def post(self, request):
serializer = AccountSerializer(data=request.data)
try:
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['username']
user = CustomBackend.authenticate(
self,
request,
username=serializer.validated_data['username'],
password=serializer.validated_data['password'],
)
if user == None:
#Password not correct but we set this message to secure
return Response("Username or Password is incorrect !", status=status.HTTP_401_UNAUTHORIZED)
else :
# data = TokenSerializer(user).data
refresh = TokenObtainPairSerializer.get_token(user)
data = {
'username':user.username,
'is_admin':user.is_admin,
'refresh_token': str(refresh),
'access_token': str(refresh.access_token),
'access_expires': int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'].total_seconds()),
'refresh_expires': int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME'].total_seconds()),
}
return Response(data, status=status.HTTP_200_OK)
except serializers.ValidationError:
return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
def func(prof_id=None,
prof=None,
expire_date=settings.ACCESS_TOKEN_LIFETIME):
if prof is None:
assert prof_id is not None, 'Must include a prof_id if you do not provide a profile'
prof = create_test_prof(prof_id)
access_token = str(
TokenObtainPairSerializer.get_token(prof).access_token)
cookies = SimpleCookie()
signature_cookie = 'JWT-SIGNATURE'
cookies[SIGNATURE_COOKIE_NAME] = access_token.split('.')[-1]
cookies[SIGNATURE_COOKIE_NAME]['HttpOnly'] = True
cookies[SIGNATURE_COOKIE_NAME]['SameSite'] = "Strict"
# FIXME make secure = to TRUE in production
cookies[SIGNATURE_COOKIE_NAME]['Secure'] = False
cookies[SIGNATURE_COOKIE_NAME]['Path'] = '/'
# This joins together the header and payload list items into a string
cookies[PAYLOAD_COOKIE_NAME] = '.'.join(access_token.split('.')[:2])
# FIXME make secure = to TRUE in production
cookies[PAYLOAD_COOKIE_NAME]['Secure'] = False
cookies[PAYLOAD_COOKIE_NAME]['SameSite'] = "Strict"
expire_time = (datetime.now(tz=timezone.utc) +
settings.ACCESS_TOKEN_LIFETIME)
cookies[PAYLOAD_COOKIE_NAME]['expires'] = expire_time.strftime(
"%a, %d %b %Y %H:%M:%S GMT")
cookies[PAYLOAD_COOKIE_NAME]['Max-Age'] = int(
settings.ACCESS_TOKEN_LIFETIME.total_seconds())
cookies[PAYLOAD_COOKIE_NAME]['Path'] = '/'
return prof, cookies
def generate_user_with_token(email, password, user=None):
client = APIClient()
user = user if user else generate_user(email, password)
token = TokenObtainPairSerializer.get_token(user)
client.credentials(
HTTP_AUTHORIZATION='Bearer {}'.format(token.access_token))
return client
def post(self, request):
serializer = UserLoginSerializer(data=request.data)
if serializer.is_valid():
user = authenticate(request,
username=serializer.validated_data['email'],
password=serializer.validated_data['password'])
if user:
refresh = TokenObtainPairSerializer.get_token(user)
data = {
'refresh_token': str(refresh),
'access_token': str(refresh.access_token)
}
return Response(data, status=status.HTTP_200_OK)
return Response(
{
'error_message': 'Email or password is incorrect!',
'error_code': 400,
},
status=status.HTTP_400_BAD_REQUEST)
return Response({
'error_message': serializer.errors,
'error_code': 400
},
status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
# seri data
seri = serializers.UserSerializer(data=request.data)
if seri.is_valid():
seri.validated_data['password'] = make_password(
seri.validated_data['password'])
new_user = seri.save()
Doctor.objects.create(user=new_user)
# Gui ve Token
refresh = TokenObtainPairSerializer.get_token(new_user)
data = {
'refresh_token':
str(refresh),
'access_token':
str(refresh.access_token),
'access_expires':
int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'].total_seconds(
)),
'refresh_expires':
int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME'].
total_seconds())
}
return Response(data, status=status.HTTP_201_CREATED)
else:
print(seri.errors)
return JsonResponse(
{
'error_message': 'Error Serialize User',
'errors_code': 400,
},
status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
serializer = UserLoginSerializer(data=request.data)
if serializer.is_valid():
user = authenticate(request,
username=serializer.validated_data['email'],
password=serializer.validated_data['password'])
if user:
refresh = TokenObtainPairSerializer.get_token(user)
data = {
'refresh_token':
str(refresh),
'access_token':
str(refresh.access_token),
'access_expires':
int(settings.SIMPLE_JWT['ACCESS_TOKEN_LIFETIME'].
total_seconds()),
'refresh_expires':
int(settings.SIMPLE_JWT['REFRESH_TOKEN_LIFETIME'].
total_seconds())
}
return Response(data, status=status.HTTP_200_OK)
return Response(
{
'error_message': 'Email or password is incorrect!',
'error_code': 400
},
status=status.HTTP_400_BAD_REQUEST)
return Response(
{
'error_messages': serializer.errors,
'error_code': 400
},
status=status.HTTP_400_BAD_REQUEST)
def post(self, request, format=None):
token_pair = TokenObtainPairSerializer.get_token(request.user)
result = {}
result["refresh"] = str(token_pair)
result["access"] = str(token_pair.access_token)
create_action(request.user, LOGIN, request.user)
return Response(result, status=status.HTTP_200_OK)
def jwt_encode(user):
try:
from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
except ImportError:
raise ImportError("rest-framework-simplejwt needs to be installed")
refresh = TokenObtainPairSerializer.get_token(user)
return refresh.access_token, refresh
def create_access_token_for_user(user):
"""
Create an access token for user.
:param user:
:return Encoded token
"""
refresh = TokenObtainPairSerializer.get_token(user)
encoded_token = token_backend.encode(refresh.access_token.payload)
return encoded_token
def generate_random_client_with_token():
client = APIClient()
try:
user = User.objects.create_user(email=TEST_USER_EMAIL,
password=TEST_USER_PASSWORD)
except IntegrityError:
user = User.objects.get(email=TEST_USER_EMAIL)
token = TokenObtainPairSerializer.get_token(user)
client.credentials(
HTTP_AUTHORIZATION='Bearer {}'.format(token.access_token))
return client
def post(self, request):
password = CustomUser.objects.make_random_password()
data = request.data
data.update({'password': password})
serializer = UserCreateSerializer(data=request.data)
if serializer.is_valid():
user = serializer.save()
token = TokenObtainPairSerializer.get_token(user)
return JsonResponse({'access': str(token.access_token)})
else:
return JsonResponse(serializer.errors, status=400)
def test_normal_auth_request(self, create_test_prof):
factory = APIRequestFactory()
view = AuthRequiredViewStub.as_view()
prof = create_test_prof(1)
access_token = str(
TokenObtainPairSerializer.get_token(prof).access_token)
request = factory.get(
'', **{'HTTP_AUTHORIZATION': f"Bearer {access_token}"})
response = view(request)
assert response.status_code == status.HTTP_200_OK
def lti_launch(request):
"""Django view for the lti post request.
Verifies the given LTI parameters based on our secret, if a user can be found based on the verified parameters
a redirection link is send with corresponding JW access and refresh token to allow for a user login. If no user
can be found on our end, but the LTI parameters were verified nonetheless, we are dealing with a new user and
redirect with additional parameters that will allow for the creation of a new user.
If the parameters are not validated a redirection is send with the parameter state set to BAD_AUTH.
"""
secret = settings.LTI_SECRET
key = settings.LTI_KEY
try:
lti.OAuthRequestValidater.check_signature(key, secret, request)
except (oauth2.Error, ValueError):
return redirect(
lti.create_lti_query_link(
QueryDict.fromkeys(['state'], LTI_STATES.BAD_AUTH.value)))
params = request.POST.dict()
user = lti.get_user_lti(params)
user = handle_test_student(user, params)
params['exp'] = datetime.datetime.utcnow() + datetime.timedelta(minutes=15)
lti_params = encode_lti_params(params)
try:
if user is None:
query = QueryDict(mutable=True)
query['state'] = LTI_STATES.NO_USER.value
query['lti_params'] = lti_params
query['username'] = params['custom_username']
query['full_name'] = params.get('custom_user_full_name', None)
else:
refresh = TokenObtainPairSerializer.get_token(user)
query = QueryDict.fromkeys(['lti_params'],
lti_params,
mutable=True)
query['jwt_access'] = str(refresh.access_token)
query['jwt_refresh'] = str(refresh)
query['state'] = LTI_STATES.LOGGED_IN.value
except KeyError as err:
query = QueryDict.fromkeys(['state'],
LTI_STATES.KEY_ERR.value,
mutable=True)
query[
'description'] = 'The request is missing the following parameter: {0}.'.format(
err)
return redirect(lti.create_lti_query_link(query))
def validate(self, data):
email = self.initial_data["email"]
hash_email = hashlib.sha256(email.encode("utf-8")).hexdigest()
conformation_code = data["conformation_code"]
if hash_email != conformation_code:
raise serializers.ValidationError("credential doesn't match")
user = User.objects.create_user(email=email,
password=conformation_code)
refresh = TokenObtainPairSerializer.get_token(user)
del data["email"]
del data["conformation_code"]
data["token"] = str(refresh.access_token)
return data
def validate(self, data):
email = self.initial_data['email']
confirme_code = data['confirme_code']
user = CustomUser.objects.filter(email=email).first()
if user:
if confirme_code == user.confirme_code:
user.is_active = True
user.save()
refresh = TokenObtainPairSerializer.get_token(user)
del data['email']
del data['confirme_code']
data['token'] = str(refresh.access_token)
return data
else:
raise serializers.ValidationError(
{'token': 'User already has token.'})
def post(self, request, format='json'):
data = request.data
serializer = CustomUserSerializer(data=data)
if serializer.is_valid():
user = serializer.save()
if user:
refresh = TokenObtainPairSerializer.get_token(user)
access = refresh.access_token
return Response(
{
'access': str(access),
'refresh': str(refresh)
},
status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def get_token(self, serializer):
"""
Returns access and refersh token for a user
"""
if serializer.is_valid():
user = self.get_user(serializer.data)
refresh = TokenObtainPairSerializer.get_token(user)
return Response(
{
'refresh': str(refresh),
'access': str(refresh.access_token)
},
status=status.HTTP_200_OK)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def validate(self, data):
send_confirmation_code = data['confirmation_code']
data = cache.get_many(['u', 'e', 'c_c'])
if not data:
raise serializers.ValidationError(
'Время подтверждения регистрации истекло')
username = data['u']
email = data['e']
confirmation_code = data['c_c']
if send_confirmation_code == confirmation_code:
user = User.objects.create(username=username,
email=email,
confirmation_code=confirmation_code)
user.save()
refresh = TokenObtainPairSerializer.get_token(user)
data['token'] = str(refresh.access_token)
return data
def post(self, request):
serializer = UserLoginSerializer(data=request.data)
if serializer.is_valid():
user = authenticate(request,
username=serializer.validated_data['email'],
password=serializer.validated_data['password'])
print(user)
print(serializer.validated_data['email'],
serializer.validated_data['password'])
if user:
refresh = TokenObtainPairSerializer.get_token(user)
data = {
'refresh_token': str(refresh),
'access_token': str(refresh.access_token)
}
device_info = ""
if 'device_info' not in serializer.validated_data:
device_info = "Unknown"
else:
device_info = serializer.validated_data['device_info']
ip = get_client_ip(request)
user_history = UserHistory(
email=serializer.validated_data['email'],
device_info=device_info,
ip=str(ip))
print(user_history)
user_history.save()
return Response(data, status=status.HTTP_200_OK)
return Response(
{
'error_messages': 'Email or password is incorrect!',
'error_code': 400
},
status=status.HTTP_400_BAD_REQUEST)
return Response(
{
'error_messages': serializer.errors,
'error_code': 400
},
status=status.HTTP_400_BAD_REQUEST)
def login_view(request):
if request.method == "POST":
serializer = LoginSerializer(data=request.data)
if serializer.is_valid():
user = serializer.validated_data.get('user', '')
django_login(request, user)
jwt = TokenObtainPairSerializer.get_token(user=user)
token = {
'refresh': str(jwt),
'access': str(jwt.access_token),
'is_first_login': True if not user.last_active else False
}
return JsonResponse(token, status=status.HTTP_200_OK)
return JsonResponse({"detail": "Login Failed"},
status=status.HTTP_404_NOT_FOUND)
def post(self, request):
try:
data = request.data
if 'phone' not in data:
raise APIException(detail="Phone field is required!!!!",
code=status.HTTP_400_BAD_REQUEST)
user_instance = User.objects.filter(phone=data["phone"]).first()
if not user_instance:
raise APIException(detail="user does not exists!!!!",
code=status.HTTP_400_BAD_REQUEST)
is_validate = self.validate_password(data, user_instance)
if user_instance and is_validate:
s = UserSerializer(instance=user_instance, data=data)
s.is_valid(raise_exception=True)
token_serializer = TokenObtainPairSerializer.get_token(
user_instance)
data = s.data
data.update(token=str(token_serializer.access_token))
return Response(data=data, status=status.HTTP_200_OK)
except Exception as ex:
return Response(data=ex.args, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
req = request.data
username = req.get('username')
password = req.get('password')
if username is None or password is None:
return Response({'success': False,
'message': 'Missing or incorrect credentials',
'data': req},
status=status.HTTP_400_BAD_REQUEST)
try:
user = User.objects.get(username=username)
except:
return Response({'success': False,
'message': 'User not found'
},
status=status.HTTP_404_NOT_FOUND)
if not user.check_password(password):
return Response({'success': False,
'message': 'Incorrect password',
'data': req},
status=status.HTTP_403_FORBIDDEN)
# make token from user found by username
token = TokenObtainPairSerializer.get_token(user).access_token
profile = Profile.objects.get(user=user.pk)
return Response({
'user': {
'id': user.pk,
'profile_id': profile.id,
'name': profile.name,
'address': profile.address,
'phone': profile.phone,
},
'token': str(token),
}, status=status.HTTP_200_OK)
def validate(self, attrs):
hash = attrs.pop('hash')
keys = list(attrs.keys())
keys.sort()
data_check_string = '/n'.join([f'{key}={attrs[key]}' for key in keys])
secret_key = hashlib.sha256(
settings.BOT_TOKEN.encode('utf-8')).digest()
hmac_secret = hmac.new(secret_key,
msg=data_check_string.encode('utf-8'),
digestmod=hashlib.sha256)
employee = Employee.objects.filter(chat_id=int(attrs['id'])).first()
if employee:
refresh = BaseTokenObtainPairSerializer.get_token(employee.user)
data = {
"refresh": str(refresh),
"access": str(refresh.access_token)
}
return data
return attrs
def post(self, request):
serializer = UserLoginSerializer(data=request.data)
if serializer.is_valid():
user = authenticate(
request,
username=serializer.validated_data['email'],
password=serializer.validated_data['password']
)
if user:
refresh = TokenObtainPairSerializer.get_token(user)
em = serializer.validated_data['email']
userinfo = User.objects.raw(
'SELECT * FROM user WHERE email = %s', [em])
id_user = userinfo[0].id
email_user = userinfo[0].email
data = {
'refresh_token': str(refresh),
'access_token': str(refresh.access_token),
'statusCode': 200,
'user_id': id_user,
'email': email_user,
'role_id': userinfo[0].role_id
}
return Response(data, status=status.HTTP_200_OK)
else:
return Response({
'error_message': 'Email or password is incorrect!',
'error_code': 400
}, status=status.HTTP_200_OK)
else:
return Response({
'error_messages': serializer.errors,
'error_code': 400
}, status=status.HTTP_400_BAD_REQUEST)
def get_access_token(user):
return str(TokenObtainPairSerializer.get_token(user).access_token)
def get_user_tokens(user):
token = TokenObtainPairSerializer.get_token(user=user)
return {'refresh': str(token), 'access': str(token.access_token)}
def _generate_refresh_token(self):
from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
refresh = TokenObtainPairSerializer.get_token(self._user)
self.data["access_token"] = str(refresh.access_token)
self.data["refresh_token"] = str(refresh)
def post(self, request):
params = get_parameter_dic(request)
name = params.get('name')
code = params.get('code')
app = get_app_config(name)
if code:
api = WXAPPAPI(appid=app.app_id, app_secret=app.secret)
try:
session_info = api.exchange_code_for_session_key(code=code)
except OAuth2AuthExchangeError:
session_info = None
if session_info:
openid = session_info.get('openid', None)
session_key = session_info.get('session_key', None)
user = create_or_update_user_info(openid, None)
logger.info('用户id:{}'.format(user.id))
try:
deal_ip(request, user)
except:
logger.info("分析ip地址失败", user.id)
record_time(user)
token = TokenObtainPairSerializer.get_token(user).access_token
login_record = RecordLogin.objects.create(user=user, game=app)
login_record.save()
try:
GameInfo.objects.get(user_id=user, game_id=app)
except:
GameInfo.objects.create(user_id=user, game_id=app)
if user.is_auth is True:
logger.info('用户登录成功' + user.nick_name)
user = model_to_dict(
user,
fields=[
'nick_name', 'last_login', 'avatar_url', 'gender',
'city', 'province', 'country', 'login', 'id',
'company', 'restaurant', 'current_role',
'is_owner', 'is_client', 'is_manager', 'openid'
])
else:
user = {'openid': openid, 'session_key': session_key}
logger.info('用户登录成功' + openid)
return Response({
'status': 1,
'jwt': str(token),
'user': user
},
status=HTTP_200_OK)
# if openid:
# try:
# user = MyUser.objects.get(openid=openid)
# except:
# try:
# encryptedData = \
# params.get('encryptedData').replace(' ', '+')
# iv = \
# params.get('iv').replace(' ', '+')
# except:
# return Response({'error': '缺少解密参数!'})
# crypt = WXBizDataCrypt(app.app_id, session_key)
# user_info_raw = crypt.decrypt(encryptedData, iv)
# logger.info("user_info: {0}".format(user_info_raw))
# if user_info_raw:
# for k, v in self.fields.items():
# user_info[k] = user_info_raw.get(v)
# user = create_or_update_user_info(openid, user_info)
# game_info = GameInfo.objects.create(user_id=user, game_id=app)
# if user:
# token = TokenObtainPairSerializer.get_token(user).access_token
# record_time(user)
# # response = Response()
# # response.set_cookie('app',app.id)
# # logger.info('cookie:{}'.format(request.COOKIES))
# return Response(
# {
# 'status': 1,
# 'jwt': str(token),
# 'user': model_to_dict(
# user,
# fields=[
# 'nick_name', 'last_login', 'avatar_url', 'gender',
# 'city', 'province', 'country', 'login',
# 'company', 'restaurant', 'current_role',
# 'is_owner', 'is_client', 'is_manager'
# ])
# },
# status=HTTP_200_OK)
else:
logger.info('用户登录失败')
return Response({'status': 0, 'mes': 'code失效!'})
return Response({
'status': 0,
'mes': '没有信息'
},
status=HTTP_204_NO_CONTENT)
def jwt_encode(user):
refresh = TokenObtainPairSerializer.get_token(user)
return refresh.access_token, refresh