def get(self, request):
# 1. 获取code
code = request.GET.get('code')
if code is None:
return JsonResponse({'code': 400, 'errmsg': '没有code参数'})
QQ_CLIENT_ID = '101474184'
QQ_CLIENT_SECRET = 'c6ce949e04e12ecc909ae6a8b09b637c'
QQ_REDIRECT_URI = 'http://www.meiduo.site:8080/oauth_callback.html'
qq = OAuthQQ(client_id=QQ_CLIENT_ID,
client_secret=QQ_CLIENT_SECRET,
redirect_uri=QQ_REDIRECT_URI)
# 2. 通过 coke 换取 token
access_token = qq.get_access_token(code)
# 3. 通过 token 获取 openid
openid = qq.get_open_id(access_token)
# 4. 根据 openid 进行数据查询
try:
qquser = OAuthQQUser.objects.get(openid=openid)
except OAuthQQUser.DoesNotExist:
return JsonResponse({'code': 300, 'access_token': openid})
else:
login(request, qquser.user)
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
response.set_cookie('username', qquser.user.username, 14 * 24 * 3600)
return response
def wrapper(request, *args, **kwargs):
if request.session.get(
"uid") is None or request.session.get_expiry_age() <= 1:
# 如果未登陆状态,或者会话过期执行此分支
# 获取用户登陆前访问的网址,用于登陆后,返回
# 获取用户登陆前的url
full_path = request.get_full_path()
# 如果直接登陆,则转到首页
if full_path == "/user/login":
full_path = "/"
# 判断是否通过AJAX访问
if request.is_ajax():
json = JsonResponse({
'redirect': '1',
'address': '/user/login'
})
json.set_cookie('url', full_path)
return json
else:
red = HttpResponseRedirect("/user/login")
red.set_cookie('url', full_path)
return red
else:
# 更新会话
request.session.modified = True
return func(request, *args, **kwargs)
def post(self, request):
# 1. 接收参数
data = json.loads(request.body.decode())
# 2. 提取参数
mobile = data.get('mobile')
password = data.get('password')
sms_code = data.get('sms_code')
access_token = data.get('access_token')
openid = check_openid(access_token)
# 3. 验证参数
# 4. 根据手机号判断用户信息
try:
user = User.objects.get(mobile=mobile)
except:
user = User.objects.create(username=mobile,
password=password,
mobile=mobile)
else:
if not user.check_password(password):
return JsonResponse({"code": 400, 'errmsg': '绑定失败'})
# 5. 绑定用户信息
OAuthQQUser.objects.create(openid=openid, user=user)
login(request, user)
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
response.set_cookie('username', user.username, max_age=14 * 24 * 3600)
return response
def post(self, request):
data = json.loads(request.body.decode())
username = data.get('username')
password = data.get('password')
remembered = data.get('remembered')
if not all([username, password]):
return JsonResponse({'code': 400, 'errrmsg': '账号或密码不能为空'})
if re.match('1[3-9]\d{9}', username):
User.USERNAME_FIELD = 'mobile'
else:
User.USERNAME_FIELD = 'username'
from django.contrib.auth import authenticate
user = authenticate(username=username, password=password)
if user is None:
return JsonResponse({'code': 400, 'errmsg': '账号或密码错误'})
login(request, user)
if remembered:
request.session.set_expiry(None)
else:
request.session.set_expiry(0)
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
response.set_cookie('username', username, 14 * 24 * 3600)
return response
def process_response(request: HttpRequest, response):
if isinstance(response, HttpResponseBase):
return response
response = JsonResponse({'result': response})
if 'student' in request.session and 'student' not in request.COOKIES:
response.set_cookie('student', request.session['student'])
return response
def post(self, request, pk):
obj = self.get_obj(pk)
obj.like += 1
obj.save(update_fields=[
'like',
])
response = JsonResponse({'code': 0, 'msg': obj.like})
# 7天内不允许重复点赞
response.set_cookie(pk, 'true', expires=60 * 60 * 24 * 7)
return response
def post_json(request):
json_str = request.body
# json_str = json_str.decode()
print(json_str)
req_data = json.loads(json_str)
print(req_data)
# print(request.META)
response = JsonResponse(req_data)
response.set_cookie('best1','python1',max_age=3600)
return response
def throw_cookie_ajax(request):
data = {}
data['gdpr'] = render_to_string(template_name='gdpr/gdpr_ajax.html',
request=request,
context=data
)
return_obj = JsonResponse(data)
return_obj.set_cookie("gdpr", 'accept')
request.session.set_test_cookie()
return return_obj
def post(self, request, pk):
"""
点赞, 异步任务来做
"""
obj = m.Blog.objects.filter(pk=pk).first()
response = JsonResponse({'code': 0, 'msg': obj.like + 1})
# 7天内不允许重复点赞
response.set_cookie(pk, 'true', expires=60 * 60 * 24 * 7)
# 异步更新数据库
update_art_like.delay(pk)
return response
def login(request):
# md5 = hashlib.md5()
account = request.POST.get('account')
password = request.POST.get('password')
try:
user = User.objects.get(phone=account, password=password)
response = JsonResponse({"status": 'ok', "name": user.name})
response.set_cookie('name', user.name, max_age=1800)
return response
except:
return JsonResponse({'status': 'error', "name": "登录失败"})
def get(self, request):
"""
1. 获取code
2. 通过code换取access_token
3. 通过access_token换取openid
4. 根据openid进行数据查询
5. 如果不存在 进行注册
6. 如果存在 保存session
7. 设置cookie
8. 返回响应
:param request:
:return:
"""
# 1. 获取code
code = request.GET.get('code')
if code is None:
return JsonResponse({'code': 400, 'errmsg': '没有code参数'})
QQ_CLIENT_ID = '101474184'
# 我们申请的 客户端秘钥
QQ_CLIENT_SECRET = 'c6ce949e04e12ecc909ae6a8b09b637c'
# 我们申请时添加的: 登录成功后回调的路径
QQ_REDIRECT_URI = 'http://www.meiduo.site:8080/oauth_callback.html'
qq = OAuthQQ(client_id=QQ_CLIENT_ID,
client_secret=QQ_CLIENT_SECRET,
redirect_uri=QQ_REDIRECT_URI)
# 2. 通过code换取access_token
access_token = qq.get_access_token(code)
# 3. 通过access_token换取openid
openid = qq.get_open_id(access_token)
# 4. 根据openid进行数据查询
try:
qquser = OAuthQQUser.objects.get(openid=openid)
except:
# 5. 如果不存在 进行注册
token = generic_openid(openid)
return JsonResponse({'code': 300, 'access_token': token})
else:
# 6. 如果存在 保存session
login(request, qquser.user)
# 7. 设置cookie
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
response.set_cookie('username',
qquser.user.username,
max_age=14 * 24 * 3600)
# 8. 返回响应
return response
def changeMail(self, request):
query = "select email from registration where email='%s'" % (
'' + request.POST.get('email').lower())
models.cursor.execute(query)
email = models.cursor.fetchall()
if email:
return JsonResponse({'otp': 0})
else:
self.email = request.POST.get('email')
self.sendOtp()
response = JsonResponse({'email': self.email, 'otp': 1})
response.set_cookie('registerMail', self.email)
return response
def post(self, request, pk):
"""
点赞时先写入redis, 定时任务更新到mysql
"""
obj = m.Blog.objects.filter(pk=pk).first()
cache = caches['four']
key = 'like_{}'.format(pk)
real_like = cache.get(key, 0)
response = JsonResponse({'code': 0, 'msg': obj.like + real_like + 1})
cache.set(key, real_like + 1, 60 * 60 + 60)
# 7天内不允许重复点赞
response.set_cookie(pk, 'true', expires=60 * 60 * 24 * 7)
return response
def post(self, request):
"""
1.接收请求数据
2.提取数据
3.验证参数
4.认证登录用户
5.状态保持
6.要根据是否记住登录(类似于 mail.163.com中的 10免登录 本质是设置session过期时间)
7.返回响应
:param request:
:return:
"""
# 1.接收请求数据
data = json.loads(request.body.decode())
# 2.提取数据
username = data.get('username')
password = data.get('password')
remembered = data.get('remembered')
# 3.验证参数
if not all([username, password]):
return JsonResponse({'code': 400, 'errmsg': '用户名或密码不能为空'})
if re.match('1[3|4|5|7|8][0-9]{9}', username):
User.USERNAME_FIELD = 'mobile'
else:
User.USERNAME_FIELD = 'username'
# 4.认证登录用户
user = authenticate(username=username, password=password)
if user is None:
return JsonResponse({'code': 400, 'errmsg': '用户名或密码错误'})
# 5.状态保持
login(request, user)
# 6.要根据是否记住登录(类似于 mail.163.com中的 10免登录 本质是设置session过期时间)
if remembered:
request.session.set_expiry(None)
else:
request.session.set_expiry(0)
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
response.set_cookie('username', username, max_age=14 * 24 * 3600)
# 7.返回响应
return response
def cookies_demo(request):
# 接收参数
response = JsonResponse({'key': 'cookies_values'})
# 设置cookies
response.set_cookie('LiBin', '*****@*****.**', max_age=60)
# 读取cookies
ret = request.COOKIES
print(ret)
# 删除 cookies
response.delete_cookie('LiBin')
return response
def login_handler(request):
# 登陆后,开启session和客户端交login_hanlder交互
post = request.POST
# 取出用户名和密码
try:
username = post["username"]
userpwd = post["pwd"]
except Exception as e:
return JsonResponse({"result": 2})
# 取出用户对象
uinfo = UserInfo.objects.filter(uname=username)
if len(uinfo) == 0:
return JsonResponse({"result": 2})
uinfo = uinfo[0]
response = {}
# 匹配密码
sha1 = hashlib.sha1()
sha1.update(userpwd.encode("utf-8"))
upwd = sha1.hexdigest()
if uinfo.upasswd == upwd:
# 验证成功
# return JsonResponse({"result": "0",})
# 提取用户ID和用户名建立会话
request.session['uid'] = uinfo.id
request.session['uname'] = uinfo.uname
# 100分钟过期
request.session.set_expiry(6000)
# 如果登陆成功,应该返回到用户登陆之前的页面,在处理时,已经保存在cookies中
# 如果cookies中没有,那就跳转到首页
user_url = request.COOKIES.get("url")
if user_url is None:
user_url = "/"
print("用户从url:%s跳转" % (user_url))
response = {"result": 0, "redirect": user_url}
else:
response = {"result": 1}
# 是否记住密码?如果是,则写到用户cookie,如果否,则把cooies重置
recv_data = JsonResponse(response)
if post["checked"] == "true":
recv_data.set_cookie("username", username)
else:
recv_data.set_cookie("username", username, expires=-1)
#
return recv_data
def post(self, request):
result = {'ok': False}
pub_key = request.POST.get('key')
password = request.POST.get('password')
if pub_key and password:
sec_data = cache.get(pub_key)
if isinstance(sec_data, dict):
logger = logging.getLogger('system')
try_count = sec_data.get('try_count', 0) + 1
sec_data.update(try_count=try_count)
cache.set(pub_key, sec_data, 300)
if try_count < settings.AUTH_COUNT_LIMIT:
sec_data = '{}{}{}'.format(
pub_key, settings.IN_PASSWORD, sec_data.get('key'))
sha = hashlib.sha256(sec_data.encode())
result.update(ok=password == sha.hexdigest())
else:
cache.delete(pub_key)
logger.warn(
'Auth count limit! From: {}'.format(
get_client_ip(request)))
if result.get('ok'):
rand = SysRand()
key_part1, key_part2, value = rand.create_keys(count=3)
result.update(msg=msg.AUTH_OK)
result = JsonResponse(result)
key = '{}{}'.format(key_part1, key_part2)
time_limit = 3600 * settings.AUTH_TIME
cache.set(
key,
{'value': value, 'open': datetime_now().isoformat()},
time_limit)
result.set_cookie(
settings.AUTH_COOKIE_NAME,
value='{}:{}'.format(key, value),
max_age=time_limit)
logger.info(
'Manager login from {} new key: {}'.format(
get_client_ip(request), key))
else:
result.update(msg=msg.INCORECT_PASSWORD)
result = JsonResponse(result)
return result
def signIn(request):
# 登陆
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
remember_me = request.POST.get('remember_me')
print("get SignIn Post", username, password, remember_me)
user = authenticate(username=username, password=password)
try:
if user is not None:
# 存在该用户
login(request, user)
msg = {'userID': user.get_username()}
code = 0
resp = {'code': code, 'detail': msg}
response = JsonResponse(resp)
# 判断用户是否勾选记住登录
if remember_me == "on":
# 设置session有效期为14天(默认)
request.session.set_expiry(None)
else:
# 如果没有记住,session在关闭浏览器后立刻失效
request.session.set_expiry(0)
response.set_cookie(key='username',
value=user.username,
max_age=3600 * 24 * 14)
return response
else:
code = 100
msg = 'email or password wrong!'
except:
code = 400
msg = 'signIn error!'
finally:
resp = {'code': code, 'detail': msg}
else:
code = 403
msg = 'error'
resp = {'code': code, 'detail': msg}
return JsonResponse(resp)
def post(self, request):
"""登录校验"""
# 接收数据
response = {'code': 1, 'data': [], 'msg': ''}
username = request.POST.get('username')
password = request.POST.get('pwd')
if not all([username, password]):
response['msg'] = '数据不完整'
return JsonResponse(response)
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = None
if user is not None:
pwd = user.password
if check_password(password, pwd):
if user.is_active:
login(request, user)
next_url = request.GET.get('next', reverse('goods:index'))
response['code'] = 0
response['msg'] = '登录成功'
response['data'] = [{'next': next_url}]
# 判断是否需要记住用户名
remember = request.POST.get('remember')
res = JsonResponse(response)
if remember == 'on':
res.set_cookie('username',
username,
max_age=7 * 24 * 3600)
else:
res.delete_cookie('username')
return res
# 记录用户的登录状态
else:
response['msg'] = '账号未激活'
return JsonResponse(response)
else:
response['msg'] = '密码不正确'
return JsonResponse(response)
else:
response['msg'] = '用户不存在'
return JsonResponse(response)
def signIn(request):
if request.method == 'POST':
userID = request.POST.get('userID')
password = request.POST.get('password')
try:
cursor = connection.cursor()
cursor.execute("select password from users where userID='%s';" %
(userID))
row = cursor.fetchone()
row = row[0]
cursor.close()
if row != password:
# 密码错误
msg = 'wrong user password!'
code = 1001
resp = {'code': code, 'detail': msg}
else:
# 登录成功
code = 0
msg = 'user login success'
resp = {'code': code, 'detail': msg}
# 设置cookie
response = JsonResponse(resp)
response.set_cookie(key='userID',
value=userID,
max_age=3600 * 24 * 14)
return response
except Exception as e:
code = 400
msg = "signIn error"
resp = {'code': code, 'detail': msg}
print(e)
return JsonResponse(resp)
return HttpResponse("ERROR")
def is_login(request):
try:
user = User.objects.get(uid=request.COOKIES.get("uid"))
if request.COOKIES.get("token") != user.token:
return RESPONSE_TOKEN_NOT_MATCH # 403 T-DNM
if user.expired_date < datetime.now():
return RESPONSE_TOKEN_EXPIRE # 403 T-EXP
if not user.is_active:
return RESPONSE_INACTIVE_USER_JSON({"uid": user.uid})
response = JsonResponse({"uid": user.uid}) # 200
# refresh token
user.token = token_urlsafe(TOKEN_LENGTH)
user.expired_date = datetime.now() + timedelta(days=TOKEN_DURING_DAYS)
user.save()
response.set_cookie("token", user.token, max_age=SESSION_AGE)
response.set_cookie("is_login", "true", max_age=SESSION_AGE)
response.set_cookie("uid", user.uid, max_age=SESSION_AGE)
return response
except User.DoesNotExist:
return RESPONSE_USER_DO_NOT_EXIST # 404 U-DNE
except:
raise
def post(self, request):
"""
1. 接收参数
2. 提取参数
3. 验证参数 (省略--作业)
3.0 mobile,password,sms_code,access_token(openid) 必须都有值
3.1 手机号是否符合规则
3.2 密码是否符合规格
3.3 短信验证码是否正确
4. 根据手机号判断用户信息
如果没有查询到,则新增一个用户
如果查询到,则验证密码是否正确
5. 绑定用户信息
6. 状态保持
7. 设置cookie
8. 返回响应
:param request:
:return:
"""
# 1. 接收参数 --JSON
import json
data = json.loads(request.body.decode())
# 2. 提取参数
mobile = data.get('mobile')
password = data.get('password')
sms_code = data.get('sms_code')
access_token = data.get('access_token')
#解密数据
from apps.oauth.utils import check_token
openid = check_token(access_token)
if openid is None:
return JsonResponse({'code': 400, 'errmsg': '绑定失败'})
# 3. 验证参数 (省略--作业)
# 3.0 mobile,password,sms_code,access_token(openid) 必须都有值
# 3.1 手机号是否符合规则
# 3.2 密码是否符合规格
# 3.3 短信验证码是否正确
# 4. 根据手机号判断用户信息
from apps.users.models import User
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
# 如果没有查询到,则新增一个用户
# username 为什么 等于 mobile 因为绑定的时候 只让用户输入了手机号.我们就让 手机号和用户名 同名
user = User.objects.create_user(username=mobile,
mobile=mobile,
password=password)
else:
# 如果查询到,则验证密码是否正确
# user.check_password 是 父类的一个方法,系统为我们提供的 验证密码的方法
if not user.check_password(password):
#密码不正确,我们返回错误的响应
return JsonResponse({'code': 400, 'errmsg': '绑定失败'})
# 5. 绑定用户信息 (数据入库)
from apps.oauth.models import OAuthQQUser
OAuthQQUser.objects.create(openid=openid, user=user)
# 6. 状态保持
from django.contrib.auth import login
login(request, user)
# 7. 设置cookie
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
response.set_cookie('username', user.username, max_age=14 * 24 * 3600)
# 8. 返回响应
return response
def login(request):
uid = json.loads(request.body)['uid']
print(uid)
response = JsonResponse({'succ': True})
response.set_cookie('uid', uid)
return response
def post(self, request):
"""
1. 接收参数
2. 提取参数
3. 验证参数 (省略--作业)
3.0 mobile,password,sms_code,access_token(openid) 必须都有值
3.1 手机号是否符合规则
3.2 密码是否符合规格
3.3 短信验证码是否正确
4. 根据手机号判断用户信息
如果没有查询到,则新增一个用户
如果查询到,则验证密码是否正确
5. 绑定用户信息
6. 状态保持
7. 设置cookie
8. 返回响应
:param request:
:return:
"""
# 1. 接收参数
data = json.loads(request.body.decode())
# 2. 提取参数
mobile = data.get('mobile')
password = data.get('password')
sms_code = data.get('sms_code')
access_token = data.get('access_token')
openid = check_token(access_token)
# 3. 验证参数 (省略--作业)
# 3.0 mobile,password,sms_code,access_token(openid) 必须都有值
if not all([mobile, password, sms_code, openid]):
return JsonResponse({"code": 400, 'errmsg': '参数不全'})
# 3.1 手机号是否符合规则
if not re.match('1[3|4|5|7|8][0-9]{9}', mobile):
return JsonResponse({'code': 400, 'errmsg': '手机号格式错误'})
# 3.2 密码是否符合规格
if not re.match('[a-zA-Z0-9_-]{8,20}', password):
return JsonResponse({'code': 400, 'errmsg': '密码格式错误'})
# 3.3 短信验证码是否正确
redis_cli = get_redis_connection('code')
redis_sms_code = redis_cli.get(mobile)
if sms_code != redis_sms_code:
return JsonResponse({'code': 400, 'errmsg': '短信验证码错误'})
# 4. 根据手机号判断用户信息
try:
user = User.objects.get(mobile=mobile)
except:
# 如果没有查询到,则新增一个用户
user = User.objects.create_user(name=mobile,
password=password,
mobile=mobile)
else:
# 如果查询到,则验证密码是否正确
if not user.check_password(password):
return JsonResponse({'code': 400, 'errmsg': '绑定错误'})
# 5. 绑定用户信息
OAuthQQUser.objects.create(openid=openid, user=user)
# 6. 状态保持
login(request, user)
# 7. 设置cookie
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
response.set_cookie('username', user.username, max_age=14 * 24 * 3600)
# 8. 返回响应
return response
def post(self, request):
"""添加购物车"""
# 获取参数
json_dict = json.loads(request.body.decode())
sku_id = json_dict.get('sku_id')
count = json_dict.get('count')
selected = json_dict.get('selected', True)
# 校验数据
# 判断数据是否齐全
if not all([sku_id, count]):
return HttpResponseForbidden('缺少必传参数')
# 判断sku_id是否存在
try:
models.SKU.objects.get(id=sku_id)
except models.SKU.DoesNotExist:
return HttpResponseForbidden('sku_id 不存在')
# 判断count是否为数字
try:
count = int(count)
except Exception:
return HttpResponseForbidden('count不是整数')
# 判断selected是否为bool
if selected:
if not isinstance(selected, bool):
return HttpResponseForbidden('selected不是bool类型')
# 判断用户是否登录
# user = request.user
if not request.user.is_authenticated:
# 如果未登录使用cookie
# 首先从cookie中获取参数
cart_str = request.COOKIES.get('carts')
# 判断购物车中是否已经有了要加入购物车的数据
if cart_str:
# 有的话,count++
cart_str_bytes = cart_str.encode()
cart_bytes = base64.b16decode(cart_str_bytes)
cart_dict = pickle.loads(cart_bytes)
# 没有的话,准备一个空的字典
else:
cart_dict = {}
if sku_id in cart_dict:
origin_count = cart_dict[sku_id][count]
count += origin_count
cart_dict[sku_id] = {
'sku_id': sku_id,
'count': count,
}
cookie_set_str = base64.b64encode(pickle.dumps(cart_dict)).decode()
# 创建响应对象
response = JsonResponse({'code': RETCODE.OK, 'errmsg': 'OK'})
response.set_cookie('carts', cookie_set_str)
return response
else:
# 实例化redis对象
redis_conn = get_redis_connection('carts')
pl = redis_conn.pipeline()
# 添加数据到购物车
pl.hincrby('carts_%s' % request.user.id, sku_id, count)
# 添加selected状态
if selected:
pl.sadd('selected_%s' % selected, sku_id)
pl.execute()
return JsonResponse({'code': RETCODE.OK, 'errmsg': 'OK'})
def indexCookie(request):
from django.http.response import JsonResponse
response = JsonResponse({'key:', 'cookie'}, safe=False)
response.set_cookie('heima', 'lsc', max_age=160)
return response
# 研究可响应对象
# def indexresponse(resquest):
# # response = HttpResponse()
# # response.content = '操作属性 '
# # return response
# dict_data = {
# 'name':'cxk',
# 'age':'38'
#
# }
# from django.http.response import JsonResponse
# return JsonResponse(dict_data)
# # 加列表 后面加上safe = False
#
# def header_request(request):
# request_headers = request.META
# # print(request_headers)
# # print(request_headers['CONTENT_TYPE'])
# print('请求方式:',request.method)
# print('用户:',request.user)
# print('路径:',request.path)
# print('编码:',request.encoding)
# return HttpResponse('解析请求头参数')
#
# def indexBodyNotForm(request):
#
# body_data = request.body
# print(body_data)
# body_str = body_data.decode()
# print(body_str)
# return HttpResponse('非表单啊')
# def indexBodyForm(request):
# form_data = request.POST
# print(form_data)
# print(form_data.get('a','默认值'))
# print(form_data.get('c','默认值'))
# print(form_data.getlist('a'))
#
# return HttpResponse('请求体啊')
#
#
#
# def indexQueryPramas(request):
# # 解析查询的属性
# Pramas = request.GET
# print(Pramas)
# print(Pramas.get('a'))
# print(Pramas.get('b'))
# print(Pramas.getlist('a'))
#
# return HttpResponse('查询特么的参数')
#
#
# def indexJoinPramas(request,city,year):
# print('城市:', city)
# print('年份:', year)
#
# return HttpResponse('shenyang/2019')
#
#
#
# def index(request):
# return HttpResponse('ouhehe')
def post(self, request):
"""
1.接收请求数据
2.提取数据
3.验证参数
4.认证登录用户
5.状态保持
6.要根据是否记住登录(类似于 mail.163.com中的 10免登录 本质是设置session过期时间)
7.返回响应
:param request:
:return:
"""
# 1.接收请求数据
data = json.loads(request.body.decode())
# 2.提取数据
username = data.get('username')
password = data.get('password')
remembered = data.get('remembered')
# 应该在这里改
# 我们根据 username 的值 来判断
if re.match('1[3-9]\d{9}', username):
# 如果username 的值为 手机号,我们进行mobile的判断
User.USERNAME_FIELD = 'mobile'
else:
# 如果username 的值不为手机号,我们进行username的判断
User.USERNAME_FIELD = 'username'
# 3.验证参数
# 用户名和密码是必须要传递的!!!
if not all([username, password]):
return JsonResponse({'code': 400, 'errmsg': '参数不全'})
# 3.1 用户名规格(作业)
# 3.2 密码规格(作业)
# 4.认证登录用户
# django 自带 admin后台. admin 可以验证用户名和密码
# django 实现了 用户名和密码的验证方法
from django.contrib.auth import authenticate
# authenticate 把用户名和密码传递过去之后,会帮助我们验证 用户名和密码是否正确
# 如果正确,则返回 username对应的 模型对象
# 如果不正确,则返回 None
# 设置关键字参数
user = authenticate(username=username, password=password)
if user is None:
# user is None 说明 用户名或密码不正确
# 我们千万不要告诉 前端 准确的错误信息
return JsonResponse({'code': 400, 'errmsg': '用户名或密码不正确'})
# user 不为None 说明登录成功继续执行后续代码
# 5.状态保持
from django.contrib.auth import login
login(request, user)
# 6.要根据是否记住登录(类似于 mail.163.com中的 10免登录 本质是设置session过期时间)
if remembered:
# remembered 用户 判断 是否勾选 记住登录状态
# 如果勾选 ,则让 session有效期为 2周(14天)
request.session.set_expiry(None)
else:
# 如果未勾选,则 让 session有效期为 浏览会话结束之后
request.session.set_expiry(0)
# 7.返回响应
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
#设置cookie,
# 注意: key 必须是 username 因为前端写死了
response.set_cookie('username', username, max_age=14 * 24 * 3600)
return response
def get(self, request):
# 1. **获取code**,
code = request.GET.get('code')
if code is None:
return JsonResponse({'code': 400, 'errmsg': '没有code参数'})
# client_id = None, 我们在创建应用的时候的 id
# client_secret = None, 我们在创建应用的时候的 秘钥
# redirect_uri = None, 当我们用户扫描同意之后,跳转的页面的url
# QQ登录参数
# 我们申请的 客户端id
QQ_CLIENT_ID = '101474184'
# 我们申请的 客户端秘钥
QQ_CLIENT_SECRET = 'c6ce949e04e12ecc909ae6a8b09b637c'
# 我们申请时添加的: 登录成功后回调的路径
QQ_REDIRECT_URI = 'http://www.meiduo.site:8080/oauth_callback.html'
qq = OAuthQQ(client_id=QQ_CLIENT_ID,
client_secret=QQ_CLIENT_SECRET,
redirect_uri=QQ_REDIRECT_URI)
# 2. **通过code换取access_token**,
access_token = qq.get_access_token(code)
# 3. **再通过access_token换取openid**
openid = qq.get_open_id(access_token)
# 'CBCF1AA40E417CD73880666C3D6FA1D6'
# 4. 根据 openid 进行 数据查询
from apps.oauth.models import OAuthQQUser
try:
qquser = OAuthQQUser.objects.get(openid=openid)
except OAuthQQUser.DoesNotExist:
# 如果不存在 应该 返回 openid 让用户绑定
# 注意!!!!!!!!!!!!!
# code 必须是 300
# 才会显示绑定页面
# 对openid 进行加密
from apps.oauth.utils import generic_openid
token = generic_openid(openid)
return JsonResponse({'code': 300, 'access_token': token})
else:
# 如果 存在 在进行自动登录(状态保持)操作
# ① 状态保持
from django.contrib.auth import login
# login 的第二个参数 应该是 User 模型的实例对象
# qquser.属性
# OAuthQQUser 有 user 的属性
login(request, qquser.user)
# ② 设置cookie
response = JsonResponse({'code': 0, 'errmsg': 'ok'})
# qquser.user 就是只的 User 的实例对象
response.set_cookie('username',
qquser.user.username,
max_age=14 * 24 * 3600)
return response
