def post(self, request, *args, **kwargs): ret = BaseResponse() if request.version == 'v1': try: username = request.data.get("username") passwd = request.data.get("passwd") user = repository_models.AdminInfo.objects.filter( username=username, password=passwd).first() if not user: ret.data = "用户名或密码错误" return JsonResponse(ret.dict) # 获取权限 init_permission(user, request._request) ret.data = { 'session_key': request.session.session_key, 'conn': '登陆成功' } ret.code = "20000" except Exception as error: print("post-error", error) ret.error = error ret.data = "rds录入失败" ret.code = "5000" return JsonResponse(ret.dict)
def login(request): if request.method == 'GET': return render(request, 'login.html') user = request.POST.get('user') pwd = request.POST.get('pwd') current_user = models.UserInfo.objects.filter(name=user, password=pwd).first() if not current_user: return render(request, 'login.html', {'msg': '用户名或密码错误'}) # 根据当前用户信息获取此用户所拥有的所有权限,并放入session。 init_permission(current_user, request) # # 当前用户所有权限 # permission_queryset = current_user.roles.filter(permissions__isnull=False).values("permissions__id", # "permissions__url").distinct() # # # 获取权限中所有的URL # # permission_list = [] # # for item in permission_queryset: # # permission_list.append(item['permissions__url']) # # permission_list = [item['permissions__url'] for item in permission_queryset] # request.session['luffy_permission_url_list_key'] = permission_list return redirect('/customer/list/')
def login(request): global COUNT if request.is_ajax(): res = {'state': False, 'msg': None} if COUNT < settings.MAX_PASS_TRY: valid_code = request.POST.get('valid_code') right_code = request.session.get('valid_str') if valid_code.upper() == right_code.upper(): name = request.POST.get('name') pwd = request.POST.get('pwd') md_pwd = to_md(pwd) UserInfoModel = import_string(settings.RBAC_USER_MODLE_CLASS) user = UserInfoModel.objects.filter(name=name, password=md_pwd).first() if not user: # 用户名或密码错误 COUNT += 1 res['msg'] = '用户名或密码错误' return JsonResponse(res) COUNT = 0 # 输入都正确,计数清零 init_permission(user, request) request.session['user_info'] = {'id': user.id} res['state'], res['msg'] = True, '登录成功' return JsonResponse(res) COUNT += 1 # 验证码有误 res['msg'] = '验证码错误' return JsonResponse(res) res['msg'] = 'too much try' return JsonResponse(res) return render(request, 'login.html')
def login(request): """登录""" if request.method == 'GET': login_form = my_forms.LoginForm return render(request, 'login.html', {"login_form": login_form}) else: login_form = my_forms.LoginForm(request.POST) if not login_form.is_valid(): return render(request, 'login.html', {"login_form": login_form}) else: username = login_form.cleaned_data.get('username') password = login_form.cleaned_data.get('password') user_obj = rbac_models.User.objects.filter( username=username, password=password).first() if not user_obj: return redirect(reverse('login')) else: init_permission(request, user_obj) # 根据不同的角色跳转到不同页面,这里仅做测试,不应该出现类似app01的硬编码 department_id = user_obj.userinfo.department_id if department_id == 1000: return redirect(reverse('app01_customer_mine')) elif department_id == 1001: pass return redirect(reverse('app01_courserecord_changelist'))
def login(request): if request.method == "GET": return render(request, "login.html") elif request.is_ajax(): state = {"state": None} username = request.POST.get("user") if username == "": state["state"] = "user_none" return HttpResponse(json.dumps(state)) password = request.POST.get("pwd") if password == "": state["state"] = "pwd_none" return HttpResponse(json.dumps(state)) user = models.User.objects.filter(username=username, password=password).first() if user: state["state"] = "login_success" init_permission(user, request) else: state["state"] = "failed" return HttpResponse(json.dumps(state))
def login(request): title = '教务系统登录' message = '' error = json.dumps(True) if request.method == "GET": print() try: test = request.session[settings.SESSION_PERMISSION_URL_KEY] except: error = json.dumps(False) return render(request, "login.html", locals()) else: return redirect('/index/') else: username = request.POST.get('username') password = request.POST.get('password') print(username) print(password) user_obj = UserInfo.objects.filter(username=username, password=password).first() if not user_obj: message = '用户名或密码错误' return render(request, "login.html", locals()) else: init_permission(request, user_obj) return redirect('/index/')
def login(request): """ 用户登录 :param request: :return: """ # print(request) # request.cc = 22 # print(request.cc) # return HttpResponse('...') if request.method == 'GET': return render(request, 'login.html') user = request.POST.get('user') pwd = gen_md5(request.POST.get('pwd', '')) # print(user, pwd) # 根据用户名和密码去用户表中获取用户对象 user = models.UserInfo.objects.filter(name=user, password=pwd).first() if not user: return render(request, 'login.html', {'msg': '用户名或密码错误'}) request.session['user_info'] = {'id': user.id, 'nickname': user.nickname} # 用户权限信息的初始化 init_permission(user, request) return redirect('/index/')
def login(request): """ 登录 :param request: :return: """ if request.method == 'GET': return render(request, 'login-action.html') user = request.POST.get('user') pwd = request.POST.get('pwd') current_user = models.UserInfo.objects.filter( name=user, password=gen_md5(pwd)).first() if not current_user: return render(request, 'login-action.html', {'msg': '用户名或密码错误'}) # session初始化:用户信息 request.session['user_info'] = { 'id': current_user.id, 'nickname': current_user.nickname } # session初始化:用户权限 init_permission(current_user, request) return redirect('/index/')
def login(request): ''' login登录验证函数 ''' if request.method == "GET": form = LoginForm() return render(request,'login_v2.html',{'form':form}) else: response = {'status': True, 'data': None, 'msg': None} form = LoginForm(request.POST) if form.is_valid(): user = request.POST.get('username',None) #获取input标签里的username的值 None:获取不到不会报错 pwd = request.POST.get('password',None) pwd = encrypt(pwd) #md5加密密码字符串 user_obj = AdminInfo.objects.filter(username=user, password=pwd).first() if user_obj: role = user_obj.user.roles.values('title') # print(role) if role: role = role.first().get('title') else: role = '访客' request.session['is_login'] = {'user': user_obj.user.name, 'role': role} # 仅作为登录后用户名和身份显示session init_permission(user_obj, request) response['data'] = {} else: response['status'] = False response['msg'] = {'password': ['*用户名或者密码错误']} else: response['status'] = False response['msg'] = form.errors # print(response) return HttpResponse(json.dumps(response))
def login(request): """ 完整用户登陆验证及权限初始化 参数: request, 当前用户请求对象 返回值: 响应对象,由render或者redirect实现 """ if request.method == 'POST': form = LoginForm(data=request.POST) if not form.is_valid(): # 表单验证失败 return render(request, 'login.html', {"form": form}) else: # 表单验证成功 username = form.cleaned_data['username'] password = form.cleaned_data['password'] user_queryset = models.User.objects.filter(username=username, password=password) if not user_queryset: # 用户在数据库中不存在 form.add_error(field='password', error='用户名或密码错误') return render(request, 'login.html', {'form': form}) else: # 用户在数据库中存在 init_permission(user_queryset[0], request) return redirect(to='/home/') elif request.method == 'GET': # 使用elif是考虑到请求的其他方法 form = LoginForm() return render(request, 'login.html', {"form": form})
def login(request): if request.method == 'GET': return render(request, 'login.html') if request.method == 'POST': info = {'status': 0, 'msg': ''} user = request.POST.get('user') pwd = gen_md5(request.POST.get('pwd', '')) # 根据用户名和密码去用户表中获取用户对象 user = models.UserInfo.objects.filter(name=user, password=pwd).first() if not user: #return render(request, 'login.html', {'msg': '用户名或密码错误'}) 使用这个前端有时候不显示错误信息不知为啥 info['msg'] = '用户名或密码错误' else: info['status'] = 1 request.session['user_info'] = { 'id': user.id, 'name': user.name, 'nickname': user.nickname } # 用户权限信息的初始化 init_permission(user, request) #return redirect('/index/')#如果使用重定向 页面没反应 和前端的 return false; 这个有关系 所以关于页面的跳转都放在了前端 return HttpResponse(json.dumps(info))
def login(request): msg = "" if request.method == 'GET': return render(request, 'login.html', {"msg": msg}) else: username = request.POST.get("username") password = request.POST.get("password") validCode = request.POST.get("validCode") if validCode.upper() == request.session.get("keepValidCode").upper(): user = rbac_model.User.objects.filter(username=username, password=password).first() if user: # 表示已登录 request.session['user_info'] = { 'user_id': user.id, 'uid': user.userinfo.id, 'name': user.userinfo.name } # 权限写入session init_permission(user, request) # 跳转 return redirect('/index/') else: msg = "账号或密码错误" else: msg = "验证码错误" return render(request, 'login.html', {"msg": msg})
def login(request): data = {'code': None, 'msg': None} if request.method == 'GET': return render(request, 'blog/login.html') elif request.method == 'POST': username = request.POST.get('username') password = request.POST.get('password') # 用项目的用户Model做校验 user_obj = models.UserInfo.objects.filter(name=username, password=password).first() print(user_obj, type(user_obj)) if user_obj: # 权限注入 init_permission(user_obj, request) request.session['is_login'] = True request.session['user_id'] = user_obj.pk request.session['user'] = user_obj.name data['code'] = 1000 return JsonResponse(data) else: data['code'] = 2000 data['msg'] = '用户名或密码错误' return JsonResponse(data)
def login(request): if request.method == "GET": form = LoginFrom() return render(request, 'login.html', {'form': form}) else: form = LoginFrom(request.POST) if form.is_valid(): # print(form.cleaned_data) 通过form验证可以拿到前端的用户名,密码 {'username': '******', 'password': '******'} # form.cleaned_data['password'] = md5(form.cleaned_data['password']) user = models.UserInfo.objects.filter(**form.cleaned_data).first() #另外两种 # models.UserInfo.objects.filter(username=form.cleaned_data['username'],password=form.cleaned_data['password']) # models.UserInfo.objects.filter(**{'username':'******','password':123456}) if user: # 将用户信息放置到session中,user是个对象,python只能序列化字典,元组 request.session[settings.USER_SESSION_KEY] = { 'id': user.id, 'username': user.username } # print(user.id,user.username) # 1 叶良辰 # 获取当前用户的所有角色 # role_liat = user.roles.all() # print(role_liat) 打印出来的为对象,使用__str__回调函数可以显示中文 init_permission(user, request) # 跟init_permission函数关联,作用权限初始化 return HttpResponse('登陆成功') else: form.add_error('password', '用户名或密码错误') return render(request, 'login.html', {'form': form})
def login(request): if request.method == 'GET': return render(request, 'rbac/login.html') else: key = PrpCrypt('wzjtwzjtwzjtwzjt') username = request.POST.get('username') password = request.POST.get('password') password = key.encrypt(password) user_obj = UserInfo.objects.filter(username=username, password=password).first() if not user_obj: return render(request, 'rbac/login.html', { 'error': '用户名或密码错误!', 'username': username, 'password': '' }) else: init_permission(request, user_obj) # 调用init__permission,进行初始化 request.session['dep_id'] = user_obj.department_id request.session['username'] = user_obj.last_name request.session['user_id'] = user_obj.id request.session['roles_id'] = user_obj.roles_id if username == 'admin': return redirect('/rbac/index/') else: return redirect('/wzjt/index/')
def login(request): if request.method == 'POST': form = MyForms.UserForms(request.POST) if form.is_valid(): username = form.cleaned_data.get('username') password = form.cleaned_data.get('password') user_obj = auth.authenticate(username=username, password=password) if user_obj: auth.login(request, user_obj) else: wrong_err = '用户名或密码错误' return render(request, 'login.html', locals()) init_permission(request, username) return redirect('/customer/list/') else: if form.errors.get('__all__'): wrong_err = form.errors.get('__all__')[0] return render(request, 'login.html', locals()) form = MyForms.UserForms() return render(request, 'login.html', locals())
def login(request): login_url = verify.login_url ptoken = "" try: ptoken = request.GET['ptoken'] except Exception as e: print(e) pass response = None if ('uid' not in request.COOKIES and ptoken is ""): return redirect(login_url) if (ptoken != ""): #login request callback message = urllib.parse.unquote(ptoken) strcode = base64.b64decode(message) pkey = M2Crypto.RSA.load_pub_key(verify.publicPem_path) output = pkey.public_decrypt(strcode, M2Crypto.RSA.pkcs1_padding) try: json_data = json.loads(output.decode('utf-8')) uid = json_data['uid'] login_time = int(json_data['ts']) / 1000 #s userStatus = UserInfo.objects.filter(username=uid) if userStatus.exists() == False: insertInfo = UserInfo(username=uid) insertInfo.save() except Exception as e: print(e) uid = "" login_time = 0 now_time = time.time() if (uid != "" and now_time - login_time < 60): user_obj = UserInfo.objects.filter(username=uid).first() init_permission(request, user_obj) response = redirect('/index/') if ('uid' not in request.COOKIES): response.set_cookie("uid", uid) else: response = None elif ('uid' in request.COOKIES): #already login try: uid = request.COOKIES['uid'] except: uid = "" if (uid != ""): user_obj = UserInfo.objects.filter(username=uid).first() init_permission(request, user_obj) response = redirect('/index/') if ('uid' not in request.COOKIES): response.set_cookie("uid", uid) else: response = None if (response is None): return redirect(login_url) return response
def login(request): if request.method == 'GET': return render(request, 'login.html', locals()) user = request.POST.get('user') pwd = request.POST.get('pwd') current_user = models.UserInfo.objects.filter(name=user, password=pwd).first() if not current_user: return render(request, 'login.html', {'msg': '用户不存在或账号密码错误'}) # permission_list=current_user.roles.all().values('permissions__id','permissions__url').distinct() init_permission(current_user, request) return redirect('/customer/list/')
def post(self, request, *args, **kwargs): username = self.request.POST.get("username") password = self.request.POST.get("password") check_code = self.request.POST.get('authcode') user = authenticate(username=username, password=password) # session_code = request.session["authcode"] session_code = check_code # if check_code.strip().lower() != session_code.lower(): if check_code.lower() != session_code.lower(): login_err = _('Did you slip the wrong hand? try again') else: if user is not None: # pass authencation if user.is_active == False: login_err = _('Warning, {} has been disabled'.format( user.username)) return render(request, 'login.html', {'login_err': login_err}) login(self.request, user) init_permission.init_permission(request, user) # 调用权限注入函数,注入用户权限 login_limit_info = User.objects.filter(username=username) login_limit_info.update( limit=0, login_date=datetime.datetime.now().strftime( '%Y-%m-%d %H:%M:%S')) next_url = request.session.get('next_url') if next_url: return HttpResponseRedirect(next_url) return HttpResponseRedirect('/') else: try: limit_num = 5 curr_login_limit = User.objects.get( username=username).login_limit new_login_limit = int(curr_login_limit) + 1 login_limit_info = User.objects.filter(username=username) if new_login_limit == 5: login_limit_info.update(limit=new_login_limit, is_active=0) login_err = _( "Warning: {} has been disabled, please contact the administrator" .format(username)) else: login_limit_info.update(limit=new_login_limit) login_err = _( "Warning: {} remaining attempts are {}".format( username, limit_num - new_login_limit)) except Exception as e: login_err = _('Verification failed? Think again ^.^') return render(request, 'login.html', {'login_err': login_err})
def login(request): if request.method == "GET": return render(request, 'login.html') else: user = request.POST.get('user') pwd = request.POST.get('pwd') obj = models.UserMain.objects.filter(username=user, password=pwd).first() if obj: init_permission(request, obj.auth) return redirect('/arya/crm/case/') return render(request, 'login.html')
def login(request): if request.method == "GET": return render(request, "login.html") user = request.POST.get('user') pwd = request.POST.get('pwd') user_obj = models.UserInfo.objects.filter(name=user, password=pwd).first() if not user_obj: return render(request, "login.html", {"msg": "用户名或密码错误"}) '''拆分存储权限相关功能--放置在rbac组件中''' init_permission(request, user_obj) # 验证权限信息由中间件中验证 return redirect("/customer/list/")
def login(request): if request.method == "GET": return render(request, 'login.html') else: user = request.POST.get('user') pwd = request.POST.get('pwd') user = models.User.objects.filter(user_info__name=user, user_info__password=pwd).first() if user: # 权限初始化 init_permission(user.user_info, request) # 注意此处的用户表对象是rbac用户表对象 return redirect('/users/') return render(request, 'login.html')
def login(request): if request.method == "GET": return render(request,'login.html') else: user = request.POST.get('user') pwd = request.POST.get('pwd') user = models.User.objects.filter(username=user,password=pwd).first() print(request.POST) if not user: return render(request,'login.html') init_permission(user,request) return redirect('/index/')
def post(self, request, *args, **kwargs): username = request.POST.get('username') password = request.POST.get('password') print(" {0}登陆 ".format(username).center(50, '*')) password = getmd5.md5(password) obj = models.User.objects.filter(username=username, password=password).first() if obj: # 初始化用户session信息 init_permission(request, obj) request.session['userinfo'] = {'username': obj.username, 'is_login': True} return redirect("index") return render(request, 'login.html', {'msg': '用户名或密码错误!'})
def login(request): if request.method == 'GET': return render(request, 'login.html') else: user = request.POST.get('username') pwd = request.POST.get('password') user_obj = rbac_models.UserInfo.objects.filter(username=user, password=pwd).first() if not user_obj: return render(request, 'login.html', {'msg': '用户名或密码错误'}) else: init_permission(request, user_obj) return redirect('/index.html')
def login(request): if request.method == 'GET': return render(request, 'login.html') user = request.POST.get('user') pwd = request.POST.get('pwd') user_obj = models.UserInfo.objects.filter(name=user, password=pwd).first() response = {'user': None, 'message': ''} if not user_obj: response['message'] = '用户名或者密码错误' return render(request, 'login.html', response) init_permission(user_obj, request) return redirect('/customer/list/')
def login(request): if request.method == 'GET': return render(request, 'login.html') user = request.POST.get('user') pwd = request.POST.get('pwd') current_user = models.UserInfo.objects.filter(name=user, password=pwd).first() if not current_user: return render(request, 'login.html', {'msg': '用户名或密码错误'}) init_permission(current_user, request) return redirect('/customer/list/')
def login(request): if request.method == "GET": form = LoginForm() return render(request, "login.html", {"form": form}) form = LoginForm(request.POST) if form.is_valid(): user = rm.User.objects.filter(**form.cleaned_data).first() if not user: form.add_error("password", "用户名或密码") return render(request, "login.html", {"form": form}) init_permission(request, user) return redirect("/index/") return render(request, "login.html", {"form": form})
def check_user(request): username = request.POST.get('username') password = request.POST.get('password') print(username, password) try: user = UserInfo.objects.get(name=username, password=password) # 处理权限相关的业务 init_permission(user, request) return JsonResponse({'status': 1}) except BaseException as error: return JsonResponse({'status': 0, 'msg': f'用户名或密码错误{error}'})
def login(request): if request.method == "GET": return render(request, "login.html") else: username = request.POST.get('username') password = request.POST.get('password') user_obj = UserInfo.objects.filter(username=username, password=password).first() if not user_obj: return render(request, "login.html", {'error': '用户名或密码错误!'}) else: init_permission(request, user_obj) return redirect('/index/')
def login(request): if request.method=='GET': form=LoginForm() return render(request,"login.html",{"form":form}) else: form=LoginForm(request.POST) if form.is_valid(): form.cleaned_data["password"]=md5(form.cleaned_data["password"]) print("form.cleaned_data:",form.cleaned_data) user = models.UserInfo.objects.filter(**form.cleaned_data).first() if user: #写入session request.session[settings.USER_SESSION_KEY]={'id': user.pk, 'username': user.username} # 权限初始化 init_permission(user, request) return redirect("/hosts/") else: form.add_error('password', '用户名或密码错误') return render(request, 'login.html', {'form': form})