def post(self,request): # 接收参数 mobile = request.POST.get('mobile') password = request.POST.get('password') sms_code = request.POST.get('sms_code') # 校验参数 if not all([mobile,password,sms_code]): return http.HttpResponseForbidden('缺少必传参数') if not re.match(r'^1[3-9]\d{9}',mobile): return http.HttpResponseForbidden('请输入正确的手机号码') if not re.match(r'^[0-9a-zA-Z_]{8,20}',password): return http.HttpResponseForbidden('请输入8-20位的密码') # 验证短信验证码 redis_conn = get_redis_connection('sms_code') redis_sms_code = redis_conn.get('sms_%s' % mobile) if redis_sms_code is None: return render(request, 'oauth_callback.html', {'sms_code_errmsg': '无效的短信验证码'}) if sms_code.lower() != redis_sms_code.decode().lower(): return render(request, 'oauth_callback.html', {'sms_code_errmsg': '输入短信验证码有误'}) # 取出openid openid = request.POST.get('openid') # 解密 openid_dict = SecretOauth().loads(openid) openid = openid_dict.get('openid') # 判断该手机号是否存在 try: user = User.objects.get(mobile=mobile) except: # 如果不存在 则创建 user = User.objects.create_user(username=mobile,password=password,mobile=mobile) else: # 如果存在 则校验密码 if not user.check_password(password): return http.HttpResponseForbidden('手机号已经存在或密码错误') # 将用户和openid绑定 OAuthSinaUser.objects.create( uid=openid, user=user, ) # 状态保持 login(request,user) # 重定向到用户原先所在的位置页面 response = redirect(reverse('contents:index')) # 将用户名写入cookie response.set_cookie('username',user.username,max_age=3600*24*15) # 响应结果 return response
def get(self, request, username): # 1.接收参数 image_code = request.GET.get('image_code') uuid = request.GET.get('image_code_id') # 2.校验用户名 和 图形验证码 try: user = User.objects.get(username=username) except User.DoesNotExist: return http.JsonResponse({'status': 5004}) img_client = get_redis_connection('verify_image_code') redis_img_code = img_client.get('img_%s' % uuid) if image_code.lower() != redis_img_code.decode().lower(): return http.JsonResponse({'status': 5001}) # 生成随机64位码字符串 存入redis 为下次发短信提交做准备 mobile = user.mobile random_str = generat_csrf() img_client.setex('random_%s' % mobile, 300, random_str) access_token = SecretOauth().dumps(random_str) # 3.返回响应 return http.JsonResponse({ 'status': 5000, "mobile": mobile, "access_token": access_token })
def post(self, request, user_id): data = request.body.decode() data_dict = json.loads(data) password = data_dict.get('password') password2 = data_dict.get('password2') access_token = data_dict.get('access_token') if not all([access_token, password, password2]): return http.HttpResponseForbidden('填写数据不完整') if password != password2: return http.HttpResponseForbidden('两个密码不一致') user_dict = SecretOauth().loads(access_token) if user_dict is None: return http.JsonResponse({{'status': 400, 'errmsg': '参数错误'}}) if int(user_id) != user_dict['user_id']: return http.JsonResponse({{'status': 400, 'errmsg': '用户不存在'}}) try: user = User.objects.get(id=user_id) except: return http.JsonResponse({'status': 400, 'errmsg': '用户不匹配'}) user.set_password(password) user.save() return http.JsonResponse({'status': RETCODE.OK, 'errmsg': '修改密码成功'})
def get(self, request, username): sms_code = request.GET.get('sms_code') try: user = User.objects.get(username=username) except: return http.JsonResponse({'status': 400, 'errmsg': '用户名错误'}) # 短信验证码 # 1.读取redis中的短信验证码 redis_cli = get_redis_connection('sms_code') sms_code_redis = redis_cli.get(user.mobile) # 2.判断是否过期 if sms_code_redis is None: return http.HttpResponseForbidden('短信验证码已经过期') # 3.删除短信验证码,不可以使用第二次 redis_cli.delete(user.mobile) redis_cli.delete(user.mobile + '_flag') # 4.判断是否正确 if sms_code_redis.decode() != sms_code: return http.HttpResponseForbidden('短信验证码错误') json_str = SecretOauth().dumps({ "user_id": user.id, 'mobile': user.mobile }) return http.JsonResponse({ 'user_id': user.id, 'access_token': json_str })
def get(self, request): access_token = request.GET.get('access_token') user_dict = SecretOauth().loads(access_token) if user_dict is None: return http.JsonResponse({'status': 400, 'errmsg': '参数不全'}) mobile = user_dict['mobile'] try: User.objects.get(mobile=mobile) except: return http.JsonResponse({'status': 400, 'errmsg': '手机号不存在'}) # 验证 redis_cli_sms = get_redis_connection('sms_code') # 是否60秒内 if redis_cli_sms.get(mobile + '_flag') is not None: return http.JsonResponse({ 'status': 400, 'errmsg': '发送短信太频繁,请稍候再发' }) # 处理 # 1.生成随机6位数 sms_code = '%06d' % random.randint(0, 999999) print(sms_code) # 2.优化:使用管道 redis_pl = redis_cli_sms.pipeline() redis_pl.setex(mobile, contants.SMS_CODE_REDIS_EXPIRE, sms_code) redis_pl.setex(mobile + '_flag', contants.SEND_SMS_CODE_INTERVAL, 1) redis_pl.execute() # 3.发短信 # 通过delay调用,可以将任务加到队列中,交给celery去执行 ccp_send_sms_code.delay(mobile, sms_code) return http.JsonResponse({'status': RETCODE.OK, 'errmsg': 'OK'})
def get(self, request, username): # 1.接收参数 uuid = request.GET.get('image_code_id') image_code = request.GET.get('text') # 2.图形验证码是否正确 # 2.1从redis中读取之前保存的图形验证码文本 redis_cli_image = get_redis_connection('verify_image_code') image_code_redis = redis_cli_image.get('img_%s' % uuid) # 2.2如果redis中的数据过期则提示 if image_code_redis is None: return http.JsonResponse({ 'status': 400, 'errmsg': '图形验证码已过期,点击图片换一个' }) # 2.3立即删除redis中图形验证码,表示这个值不能使用第二次 redis_cli_image.delete(uuid) # 2.4对比图形验证码:不区分大小写 if image_code_redis.decode().lower() != image_code.lower(): return http.JsonResponse({'status': 400, 'errmsg': '图形验证码错误'}) try: user = User.objects.get(username=username) except Exception as e: return http.JsonResponse({'status': 404, 'errmsg': '用户名错误'}) # 处理 json_str = SecretOauth().dumps({ "user_id": user.id, 'mobile': user.mobile }) return http.JsonResponse({ 'mobile': user.mobile, 'access_token': json_str })
def post(self,request): # 1.解析参数 mobile = request.POST.get('mobile') pwd = request.POST.get('password') sms_code = request.POST.get('sms_code') openid = request.POST.get('openid') if openid is None: return http.HttpResponseForbidden('openid失效了') from utils.secret import SecretOauth openid = SecretOauth().loads(openid).get('openid') # 2.校验 判空 正则 图形 短信验证码 # 3.校验mobile是否存在 try: user = User.objects.get(mobile=mobile) if not user.check_password(pwd): return render(request,'oauth_callback.html', {'errmsg':"用户名或密码不正确"}) except Exception as e: user = User.objects.create_user(username=mobile, password=pwd, mobile=mobile) # 4.绑定openid oauth_user = OAuthQQUser.objects.create(openid=openid, user=user) # 5.保持登陆状态 set_cookie 重定向到首页 login(request, oauth_user.user) response = redirect(reverse('contents:index')) response.set_cookie('username', user.username, max_age=24*30*3600) return response
def is_bind_openid(request, openid): # 如果绑定了 try: oauth_user = OAuthQQUser.objects.get(openid=openid) except Exception as e: logger.error(e) # 没有绑定了-->重定向到绑定页面 secret_openid = SecretOauth().dumps({'openid': openid}) context = { 'openid': secret_openid } return render(request, 'oauth_callback.html', context) else: # 绑定了-保持登录状态->重定向到首页-->设置cookie username qq_user = oauth_user.user login(request, qq_user) # 响应结果 response = redirect(reverse('contents:index')) # 登录时用户名写入到cookie,有效期15天 response.set_cookie('username', qq_user.username, constants.USERNAME_EXPIRE_TIME) return response
def put(self,request): #取出请求参数中的email json_str = request.body.decode() json_dict = json.loads(json_str) email = json_dict.get('email') #校验email格式是否满足要求 # if not re.match(r'^[a-z0-9][\w\.\-]*@[a-z0-9\-]+(\.[a-z]{2,5}){1,2}$', email): # return http.HttpResponseForbidden('参数email有误') #保存email try : request.user.email = email request.user.save() except Exception as e: logger.error(e) return http.JsonResponse({'code': RETCODE.DBERR,'errmsg':'添加邮箱失败'}) token_value = { 'user_id': request.user.id, 'email': email } from utils.secret import SecretOauth secret_str = SecretOauth().dumps(token_value) verify_url = settings.EMAIL_ACTIVE_URL + "?token=" + secret_str from celery_tasks.email.tasks import send_verify_email send_verify_email.delay(email, verify_url) # 4. 返回前端结果 return http.JsonResponse({'code': RETCODE.OK, 'errmsg': '添加邮箱成功'})
def is_bind_openid(openid, request): try: # openid = SecretOauth().loads(openid).get('openid') oauth_user = OAuthQQUser.objects.get(openid=openid) except Exception as e: logger.error(e) context = SecretOauth().dumps(openid) context = {'openid': context} return render(request, 'oauth_callback.html', context=context) else: # 如果openid已绑定美多商城用户 # 实现状态保持 qq_user = oauth_user.user login(request, qq_user) # 重定向到主页 response = redirect(reverse('contents:index')) # 登录时用户名写入到cookie,有效期15天 response.set_cookie('username', qq_user.username, max_age=3600 * 24 * 15) return response
def is_bind_openid(openid, request): try: # 1. 如果 数据表里面啊存在 --绑过了 oauth_user = OAuthQQUser.objects.get(openid=openid) except Exception as e: # 2. 不存在 没有绑定过 print(openid) openid = SecretOauth().dumps({'openid': openid}) return render(request, 'oauth_callback.html', context={'openid': openid}) else: user = oauth_user.user # 保持登录状态 login(request, user) # 设置首页用户名 response = redirect(reverse('contents:index')) response.set_cookie('username', user.username, max_age=24 * 14 * 3600) # 重定向 首页 return response
def post(self, request, user_id): json_dict = json.loads(request.body.decode()) password = json_dict.get('password') password2 = json_dict.get('password2') access_token = json_dict.get('access_token') if not all([password, password2, access_token]): return http.HttpResponseForbidden('参数不能为空!') # 解密前端 传入的 loads_acces_token = SecretOauth().loads(access_token) if not re.match('^[0-9A-Za-z]{8,20}$', password): return http.HttpResponseForbidden('请输入8-20位的密码') # * 3.确认密码: ---------判空,判断是否相等 if password2 != password: return http.HttpResponseForbidden('两次密码输入不一致') try: user = User.objects.get(id=user_id) except User.DoesNotExist: return http.JsonResponse({"status": 5002, 'message': "user_id有误!"}) redis_client = get_redis_connection('verify_image_code') redis_random_token = redis_client.get('random_%s' % user.mobile) if loads_acces_token != redis_random_token.decode(): return http.JsonResponse({"status": 5001, 'message': "token错误!"}) # 更新密码 user.set_password(password) user.save() return http.JsonResponse({"status": 5000, 'message': "密码设置成功!"})
def get(self, request, mobile): sms_code = request.GET.get('sms_code') # 1.校验手机号 try: user = User.objects.get(mobile=mobile) except User.DoesNotExist: return http.JsonResponse({"status": 5004}) # 2.校验验证码 sms_client = get_redis_connection('sms_code') redis_sms_code = sms_client.get('sms_%s' % mobile) if sms_code != redis_sms_code.decode(): return http.JsonResponse({"status": 5001}) # 3.返回正确的响应 redis_client = get_redis_connection('verify_image_code') redis_random_token = redis_client.get('random_%s' % mobile) access_token = SecretOauth().dumps(redis_random_token.decode()) return http.JsonResponse({ "status": 5000, "user_id": user.id, "access_token": access_token })
def put(self, request): # 1.接收 请求体非表单参数 json json_bytes = request.body json_str = json_bytes.decode() json_dict = json.loads(json_str) email = json_dict.get('email') # 2.正则校验邮箱 if not re.match(r'^[a-z0-9][\w\.\-]*@[a-z0-9\-]+(\.[a-z]{2,5}){1,2}$', email): return http.HttpResponseForbidden('参数email有误') # 3.修改 数据库中 email 值 try: request.user.email = email request.user.save() except Exception as e: logger.error(e) return http.JsonResponse({'code': RETCODE.DBERR, 'errmsg': '添加邮箱失败'}) # 自动发邮件(需要加密) token_value = { 'user_id': request.user.id, 'email': email } # 加密 --->对象方法SecretOauth() from utils.secret import SecretOauth secret_str = SecretOauth().dumps(token_value) # http://www.meiduo.site:8000/emails/verification/?token={%22user_id%22:%201,%20%22email%22:%20%[email protected]%22} verify_url = settings.EMAIL_ACTIVE_URL + "?token=" + secret_str from celery_tasks.email.tasks import send_verify_email send_verify_email.delay(email, verify_url) # 4.返回前端结果 return http.JsonResponse({'code': RETCODE.OK, 'errmsg': '添加邮箱成功'})
def put(self, request): json_str = request.body.decode() # print(json_str) import json json_dict = json.loads(json_str) email = json_dict.get('email') # print(request.user) # print(email) # username= json_dict.get("username") # print(username) # request.user.email= email # request.user.save() # 校验 if not re.match(r'^[a-z0-9][\w\.\-]*@[a-z0-9\-]+(\.[a-z]{2,5}){1,2}$', email): return http.HttpResponseForbidden('参数email有误') # 1.加密的数据 data_dict = {'user_id': request.user.id, "email": request.user.email} # 2. 进行加密数据 secret_data = SecretOauth().dumps(data_dict) # 发送邮件 #subject 邮件标题 # message 普通邮件正文,普通字符串 # from_email 发件人 # recipient_list 收件人列表 # html_message 多媒体邮件正文,可以是html字符串 subject = "美多商城邮箱验证" # subject = "ai爱直播" verify_url = settings.EMAIL_VERIFY_URL + '?token=' + secret_data html_message = '<p>尊敬的用户您好!</p>' \ '<p>感谢您使用美多商城。</p>' \ '<p>您的邮箱为:%s 。请点击此链接激活您的邮箱:</p>' \ '<p><a href="%s">%s</a></p>' % (email,verify_url, verify_url) # html_message = '<p>尊敬的用户赵博您好!</p>' \ # '<p>感谢您的注册</p>' \ # '<p>您的邮箱为:%s 。请点击此链接激活您的邮箱:</p>' \ # '<p><a href="http://www.sharesome.com">点此进入</a></p>' % (email) send_mail(subject, message="1", from_email="*****@*****.**", recipient_list=[email], html_message=html_message) # 保存数据库中 try: User.objects.filter(username=request.user).update(email=email) except Exception as e: logger.error(e) return http.JsonResponse({ 'code': RETCODE.DBERR, 'errmsg': '添加邮箱失败' }) return http.JsonResponse({'code': RETCODE.OK, 'errmsg': '添加邮箱成功'})
def generate_verify_emails_url(user): # 获取必传的两个参数 user_id email data_dict = {'user_id': user.id, 'email': user.email} # 加密数据 from utils.secret import SecretOauth dumps_str = SecretOauth().dumps(data_dict) # 拼接完整的 带参数的链接 return settings.EMAIL_ACTIVE_URL + '?token=' + dumps_str
def post(self, request): # 1.接收解析参数 mobile = request.POST.get('mobile') pwd = request.POST.get('password') sms_code = request.POST.get('sms_code') # 2. 校验---判断空, 正则---短信验证码 openid = request.POST.get('openid') loads_openid_dict = SecretOauth().loads(openid) openid = loads_openid_dict.get('openid') if not openid: return render(request, 'oauth_callback.html', {'openid_errmsg': "openid是无效的!"}) # 3.判断用户是否存在 try: user = User.objects.get(mobile=mobile) except User.DoesNotExist: # 5.不存在---创建新用户 user = User.objects.create_user(username=mobile, mobile=mobile, password=pwd) else: # 4.存在---校验密码 if not user.check_password(pwd): return render(request, 'oauth_callback.html', {'account_errmsg': "用户名或密码错误!"}) # 6. 绑定 openid try: qq_user = OAuthQQUser.objects.create(user=user, openid=openid) except Exception as e: return render(request, 'oauth_callback.html', {'qq_login_errmsg': "qq绑定失败!"}) # 7. 保持登录状态---设置cookie首页用户名----首页 # 1.保持登录状态 login(request, user) response = redirect(reverse('contents:index')) # 2. 设置cookie response.set_cookie('username', user.username, max_age=14 * 24 * 3600) # 3. 首页 return response
def post(self, request): # 1.接收参数 form POST mobile = request.POST.get('mobile') pwd = request.POST.get('password') sms_code = request.POST.get('sms_code') openid = request.POST.get('openid') # 2.校验--判空--正则--短信验证码 # 判断参数是否齐全 if not all([mobile, pwd]): return HttpResponseForbidden('参数不齐') # 判断手机号是否合法 if not re.match(r'^1[3-9]\d{9}$', mobile): return HttpResponseForbidden('请输入正确的手机号码') # 判断密码是否合格 if not re.match(r'^[0-9A-Za-z]{8,20}$', pwd): return HttpResponseForbidden('请输入8-20位的密码') # 判断短信验证码是否一致 sms_code = request.POST.get('msg_code') # 6.1 从redis 中取出来 redis_code_client = get_redis_connection('sms_code') redis_code = redis_code_client.get('sms_%s' % mobile) if redis_code is None: return render(request, 'oauth_callback.html', {'sms_code_errmsg': '无效的短信验证码'}) if sms_code != redis_code.decode(): return render(request, 'oauth_callback.html', {'sms_code_errmsg': '输入短信验证码有误'}) # 判断openid是否有效:错误提示放在sms_code_errmsg位置 # 3.解密--openid 校验 openid = SecretOauth().loads(openid).get('openid') if not openid: return render(request, 'oauth_callback.html', {'openid_errmsg': '无效的openid'}) # 4.判断用户是否存在 存在 user; 不存在新建user try: user = User.objects.get(mobile=mobile) except Exception as e: # 用户不存在 新建user user = User.objects.create(username=mobile, password=pwd, mobile=mobile) else: # 如果用户存在,检查密码 密码不正确 if not user.check_password(pwd): return render(request, 'oauth_callback.html', {'account_errmsg': '用户名或密码错误'}) # 5.user绑定openid try: OAuthQQUser.objects.create(openid=openid, user=user) except Exception as e: return render(request, 'oauth_callback.html', {'qq_login_errmsg': 'QQ登录失败'}) # 6. 保持登录状态--重定向首页--set_cookie username login(request, user) response = redirect(reverse('contents:index')) response.set_cookie('username', user.username,constants.USERNAME_EXPIRE_TIME) return response
def post(self, request): """美多商城用户绑定到openid""" # 接收参数 mobile = request.POST.get('mobile') pwd = request.POST.get('password') sms_code_client = request.POST.get('sms_code') openid = request.POST.get('openid') # 校验参数 # 判断参数是否齐全 if not all([mobile, pwd, sms_code_client]): return http.HttpResponseForbidden('缺少必传参数') # 判断手机号是否合法 if not re.match(r'^1[3-9]\d{9}$', mobile): return http.HttpResponseForbidden('请输入正确的手机号码') # 判断密码是否合格 if not re.match(r'^[0-9A-Za-z]{8,20}$', pwd): return http.HttpResponseForbidden('请输入8-20位的密码') # 判断短信验证码是否一致 redis_conn = get_redis_connection('sms_code') sms_code_server = redis_conn.get('sms_%s' % mobile) if sms_code_server is None: return render(request, 'oauth_callback.html', {'sms_code_errmsg': '无效的短信验证码'}) if sms_code_client != sms_code_server.decode(): return render(request, 'oauth_callback.html', {'sms_code_errmsg': '输入短信验证码有误'}) # 解密出openid 再判断openid是否有效 openid = SecretOauth().loads(openid).get('openid') if not openid: return render(request, 'oauth_callback.html', {'openid_errmsg': '无效的openid'}) # 保存注册数据 try: user = User.objects.get(mobile=mobile) except User.DoesNotExist: # 用户不存在,新建用户 user = User.objects.create_user(username=mobile, password=pwd, mobile=mobile) else: # 如果用户存在,检查用户密码 if not user.check_password(pwd): return render(request, 'oauth_callback.html', {'account_errmsg': '用户名或密码错误'}) # 将用户绑定openid try: OAuthQQUser.objects.create(openid=openid, user=user) except DatabaseError: return render(request, 'oauth_callback.html', {'qq_login_errmsg': 'QQ登录失败'}) # 实现状态保持 login(request, user) # 响应绑定结果 next = request.GET.get('state') response = redirect(next) # 登录时用户名写入到cookie,有效期15天 response.set_cookie('username', user.username, max_age=3600 * 24 * 15) return response
def generate_verify_email_url(user): # 1.userid email data_dict = {'user_id':user.id,'email':user.email} # 2.加密 secret_data = SecretOauth().dumps(data_dict) # 3.拼接连接 verify_url = settings.EMAIL_ACTIVE_URL + '?token=' + secret_data # 4. 返回去 return verify_url
def generate_verify_email_url(user): # http://www.meiduo.site:8000/emails/verification/ # ?token=eyJhbGciOiJIUzUxMiIsImlhdCI6MTU2NjE5ODk4MywiZXhwIjoxNTY2MjAyNTgzfQ.eyJ1c2VyX2lkIjo2LCJlbWFpbCI6ImxpdWNoZW5nZmVuZzY2NjZAMTYzLmNvbSJ9.okIKKAHjeskFild3EZeK3034N2r0vMb_tvUaVA7h4qPdfxmsDG4JvzXsTLl2_98Ln6rpWN4EmAdrdthZeG2DdQ # 1.获取 比传的 两个 参数 user_id email data_dict = {'user_id': user.id, 'email': user.email} # 2.加密 数据 from utils.secret import SecretOauth dumps_str = SecretOauth().dumps(data_dict) # 3. 拼接完整的 带参数 的链接 return settings.EMAIL_ACTIVE_URL + '?token=' + dumps_str
def generate_verify_email_url(user): # 1. user_id email dict_data = {'user_id': user.id, 'email': user.email} # 2.参数加密 from utils.secret import SecretOauth secret_data = SecretOauth().dumps(dict_data) # 3.拼接 完整的路由 verify_url = settings.EMAIL_ACTIVE_URL + '?token=' + secret_data return verify_url
def check_verify_email_token(token): # 解密 from utils.secret import SecretOauth json_dict = SecretOauth().loads(token) # 校验用户是否存在 同时邮箱也匹配 try: user = User.objects.get(id=json_dict['user_id'], email=json_dict['email']) except Exception as e: logger.error(e) return None else: return user
def get(self, requests): # 接收参数 code = requests.GET.get("code") # 微博连接 from utils import sinaweibopy3 client = sinaweibopy3.APIClient( # app_key: app_key值 app_key=settings.APP_KEY, # app_secret:app_secret 值 app_secret=settings.APP_SECRET, # redirect_uri : 回调地址 redirect_uri=settings.REDIRECT_URL) # 通过code获得token result = client.request_access_token(code) access_token = result.access_token uid = result.uid uid = int(uid) # print(type(uid)) try: user_sian = OAuthSinaUser.objects.get(uid=uid) except Exception as e: from utils.secret import SecretOauth uid = SecretOauth().dumps(uid) logger.error(e) return render(requests, 'sina_callback.html', context={'uid': uid}) else: user = user_sian.user user = User.objects.get(id=user.id) login(requests, user) # response = http.JsonResponse({"status": 5000}) response = redirect(reverse("users:index")) # response = http.HttpResponseRedirect(reverse('users:index')) # response = render(requests,"index.html",context={'uid': str(uid)}) response.set_cookie("username", user.username, max_age=14 * 24 * 3600) # try: # OAuthSinaUser.objects.create(uid=uid,user_id=user.id) # except Exception as e: # logger.error(e) # login(request,user=user) # response = redirect(reverse("users:index")) # response = redirect(reverse("users:index")) # # 设置cookie # response.set_cookie("username", user.username, max_age=3600 * 24 * 15) return response
def get(self, request): # 1.接收参数 request.GET token = request.GET.get('token') # 解密 data_dict = SecretOauth().loads(token) user_id = data_dict.get('user_id') email = data_dict.get('email') # 2.校验 try: user = User.objects.get(id=user_id, email=email) except Exception as e: print(e) return http.HttpResponseForbidden('token无效的!') # 3. 修改 email_active user.email_active = True user.save() # 4. 返回 return redirect(reverse('users:info'))
def generate_verify_email_url(user): """ :param user: 用户对象 :return: """ # 1.加密的数据 data_dict = {'user_id': user.id, "email": user.email} # 2. 进行加密数据 from utils.secret import SecretOauth secret_data = SecretOauth().dumps(data_dict) # 3. 返回拼接url active_url = settings.EMAIL_ACTIVE_URL + '?token=' + secret_data return active_url
def get(self,request): # 1.接受参数 token = request.GET.get('token') # 2.解密 token_dict = SecretOauth().loads(token) # 3.校验userid email try: user = User.objects.get(id=token_dict['user_id'],email=token_dict['email']) except Exception as e : return HttpResponseForbidden('无效的token') # 4.修改email_active user.email_active = True user.save() # 5.重定向到首页 return redirect(reverse('contents:index'))
def get(self,request): #1.接收参数 token = request.GET.get('token') #2.解密 from utils.secret import SecretOauth json_dict = SecretOauth().loads(token) #3.校验,用户是否存在,并且邮箱也正确 try: user = User.objects.get(id=json_dict['user_id'],email=json_dict['email']) except Exception as e: logger.error(e) return http.HttpResponseForbidden('无效的token') user.email_active = True user.save() return redirect(reverse('users:info'))
def generate_verify_email_url(user): ''' 传递user_id , email :param user: :return: ''' # 1. 发送的数据 data_dict = {'user_id': user.id, 'email': user.email} # 2. 加密数据 secret_dict = SecretOauth().dumps(data_dict) # 3. 返回拼接的url verify_url = settings.EMAIL_ACTIVE_URL + '?token=' + secret_dict return verify_url
def check_verify_email_token(token): from utils.secret import SecretOauth try: token_dict = SecretOauth().loads(token) except: return None try: user = User.objects.get(id=token_dict['user_id'], email=token_dict['email']) except Exception as e: logger.error(e) return None else: return user