def register(request): request_data = json.loads(request.body.decode('utf-8')) username = request_data['username'] password = request_data['password'] try: user = User.objects.get(username=username) except ObjectDoesNotExist as e: user = User(username=username) user.set_password(password) user.is_active = False user.save() account = Account(user=user) account.nickname = username account.save() account_confirm_code = AccountConfirmCode( account=account, code=generate_account_confirm_code()) account_confirm_code.save() else: if user.is_active: return JsonResponse( get_json_dict(data={}, err_code=-1, message="您已注册过")) user.set_password(password) user.save() account_confirm_code = user.account.account_confirm_code account_confirm_code.code = generate_account_confirm_code() account_confirm_code.save() send_confirm_code_to_fdu_mailbox(username, account_confirm_code.code) return JsonResponse(get_json_dict(data={}))
def user_login(request): def get_user_login_success_response(user): expires = timezone.now() + timezone.timedelta(days=7) jwt_payload = get_user_private_dict(user.account) jwt_payload['expires'] = expires.strftime("%Y-%m-%d %H:%M:%S") jwt_token = jwt.encode(jwt_payload, PRIVATE_KEY, algorithm="RS256").decode("utf-8") response = JsonResponse( get_json_dict(data={}, err_code=0, message="Login success")) response.set_cookie('jwt', jwt_token, max_age=604800) return response received_data = json.loads(request.body.decode('utf-8')) username = received_data['username'] password = received_data['password'] json_dict = get_json_dict(data={}) user = authenticate(username=username, password=password) if user: # user auth success if user.is_active: # user have confirmed its email, login success response = get_user_login_success_response(user) return response else: # user have not confirmed its email json_dict['err_code'] = -1 json_dict['message'] = "请验证您的学号邮箱" response = JsonResponse(json_dict) response.status_code = 403 return response else: # user auth fail try: User.objects.get(username=username) except ObjectDoesNotExist as e: # user object does not exist if (re.match("\d{3,11}", username) ): # username is the form of a student/staff account nickname = check_fdu_auth( username, password ) # check username and password via mail.fudan.edu.cn if nickname != None: # check success, create user user = User(username=username) user.set_password(password) user.is_active = True user.save() account = Account(user=user) account.nickname = nickname account.save() user_icon_response = requests.get( "https://www.gravatar.com/avatar/{0}?s=256&d=identicon&r=PG" .format(user.username)) account.icon.save(name='default_icon', content=ContentFile( user_icon_response.content)) return get_user_login_success_response(user) # user does not exists json_dict['err_code'] = -1 json_dict['message'] = "用户不存在" response = JsonResponse(json_dict) response.status_code = 403 return response else: # user exists, password is incorrect json_dict['err_code'] = -1 json_dict['message'] = "密码错误" response = JsonResponse(json_dict) response.status_code = 403 return response