def post(self, request, args):
login_type = args["login_type"]
code = args.get("code", None)
phone = args.get("phone", None)
pwd = args.get("password", None)
sms_code = args.get("sms_code", None)
# 若登录方式为微信
if login_type == UserLoginType.WX:
if not code:
return self.send_fail(error_text="微信登录缺少code")
# 若登录方式为密码
elif login_type == UserLoginType.PWD:
if not phone and not pwd:
return self.send_fail(error_text="密码登录缺手机号或密码")
success, user = get_user_by_phone_and_password(
phone, pwd, login_type)
if not success:
return self.send_fail(error_text=user)
token, refresh_token = self._set_current_user(user)
response_data = jwt_response_payload_handler(
token, refresh_token, user, request)
return self.send_success(data=response_data)
# 若登陆方式为手机号
else:
if not phone and not sms_code:
return self.send_fail(error_text="密码登录缺手机号或验证码")
redis_conn = get_redis_connection("verify_codes")
real_sms_code = redis_conn.get("sms_%s" % phone)
if not real_sms_code:
return self.send_fail(error_text="验证码已过期")
if str(real_sms_code.decode()) != sms_code:
return self.send_error(status_code=status.HTTP_400_BAD_REQUEST,
error_message={"detail": "短信验证码错误"})
success, user = get_user_by_phone(phone, login_type)
if not success:
return self.send_fail(error_text=user)
# user不存在,进行注册
if not user:
data = {
"phone":
phone,
"username":
phone,
"nickname":
"用户{phone}".format(phone=phone),
"head_image_url":
"http://img.senguo.cc/FlMKOOnlycuoZp1rR39LyCFUHUgl"
}
serializer = UserCreateSerializer(data=data)
serializer.is_valid()
user = serializer.save()
token, refresh_token = self._set_current_user(user)
response_data = jwt_response_payload_handler(
token, refresh_token, user, request)
return self.send_success(data=response_data)
def post(self,request):
phone = request.data.get("phone")
code = request.data.get("code")
if not re.match(r'^1[3-9]\d{9}$', phone):
return Response({"message":"手机号码格式错误"})
try:
user = get_user_by_account(phone)
except UserInfo.DoesNotExist:
return Response({"message":"当前手机号不存在"})
# TODO 检验密码的格式
# TODO 校验验证码是否一致
redis_connection = get_redis_connection("sms_code")
mobile_code = redis_connection.get("mobile_%s" % phone)
if mobile_code.decode() != code:
# 代表验证码有误
# 为了防止暴力破解 可以设置一个手机号只能验证n次 累加
return Response({"message":"验证码错误"})
# 验证通过后将redis的验证码的删除
else:
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return Response(jwt_response_payload_handler( token, user, request))
def post(self, request, format=None):
username = request.data['username']
password = request.data['password']
usergo = authenticate(username=username, password=password)
if usergo is not None:
# auth_login(request,usergo)
if usergo.is_active:
payload = jwt_payload_handler(usergo)
token = jwt_encode_handler(payload)
response_data = jwt_response_payload_handler(token, usergo)
return Response(response_data, status=status.HTTP_200_OK)
else:
content = {"non_field_errors": ["用户账户已禁用。"]}
return Response(content, status=status.HTTP_400_BAD_REQUEST)
else:
content = {"non_field_errors": ["无法使用提供的认证信息登录。"]}
return Response(content, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, args):
user = self._get_current_user(request)
if not user:
return self.send_error(status_code=status.HTTP_401_UNAUTHORIZED,
error_message={"error_text": "用户未登录"})
phone = args["phone"]
# 短信验证码校验
success, info = validate_sms_code(phone, args["sms_code"])
if not success:
return self.send_fail(error_text=info)
success, info = update_user_password(user, args["password1"],
args["password2"])
if not success:
return self.send_fail(error_text=info)
token, refresh_token = self._set_current_user(user)
response_data = jwt_response_payload_handler(token, refresh_token,
user, request)
return self.send_success(data=response_data)
def post(self, request, args, shop_code):
self._set_current_shop(request, shop_code)
shop = self.current_shop
phone = args.get("phone")
sms_code = args.get("sms_code")
# 验证密码是否一致
if args.get("password1") != args.get("password2"):
return self.send_fail(error_text="两次输入的密码不一致")
# 校验验证码
redis_conn = get_redis_connection("verify_codes")
real_sms_code = redis_conn.get("sms_%s" % phone)
if not real_sms_code:
return self.send_fail(error_text="验证码已过期")
if str(real_sms_code.decode()) != sms_code:
return self.send_error(status_code=status.HTTP_400_BAD_REQUEST,
error_message={"detail": "短信验证码错误"})
data = {
"phone": phone,
"username": phone,
"nickname": "用户{phone}".format(phone=phone),
"head_image_url":
"http://img.senguo.cc/FlMKOOnlycuoZp1rR39LyCFUHUgl",
"password": args.get("password1")
}
serializer = UserCreateSerializer(data=data)
serializer.is_valid()
user = serializer.save()
customer = get_customer_by_user_id_and_shop_id_interface(
user.id, shop.id)
# 新客户则创建客户信息
if not customer:
create_customer(user.id, shop.id)
token, refresh_token = self._set_current_user(user)
response_data = jwt_response_payload_handler(token, refresh_token,
user, request)
return self.send_success(data=response_data)
def post(self, request, args, shop_code):
login_type = args["login_type"]
code = args.get("code", None)
phone = args.get("phone", None)
pwd = args.get("password", None)
sms_code = args.get("sms_code", None)
self._set_current_shop(request, shop_code)
shop = self.current_shop
# todo 微信登录还需要修改
# 若登录方式为微信
if login_type == UserLoginType.WX:
if not code:
return self.send_fail(error_text="微信登录缺少code")
shop_appid = MP_APPID
shop_appsecret = MP_APPSECRET
wechat_oauth = WeChatOAuth(
app_id=shop_appid,
secret=shop_appsecret,
redirect_uri="",
scope="snsapi_userinfo",
)
try:
wechat_oauth.fetch_access_token(code)
user_info = wechat_oauth.get_user_info()
except:
return self.send_fail(error_text='获取微信授权失败')
"""
user_info = {
"openid": "oMZbfv3iy12L1q1XGWpkko_P_YPI",
"nickname": "hpf",
"sex": 1,
"language": "zh_CN",
"city": "武汉",
"province": "湖北",
"country": "中国",
"headimgurl": "http://thirdwx.qlogo.cn/mmopen/vi_32/yctGCWkz1jI2ybfVe12KmrXIb9R89dfgnoribX9sG75hBPJQlsK30fnib9r4nKELHcpcXAibztiaHH3jz65f03ibOlg/132",
"privilege": [],
"unionid": "oIWUauOLaT50pWKUeNKhKP6W0WIU"
}
"""
user_info["headimgurl"] = user_info["headimgurl"].replace(
"http://", "https://")
user = get_user_by_wx_unionid(user_info.get("unionid"))
if not user:
new_user_info = {
"username": user_info.get('phone'),
"phone": user_info.get('phone'),
"sex": user_info.get('sex'),
"nickname": user_info.get("nickname"),
"realname": user_info.get("realname"),
"head_image_url": user_info.get("headimgurl"),
"wx_unionid": user_info.get("unionid"),
"wx_openid": user_info.get("openid"),
"wx_country": user_info.get("country"),
"wx_province": user_info.get("province"),
"wx_city": user_info.get("city"),
}
user_serializer = UserCreateSerializer(data=new_user_info)
user = user_serializer.save()
ret, user_openid = get_openid_by_user_id_and_appid(
user.id, shop_appid)
# 不存在则添加用户的openid
if not ret:
info = {
'user_id': user.id,
'mp_appid': shop_appid,
'wx_openid': user_info.get("openid"),
}
create_user_openid(**info)
# 若登录方式为密码
elif login_type == UserLoginType.PWD:
if not phone and not pwd:
return self.send_fail(error_text="密码登录缺手机号或密码")
success, user = get_user_by_phone_and_password(
phone, pwd, login_type)
if not success:
return self.send_fail(error_text=user)
# 若登陆方式为手机号
else:
if not phone and not sms_code:
return self.send_fail(error_text="密码登录缺手机号或验证码")
redis_conn = get_redis_connection("verify_codes")
real_sms_code = redis_conn.get("sms_%s" % phone)
if not real_sms_code:
return self.send_fail(error_text="验证码已过期")
if str(real_sms_code.decode()) != sms_code:
return self.send_error(status_code=status.HTTP_400_BAD_REQUEST,
error_message={"detail": "短信验证码错误"})
success, user = get_user_by_phone(phone, login_type)
if not success:
return self.send_fail(error_text=user)
# user不存在
if not user:
return self.send_fail(error_text="该用户不存在")
customer = get_customer_by_user_id_and_shop_id_interface(
user.id, shop.id)
# 新客户则创建客户信息
if not customer:
create_customer(user.id, shop.id)
token, refresh_token = self._set_current_user(user)
response_data = jwt_response_payload_handler(token, refresh_token,
user, request)
return self.send_success(data=response_data)