def get(self, request):
user = self.request.user
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
response_data = jwt_response_payload_handler(token, user, request)
return Response(data=response_data)
def post(self, request, *args, **kwargs):
"""
:param request:
:param format:
:return:
:raises
- KEY_ERROR: mistake spelling username or password
- NO_CREDENTIALS_PROVIDED: provided empty credential
- USER_INVALID_CREDENTIALS: provided wrong credential
- USER_ACCOUNT_BLOCKED: if user blocked
- USER_ACCOUNT_DEACTIVATED: if user account is deactivated
"""
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (timezone.now() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
return Response(ERROR_CODE.global_codes.VALUE_ERROR, status=401)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
decoded_token = token_decoder(request.data['token'])
user_response = authorize_check(decoded_token)
if user_response:
user = User.objects.get(email=decoded_token['email'])
get_token = serializer.object.get('token')
dec_token = token_decoder(get_token)
print(dec_token)
dec_token['authorize'] = decoded_token['authorize']
token = token_encoded(dec_token)
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data, status=200)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.datetime.now() + api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True)
return response
return Response(status=401)
else:
return Response(serializer.errors, status=401)
def post(self, request, *args, **kwargs):
request_data = request.data
if 'email' in request_data:
request_data['email'] = request_data.get('email').lower()
elif 'phone' in request_data:
user_by_phone = User.objects.filter(
phone_number=request_data.get('phone')).first()
request_data['email'] = user_by_phone.email.lower()
serializer = self.get_serializer(data=request_data,
context={'request': request})
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
response.data['token'],
expires=expiration,
httponly=True)
return response
return Response({'message': 'Invalid Password'},
status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
user = request.data.get('username')
user_info = User.objects.filter(username=user)
if user_info and not user_info.first().is_active:
return Response({
'code': 40000,
'message': "该用户未激活!"
})
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response({
'code':20000,
'data':response_data
})
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
# 更改数据库中last_login的值
user.last_login = datetime.now(tz=timezone.utc)
user.save()
return response
return Response({
'code':60204,
'message':"请输入正确的用户名和密码"
})
def post(self, request, *args, **kwargs):
"""
用户登录接口
---
parameters:
- name: nick_name
description: 用户名
required: true
type: string
paramType: form
- name: password
description: 密码
required: true
type: string
paramType: form
"""
nick_name = request.POST.get("nick_name", None)
password = request.POST.get("password", None)
try:
if not nick_name:
code = 400
result = general_message(code, "username is missing", "请填写用户名")
return Response(result, status=code)
elif not password:
code = 400
result = general_message(code, "password is missing", "请填写密码")
return Response(result, status=code)
user, msg, code = user_svc.is_exist(nick_name, password)
if not user:
code = 400
result = general_message(code, "authorization fail ", msg)
return Response(result, status=code)
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(
token, user, request)
result = general_message(200,
"login success",
"登录成功",
bean=response_data)
response = Response(result)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.datetime.now() +
datetime.timedelta(days=30))
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration)
jwt_manager = JwtManager()
jwt_manager.set(response_data["token"], user.user_id)
return response
result = general_message(
400, "login failed",
"{}".format(list(dict(serializer.errors).values())[0][0]))
return Response(result, status=status.HTTP_400_BAD_REQUEST)
except Exception as e:
logging.exception(e)
result = error_message()
return Response(result, status=500)
def post(self, request, *args, **kwargs):
"""
用户登录,返回JWT Token
fe-user-login
:param request:
:param args:
:param kwargs:
:return:
"""
serializer = user_serializer.UserLoginSerializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if JWT_AUTH['JWT_AUTH_COOKIE']:
expiration = (datetime.utcnow() +
JWT_AUTH['JWT_EXPIRATION_DELTA'])
response.set_cookie(JWT_AUTH['JWT_AUTH_COOKIE'],
token,
expires=expiration,
httponly=True)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
# 校验验证码
self.jarge_captcha(request)
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = SuccessResponse(response_data)
if token:
username = user.username
session_id = jwt_get_session_id(token)
key = f"{self.prefix}_{session_id}_{username}"
if getattr(settings, "REDIS_ENABLE", False):
cache.set(key, token, self.ex.total_seconds())
self.save_login_infor(request, '登录成功', session_id=session_id)
if self.JWT_AUTH_COOKIE and token:
expiration = (datetime.datetime.utcnow() + self.ex)
response.set_cookie(self.JWT_AUTH_COOKIE,
token,
expires=expiration,
domain=settings.SESSION_COOKIE_DOMAIN,
httponly=False)
return response
self.save_login_infor(request, '登录失败,账户/密码不正确', False)
return ErrorResponse(data=serializer.errors, msg='账户/密码不正确')
def jwtlogin(request, user):
"""
Persist a user id and a backend in the request. This way a user doesn't
have to reauthenticate on every request. Note that data set during
the anonymous session is retained when the user logs in.
"""
session_auth_hash = ''
if user is None:
user = request.user
if hasattr(user, 'get_session_auth_hash'):
session_auth_hash = user.get_session_auth_hash()
if SESSION_KEY in request.session:
if request.session[SESSION_KEY] != user.pk or (
session_auth_hash and
request.session.get(HASH_SESSION_KEY) != session_auth_hash):
# To avoid reusing another user's session, create a new, empty
# session if the existing session corresponds to a different
# authenticated user.
request.session.flush()
else:
request.session.cycle_key()
request.session[SESSION_KEY] = user.pk
request.session[BACKEND_SESSION_KEY] = user.backend
request.session[HASH_SESSION_KEY] = session_auth_hash
if hasattr(request, 'user'):
request.user = user
rotate_token(request)
response_data = jwt_response_payload_handler(rotate_token, user, request)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA)
response_data.set_cookie(api_settings.JWT_AUTH_COOKIE,
rotate_token,
expires=expiration,
httponly=True)
def post(self, request, *args, **kwargs):
"""
:param request:
:param format:
:return:
:raises
- KEY_ERROR: token keyword is not provided or spelling mistake
- ALL_FIELDS_REQUIRED: empty token field
"""
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (timezone.now() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
return Response(ERROR_CODE.global_codes.VALUE_ERROR, status=401)
def post(self, request, *args, **kwargs):
username = request.data.get("username")
password = request.data.get("password")
try:
db_password_hash = User.objects.get(username=username).password
except User.DoesNotExist:
return Response(ErrUserNotFound, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
if not check_password(password, db_password_hash):
return Response(ErrInvalidPassword, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs) -> dict:
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
data = jwt_response_payload_handler(token, user, request)
return JSONResponse.success(data)
else:
return JSONResponse.noauth(serializer.errors)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.save()
token = self.create_token(user)
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
return response
def login(self):
payload = jwt_payload_handler(self.user)
if api_settings.JWT_ALLOW_REFRESH:
payload['orig_iat'] = timegm(datetime.utcnow().utctimetuple())
request = self.context.get('request')
token = jwt_encode_handler(payload)
response = jwt_response_payload_handler(token, self.user, request)
response['user'] = UserSerializer(instance=self.user).data
return response
def post(self, request):
serializer = self.serializer_class(request=request, data=request.DATA)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get("user") or request.user
update_last_login(None, user)
token = serializer.object.get("token")
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get("user") or request.user
update_last_login(None, user)
token = serializer.object.get("token")
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
content = {
'response_data':
jwt_response_payload_handler(token, user, request),
'status': status.HTTP_200_OK,
}
return Response(content, status=status.HTTP_200_OK)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def _auth_handler(self, request, data):
serializer = self.get_serializer(data=data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
#return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
return Response(err_msg=str(serializer.errors),
err_code=105) # TODO: 少了Token相关的code
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
user_obj = auth.authenticate(username=request.data.get("username"), password=request.data.get("password"))
if not user_obj:
return APIResponse(http_status=400, message="密码验证失败")
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
data = {'id': user.id,
'name': user.username,
'username': user.username,
'password': '',
# 'avatar': 'https://gw.alipayobjects.com/zos/rmsportal/jZUIxmJycoymBprLOUbT.png',
'avatar': '',
'status': 1,
'telephone': user.telephone,
'lastLoginIp': user.last_login_ip,
'lastLoginTime': user.last_login,
'creatorId': user.role.uid,
'createTime': user.date_joined,
'deleted': 0,
'roleId': user.user_role,
'lang': 'zh-CN',
"token": token
}
return APIResponse(result=data)
errors = []
valid_errors = []
user = serializer.object.get('user') or request.user
if user.is_active:
return APIResponse(http_status=400, code=400, message="账号已禁用")
for column, error in serializer.errors.items():
if error:
valid_errors.append("{}({})".format(column, str(error[0])))
errors.append("登录失败:{}".format("|".join(valid_errors)))
if errors:
return APIResponse(http_status=400, code=400, message="\n".join(errors))
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
user = serializer.validated_data.get('user')
if user:
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
return response
return Response(serializer.errors,
status=status.HTTP_422_UNPROCESSABLE_ENTITY)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
result = genernal_message(code=status.HTTP_200_OK, msg="login success", data=response_data)
response = Response(data=result, status=status.HTTP_200_OK)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True)
return response
err = serializer.errors
result = genernal_message(code=status.HTTP_400_BAD_REQUEST, msg="login failed", data=err)
return Response(data=result, status=status.HTTP_400_BAD_REQUEST)
def update(self, request, *args, **kwargs):
partial = kwargs.pop('partial', False)
instance = self.get_object()
serializer = self.get_serializer(
instance,
data=request.data,
partial=partial,
)
serializer.is_valid(raise_exception=True)
self.perform_update(serializer)
payload = jwt_payload_handler(request.user)
token = jwt_encode_handler(payload)
response_data = jwt_response_payload_handler(token, request.user,
self.request)
return Response(response_data)
def post(self, request):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
# check if settings swith is on / then check validity
if Mysetting.ACCOUNT_EMAIL_VERIFICATION == "mandatory":
email_address = user.emailaddress_set.get(email=user.email)
if not email_address.verified:
return Response(status=403, data='E-mail is not verified.')
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
"""
Registration
Fill personal info.
Returns user info and JWT token
"""
serial = self.serializer_class(data=request.data)
serial.is_valid(raise_exception=True)
vd = serial.validated_data
reg_type = vd.get('reg_type')
extra_fields = deepcopy(vd)
for extra_field in \
('reg_type', 'password', 'password_confirm', 'email'):
if extra_fields.get(extra_field):
extra_fields.pop(extra_field)
if reg_type == AuthUserRegistrationType.default:
user = AuthUser.objects.create_user(
vd['email'], vd['password'], **extra_fields
)
elif reg_type == AuthUserRegistrationType.redactor:
user = AuthUser.objects.create_redactor(
vd['email'], vd['password'], **extra_fields
)
else:
return Response(dict(), status=status.HTTP_400_BAD_REQUEST)
if not user.is_email_confirmed:
#
#token = ConfirmationLink(user=user, type=ConfirmationLinkType.confirm_email)
#token.save()
user_id = user.id
token = 'asdasdasdcalsdlasldalsdalsdl'
send_verification_email.delay(user_id, token)
return Response(
jwt_response_payload_handler(
token=create_token(user), user=user, request=request
),
status=status.HTTP_200_OK
)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
username = request.data.get("username")
if not username:
return Response(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
try:
user = User.objects.filter(username=username)[0]
except serializers.ValidationError as e:
return Response(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
else:
if not user.is_active:
return Response({"err_code": "0"}, status=status.HTTP_200_OK)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response_data.update({
"user_id": user.id,
"user_name": user.username,
"err_code": "1"
})
response = Response(response_data)
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = JsonResponse(
OrderedDict([('results', response_data)],
code=status.HTTP_200_OK))
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
return JsonResponse(
OrderedDict([('results', serializer.errors)],
code=status.HTTP_500_INTERNAL_SERVER_ERROR))
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
send_group_msg("aaa", {"message": "登录成功"})
if api_settings.JWT_AUTH_COOKIE:
expiration = (datetime.utcnow() +
api_settings.JWT_EXPIRATION_DELTA)
response.set_cookie(api_settings.JWT_AUTH_COOKIE,
token,
expires=expiration,
httponly=True)
return response
# return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
return Response({
"code": ERROR_USER_RALATION.status_code,
"message": ERROR_USER_RALATION.message
})
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user') or request.user
token = serializer.object.get('token')
response_data = jwt_response_payload_handler(token, user, request)
response = Response(response_data)
if settings.JWT_AUTH['JWT_AUTH_COOKIE']:
expiration = (datetime.utcnow() +
settings.JWT_AUTH['JWT_EXPIRATION_DELTA'])
response.set_cookie(
settings.JWT_AUTH['JWT_AUTH_COOKIE'],
token,
expires=expiration,
httponly=True,
secure=settings.SECURE_COOKIE,
)
response.cookies[settings.JWT_AUTH['JWT_AUTH_COOKIE']][
'samesite'] = settings.JWT_AUTH['JWT_COOKIE_SAMESITE']
return response
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
