def post(self, request, *args, **kwargs): oauth_user_id = str(request.data.get("oauth_user_id")) service_id = request.data.get("service_id") try: oauth_service = oauth_repo.get_oauth_services_by_service_id(service_id=service_id) except Exception as e: logger.debug(e) rst = {"data": {"bean": None}, "status": 404, "msg_show": u"未找到oauth服务, 请检查该服务是否存在且属于开启状态"} return Response(rst, status=status.HTTP_200_OK) user_id = request.user.user_id oauth_user = oauth_user_repo.user_oauth_exists(service_id=service_id, oauth_user_id=oauth_user_id) link_user = oauth_user_repo.get_user_oauth_by_user_id(service_id=service_id, user_id=user_id) if link_user is not None and link_user.oauth_user_id != oauth_user_id: rst = {"data": {"bean": None}, "status": 400, "msg_show": u"绑定失败, 该用户已绑定其他账号"} return Response(rst, status=status.HTTP_200_OK) if oauth_user: oauth_user.user_id = user_id oauth_user.save() data = { "oauth_user_id": oauth_user.oauth_user_id, "oauth_user_name": oauth_user.oauth_user_name, "oauth_user_email": oauth_user.oauth_user_email, "is_authenticated": oauth_user.is_authenticated, "is_expired": oauth_user.is_expired, "is_link": True, "service_id": service_id, "oauth_type": oauth_service.oauth_type, } rst = {"data": {"bean": data}, "status": 200, "msg_show": u"绑定成功"} return Response(rst, status=status.HTTP_200_OK) else: rst = {"data": {"bean": None}, "status": 404, "msg_show": u"绑定失败,请重新认证"} return Response(rst, status=status.HTTP_200_OK)
def post(self, request, *args, **kwargs): login_user = request.user code = request.data.get("code") service_id = request.data.get("service_id") try: oauth_service = oauth_repo.get_oauth_services_by_service_id( service_id) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": "未找到oauth服务, 请检查该服务是否存在且属于开启状态" } return Response(rst, status=status.HTTP_200_OK) try: api = get_oauth_instance(oauth_service.oauth_type, oauth_service, None) except NoSupportOAuthType as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": "未找到oauth服务" } return Response(rst, status=status.HTTP_200_OK) try: user, access_token, refresh_token = api.get_user_info(code=code) except Exception as e: logger.exception(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": e.message } return Response(rst, status=status.HTTP_200_OK) user_name = user.name user_id = str(user.id) user_email = user.email authenticated_user = oauth_user_repo.user_oauth_exists( service_id=service_id, oauth_user_id=user_id) link_user = oauth_user_repo.get_user_oauth_by_user_id( service_id=service_id, user_id=login_user.user_id) if link_user is not None and link_user.oauth_user_id != user_id: rst = { "data": { "bean": None }, "status": 400, "msg_show": "该用户已绑定其他账号" } return Response(rst, status=status.HTTP_200_OK) if authenticated_user is not None and authenticated_user.user_id is None: authenticated_user.oauth_user_id = user_id authenticated_user.oauth_user_name = user_name authenticated_user.oauth_user_email = user_email authenticated_user.access_token = access_token authenticated_user.refresh_token = refresh_token authenticated_user.code = code authenticated_user.is_authenticated = True authenticated_user.is_expired = True authenticated_user.user_id = login_user.user_id authenticated_user.save() return Response(None, status=status.HTTP_200_OK) else: oauth_user_repo.save_oauth( oauth_user_id=user_id, oauth_user_name=user_name, oauth_user_email=user_email, user_id=login_user.user_id, code=code, service_id=service_id, access_token=access_token, refresh_token=refresh_token, is_authenticated=True, is_expired=False, ) rst = {"data": {"bean": None}, "status": 200, "msg_show": "绑定成功"} return Response(rst, status=status.HTTP_200_OK)
def set_oauth_user_relation(self, api, oauth_service, oauth_user, access_token, refresh_token, code, user=None): oauth_user.id = str(oauth_user.id) if api.is_communication_oauth(): logger.debug(oauth_user.name) user = user_repo.get_enterprise_user_by_username( oauth_user.enterprise_id, oauth_user.name) authenticated_user = oauth_user_repo.user_oauth_exists( service_id=oauth_service.ID, oauth_user_id=oauth_user.id) if authenticated_user is not None: authenticated_user.oauth_user_id = oauth_user.id authenticated_user.oauth_user_name = oauth_user.name authenticated_user.oauth_user_email = oauth_user.email authenticated_user.access_token = access_token authenticated_user.refresh_token = refresh_token authenticated_user.code = code if user: authenticated_user.user_id = user.user_id authenticated_user.save() if authenticated_user.user_id is not None: login_user = user_repo.get_by_user_id( authenticated_user.user_id) payload = jwt_payload_handler(login_user) token = jwt_encode_handler(payload) response = Response({"data": { "bean": { "token": token } }}, status=200) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.datetime.now() + datetime.timedelta(days=30)) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration) return response else: rst = { "oauth_user_name": oauth_user.name, "oauth_user_id": oauth_user.id, "oauth_user_email": oauth_user.email, "service_id": authenticated_user.service_id, "oauth_type": oauth_service.oauth_type, "is_authenticated": authenticated_user.is_authenticated, "code": code, } msg = "user is not authenticated" return Response( {"data": { "bean": { "result": rst, "msg": msg } }}, status=200) else: usr = oauth_user_repo.save_oauth( oauth_user_id=oauth_user.id, oauth_user_name=oauth_user.name, oauth_user_email=oauth_user.email, user_id=(user.user_id if user else None), code=code, service_id=oauth_service.ID, access_token=access_token, refresh_token=refresh_token, is_authenticated=True, is_expired=False, ) rst = { "oauth_user_name": usr.oauth_user_name, "oauth_user_id": usr.oauth_user_id, "oauth_user_email": usr.oauth_user_email, "service_id": usr.service_id, "oauth_type": oauth_service.oauth_type, "is_authenticated": usr.is_authenticated, "code": code, } if user: payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) response = Response({"data": { "bean": { "token": token } }}, status=200) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.datetime.now() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response msg = "user is not authenticated" return Response({"data": { "bean": { "result": rst, "msg": msg } }}, status=200)
def get(self, request, *args, **kwargs): code = request.GET.get("code") service_id = request.GET.get("service_id") try: oauth_service = oauth_repo.get_oauth_services_by_service_id( service_id) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": u"未找到oauth服务, 请检查该服务是否存在且属于开启状态" } return Response(rst, status=status.HTTP_200_OK) try: api = get_oauth_instance(oauth_service.oauth_type, oauth_service, None) except NoSupportOAuthType as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": u"未找到oauth服务" } return Response(rst, status=status.HTTP_200_OK) try: user, access_token, refresh_token = api.get_user_info(code=code) except Exception as e: logger.debug(e.message) rst = { "data": { "bean": None }, "status": 404, "msg_show": e.message } return Response(rst, status=status.HTTP_200_OK) user_name = user.name user_id = str(user.id) user_email = user.email authenticated_user = oauth_user_repo.user_oauth_exists( service_id=service_id, oauth_user_id=user_id) if authenticated_user is not None: authenticated_user.oauth_user_id = user_id authenticated_user.oauth_user_name = user_name authenticated_user.oauth_user_email = user_email authenticated_user.access_token = access_token authenticated_user.refresh_token = refresh_token authenticated_user.code = code authenticated_user.save() if authenticated_user.user_id is not None: login_user = user_repo.get_by_user_id( authenticated_user.user_id) payload = jwt_payload_handler(login_user) token = jwt_encode_handler(payload) response = Response({"data": { "bean": { "token": token } }}, status=status.HTTP_200_OK) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.datetime.now() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response else: rst = { "oauth_user_name": user_name, "oauth_user_id": user_id, "oauth_user_email": user_email, "service_id": authenticated_user.service_id, "oauth_type": oauth_service.oauth_type, "is_authenticated": authenticated_user.is_authenticated, "code": code, } msg = "user is not authenticated" return Response( {"data": { "bean": { "result": rst, "msg": msg } }}, status=status.HTTP_200_OK) else: usr = oauth_user_repo.save_oauth( oauth_user_id=user_id, oauth_user_name=user_name, oauth_user_email=user_email, code=code, service_id=service_id, access_token=access_token, refresh_token=refresh_token, is_authenticated=True, is_expired=False, ) rst = { "oauth_user_name": usr.oauth_user_name, "oauth_user_id": usr.oauth_user_id, "oauth_user_email": usr.oauth_user_email, "service_id": usr.service_id, "oauth_type": oauth_service.oauth_type, "is_authenticated": usr.is_authenticated, "code": code, } msg = "user is not authenticated" return Response({"data": { "bean": { "result": rst, "msg": msg } }}, status=status.HTTP_200_OK)