def password(self, request, data, client):
"""
Handle ``grant_type=password`` requests as defined in :draft:`4.3`.
"""
data = self.get_password_grant(request, data, client)
user = data.get('user')
scope = data.get('scope')
if constants.SINGLE_ACCESS_TOKEN:
at = self.get_access_token(request, user, scope, client)
else:
at = self.create_access_token(request, user, scope, client)
rt = self.create_refresh_token(request, user, scope, at, client)
# track user login ip
# TODO: track in authorization grant typer last login ip in auth_userprofile
user_profile = UserProfile.objects.get(user=user)
user_profile.last_login_ip = request.META.get('REMOTE_ADDR', None)
user_profile.save()
sid = request.META.get('HTTP_SID')
uid = user.id
uuid = request.META.get('HTTP_UUID')
if uuid:
device, _ = DeviceInfo.objects.get_or_create(uuid=uuid)
device.uid = uid
device.save()
if sid:
timestamp = time.time()
IDsInfo.new(sid, uid, uuid, timestamp)
response = self.access_token_response(at)
set_login_response_header(request, response)
login_type = response.get('login_type', '')
server_track(request, 'api.user.login_success', {
'uid': user.id,
'username': user.username,
'login_type': login_type,
})
return response
def social_oauth(self, request, data, client):
"""
Handle ``grant_type=social_oauth`` requests as defined in :draft:`4.3`.
"""
data = self.get_social_oauth_grant(request, data, client)
uid = data.get('uid')
access_token = data.get('access_token')
provider = data.get('provider')
scope = data.get('scope')
strategy = get_strategy(provider)
social_response = {
'access_token': access_token,
'uid': uid,
'openid': uid,
'provider': provider,
}
logging.info('api.oauth.outer.login\n{}'.format(social_response))
if provider == 'qq':
social_response.update({
'SOCIAL_AUTH_QQ_KEY': settings.SOCIAL_AUTH_MOBILE_QQ_OAUTH_CONSUMER_KEY
})
user = _created = detail = None
try:
# 请求三方接口获得用户信息
detail = strategy.backend.user_data(access_token, response=social_response)
logging.info('api.user.oauth.login.response\n{}'.format(detail))
if 'errcode' in detail:
server_track(request, 'api.user.oauth.login_failure', {
'login_type': 'social_oauth',
'error': {
'msg': u'三方登录失败',
'detail': detail,
},
})
return self.error_response({
'error': u'三方登录失败',
'error_description': u"三方登录失败"
}, request=request)
except Exception as ex:
server_track(request, 'api.user.oauth.login_failure', {
'login_type': 'social_oauth',
'error': {
'msg': ex.__class__.__name__,
}
})
return self.error_response({
'error': u'三方登录失败',
'error_description': u"三方登录失败"
}, request=request)
try:
# 创建用户: TODO: 异常处理
user, _created = _get_or_create_oauth_user(strategy, detail,
request, mobile_client=True, created_on='mobile')
if _created:
server_track(request, 'api.user.oauth.register_success', {
'uid': user.id,
'username': user.username,
'provider': strategy.backend.name,
})
except Exception as ex:
if not user and (_created is None):
server_track(request, 'api.user.oauth.register_failure', {
'register_type': 'social_oauth',
'error': {
'msg': ex.__class__.__name__,
},
})
return self.error_response({
'error': u'三方登录失败',
'error_description': u"三方登录失败"
}, request=request)
if constants.SINGLE_ACCESS_TOKEN:
at = self.get_access_token(request, user, scope, client)
else:
at = self.create_access_token(request, user, scope, client)
rt = self.create_refresh_token(request, user, scope, at, client)
# track user login ip
# TODO: track in authorization grant typer last login ip in auth_userprofile
user_profile = UserProfile.objects.get(user=user)
user_profile.last_login_ip = request.META.get('REMOTE_ADDR', None)
user_profile.save()
sid = request.META.get('HTTP_SID')
uid = user.id
uuid = request.META.get('HTTP_UUID')
if uuid:
device, _ = DeviceInfo.objects.get_or_create(uuid=uuid)
device.uid = uid
device.save()
if sid:
timestamp = time.time()
IDsInfo.new(sid, uid, uuid, timestamp)
uuid = request.META.get('HTTP_UUID')
response = self.access_token_response(at)
set_login_response_header(request, response)
login_type = response.get('login_type', '')
server_track(request, 'api.user.oauth.login_success', {
'uid': user.id,
'username': user.username,
'provider': strategy.backend.name,
'login_type': login_type,
})
if _created:
response['register_type'] = 'social_oauth'
return response
