def validate(self, attrs):
access_token = attrs['access_token']
openid = OAuthQQ.check_bind_user_access_token(access_token)
if not openid:
raise serializers.ValidationError('无效的access_token')
attrs['openid'] = openid
mobile = attrs['mobile']
sms_code = attrs['sms_code']
redis_conn = get_redis_connection('verify_codes')
real_sms_code = redis_conn.get('sms_%s' % mobile)
if real_sms_code.decode() != sms_code:
raise serializers.ValidationError('短信验证码错误')
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
pass
else:
password = attrs['password']
if not user.check_password(password):
raise serializers.ValidationError('密码错误')
attrs['user'] = user
return attrs
def validate(self, attrs):
"""校验access_token和短信验证码"""
access_token = attrs["access_token"]
# 校验access_token是否被篡改,取出用户在QQ上的openid
openid = OAuthQQ.check_bind_user_access_token(access_token)
if not openid:
raise serializers.ValidationError("无效的access_token")
attrs["openid"] = openid # 保存到attrs中,验证通过后传递给validated_data
# 校验短信验证码
mobile = attrs["mobile"]
sms_code = attrs["sms_code"]
redis_conn = get_redis_connection("verify_codes")
real_sms_code = redis_conn.get("sms_%s" % mobile)
if real_sms_code.decode() != sms_code:
raise serializers.ValidationError("短信验证码错误")
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist as e:
logger.error("用户不存在:%s" % e)
else:
# 如果用户存在,校验密码
password = attrs["password"]
# 把用户输入的原始明文密码与数据库保存的加密后密码进行对比
if not user.check_password(password):
raise serializers.ValidationError("密码错误")
# 密码一致,把用户模型保存到attrs中记录,以便在validated_data可以取出
attrs["user"] = user
return attrs
def validate(self, attrs):
# 校验access_token
access_token = attrs["access_token"]
openid = OAuthQQ.check_bind_user_access_token(access_token)
if not openid:
return serializers.ValidationError("无效的")
# 将openid保存到atters中
attrs["openid"] = openid
# 校验短信验证码
mobile = attrs["mobile"]
sms_code = attrs["sms_code"]
redis_conn = get_redis_connection("verify_codes")
real_sms_code = redis_conn.get("sms_%s" % mobile)
if sms_code != real_sms_code.decode():
raise serializers.ValidationError("短信验证码错误")
# 判断用户是否存在,若存在校验密码
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
pass
else:
password = attrs["password"]
if not user.check_password(password):
raise serializers.ValidationError("密码错误")
attrs["user"] = user
return attrs
def validate(self, data):
"""
:param data:
:return:
"""
# 1.校验access_token
access_token = data["access_token"]
# 调用自定义的方法使用isdangerous校验access_token获取其中的openid
openid = OAuthQQ.check_bind_user_access_token(access_token)
if not openid:
raise serializers.ValidationError("无效的access_token")
# 如果校验access_token成功,向数据中添加新的元素openid用于创建用户时存数据库
data["openid"] = openid
# 2.校验短信
# 连接
redis_conn = get_redis_connection('verify_codes')
# 取出前端发送的短信
sms_code = data["sms_code"]
# 获取redis中存储的真正的短信
mobile = data['mobile']
real_sms_code = redis_conn.get('sms_%s' % mobile)
if real_sms_code is None:
raise serializers.ValidationError('无效的短信验证码')
# 对比
if sms_code != real_sms_code.decode():
raise serializers.ValidationError('短信验证码错误')
# 3.如果用户存在,检查用户密码,最后将user对象返回:用于创建时签发JWT token
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
pass
else:
password = data["password"]
if not user.check_password(password):
raise serializers.ValidationError("密码错误")
# 密码校验成功,data中添加元素user
data["user"] = user
# 校验方法最后都将数据返回
return data
