def register_handle(request):
"""注册验证"""
# 获取注册信息
post = request.POST
uname = post.get('user_name')
upwd1 = post.get('pwd')
upwd2 = post.get('cpwd')
uemail = post.get('email')
# 验证两次密码是否相同
if upwd1 == upwd2:
# 密码加密
s1 = sha1()
s1.update(upwd1)
upwd3 = s1.hexdigest()
#存入数据库
user = UserInfo()
user.uname = uname
user.upwd = upwd3
user.uemail = uemail
user.save()
return redirect('/user/login/')
else:
return redirect('/user/register/')
def register(request):
if request.method == 'GET':
return render(request, 'df_user/register.html', {'title': 'sign up'})
elif request.method == 'POST':
body = request.POST
uname = body.get('user_name')
upwd = body.get('pwd')
upwd2 = body.get('cpwd')
uemail = body.get('email')
if upwd != upwd2:
return redirect('/user/register/')
s1 = sha1()
s1.update(upwd)
upwd3 = s1.hexdigest()
user = UserInfo()
user.uname = uname
user.upwd = upwd3
user.uemail = uemail
user.save()
return redirect('/user/login/')
def register_handle(request):
uname = request.POST['user_name']
upwd = request.POST['pwd']
cpwd = request.POST['cpwd']
uemail = request.POST['email']
if upwd != cpwd:
pass
upwd1 = hashlib.sha1()
upwd1.update(upwd)
encry_upwd = upwd1.hexdigest()
user = UserInfo()
user.uname = uname
user.upwd = encry_upwd
user.uemail = uemail
user.save()
# print request.POST['email']
return render(request, 'df_user/register_success.html')
def register_handle(request):
uname = request.POST.get("user_name")
upwd = request.POST.get("pwd")
upwd2 = request.POST.get("cpwd")
uemail = request.POST.get("email")
if upwd != upwd2:
return redirect('/user/register/')
s1 = sha1()
s1.update(upwd)
upwd3 = s1.hexdigest()
user = UserInfo()
user.uname = uname
user.upwd = upwd3
user.uemail = uemail
user.save()
return redirect('/user/login/')
def register_handle(request):
dict = request.POST
uname = dict.get('user_name')
upwd = dict.get('pwd')
upwd2 = dict.get('cpwd')
email = dict.get('email')
if upwd != upwd2:
return redirect('/user/register/')
s1 = sha1()
s1.update(upwd)
upwd_sha1 = s1.hexdigest()
user = UserInfo()
user.uname = uname
user.upwd = upwd_sha1
user.uemail = email
user.save()
return redirect('/user/login/')
def register_handle(request):
#接收用户输入
post = request.POST
uname = post.get('user_name')
upwd = post.get('pwd')
upwd2 = post.get('cpwd')
uemail = post.get('email')
#判断两次密码
if upwd != upwd2:
return
#对密码进行加密
s1 = sha1()
s1.update(upwd)
upwd3 = s1.hexdigest()
#创建对象
user = UserInfo()
user.uname = uname
user.upwd = upwd3
user.uemail = uemail
user.save()
return redirect('/user/login/')
def register_saveInfo(request):
post = request.POST
uname = post.get('user_name')
upwd = post.get('pwd')
cpwd = post.get('cpwd')
uemail = post.get('email')
count = UserInfo.objects.filter(uname=uname).count()
if upwd != cpwd:
return redirect('/user/register/')
# elif count==1:
# return redirect('/user/register/?erroinfo=exist')
else:
s = sha1()
s.update(upwd)
upwd1 = s.hexdigest()
user = UserInfo()
user.uname = uname
user.upwd = upwd1
user.uemail = uemail
user.save()
return redirect('/user/login/')
def registerHandle(request):
if request.method == 'POST':
#接收注册信息
uname = request.POST['uname']
upwd = request.POST['upwd']
cpwd = request.POST['cpwd']
uemail = request.POST['uemail']
#判断是否同意用户使用协议
if request.POST.get('allow') == 'on':
#如果填写信息有空的回到本页
if uname == '' or upwd == '' or cpwd == '' or uemail == '':
#return redirect("/consumer/register/")
context = {"errinfo": "注册信息有误!"}
return render(request, "consumer/register.html", context)
else:
if upwd != cpwd:
#return redirect("/consumer/register/")
context = {"errinfo": "注册信息有误!"}
return render(request, "consumer/register.html", context)
else:
#保存注册信息
#sha1加密
s1 = sha1()
s1.update(upwd)
upwd = s1.hexdigest()
u = UserInfo()
u.uname = uname
u.uemail = uemail
u.upwd = upwd
u.save()
return redirect("/consumer/login/")
else:
return redirect("/consumer/register")
def polling_wx(self, request):
# tip为0表示还未扫码
self.wtip = 0
# 定义一个字典,用来返回ajax请求的长轮询结果
ret = {'status': 408, 'src': None}
# 获取手机扫描的结果
# 等待手机扫描的url返回的response
# https://login.wx.qq.com/cgi-bin/mmwebwx-bin/login?
# loginicon=true&
# uuid=IaLXstaSvQ==&该参数就是手机二维码的随机字符串
# tip=0& 轮询参数,为0表示未扫描,tip=1,表示已扫描。
# r=-373054253& 该参数不清楚,好像不影响
# _=1525064306978 该参数为时间戳字符串
# 手机未扫描的时候,状态码一直为pending,1分钟后,该地址状态码变为200,并返回response:window.code=408;
phone_url = 'https://login.wx.qq.com/cgi-bin/mmwebwx-bin/login?' \
'loginicon=true&' \
'uuid={0}&' \
'tip={1}&' \
'r=-373054253&' \
'_={2}'
# 用format替换占位符生成新的url,向新的url发起请求,并获得结果
new_url = phone_url.format(self.wcode, self.wtip, self.wctime)
response = requests.get(new_url)
print response.text
# 结果:window.code=408;
# 当手机扫描后:window.code=201;window.userAvatar = 'data:img/jpg;base64,/9j/4AA......QhCAP/Z';
# 状态码变为201,并且回传了window.userAvatar=,这个是64位加密的图像,这个图像就是用户头像,
# 如果字符串window.code=201在返回的结果列表里,获取用户头像,给到前端;
if 'window.code=201' in response.text:
#tip为1表示已经扫了码
self.wtip = 1
# 用正则获取头像
tx = re.findall("userAvatar = '(.*)';", response.text)[0]
ret['status'] = 201
ret['src'] = tx
# 这时当在手机上点确认登录后,response.text 返回如下结果:跳转地址和200状态码
# window.redirect_uri="https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxnewloginpage?ticket=ARokbQGY-KTjkAF2dBPyk3Vh@qrticket_0&uuid=wb7w2dJ_jQ==&lang=zh_CN&scan=1525096971";
# window.code=200;
# 现象,在客户端不停的发出轮询,这时应将轮询参数设为1
elif 'window.code=200' in response.text:
self.wtip = 1
# 因为这时要跳转到另一个url,那么势必要验证cookie,那么我们在跳转之前,获取当前cookie
# 获取new_url的cookie,并加入到全局请求的cookie字典中
self.req_cookie_dict.update(response.cookies.get_dict())
# 分析当前跳转的url
# window.redirect_uri="https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxnewloginpage?
# ticket=AX6ILPwVZU4XqDS1IbhD_R1e@qrticket_0& 票据
# uuid=oY-I8yasmA==& 二维码字符串
# lang=zh_CN&
# scan=1525099842";
# 对该url访问(直接用浏览器)_,报初始化失败,要求退出重新登录,只能确定,
#
# 那么提示了要初始化,chrome中看到data:img 200后有webwxinit?r=...之类的,猜测是初始化,点击后在Headers查看到
# Request URL:https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxinit?
# r=-389991253& 这个参数
# lang=zh_CN&
# pass_ticket=DFuNYreWjXQ32P19WYCzsD0rpD1CAJIyuRFM7r2P0lVuWEFQPav6Z6MauvE%252By7zz
# Request Method:POST
# 看到是post请求,需要pass_ticket参数
# 看到初始化之前还有一步:webwxnewloginpage?r=...,点击后,在Headers看到请求的url
# https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxnewloginpage?
# ticket=AcLgmk_bwvCk0TcK8WzBAWrl@qrticket_0&uuid=oY-LSj1eJA==&
# lang=zh_CN&
# scan=1525103462&
# fun=new&version=v2&
# lang=zh_CN
# Request Method:GET
# 在初始化之前,对上面url发起了get请求,该请求获得的结果在Response中果如下
# <error>
# <ret>0</ret>
# <message></message>
# <skey>@crypt_c5957d04_a5a8f371172238039dc15dad01a1bae2</skey>
# <wxsid>AsQN5PWbtNzblYmK</wxsid>
# <wxuin>969499281</wxuin> #这个才是识别用户的唯一标识,******
# <pass_ticket>DFuNYreWjXQ32P19WYCzsD0rpD1CAJIyuRFM7r2P0lVuWEFQPav6Z6MauvE%2By7zz</pass_ticket>
# <isgrayscale>1</isgrayscale>
# </error>
# 这个xml结果就包含初始化需要的pass_ticket参数,
# 并且该get请求的网址就是在我们获取的网址后加上不变的参数
# &fun=new&version=v2&lang=zh_CN
# 因此我们只要把不变的参数拼接后,用get访问,取得结果就可以拿到pass_ticket,然后发送post请求给初始化url
# 先用正则获取跳转url
get_url = re.findall('redirect_uri="(.*)";', response.text)[0]
# 再用获取该跳转地址的变量,因为在跳转的时候,有些变量在构造初始化url时要用
wxinit_url_start = re.findall('https://(.*)/cgi', get_url)[0]
print wxinit_url_start
get_url += '&fun=new&version=v2&lang=zh_CN'
get_response = requests.get(get_url)
# print get_response.text
# 获得的结果同初始化前一步获得的结果相同是个xml文件有初始化需要的参数,ok
# 获取初始化票据请求的cookie
self.tick_cookie_dict.update(get_response.cookies.get_dict())
# 对请求的结果,也就是获取的xml票据字典化,用beautifulsoup将xml转成字典
from bs4 import BeautifulSoup
soup = BeautifulSoup(get_response.text, 'html.parser')
for tag in soup.find():
self.tick_dict[tag.name] = tag.string
# 初始化用户,发送post请求,获取response,注意有个form表单选项,要提交
post_url = 'https://{0}/cgi-bin/mmwebwx-bin/webwxinit?' \
'r=-389991253&' \
'lang=zh_CN&' \
'pass_ticket={1}'
# 提交的form表单选项
form_data = {
'BaseRequest': {
'DeviceID':
"e921814936107411", # DeviceID为随机数,可以随意贴写,并不是设备的id
'Sid': self.tick_dict['wxsid'],
'Skey': self.tick_dict['skey'],
'Uin': self.tick_dict['wxuin'] # 这个才是识别用户的唯一标识,******
}
}
# 所有cookie放到一个dict中
all_cookie = {}
all_cookie.update(self.req_cookie_dict)
all_cookie.update(self.tick_cookie_dict)
# 构建初始化url
post_url = post_url.format(wxinit_url_start,
self.tick_dict['pass_ticket'])
# 向初始化url发起post请求,携带cookie,和提交form,将结果交给wxinit_resopse
wxinit_respose = requests.post(post_url,
json=form_data,
cookies=all_cookie)
wxinit_respose.encoding = 'utf-8' # 转码
# print wxinit_respose.text
#将返回的结果转成字典
wxinit_respose_dict = json.loads(wxinit_respose.text)
# 利用上面的字典打印该用户的微信网页版唯一标识符
print wxinit_respose_dict['User']['Uin']
print wxinit_respose_dict['User']['NickName']
#检查uin用户是否已存在 ,
#UserInfo用户表中,用户名构成 前缀'__wx__'+uin
uname = '-wx-' + str(wxinit_respose_dict['User']['Uin'])
user = UserInfo.objects.filter(uname=uname)
# 如果存在,则返回用户数据,给浏览器设定session
if len(user) == 1:
user = user[0]
# 设定session
request.session['user_id'] = user.id
wxuser = wxuserinfo.objects.filter(wxuser_id=user.id).first()
request.session['user_name'] = wxuser.wxnickname
# 否则,创建用户
# UserInfo用户表中, 用户名构成 前缀'__wx__'+uin
else:
#设置6位随机密码
upwd = ''
# 实现6位随机字母数字码
for i in range(6):
# 生成一个随机数字,范围与上面相同
current = random.randrange(6)
# 字母-->猜中了,就使用字母
if i == current:
# 生成大写字母对应ascii码的随机整数
tmp = random.randint(97, 122)
# 把整数转成字母
tmp = chr(tmp)
# 数字-->没猜中,就使用数字
else:
tmp = random.randint(0, 9)
upwd += str(tmp)
#对密码加密
m = md5()
m.update(bytes(upwd))
upwd3 = m.hexdigest()
# 创建用户信息表对象
user = UserInfo()
user.uname = uname
user.upwd = upwd3
user.uemail = uname + '@chw.com'
user.save()
# 创建微信用户信息对象
wxuser = wxuserinfo()
wxuser.wxuin = str(wxinit_respose_dict['User']['Uin'])
wxuser.wxnickname = wxinit_respose_dict['User']['NickName']
wxuser.wxinfo = wxinit_respose_dict['User']
wxuser.wxuser_id = user.id
wxuser.save()
# 把手工输入的账号和密码在前端弹出,用户点确定后再跳转
ret['username'] = user.uname
ret['upwd'] = upwd
# 设定session
request.session['user_id'] = user.id
print user.id
request.session['user_name'] = wxuser.wxnickname
# 记录替换的id和用户名和密码,
ret['ids'] = user.id
ret['unames'] = wxuser.wxnickname
# 退出微信url
# quit_url='https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxlogout?' \
# 'redirect=1&' \
# 'type=1&' \
# 'skey=%40crypt_c5957d04_75c6d023fc30a7edf029932e934987eb'
# Request Method:POST
# form data:
# sid:7Sz6ALrFrbNwprQS
# uin:969499281
quit_url='https://{0}/cgi-bin/mmwebwx-bin/webwxlogout?' \
'redirect=1&' \
'type=1&' \
'skey={1}'
# 拼接url
q_url = quit_url.format(wxinit_url_start, self.tick_dict['skey'])
quit_form = {
'sid': self.tick_dict['wxsid'],
'uin': self.tick_dict['wxuin'],
}
# 退出,该退出没有返回,如果没有该动作,则手机上会有‘网页微信已登录,手机通知已关闭'.
requests.post(q_url, json=quit_form, cookies=all_cookie)
# 清空二维码和票据,因为微信有个bug,就是结束轮询后,再一次轮询,依然可以用前一次的二维码字符串和票据再登录一次
# 调用类的构建函数,重新初始化,这样会使微信服务器退出网页登录,释放掉。
wxlogin.__init__(self) #这一步在退出的时候也很重要
# 将状态码置为True,让网页更新
ret['status'] = True
return HttpResponse(json.dumps(ret))
