def auth_token_for_91(request,access_token,openid,uuid,mktid,version,client_type,macaddr,idfa,ios_ver): """验证91平台 """ fg = False pid = '' subarea = request.REQUEST.get("subarea", "1") OPEN_URL = 'http://service.sj.91.com/usercenter/AP.aspx' #request_url = '%s?AppId=%s&Act=4&Uin=%s&SessionId=%s&Sign=%s' sign = md5.new(settings.APP_ID_91 + '4' + openid + access_token\ + settings.APP_KEY_91).hexdigest() data = dict( AppId = settings.APP_ID_91, Act = '4', Uin = openid, SessionId = access_token, Sign = sign, ) pairs = urllib.urlencode(data) request_url = OPEN_URL + '?' + pairs url_request = urllib2.urlopen(request_url, timeout=12) rc,res = url_request.code, url_request.read() res_dict = json.loads(res) if rc == 200 and res_dict['ErrorCode'] == '1': fg = True pid = md5.md5('91'+str(openid)).hexdigest() #给request安装用户 request.rk_user = UserBase._install(pid, '91',uuid,mktid,version,client_type,macaddr,idfa,ios_ver, subarea=subarea) #检查用户是否账户被冻结 if not request.rk_user.frozen: #更新用户的openid和access_token request.rk_user.account.update_info(openid,access_token) #更新用户平台信息 request.rk_user.update_user_from_91(openid) return fg,pid
def get_access_token(request): #用于刷新access_token用的refresh token data = { 'rc':0, 'data':{} } para_pid = request.REQUEST.get('pid',None) para_platform = request.REQUEST.get('platform',None) session_dic = Session.new_get(para_platform+':'+para_pid) pid = session_dic['pid'] access_token = session_dic['access_token'] refresh_token = session_dic['refresh_token'] expires_time = session_dic['expires_time'] if not pid and not access_token and not refresh_token and not expires_time: data = { 'rc':8, 'data':{ 'msg':get_msg('login','server_exception'), 'server_now':int(time.time()), } } return HttpResponse( json.dumps(data, indent=1), content_type='application/x-javascript', ) else: if expires_time > time.time(): data['data']['access_token'] = access_token data['data']['pid'] = request.rk_user.account.openid data['data']['uid'] = request.rk_user.uid data['data']['nickname'] = request.rk_user.baseinfo['username'] else: client_id = settings.APP_KEY_360 client_secret = settings.APP_SECRET_KEY_360 oauth2_url = "https://openapi.360.cn/oauth2/access_token?grant_type=refresh_token&refresh_token=%s&client_id=%s&client_secret=%s&scope=basic" %(refresh_token, client_id, client_secret) url_request = urllib2.urlopen(oauth2_url, timeout=12) code, res = url_request.code, url_request.read() if code == 200: res_dict = json.loads(res) data['data']['access_token'] = str(res_dict['access_token']) data['data']['pid'] = request.rk_user.account.openid data['data']['uid'] = request.rk_user.uid data['data']['nickname'] = request.rk_user.baseinfo['username'] expires_time = time.time() + float(res_dict['expires_in']) Session.set(para_platform, pid, str(res_dict['access_token']), str(res_dict['refresh_token']), expires_time) else: data = { 'rc':8, 'data':{ 'msg':get_msg('login','server_exception'), 'server_now':int(time.time()), } } data['data']['server_now'] = int(time.time()) return HttpResponse( json.dumps(data, indent=1), content_type='application/x-javascript', )
def auth_token_for_360(request, access_token, openid, uuid, mktid, version, client_type, macaddr, idfa, ios_ver): #print '##### in auth_token_for_360' fg = False pid = '' subarea = request.REQUEST.get("subarea", "1") #360平台验证 if not 'access_token' in request.REQUEST: return fg, pid else: access_token = str(request.REQUEST['access_token']) platform = str(request.REQUEST['platform']) if access_token: url_360 = 'https://openapi.360.cn/user/me.json' code_url = '%s?access_token=%s&fields=id,name,avatar,sex,area' % ( url_360, access_token) url_request = urllib2.urlopen(code_url, timeout=12) code, res = url_request.code, url_request.read() #print '#### 360, code, res=', code, res #可能360不需要refresh_token ? #refresh_token = str(request.REQUEST['refresh_token']) refresh_token = '' #print '#### refresh_token=', refresh_token #expires_in = float(request.REQUEST['expires_in']) # "['123.45']" ? #print '#### expires_in=', request.REQUEST['expires_in'] expires_in = 24 * 3600 if code == 200: res_dict = json.loads(res) #print '#### 360, res_dict=', res_dict fg = True openid = str(res_dict['id']) pid = md5.md5('360' + openid).hexdigest() request.rk_user = UserBase._install(pid, platform, uuid, mktid, version, client_type, macaddr, idfa, ios_ver, subarea=subarea) #检查用户是否账户被冻结 if not request.rk_user.frozen: #更新用户的openid和access_token request.rk_user.account.update_info(openid, access_token) request.rk_user.update_user_from_360(res_dict) expires_time = time.time() + expires_in #print '##### 360 start set session' Session.set(platform, pid, access_token, refresh_token, expires_time) return fg, pid
def auth_token_for_mi(request, access_token, openid, uuid, mktid, version, client_type, macaddr, idfa, ios_ver): fg = False pid = '' subarea = request.REQUEST.get("subarea", "1") #mi平台验证 client_id = settings.MI_APP_ID url_mi = 'http://mis.migc.xiaomi.com/api/biz/service/verifySession.do' ready_signature = 'appId=%s&session=%s&uid=%s' % (client_id, access_token, openid) signature = hmac.new(settings.MI_SECRET_KEY, ready_signature, hashlib.sha1).hexdigest() data = dict( appId=client_id, session=access_token, uid=openid, signature=signature, ) pairs = urllib.urlencode(data) code_url = url_mi + '?' + pairs url_request = urllib2.urlopen(code_url, timeout=12) code, res = url_request.code, url_request.read() res_dict = json.loads(res) if code == 200 and res_dict['errcode'] == 200: pid = md5.md5('mi' + str(openid)).hexdigest() request.rk_user = UserBase._install(pid, 'mi', uuid, mktid, version, client_type, macaddr, idfa, ios_ver, subarea=subarea) #数据校正 if request.rk_user.baseinfo['platform'] != 'mi': request.rk_user.baseinfo['platform'] = 'mi' #检查用户是否账户被冻结 if not request.rk_user.frozen: #更新用户的openid和access_token request.rk_user.account.update_info(openid, access_token) res_dict['openid'] = openid request.rk_user.update_user_from_mi(res_dict) fg = True return fg, pid
def auth_token_for_360(request,access_token,openid,uuid,mktid,version,client_type,macaddr,idfa,ios_ver): #print '##### in auth_token_for_360' fg = False pid = '' subarea = request.REQUEST.get("subarea", "1") #360平台验证 if not 'access_token' in request.REQUEST: return fg, pid else: access_token = str(request.REQUEST['access_token']) platform = str(request.REQUEST['platform']) if access_token: url_360 = 'https://openapi.360.cn/user/me.json' code_url = '%s?access_token=%s&fields=id,name,avatar,sex,area' % (url_360, access_token) url_request = urllib2.urlopen(code_url, timeout=12) code, res = url_request.code, url_request.read() #print '#### 360, code, res=', code, res #可能360不需要refresh_token ? #refresh_token = str(request.REQUEST['refresh_token']) refresh_token = '' #print '#### refresh_token=', refresh_token #expires_in = float(request.REQUEST['expires_in']) # "['123.45']" ? #print '#### expires_in=', request.REQUEST['expires_in'] expires_in = 24*3600 if code == 200: res_dict = json.loads(res) #print '#### 360, res_dict=', res_dict fg = True openid = str(res_dict['id']) pid = md5.md5('360' + openid).hexdigest() request.rk_user = UserBase._install(pid, platform,uuid,mktid,version,client_type,macaddr,idfa,ios_ver, subarea=subarea) #检查用户是否账户被冻结 if not request.rk_user.frozen: #更新用户的openid和access_token request.rk_user.account.update_info(openid,access_token) request.rk_user.update_user_from_360(res_dict) expires_time = time.time() + expires_in #print '##### 360 start set session' Session.set(platform, pid, access_token, refresh_token, expires_time) return fg,pid
def auth_token_for_91(request, access_token, openid, uuid, mktid, version, client_type, macaddr, idfa, ios_ver): """验证91平台 """ fg = False pid = '' subarea = request.REQUEST.get("subarea", "1") OPEN_URL = 'http://service.sj.91.com/usercenter/AP.aspx' #request_url = '%s?AppId=%s&Act=4&Uin=%s&SessionId=%s&Sign=%s' sign = md5.new(settings.APP_ID_91 + '4' + openid + access_token\ + settings.APP_KEY_91).hexdigest() data = dict( AppId=settings.APP_ID_91, Act='4', Uin=openid, SessionId=access_token, Sign=sign, ) pairs = urllib.urlencode(data) request_url = OPEN_URL + '?' + pairs url_request = urllib2.urlopen(request_url, timeout=12) rc, res = url_request.code, url_request.read() res_dict = json.loads(res) if rc == 200 and res_dict['ErrorCode'] == '1': fg = True pid = md5.md5('91' + str(openid)).hexdigest() #给request安装用户 request.rk_user = UserBase._install(pid, '91', uuid, mktid, version, client_type, macaddr, idfa, ios_ver, subarea=subarea) #检查用户是否账户被冻结 if not request.rk_user.frozen: #更新用户的openid和access_token request.rk_user.account.update_info(openid, access_token) #更新用户平台信息 request.rk_user.update_user_from_91(openid) return fg, pid
def auth_token_for_mi(request,access_token,openid,uuid,mktid,version,client_type,macaddr,idfa,ios_ver): fg = False pid = '' subarea = request.REQUEST.get("subarea", "1") #mi平台验证 client_id = settings.MI_APP_ID url_mi = 'http://mis.migc.xiaomi.com/api/biz/service/verifySession.do' ready_signature = 'appId=%s&session=%s&uid=%s' % (client_id, access_token, openid) signature = hmac.new(settings.MI_SECRET_KEY, ready_signature, hashlib.sha1).hexdigest() data = dict( appId = client_id, session = access_token, uid = openid, signature = signature, ) pairs = urllib.urlencode(data) code_url = url_mi + '?' + pairs url_request = urllib2.urlopen(code_url, timeout=12) code, res = url_request.code, url_request.read() res_dict = json.loads(res) if code == 200 and res_dict['errcode'] == 200: pid = md5.md5('mi' + str(openid)).hexdigest() request.rk_user = UserBase._install(pid, 'mi',uuid,mktid,version,client_type,macaddr,idfa,ios_ver, subarea=subarea) #数据校正 if request.rk_user.baseinfo['platform'] != 'mi': request.rk_user.baseinfo['platform'] = 'mi' #检查用户是否账户被冻结 if not request.rk_user.frozen: #更新用户的openid和access_token request.rk_user.account.update_info(openid,access_token) res_dict['openid'] = openid request.rk_user.update_user_from_mi(res_dict) fg = True return fg, pid