的删除 else: payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) self.obj = user self.token = token return {'token': self.obj, 'user': self.token}
def validate(self, attrs): """验证手机号""" phone = attrs.get("phone") password = attrs.get("password") sms_code = attrs.get("sms_code") # 用户提交的验证码 # 验证手机号格式 if not re.match(r'^1[3-9]\d{9}$', phone): raise serializers.ValidationError("手机号格式错误") # 验证手机号是否被注册 try: user = get_user_by_account(phone) except: user = None if user: raise serializers.ValidationError("当前手机号已经被注册") # TODO 验证手机号短信验证码是否正确 redis_connection = get_redis_connection("sms_code") phone_code = redis_connection.get("mobile_%s" % phone) print(phone_code) if phone_code.decode() != sms_code: # 为了防止暴力破解 可以再次设置一个手机号只能验证 n次 累加 global count count += 1 print(count) if count >= 10: del phone_code count = 0 raise serializers.ValidationError("请求次数过多") raise serializers.ValidationError("验证码不一致") # 成功后需要将验证码删除 del phone_code return attrs
def validate(self, attrs): phone = attrs.get('phone') password = attrs.get('password') sms_code = attrs.get('code') # 验证手机号是否被注册 try: user = get_user_by_account(phone) except User.DoesNotExist: user = None if user: raise serializers.ValidationError("当前手机号已经被注册") # 检验密码的格式 if len(password) > 20 or len(password) < 6: raise serializers.ValidationError('密码长度不符合') redis_connection = get_redis_connection("sms_code") mobile_code = redis_connection.get("mobile_%s" % phone) # 为了防止暴力破解 可以设置一个手机号只能验证n次 累加 redis_connection.incr("count_%s" % phone) count_code = redis_connection.get("count_%s" % phone) if int(count_code) > 5: raise serializers.ValidationError('验证次数过多') # 校验验证码是否一致 if mobile_code.decode() != sms_code: raise serializers.ValidationError("验证码不一致") # 验证通过后将redis的验证码的删除 redis_connection.delete("mobile_%s" % phone) redis_connection.delete("count_%s" % phone) return attrs
def validate(self, attrs): """完成用户数据的校验""" print('进行用户数据校验') # 从前端传递来phone、password phone = attrs.get('phone') password = attrs.get('password') code = attrs.get('code') # 1. : 验证手机号格式,是否存在 # 2. : 校验密码的格式。 if not re.match(r'1[35789]\d{9}', phone): raise serializers.ValidationError('手机号格式错误') user = get_user_by_account(phone) if user is not None: raise serializers.ValidationError('该手机号已经被注册~') # 3. : 进行校验密码 if not re.match(r'\S', password): raise serializers.ValidationError('密码过于简单') # 4. : 用户名不存在后 print('对验证码进行校验') redis_connection = get_redis_connection('default') mobile_code = redis_connection.get('sms_%s' % phone) if mobile_code.decode() != code: raise serializers.ValidationError('验证码不一致') return attrs
def validate(self, attrs): phone = attrs.get("phone") password = attrs.get("password") sms_code = attrs.get("code") if not re.match(r'^1[3-9]\d{9}', phone): raise serializers.ValidationError("手机号格式错误") #验证手机是否被注册 try: user = get_user_by_account(phone) except UserInfo.DoesNotExist: user = None if user: raise serializers.ValidationError("当前手机号已被注册") #TODO 检验密码的格式 if len(password) < 6: raise serializers.ValidationError("密码长度小于六位") #TODO 检验验证码是否一致 redis_connection = get_redis_connection("sms_code") mobile_code = redis_connection.get("mobile_%s" % phone) if mobile_code.decode() != sms_code: # 验证码有误 raise serializers.ValidationError("验证码不一致") return attrs
def get(self, request, *args, **kwargs): phone = request.GET.get('phone') if not re.match(r'^1[3-9][0-9]{9}$', phone): raise serializers.ValidationError("手机号不符合规范") user = get_user_by_account(phone) if user: raise serializers.ValidationError("手机号已被注册") return Response({"message": "OK"}, status=http_status.HTTP_200_OK)
def get(self, request, mobile): if not re.match(r'^1[3-9]\d{9}', mobile): return Response({"message": "手机号格式不正确"}, status=http_status.HTTP_400_BAD_REQUEST) user = get_user_by_account(mobile) if user: return Response({"message": "该手机号已被注册"}, status=http_status.HTTP_400_BAD_REQUEST) return Response({"message": 'OK'})
def get(self, request, *args, **kwargs): username = request.query_params.get("username") user = get_user_by_account(username) if user is None: return Response({"message": "用户不存在"}, status=http_status.HTTP_400_BAD_REQUEST) self.user_id = user.id # 验证码的实例化对象 gt = GeetestLib(pc_geetest_id, pc_geetest_key) self.status = gt.pre_process(self.user_id) response_str = gt.get_response_str() return Response(response_str)
def get(self, request, mobile): if not re.match(r'^1[35678]\d{9}', mobile): return Response({"message": "手机号格式不对"}, status=http_status.HTTP_400_BAD_REQUEST) user = get_user_by_account(mobile) if user is not None: return Response({"message": "手机号已被注册!"}, status=http_status.HTTP_400_BAD_REQUEST) return Response({"message": "合法"})
def get(self,request): phone = request.query_params.get("phone") if not re.match(r'^1[3-9]\d{9}$',phone): return Response({"message":"手机号格式不正确"}, status=http_status.HTTP_400_BAD_REQUEST) user = get_user_by_account(phone) if user is not None: return Response({"message":"手机号已经被注册"},status=http_status.HTTP_400_BAD_REQUEST) return Response({"message":"Ok"})
def get(self, request, mobile): # 判断手机号是否合法 if not re.match(r"^1[3-9]\d{9}", mobile): return Response({"message": "手机号格式不正确"}, status=http_status.HTTP_400_BAD_REQUEST) user = get_user_by_account(mobile) if user is not None: return Response({"message": "手机号已经被注册"}, status=http_status.HTTP_400_BAD_REQUEST) return Response({"message": "ok"})
def get(self, request): username = request.query_params.get('username') user = get_user_by_account(username) if not user: return Response({"msg": "用户不存在"}, status=http_status.HTTP_400_BAD_REQUEST) # 构建一个验证码对象 gt = GeetestLib(pc_geetest_id, pc_geetest_key) self.status = gt.pre_process(user.id) # 响应获取的数据 response_str = gt.get_response_str() return HttpResponse(response_str)
def post(self, request): gt = GeetestLib(pc_geetest_id, pc_geetest_key) challenge = request.data.get(gt.FN_CHALLENGE, '') validate = request.data.get(gt.FN_VALIDATE, '') seccode = request.data.get(gt.FN_SECCODE, '') username = request.data.get('username') user = get_user_by_account(username) if user: result = gt.success_validate(challenge, validate, seccode, user.id) else: result = gt.failback_validate(challenge, validate, seccode) result = {'status': 'success'} if result else {'status': 'fail'} return HttpResponse(result)
def get(self, request, *args, **kwargs): # """获取验证码""" username = request.query_params.get('username') user_obj = get_user_by_account(username) if user_obj is None: return Response({"message": "用户不存在"}, status=statuss.HTTP_400_BAD_REQUEST) # self.user_id = user_obj.id # gt = GeetestLib(pc_geetest_id, pc_geetest_key) self.status = gt.pre_process(self.user_id) response_str = gt.get_response_str() return Response(response_str)
def get(self, request): username = request.query_params.get('username') user = get_user_by_account(username) if user is None: return Response({'message': '用户不存在'}, status=http_status.HTTP_400_BAD_REQUEST) user_id = user.id gt = GeetestLib(contastnt.PC_GEETEST_ID, contastnt.PC_GEETEST_KEY) status = gt.pre_process(user_id) self.status = status self.user_id = user_id response_str = gt.get_response_str() return Response(response_str)
def get(self, request, *args, **kwargs): phone = request.query_params.get('phone') print('进行手机验证!') # 验证手机号码格式 if not re.match(r'1[35789]\d{9}', phone): return Response({'message': '手机格式错误'}, status=http_status.HTTP_400_BAD_REQUEST) user = get_user_by_account(phone) # 格式正确手机号存在 if user is not None: return Response({'message': '手机号已经被注册'}, status=http_status.HTTP_400_BAD_REQUEST) # 手机号不存在 return Response({'message': '注册成功'}, status=http_status.HTTP_200_OK)