def check_user(request):
if request.method == 'GET':
token = request.META.get('HTTP_AUTHENTICATION')
obj = check_token(token)
if not obj:
return resp(204, '用户信息过期')
u_id = obj['id']
u = User.objects.filter(id=u_id).first()
end_time = u.end_time
if not end_time:
return resp(201, '用户还未购买资源')
# 获取用户当前时间是否过期
if datetime.datetime.now() > end_time:
# 用户过期
return resp(202, '用户过期')
# 查询当前用户的资源权限
group = Group.objects.filter(id=u.group_id).first()
# 获取当前用户对应的一级分类id
cursor = connection.cursor()
sql = f'select a.id from one_src a join one_src_group b on a.id=b.one_src_id join `group` c on ' \
f'c.id=b.group_id join user d on d.group_id=c.id where d.id={u_id}'
cursor.execute(sql)
one_src_id_list = [str(i[0]) for i in cursor.fetchall()]
sql = f'select a.id from one_src a left join two_src b on a.id=b.one_src_id left join three_src c ' \
f'on b.id=c.two_src_id where a.id in ({",".join(one_src_id_list)});'
cursor.execute(sql)
data = OneSrc.objects.filter(
id__in=[i for i in {i[0]
for i in cursor.fetchall()}])
cursor.close()
data = [i.to_all_dict() for i in data]
return resp(data=data)
def invoice(request):
token = request.META.get('HTTP_AUTHENTICATION')
obj = check_token(token)
u_id = obj['id']
if request.method == 'POST':
company = request.POST.get('company')
code = request.POST.get('code')
addr_tel = request.POST.get('addr_tel')
acount = request.POST.get('acount')
receive_email = request.POST.get('receive_email')
receive_user = request.POST.get('receive_user')
receive_addr = request.POST.get('receive_addr')
receive_phone = request.POST.get('receive_phone')
flag = request.POST.get('flag') # 传递falg :create 代表新建 ,不传值代表修改
i = Invoice() if flag == 'create' else Invoice.objects.filter(u_id=u_id).first()
i.u_id = u_id
i.company = company
i.code = code
i.addr_tel = addr_tel
i.acount = acount
i.receive_email = receive_email
i.receive_user = receive_user
i.receive_addr = receive_addr
i.receive_phone = receive_phone
i.save()
return resp()
if request.method == 'GET':
# 确定是否为一对一,一对多,目前采取一对一的形式
i = Invoice.objects.filter(u_id=u_id).first()
if i:
return resp(data=i.to_dict())
else:
return resp(400, '没有资源')
def get_resource(request):
if request.method == 'POST':
# 三级资源id
t_id = int(request.POST.get("code"))
token = request.POST.get("token")
# 1.判断用户token是否有效
if (not token) or token == 'null':
return resp(404, '没有token')
obj = check_token(token)
if not obj:
return resp(404, 'token过期')
u_id = obj['id']
# 判断
# 2.判断用户是否有权限访问该资源 ,无访问权限返回404
u = User.objects.filter(id=u_id).first()
ids = [i.to_one_dict() for i in u.group.go.all()]
ids = parsing_list(ids)
if t_id not in ids:
return resp(404, '无权限访问')
# 3.根据三级资源获取cookie数据
t = ThreeSrc.objects.filter(id=t_id).first()
cookie = t.four_src.cookie
# 4.根据三级资源获取登陆链接
url = t.four_src.url
return resp(data={"href": url, "thing": string_encryption(cookie)})
def card_recharge(request):
"""卡号充值"""
if request.method == 'POST':
# 清除字符串两边空格
card_id = request.POST.get('card_id')
card_pwd = request.POST.get('card_pwd')
if card_id and card_pwd:
card_id = card_id.strip()
card_pwd = card_pwd.strip()
else:
return resp(205, '参数不正确')
# 判断卡号是否存在
c = CardRechargeList.objects.filter(card_id=card_id).first()
if not c:
return resp(202, '资源不存在')
if c.is_use:
return resp(201, '资源已被使用')
if c.card_pwd != card_pwd:
return resp(203, '密码错误,请联系商家')
# 通过校验,开始进行充值
token = request.META.get('HTTP_AUTHENTICATION')
obj = check_token(token)
if not obj:
return resp(204, '用户信息过期')
u_id = obj['id']
u = User.objects.filter(id=u_id).first()
# 获取当前用户是否过期,如果用户存在会员并且没有过期,产生升级、续费的操作。
if u.group_id != 1 and u.end_time > datetime.datetime.now():
# 当前用户存在会员并且没有过期
# 获取到交易类型分辨vip等级
u_trade_type = u.group.t.all()[0]
re_name = re.findall(r'(VI.*?\d)', u_trade_type.name)[0]
if re_name in c.trade_type.name:
# 当前会员进行续费,续费也可以是对月、年续费
return resp(300, '是否续费当前会员')
else:
# 当前用户进行升级
return resp(301, '是否升级会员')
# 过期时间 = 支付订单时间 + 过期天数
u.end_time = datetime.datetime.now() + datetime.timedelta(days=c.trade_type.days)
u.group = c.trade_type.group
u.save()
c.is_use = 1
c.save()
# 创建订单
o = Order()
o.id = encode_order(str(time.time()))
o.login_name = u.login_name
o.trade_type = 3
o.card_id = card_id
o.trade_group = c.trade_type_id
o.days = c.trade_type.days
o.total = float(c.trade_type.price)
o.desc = '1'
o.save()
return resp()
def get_token_info(request):
"""根据token获取用户信息"""
if request.method == 'GET':
token = request.META.get('HTTP_AUTHENTICATION')
back = request.GET.get('back')
# 解析token数据
obj = check_token(token)
if obj:
u_id = obj['id']
u = User.objects.filter(id=u_id).first()
return resp(data=u.to_back_dict() if back else u.to_front_dict())
else:
return resp(code=4001, msg='token 失效')
def process_request(self, request):
need_token = [
'/user/get_admins/', '/user/update_admin/',
'/user/update_profile/', '/user/get_user_info/',
'/user/update_pwd/', '/trade/invoice/'
]
if request.path in need_token:
# 判断需要token的路由,如果没有token,则不通过
token = request.META.get('HTTP_AUTHENTICATION')
if (not token) or token == 'null':
return resp(400, '没有token')
if not check_token(token):
return resp(401, 'token过期')
def update_pwd(request):
"""修改密码"""
if request.method == 'POST':
token = request.META.get('HTTP_AUTHENTICATION')
obj = check_token(token)
u_id = obj['id']
u = User.objects.filter(id=u_id).first()
old_pwd = request.POST.get('old_pwd')
if not u:
return resp(201, 'not user')
if u.pwd != old_pwd:
return resp(202, 'pwd error')
new_pwd = request.POST.get('new_pwd')
u.pwd = new_pwd
u.save()
return resp()
def get_user_info(request):
"""根据用户id获取用户信息"""
if request.method == "GET":
u_id = request.GET.get('id')
# 判断当前如何获取的详情数据,分析应当传递后端数据还是前端数据
# 需要检测token的值,如果传递的是admin则返回后端数据,传递的是普通的数据,返回前端的数据
token = request.META.get('HTTP_AUTH_TOKEN')
obj = check_token(token)
if obj:
# token通过校验
check_u = User.objects.filter(id=obj['id']).first()
if u_id:
u = User.objects.filter(id=u_id).first()
return resp(data=u.to_back_dict() if check_u.is_admin else u.
to_front_dict())
else:
u_all = User.objects.all()
return resp(data=[i.to_back_dict() for i in u_all])
else:
return resp(code=400, msg='处于没有登陆状态')
def update_profile(request):
"""修改个人信息"""
if request.method == 'POST':
token = request.META.get('HTTP_AUTHENTICATION')
obj = check_token(token)
u_id = obj['id']
email = request.POST.get('email')
major = request.POST.get('major')
user_name = request.POST.get('user_name')
qq = request.POST.get('qq')
phone = request.POST.get('phone')
u = User.objects.filter(id=u_id).first()
if not u:
return resp(201, 'not user')
u.email = email
u.major = major
u.user_name = user_name
u.qq = qq
u.phone = phone
u.save()
return resp()
def update_invoice(request):
if request.method == 'POST':
token = request.META.get('HTTP_AUTHENTICATION')
obj = check_token(token)
u_id = obj['id']
company = request.POST.get('company')
code = request.POST.get('code')
addr_tel = request.POST.get('addr_tel')
acount = request.POST.get('acount')
receive_email = request.POST.get('receive_email')
receive_user = request.POST.get('receive_user')
receive_addr = request.POST.get('receive_addr')
receive_phone = request.POST.get('receive_phone')
i = Invoice.objects.filter(u_id=u_id).first()
i.company = company
i.code = code
i.addr_tel = addr_tel
i.acount = acount
i.receive_email = receive_email
i.receive_user = receive_user
i.receive_addr = receive_addr
i.receive_phone = receive_phone
i.save()
return resp()
def check_token_result(request):
if request.method == 'GET':
token = request.META.get('HTTP_AUTHENTICATION')
obj = check_token(token)
return resp(200) if obj else resp(400)
def get_pay_new_qr_code(request):
"""采用简单化的订单管理,将所有信息使用base64进行加密,存入订单id中"""
if request.method == 'POST':
token = request.META.get('HTTP_AUTHENTICATION')
obj = check_token(token)
if not obj:
return resp(201, '用户过期')
u_id = obj['id']
trade_group_type = request.POST.get('trade_group_type')
t = TradeType.objects.filter(pk=trade_group_type).first()
# 总价
sum_price = float(request.POST.get('sum_price'))
# 只能使用 1 2
pay_type = int(request.POST.get('pay_type'))
# 并发数
concurrent = request.POST.get('concurrent')
# 是否升级参数
up = request.POST.get('up') # True or False
# 保存所有信息到订单id中,为了避免订单表中生成多余的没有成立的订单
# 生成订单参数,需要存入支付方式(pay_type),并发线程(concurrent),用户id(u_id),支付的等级(trade_group_type)
order_id = encode_order(gen_order_id(u_id, pay_type, trade_group_type, concurrent))
# 获取二维码之前,判断用户是否据有会员、过期时间等。如果有--升级操作,如果没有--购买操作,升级需要提示。
u = User.objects.filter(id=u_id).first()
if u.group_id > 1 and u.end_time > datetime.datetime.now() and (not up):
# 当前存在会员,采用升级操作,返回当前用户到期时间和当前所属等级,折算时间
# 判断重新选择的数据分组是否和上一次一样、如果一样的话,直接进行续费
u_trade_type = u.group.t.all()[0]
# 判断选择的分组日期,不允许使用月份进行对应年份
if u_trade_type == t:
return resp(301, '是否续费')
tmp_name_1 = t.name.split('会员')
tmp_name_2 = u_trade_type.name.split('会员')
if tmp_name_1[0] == tmp_name_2[0]:
if "月" in tmp_name_1[1]:
return resp(310, '月份暂不支持续费')
elif "年" in tmp_name_1[1]:
return resp(301, '是否续费')
# 由于包月与包年暂时没有关系,此处使用价格进行关联
# 转换率是xx会员包月与当前xx会员包年的比率
t_price = t.price * get_ratio(t) if t.days == 31 else t.price
u_price = u_trade_type.price * get_ratio(u_trade_type) if u_trade_type.days == 31 else u_trade_type.price
y_days = (u.end_time - datetime.datetime.now()).days
u_unit_price = u_price / 366
t_unit_price = t_price / 366
y_price = y_days * u_unit_price
n_days = y_price / t_unit_price
data = {
'name': u.group.name,
'end_time': u.end_time.strftime("%Y-%m-%d %H:%M:%S"),
'cur': t.name,
'y_days': int(n_days)
}
return resp(300, '是否升级', data=data)
if pay_type == 1:
alipay = Alipay()
# 订单5min过期
payer = pay(out_trade_no=order_id, total_amount=sum_price, subject="开心图书馆", timeout_express='5m',
alipay=alipay)
ret = alipay.trade_pre_create(out_trade_no=payer.out_trade_no, total_amount=payer.total_amount,
subject=payer.subject, timeout_express=payer.timeout_express)
return resp(data=payer.get_qr_code(ret['qr_code']), order_id=order_id)
elif pay_type == 2:
ret = wxpay(out_trade_no=order_id, subject='开心图书馆', total_amount=sum_price) # total_amount单位为分
return resp(data=get_qr_code(ret['code_url']), order_id=order_id)
return resp(400, '访问出错')