def validate(self, data):
user = data["user"]
payload = JSONWebTokenAuthentication.jwt_create_payload(user)
check_user(payload)
token = JSONWebTokenAuthentication.jwt_encode_payload(payload)
return {
"user": user,
"token": token,
"issued_at": payload.get('iat', unix_epoch())
}
def validate(self, data):
token = data['token']
payload = check_payload(token=token)
user = check_user(payload=payload)
# Get and check 'orig_iat'
orig_iat = payload.get('orig_iat')
if orig_iat is None:
msg = _('orig_iat field not found in token.')
raise serializers.ValidationError(msg)
# Verify expiration
refresh_limit = \
api_settings.JWT_REFRESH_EXPIRATION_DELTA.total_seconds()
expiration_timestamp = orig_iat + refresh_limit
now_timestamp = unix_epoch()
if now_timestamp > expiration_timestamp:
msg = _('Refresh has expired.')
raise serializers.ValidationError(msg)
new_payload = JSONWebTokenAuthentication.jwt_create_payload(user)
new_payload['orig_iat'] = orig_iat
return {
'token':
JSONWebTokenAuthentication.jwt_encode_payload(new_payload),
'user': user,
'issued_at': new_payload.get('iat', unix_epoch())
}
def save(self, **kwargs):
token = self.validated_data.get('token')
payload = JSONWebTokenAuthentication.jwt_decode_token(token)
iat = payload.get('iat', unix_epoch())
expires_at_unix_time = iat + api_settings.JWT_EXPIRATION_DELTA.total_seconds(
)
# For refreshed tokens, record the token id of the original token.
# This allows us to invalidate the whole family of tokens from
# the same original authentication event.
token_id = payload.get('orig_jti') or payload.get('jti')
self.validated_data.update({
'token_id':
token_id,
'user':
check_user(payload),
'expires_at':
make_aware(datetime.utcfromtimestamp(expires_at_unix_time)),
})
# Don't store the token if we can rely on token IDs.
# The token values are still sensitive until they expire.
if api_settings.JWT_TOKEN_ID == 'require':
del self.validated_data['token']
return super(BlacklistTokenSerializer, self).save(**kwargs)
def validate(self, data):
token = data['token']
payload = check_payload(token=token)
user = check_user(payload=payload)
return {
'token': token,
'user': user,
'issued_at': payload.get('iat', None)
}
def save(self, **kwargs):
token = self.validated_data.get('token')
payload = JSONWebTokenAuthentication.jwt_decode_token(token)
iat = payload.get('iat', unix_epoch())
expires_at_unix_time = iat + api_settings.JWT_EXPIRATION_DELTA.total_seconds()
self.validated_data.update({
'user': check_user(payload),
'expires_at':
make_aware(datetime.utcfromtimestamp(expires_at_unix_time)),
})
return super(BlacklistTokenSerializer, self).save(**kwargs)
def list(self, request):
print('regquesr:', request.GET)
token = request.GET.get('token')
if token:
user = check_user(check_payload(token))
creator = CstdUser.objects.filter(pk=user.id)
else:
# if re
creator = CstdUser.objects.filter(pk=request.user.id)
queryset = MapData.objects.filter(author_id=creator[0].id)
serializer = MapDataUserSerializer(queryset, many=True)
response = Response({'data': {'items': serializer.data, 'total': queryset.count()}, 'code': 20000})
return response
def create(self, request):
token = request.GET.get('token')
if token:
user = check_user(check_payload(token))
creator = CstdUser.objects.filter(pk=user.id)
else:
# if re
creator = CstdUser.objects.filter(pk=request.user.id)
# print('token:', request.user)
# print('auth:', request.auth)
# creator_name = request.user
# try:
# creator = CstdUser.objects.filter(username=creator_name)
# except CstdUser.DoesNotExist:
# user_result_object_format_list = [{"error": "no user authority"}]
# code, msg, = 0, status.HTTP_400_BAD_REQUEST
# data = dict(value=user_result_object_format_list)
# return api_response(code, msg, data)
# raise Http404
files = request.FILES.getlist('file', None)
if not files:
return Response({'status': 'file dont null'})
else:
returndata = []
mapdata = request.data
mapdata['author'] = creator[0].username
mapdata['author_id'] = creator[0].id
for file_obj in files:
print(file_obj)
response = upload_file(file_obj, str(creator[0].id))
mapdata['save_path'] = response['url']
mapdata['save_name'] = response['original']
# if len(mapdata['name']) == '':
if 'name' not in mapdata:
mapdata['name'] = os.path.splitext(mapdata['save_name'])[0] # 分割,不带后缀名
serializer = MapDataSerializer(data=mapdata)
if serializer.is_valid():
serializer.save()
returndata.append(serializer.data)
serializer = MapDataUserSerializer(returndata, many=True)
return Response(serializer.data, status=status.HTTP_201_CREATED)
def refresh_token(token):
payload = check_payload(token=token)
user = check_user(payload=payload)
# Get and check 'orig_iat'
orig_iat = payload.get('orig_iat')
if orig_iat is None:
msg = _('orig_iat field not found in token.')
raise RuntimeError(msg)
# Verify expiration
refresh_limit = \
api_settings.JWT_REFRESH_EXPIRATION_DELTA.total_seconds()
expiration_timestamp = orig_iat + refresh_limit
now_timestamp = unix_epoch()
if now_timestamp > expiration_timestamp:
msg = _('Refresh has expired.')
raise RuntimeError(msg)
new_payload = JSONWebTokenAuthentication.jwt_create_payload(user)
new_payload['orig_iat'] = orig_iat
# Track the token ID of the original token, if it exists
orig_jti = payload.get('orig_jti') or payload.get('jti')
if orig_jti:
new_payload['orig_jti'] = orig_jti
elif api_settings.JWT_TOKEN_ID == 'require':
msg = _('orig_jti or jti field not found in token.')
raise RuntimeError(msg)
return {
'token': JSONWebTokenAuthentication.jwt_encode_payload(new_payload),
'user': user,
'issued_at': new_payload.get('iat', unix_epoch())
}
def get(self, request, userid=None, mapname=None):
z = int(request.GET.get('l'))
x = int(request.GET.get('x'))
y = int(request.GET.get('y'))
token = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwiaWF0IjoxNTk1MjkyMzk5LCJleHAiOjE1OTc4ODQzOTksInVzZXJfaWQiOjF9.IulCkLFv4GtBf6BXfRozgyMHbA0GEEUhx5br-5qDtVo'#request.GET.get('access_token')
if token:
user = check_user(check_payload(token))
if user.id == userid:
maps = Map.objects.filter(name=mapname, creator_id=userid)
mapdatastr = maps[0].map_data
mapdataids = [int(v) for v in mapdatastr.split(',')]
for mapdataid in mapdataids:
# , author=request.user
mapdata = MapData.objects.filter(id=mapdataid, author_id=userid)
dbfile = mapdata[0].save_path
content_type_adder = ContentTypeAdder()
# tilestore = TileStore.load(dbfile)
tilestore = TileStore.load('/work/cstd/rong/cstddataplatform/media/upload/202006/1/chn16y20191591065855765.mbtiles')
if tilestore is None:
HttpResponse(404)
else:
tilecoord = TileCoord(z, x, y)
tile = Tile(tilecoord)
tile = tilestore.get_one(tile)
if tile is None:
HttpResponse(404)
if tile.data is None:
HttpResponse(404)
tile = content_type_adder(tile)
# if tile.content_type is not None:
# response = HttpResponse(tile.data, content_type=tile.content_type)
# response['Access-Control-Allow-Origin'] = "*"
# if tile.content_encoding is not None:
# bottle.response.set_header('Content-Encoding', tile.content_encoding)
response = HttpResponse(tile.data, content_type=tile.content_type)
response['Access-Control-Allow-Origin'] = "*"
return response
elif request.user.id == userid:
maps = Map.objects.filter(name=mapname, creator_id=userid)
mapdatastr = maps[0].map_data
mapdataids = [int(v) for v in mapdatastr.split(',')]
for mapdataid in mapdataids:
# , author=request.user
mapdata = MapData.objects.filter(id=mapdataid, author_id=userid)
dbfile = mapdata[0].save_path
content_type_adder = ContentTypeAdder()
tilestore = TileStore.load(dbfile)
if tilestore is None:
HttpResponse(404)
else:
tilecoord = TileCoord(z, x, y)
tile = Tile(tilecoord)
tile = tilestore.get_one(tile)
if tile is None:
HttpResponse(404)
if tile.data is None:
HttpResponse(404)
tile = content_type_adder(tile)
# if tile.content_type is not None:
# response = HttpResponse(tile.data, content_type=tile.content_type)
# response['Access-Control-Allow-Origin'] = "*"
# if tile.content_encoding is not None:
# bottle.response.set_header('Content-Encoding', tile.content_encoding)
response = HttpResponse(tile.data, content_type=tile.content_type)
response['Access-Control-Allow-Origin'] = "*"
return response
elif request.auth:
user = check_user(check_payload(request.auth))
if user.id == userid:
maps = Map.objects.filter(name=mapname, creator_id=userid)
mapdatastr = maps[0].map_data
mapdataids = [int(v) for v in mapdatastr.split(',')]
for mapdataid in mapdataids:
# , author=request.user
mapdata = MapData.objects.filter(id=mapdataid, author_id=userid)
dbfile = mapdata[0].save_path
content_type_adder = ContentTypeAdder()
tilestore = TileStore.load(dbfile)
if tilestore is None:
HttpResponse(404)
else:
tilecoord = TileCoord(z, x, y)
tile = Tile(tilecoord)
tile = tilestore.get_one(tile)
if tile is None:
HttpResponse(404)
if tile.data is None:
HttpResponse(404)
tile = content_type_adder(tile)
# if tile.content_type is not None:
# response = HttpResponse(tile.data, content_type=tile.content_type)
# response['Access-Control-Allow-Origin'] = "*"
# if tile.content_encoding is not None:
# bottle.response.set_header('Content-Encoding', tile.content_encoding)
response = HttpResponse(tile.data, content_type=tile.content_type)
response['Access-Control-Allow-Origin'] = "*"
return response
else:
return JsonResponse({'error': 'no authority'}, status=400)
