def post(self, request, phone_number, validation_code, **kwargs):
"""
绑定或更换手机号
:param request:
:param phone_number:
:param validation_code:
:param kwargs:
:return:
"""
if not phone_number.isdigit():
return self.fail(1, '新手机号码格式不正确')
user = request.user
# 如果 user.phone_number 不为空,则是则更换手机号,需要验证原手机号和验证码
# 如果 user.phone_number 为空,则是绑定手机,需验证新手机号和验证码
if not UserValidationCode.verify(user.phone_number or phone_number, validation_code):
return self.fail(1, '验证码错误')
if AdminUser.objects.filter(phone_number=phone_number).exists() \
or AdminUser.objects.filter(username=phone_number).exists():
return self.fail(2, '手机号已被绑定')
update_params = {
'phone_number': phone_number,
'token': generate_token(user.password),
}
# 一般人的用户名和手机号都是相同的
# 但超管的 username 是 admin
if user.username == user.phone_number:
update_params['username'] = phone_number
AdminUser.objects.filter(id=user.id).update(**update_params)
return self.success()
def post(self, request, phone_number, old_pass, new_pass, valid_code):
if request.user.check_password(old_pass):
if not UserValidationCode.verify(phone_number, valid_code):
return HttpResponseForbidden('验证码与手机不匹配')
request.user.phone_number = phone_number
if new_pass != '':
request.user.set_password(new_pass)
request.user.save()
template = loader.get_template("admin_user/identify.html")
context = Context({
'u': request.user,
'msg': '保存成功',
'user': request.user
})
return HttpResponse(template.render(context))
return HttpResponseForbidden('旧密码错误')
def get(self, request, phone, **kwargs):
"""
未绑定的,是绑定手机号
已绑定的,则是更换手机号
:param request:
:param phone:
:param kwargs:
:return:
"""
if not phone.isdigit():
return self.fail(1, '手机号码格式不正确')
user = request.user
if user.phone_number and user.phone_number != phone:
return self.fail(2, '您输入的手机号与当前用户手机号不符,请确认')
# 发送验证码
code = UserValidationCode.generate(phone)
tpl_value = "#code#=" + code
send_message(phone, tpl_value)
return self.success()
def post(self, request, old_psd, password, validation_code, **kwargs):
"""
更换密码
:param request:
:param old_psd:
:param password:
:param validation_code:
:param kwargs:
:return:
"""
user = request.user
if not UserValidationCode.verify(user.phone_number, validation_code):
return self.fail(1, '验证码错误')
if user.password != old_psd:
return self.fail(2, '原密码错误')
token = generate_token(user.password)
AdminUser.objects.filter(id=user.id).update(password=password,
token=token)
return self.success()
def post(self, request, phone_number, password, validation_code):
"""绑定手机号,若成功返回200
param phone_number: 手机号
:param password: 密码
:param validation_code: 手机号收到的验证码
:return 200
"""
if not UserValidationCode.verify(phone_number, validation_code):
abort(400, '验证码与手机不匹配')
if not request.user.check_password(password):
abort(403, '密码错误')
if User.enabled.filter(phone_number=phone_number).count() > 0:
abort(403, '手机号已存在')
request.user.phone_number = phone_number
request.user.save()
abort(200)
def get(self, request, phone, password, **kwargs):
"""
更换密码,需先验证原密码,在获取验证码,
:param request:
:param phone:
:param password:
:param kwargs:
:return:
"""
if not phone.isdigit():
return self.fail(1, '手机号码格式不正确')
user = request.user
if user.phone_number and user.phone_number != phone:
return self.fail(2, '您输入的手机号与当前用户手机号不符,请确认')
if user.password != password:
return self.fail(3, '原密码错误')
# 发送验证码
code = UserValidationCode.generate(phone)
tpl_value = "#code#=" + code
send_message(phone, tpl_value)
return self.success()
def post(self,
request,
method,
phone_number,
password,
validation_code,
invitation_code=None,
icon=DEFAULT_ICON_URL,
wechatid=None,
nickname=None,
gender=0,
province=None,
city=None):
"""注册,若成功返回用户令牌"""
if method == 'phone':
if User.objects.filter(phone_number=phone_number).count() > 0:
abort(403, '用户已经注册')
return
elif method == 'wechat':
if wechatid is None or nickname is None:
abort(400, 'wechatid 或昵称不能为空')
return
# 防止绑定过微信的用户重复绑定
if User.objects.filter(wechat_id=wechatid).count() > 0:
abort(403, '用户已经注册')
return
user = User.objects.filter(phone_number=phone_number).first()
if user is not None:
# 绑定已经使用手机号注册的账户
User.objects.filter(phone_number=phone_number).update(
wechat_id=wechatid)
return JsonResponse({'token': user.token})
else:
abort(400)
return
if not UserValidationCode.verify(phone_number, validation_code):
abort(400, '验证码错误')
with transaction.atomic():
try:
user = User(phone_number=phone_number,
wechat_id=wechatid,
city=city,
province=province,
gender=gender,
icon=icon)
user.set_password(password)
user.generate_info(phone_number)
user.save()
code, desc = register_to_huanxin(phone_number, user.password,
user.name)
if code != 200:
raise RuntimeError(desc)
if invitation_code:
self.__add_invited_users(request.user,
invitation_code.split(','))
# 加积分
user.score += get_score_stage(3)
user.score_records.create(score=get_score_stage(3),
type="初始数据",
description="首次手机号注册")
return JsonResponse({'token': user.token})
except RuntimeError as e:
print(e)
abort(403, str(e) or '创建用户失败')