def process_request(self, request):
""" 用户点击纪录"""
# 增加sessionid
if not request.session.get('has_session'):
request.session['has_session'] = True
if request.user.is_authenticated():
username = request.user.username
ClickLog(
username=username,
click_url=request.path,
remote_ip=request.META['REMOTE_ADDR'],
).save()
CLICK_LOG.info(
gen_info_msg(request,
action=u'点击',
url=request.path,
username=username))
else:
ClickLog(
username='******',
click_url=request.path,
remote_ip=request.META['REMOTE_ADDR'],
).save()
CLICK_LOG.info(
gen_info_msg(request,
action=u'点击',
url=request.path,
username='******'))
def clean_username(self):
username = self.cleaned_data['username']
if '@' not in username:
INFO_LOG.info(gen_info_msg(self._request, action=u'未用邮箱注册'))
raise forms.ValidationError('请用邮箱注册')
elif User.objects.filter(username=username).exists():
INFO_LOG.info(gen_info_msg(self._request, action=u'已注册用户注册'))
raise forms.ValidationError('您已注册, 请登录')
return username
def clean_username(self):
username = self.cleaned_data['username']
if '@' not in username:
INFO_LOG.info(gen_info_msg(self._request, action=u'未用邮箱注册'))
raise forms.ValidationError('请用邮箱注册')
elif User.objects.filter(username=username).exists():
INFO_LOG.info(gen_info_msg(self._request, action=u'已注册用户注册'))
raise forms.ValidationError('您已注册, 请登录')
return username
def regist(request,
form_class=RegistForm,
template_name='account/regist.html'):
""" 用户注册"""
if request.method == 'POST':
form = form_class(request, data=request.POST)
if form.is_valid():
profile = form.save()
code = get_encrypt_code(profile.username)
title = u'Gather 注册邮件'
url = 'verify'
verify_template_name = 'account/email_verify_template.html'
username = profile.username
INFO_LOG.info(
gen_info_msg(request,
action=u'发送验证邮件',
user_id=request.user.id))
send_verify_email(request, title, username, url,
verify_template_name)
return HttpResponseRedirect(
'%s?code=%s' %
(reverse('account.views.send_bind_email'), code))
else:
form = form_class()
return render(request, template_name, {
'form': form,
})
def login(self):
username = self.cleaned_data['username']
user = authenticate(username=username, password=self.cleaned_data['password'])
login(self._request, user)
LoginLog(
username=username,
login_ip=self._request.META['REMOTE_ADDR'],
is_succ=True,
).save()
LOGIN_LOG.info(gen_info_msg(self._request, action=u'登陆成功'))
def returned_wrapper(request, *args, **kwargs):
if request.user.is_authenticated():
messages.error(request, '您已登录!')
INFO_LOG.info(
gen_info_msg(request,
action=u'已登陆不能进入',
url=request.path,
username=request.user.username))
return HttpResponseRedirect(reverse('gather.views.index'))
return func(request, *args, **kwargs)
def login(self):
username = self.cleaned_data['username']
user = authenticate(username=username,
password=self.cleaned_data['password'])
login(self._request, user)
LoginLog(
username=username,
login_ip=self._request.META['REMOTE_ADDR'],
is_succ=True,
).save()
LOGIN_LOG.info(gen_info_msg(self._request, action=u'登陆成功'))
def clean_username(self):
username = self.cleaned_data['username']
if '@' not in username:
LoginLog(
username=username,
login_ip=self._request.META['REMOTE_ADDR'],
is_succ=False,
fail_reason='非邮箱登陆',
).save()
LOGIN_LOG.info(gen_info_msg(self._request, action=u'非邮箱登陆'))
raise forms.ValidationError('请用邮箱登录')
elif not User.objects.filter(username=username).exists():
LoginLog(
username=username,
login_ip=self._request.META['REMOTE_ADDR'],
is_succ=False,
fail_reason='未注册',
).save()
LOGIN_LOG.info(gen_info_msg(self._request, action=u'未注册'))
raise forms.ValidationError('您还未注册')
return self.cleaned_data['username']
def process_request(self, request):
""" 用户点击纪录"""
# 增加sessionid
if not request.session.get('has_session'):
request.session['has_session'] = True
if request.user.is_authenticated():
username = request.user.username
ClickLog(
username=username,
click_url=request.path,
remote_ip=request.META['REMOTE_ADDR'],
).save()
CLICK_LOG.info(gen_info_msg(request, action=u'点击', url=request.path, username=username))
else:
ClickLog(
username='******',
click_url=request.path,
remote_ip=request.META['REMOTE_ADDR'],
).save()
CLICK_LOG.info(gen_info_msg(request, action=u'点击', url=request.path, username='******'))
def clean_username(self):
username = self.cleaned_data['username']
if '@' not in username:
LoginLog(
username=username,
login_ip=self._request.META['REMOTE_ADDR'],
is_succ=False,
fail_reason='非邮箱登陆',
).save()
LOGIN_LOG.info(gen_info_msg(self._request, action=u'非邮箱登陆'))
raise forms.ValidationError('请用邮箱登录')
elif not User.objects.filter(username=username).exists():
LoginLog(
username=username,
login_ip=self._request.META['REMOTE_ADDR'],
is_succ=False,
fail_reason='未注册',
).save()
LOGIN_LOG.info(gen_info_msg(self._request, action=u'未注册'))
raise forms.ValidationError('您还未注册')
return self.cleaned_data['username']
def returned_wrapper(request, *args, **kwargs):
if request.method == "POST":
code = request.POST.get('code', None)
if code is None:
code = request.GET.get('code', None)
else:
code = request.GET.get('code', None)
if code:
value = base64.b64decode(code)
signer = TimestampSigner()
try:
username = signer.unsign(value, ONE_DAY)
INFO_LOG.info(
gen_info_msg(request,
action='链接正常',
code_url=request.path,
valid=True,
username=username))
return func(request, *args, **kwargs)
except (SignatureExpired, BadSignature, TypeError), e:
username = signer.unsign(value)
if isinstance(e, SignatureExpired):
messages.error(request, '链接已失效')
INFO_LOG.info(
gen_info_msg(request,
action=u'链接已失效',
code_url=request.path,
valid=False,
username=username))
elif isinstance(e, BadSignature):
messages.error(request, '链接被篡改')
INFO_LOG.info(
gen_info_msg(request,
action=u'链接被篡改',
code_url=request.path,
valid=False,
username=username))
return HttpResponseRedirect(settings.LOGIN_URL)
def returned_wrapper(request, *args, **kwargs):
if request.method == "POST":
code = request.POST.get('code', None)
if code is None:
code = request.GET.get('code', None)
else:
code = request.GET.get('code', None)
if code:
value = base64.b64decode(code)
signer = TimestampSigner()
try:
username = signer.unsign(value, ONE_DAY)
INFO_LOG.info(gen_info_msg(request, action='链接正常', code_url=request.path, valid=True, username=username))
return func(request, *args, **kwargs)
except (SignatureExpired, BadSignature, TypeError), e:
username = signer.unsign(value)
if isinstance(e, SignatureExpired):
messages.error(request, '链接已失效')
INFO_LOG.info(gen_info_msg(request, action=u'链接已失效', code_url=request.path, valid=False, username=username))
elif isinstance(e, BadSignature):
messages.error(request, '链接被篡改')
INFO_LOG.info(gen_info_msg(request, action=u'链接被篡改', code_url=request.path, valid=False, username=username))
return HttpResponseRedirect(settings.LOGIN_URL)
def clean(self):
if self.errors:
return
password = self.cleaned_data['password']
username = self.cleaned_data['username']
if User.objects.filter(username=username).exists():
user = User.objects.get(username=username)
if not user.check_password(password):
LoginLog(
username=username,
login_ip=self._request.META['REMOTE_ADDR'],
is_succ=False,
fail_reason='密码错误',
).save()
LOGIN_LOG.info(gen_info_msg(self._request, action=u'密码输入错误'))
raise forms.ValidationError('密码输入错误')
return self.cleaned_data
def clean(self):
if self.errors:
return
password = self.cleaned_data['password']
username = self.cleaned_data['username']
if User.objects.filter(username=username).exists():
user = User.objects.get(username=username)
if not user.check_password(password):
LoginLog(
username=username,
login_ip=self._request.META['REMOTE_ADDR'],
is_succ=False,
fail_reason='密码错误',
).save()
LOGIN_LOG.info(gen_info_msg(self._request, action=u'密码输入错误'))
raise forms.ValidationError('密码输入错误')
return self.cleaned_data
def verify(request, template_name='account/email_verify_succ.html'):
""" 验证邮箱"""
username = get_decipher_username(request)
if User.objects.filter(username=username, is_active=True).exists():
messages.error(request, '您已注册成功, 请登录!')
return HttpResponseRedirect(reverse('gather.views.index'))
else:
user = User.objects.get(username=username)
user.is_active = True
user.save()
profile = user.profile
profile.is_mail_verified = True
profile.mail_verified_date = datetime.datetime.now()
profile.save()
INFO_LOG.info(
gen_info_msg(request, action=u'验证邮件成功', user_id=request.user.id))
return render(request, template_name,
{'email_mask': username[:3] + "******" + '.com'})
def verify(request, template_name='account/email_verify_succ.html'):
""" 验证邮箱"""
username = get_decipher_username(request)
if User.objects.filter(username=username, is_active=True).exists():
messages.error(request, '您已注册成功, 请登录!')
return HttpResponseRedirect(reverse('gather.views.index'))
else:
user = User.objects.get(username=username)
user.is_active = True
user.save()
profile = user.profile
profile.is_mail_verified = True
profile.mail_verified_date = datetime.datetime.now()
profile.save()
INFO_LOG.info(gen_info_msg(request, action=u'验证邮件成功', user_id=request.user.id))
return render(request, template_name, {
'email_mask': username[:3] + "******" + '.com'
})
def regist(request, form_class=RegistForm, template_name='account/regist.html'):
""" 用户注册"""
if request.method == 'POST':
form = form_class(request, data=request.POST)
if form.is_valid():
profile = form.save()
code = get_encrypt_code(profile.username)
title = u'Gather 注册邮件'
url = 'verify'
verify_template_name = 'account/email_verify_template.html'
username = profile.username
INFO_LOG.info(gen_info_msg(request, action=u'发送验证邮件', user_id=request.user.id))
send_verify_email(request, title, username, url, verify_template_name)
return HttpResponseRedirect('%s?code=%s' % (reverse('account.views.send_bind_email'), code))
else:
form = form_class()
return render(request, template_name, {
'form': form,
})
def login(request, form_class=LoginForm, template_name='index.html'):
""" 用户登录"""
if request.method == 'POST':
form = form_class(request, data=request.POST)
if form.is_valid():
user = User.objects.get(username=request.POST.get('username'))
if user.is_active:
form.login()
next = request.GET.get('next', '/')
return HttpResponseRedirect(next)
else:
code = get_encrypt_code(user.username)
LOGIN_LOG.info(gen_info_msg(request, action=u'未验证用户登陆'))
return HttpResponseRedirect('%s?code=%s' % (reverse('account.views.send_bind_email'), code))
else:
form = form_class(request)
return render(request, template_name, {
'form': form,
})
def login(request, form_class=LoginForm, template_name='index.html'):
""" 用户登录"""
if request.method == 'POST':
form = form_class(request, data=request.POST)
if form.is_valid():
user = User.objects.get(username=request.POST.get('username'))
if user.is_active:
form.login()
next = request.GET.get('next', '/')
return HttpResponseRedirect(next)
else:
code = get_encrypt_code(user.username)
LOGIN_LOG.info(gen_info_msg(request, action=u'未验证用户登陆'))
return HttpResponseRedirect(
'%s?code=%s' %
(reverse('account.views.send_bind_email'), code))
else:
form = form_class(request)
return render(request, template_name, {
'form': form,
})
def save(self):
username = self.cleaned_data['username']
password = self.cleaned_data['password']
user = User(
username=username,
email=username,
is_active=False,
)
user.set_password(password)
user.save()
profile = UserProfile(
user=user,
username=username,
nickname=username,
email=username,
is_mail_verified=False,
)
profile.save()
INFO_LOG.info(gen_info_msg(self._request, action=u'注册成功'))
return profile
def save(self):
username = self.cleaned_data['username']
password = self.cleaned_data['password']
user = User(
username=username,
email=username,
is_active=False,
)
user.set_password(password)
user.save()
profile = UserProfile(
user=user,
username=username,
nickname=username,
email=username,
is_mail_verified=False,
)
profile.save()
INFO_LOG.info(gen_info_msg(self._request, action=u'注册成功'))
return profile
def returned_wrapper(request, *args, **kwargs):
if request.user.is_authenticated():
messages.error(request, '您已登录!')
INFO_LOG.info(gen_info_msg(request, action=u'已登陆不能进入', url=request.path, username=request.user.username))
return HttpResponseRedirect(reverse('gather.views.index'))
return func(request, *args, **kwargs)
signer = TimestampSigner()
try:
username = signer.unsign(value, ONE_DAY)
INFO_LOG.info(gen_info_msg(request, action='链接正常', code_url=request.path, valid=True, username=username))
return func(request, *args, **kwargs)
except (SignatureExpired, BadSignature, TypeError), e:
username = signer.unsign(value)
if isinstance(e, SignatureExpired):
messages.error(request, '链接已失效')
INFO_LOG.info(gen_info_msg(request, action=u'链接已失效', code_url=request.path, valid=False, username=username))
elif isinstance(e, BadSignature):
messages.error(request, '链接被篡改')
INFO_LOG.info(gen_info_msg(request, action=u'链接被篡改', code_url=request.path, valid=False, username=username))
return HttpResponseRedirect(settings.LOGIN_URL)
else:
INFO_LOG.info(gen_info_msg(request, action=u'无code信息', code_url=request.path, valid=False, username=username))
return HttpResponseRedirect(settings.LOGIN_URL)
return returned_wrapper
def unlogin_required(func):
""" 不允许登录用户进入"""
@wraps(func)
def returned_wrapper(request, *args, **kwargs):
if request.user.is_authenticated():
messages.error(request, '您已登录!')
INFO_LOG.info(gen_info_msg(request, action=u'已登陆不能进入', url=request.path, username=request.user.username))
return HttpResponseRedirect(reverse('gather.views.index'))
return func(request, *args, **kwargs)
return returned_wrapper
valid=False,
username=username))
elif isinstance(e, BadSignature):
messages.error(request, '链接被篡改')
INFO_LOG.info(
gen_info_msg(request,
action=u'链接被篡改',
code_url=request.path,
valid=False,
username=username))
return HttpResponseRedirect(settings.LOGIN_URL)
else:
INFO_LOG.info(
gen_info_msg(request,
action=u'无code信息',
code_url=request.path,
valid=False,
username=username))
return HttpResponseRedirect(settings.LOGIN_URL)
return returned_wrapper
def unlogin_required(func):
""" 不允许登录用户进入"""
@wraps(func)
def returned_wrapper(request, *args, **kwargs):
if request.user.is_authenticated():
messages.error(request, '您已登录!')
INFO_LOG.info(
gen_info_msg(request,