def get(self, request): user = self.request.user payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) response_data = jwt_response_payload_handler(token, user, request) return Response(data=response_data)
def post(self, request, *args, **kwargs): """ :param request: :param format: :return: :raises - KEY_ERROR: mistake spelling username or password - NO_CREDENTIALS_PROVIDED: provided empty credential - USER_INVALID_CREDENTIALS: provided wrong credential - USER_ACCOUNT_BLOCKED: if user blocked - USER_ACCOUNT_DEACTIVATED: if user account is deactivated """ serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (timezone.now() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response return Response(ERROR_CODE.global_codes.VALUE_ERROR, status=401)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): decoded_token = token_decoder(request.data['token']) user_response = authorize_check(decoded_token) if user_response: user = User.objects.get(email=decoded_token['email']) get_token = serializer.object.get('token') dec_token = token_decoder(get_token) print(dec_token) dec_token['authorize'] = decoded_token['authorize'] token = token_encoded(dec_token) response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data, status=200) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.datetime.now() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response return Response(status=401) else: return Response(serializer.errors, status=401)
def post(self, request, *args, **kwargs): request_data = request.data if 'email' in request_data: request_data['email'] = request_data.get('email').lower() elif 'phone' in request_data: user_by_phone = User.objects.filter( phone_number=request_data.get('phone')).first() request_data['email'] = user_by_phone.email.lower() serializer = self.get_serializer(data=request_data, context={'request': request}) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, response.data['token'], expires=expiration, httponly=True) return response return Response({'message': 'Invalid Password'}, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) user = request.data.get('username') user_info = User.objects.filter(username=user) if user_info and not user_info.first().is_active: return Response({ 'code': 40000, 'message': "该用户未激活!" }) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response({ 'code':20000, 'data':response_data }) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) # 更改数据库中last_login的值 user.last_login = datetime.now(tz=timezone.utc) user.save() return response return Response({ 'code':60204, 'message':"请输入正确的用户名和密码" })
def post(self, request, *args, **kwargs): """ 用户登录接口 --- parameters: - name: nick_name description: 用户名 required: true type: string paramType: form - name: password description: 密码 required: true type: string paramType: form """ nick_name = request.POST.get("nick_name", None) password = request.POST.get("password", None) try: if not nick_name: code = 400 result = general_message(code, "username is missing", "请填写用户名") return Response(result, status=code) elif not password: code = 400 result = general_message(code, "password is missing", "请填写密码") return Response(result, status=code) user, msg, code = user_svc.is_exist(nick_name, password) if not user: code = 400 result = general_message(code, "authorization fail ", msg) return Response(result, status=code) serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler( token, user, request) result = general_message(200, "login success", "登录成功", bean=response_data) response = Response(result) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.datetime.now() + datetime.timedelta(days=30)) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration) jwt_manager = JwtManager() jwt_manager.set(response_data["token"], user.user_id) return response result = general_message( 400, "login failed", "{}".format(list(dict(serializer.errors).values())[0][0])) return Response(result, status=status.HTTP_400_BAD_REQUEST) except Exception as e: logging.exception(e) result = error_message() return Response(result, status=500)
def post(self, request, *args, **kwargs): """ 用户登录,返回JWT Token fe-user-login :param request: :param args: :param kwargs: :return: """ serializer = user_serializer.UserLoginSerializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if JWT_AUTH['JWT_AUTH_COOKIE']: expiration = (datetime.utcnow() + JWT_AUTH['JWT_EXPIRATION_DELTA']) response.set_cookie(JWT_AUTH['JWT_AUTH_COOKIE'], token, expires=expiration, httponly=True) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): # 校验验证码 self.jarge_captcha(request) serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = SuccessResponse(response_data) if token: username = user.username session_id = jwt_get_session_id(token) key = f"{self.prefix}_{session_id}_{username}" if getattr(settings, "REDIS_ENABLE", False): cache.set(key, token, self.ex.total_seconds()) self.save_login_infor(request, '登录成功', session_id=session_id) if self.JWT_AUTH_COOKIE and token: expiration = (datetime.datetime.utcnow() + self.ex) response.set_cookie(self.JWT_AUTH_COOKIE, token, expires=expiration, domain=settings.SESSION_COOKIE_DOMAIN, httponly=False) return response self.save_login_infor(request, '登录失败,账户/密码不正确', False) return ErrorResponse(data=serializer.errors, msg='账户/密码不正确')
def jwtlogin(request, user): """ Persist a user id and a backend in the request. This way a user doesn't have to reauthenticate on every request. Note that data set during the anonymous session is retained when the user logs in. """ session_auth_hash = '' if user is None: user = request.user if hasattr(user, 'get_session_auth_hash'): session_auth_hash = user.get_session_auth_hash() if SESSION_KEY in request.session: if request.session[SESSION_KEY] != user.pk or ( session_auth_hash and request.session.get(HASH_SESSION_KEY) != session_auth_hash): # To avoid reusing another user's session, create a new, empty # session if the existing session corresponds to a different # authenticated user. request.session.flush() else: request.session.cycle_key() request.session[SESSION_KEY] = user.pk request.session[BACKEND_SESSION_KEY] = user.backend request.session[HASH_SESSION_KEY] = session_auth_hash if hasattr(request, 'user'): request.user = user rotate_token(request) response_data = jwt_response_payload_handler(rotate_token, user, request) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response_data.set_cookie(api_settings.JWT_AUTH_COOKIE, rotate_token, expires=expiration, httponly=True)
def post(self, request, *args, **kwargs): """ :param request: :param format: :return: :raises - KEY_ERROR: token keyword is not provided or spelling mistake - ALL_FIELDS_REQUIRED: empty token field """ serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (timezone.now() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response return Response(ERROR_CODE.global_codes.VALUE_ERROR, status=401)
def post(self, request, *args, **kwargs): username = request.data.get("username") password = request.data.get("password") try: db_password_hash = User.objects.get(username=username).password except User.DoesNotExist: return Response(ErrUserNotFound, status=status.HTTP_500_INTERNAL_SERVER_ERROR) if not check_password(password, db_password_hash): return Response(ErrInvalidPassword, status=status.HTTP_500_INTERNAL_SERVER_ERROR) serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs) -> dict: serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') data = jwt_response_payload_handler(token, user, request) return JSONResponse.success(data) else: return JSONResponse.noauth(serializer.errors)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) user = serializer.save() token = self.create_token(user) response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) return response
def login(self): payload = jwt_payload_handler(self.user) if api_settings.JWT_ALLOW_REFRESH: payload['orig_iat'] = timegm(datetime.utcnow().utctimetuple()) request = self.context.get('request') token = jwt_encode_handler(payload) response = jwt_response_payload_handler(token, self.user, request) response['user'] = UserSerializer(instance=self.user).data return response
def post(self, request): serializer = self.serializer_class(request=request, data=request.DATA) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get("user") or request.user update_last_login(None, user) token = serializer.object.get("token") response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get("user") or request.user update_last_login(None, user) token = serializer.object.get("token") response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') content = { 'response_data': jwt_response_payload_handler(token, user, request), 'status': status.HTTP_200_OK, } return Response(content, status=status.HTTP_200_OK) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def _auth_handler(self, request, data): serializer = self.get_serializer(data=data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) #return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) return Response(err_msg=str(serializer.errors), err_code=105) # TODO: 少了Token相关的code
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) user_obj = auth.authenticate(username=request.data.get("username"), password=request.data.get("password")) if not user_obj: return APIResponse(http_status=400, message="密码验证失败") if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) data = {'id': user.id, 'name': user.username, 'username': user.username, 'password': '', # 'avatar': 'https://gw.alipayobjects.com/zos/rmsportal/jZUIxmJycoymBprLOUbT.png', 'avatar': '', 'status': 1, 'telephone': user.telephone, 'lastLoginIp': user.last_login_ip, 'lastLoginTime': user.last_login, 'creatorId': user.role.uid, 'createTime': user.date_joined, 'deleted': 0, 'roleId': user.user_role, 'lang': 'zh-CN', "token": token } return APIResponse(result=data) errors = [] valid_errors = [] user = serializer.object.get('user') or request.user if user.is_active: return APIResponse(http_status=400, code=400, message="账号已禁用") for column, error in serializer.errors.items(): if error: valid_errors.append("{}({})".format(column, str(error[0]))) errors.append("登录失败:{}".format("|".join(valid_errors))) if errors: return APIResponse(http_status=400, code=400, message="\n".join(errors))
def post(self, request, *args, **kwargs): serializer = self.serializer_class(data=request.data, context={'request': request}) serializer.is_valid(raise_exception=True) user = serializer.validated_data.get('user') if user: user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) return response return Response(serializer.errors, status=status.HTTP_422_UNPROCESSABLE_ENTITY)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) result = genernal_message(code=status.HTTP_200_OK, msg="login success", data=response_data) response = Response(data=result, status=status.HTTP_200_OK) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response err = serializer.errors result = genernal_message(code=status.HTTP_400_BAD_REQUEST, msg="login failed", data=err) return Response(data=result, status=status.HTTP_400_BAD_REQUEST)
def update(self, request, *args, **kwargs): partial = kwargs.pop('partial', False) instance = self.get_object() serializer = self.get_serializer( instance, data=request.data, partial=partial, ) serializer.is_valid(raise_exception=True) self.perform_update(serializer) payload = jwt_payload_handler(request.user) token = jwt_encode_handler(payload) response_data = jwt_response_payload_handler(token, request.user, self.request) return Response(response_data)
def post(self, request): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user # check if settings swith is on / then check validity if Mysetting.ACCOUNT_EMAIL_VERIFICATION == "mandatory": email_address = user.emailaddress_set.get(email=user.email) if not email_address.verified: return Response(status=403, data='E-mail is not verified.') token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) return Response(response_data) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): """ Registration Fill personal info. Returns user info and JWT token """ serial = self.serializer_class(data=request.data) serial.is_valid(raise_exception=True) vd = serial.validated_data reg_type = vd.get('reg_type') extra_fields = deepcopy(vd) for extra_field in \ ('reg_type', 'password', 'password_confirm', 'email'): if extra_fields.get(extra_field): extra_fields.pop(extra_field) if reg_type == AuthUserRegistrationType.default: user = AuthUser.objects.create_user( vd['email'], vd['password'], **extra_fields ) elif reg_type == AuthUserRegistrationType.redactor: user = AuthUser.objects.create_redactor( vd['email'], vd['password'], **extra_fields ) else: return Response(dict(), status=status.HTTP_400_BAD_REQUEST) if not user.is_email_confirmed: # #token = ConfirmationLink(user=user, type=ConfirmationLinkType.confirm_email) #token.save() user_id = user.id token = 'asdasdasdcalsdlasldalsdalsdl' send_verification_email.delay(user_id, token) return Response( jwt_response_payload_handler( token=create_token(user), user=user, request=request ), status=status.HTTP_200_OK )
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) username = request.data.get("username") if not username: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) try: user = User.objects.filter(username=username)[0] except serializers.ValidationError as e: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) else: if not user.is_active: return Response({"err_code": "0"}, status=status.HTTP_200_OK) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response_data.update({ "user_id": user.id, "user_name": user.username, "err_code": "1" }) response = Response(response_data) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = JsonResponse( OrderedDict([('results', response_data)], code=status.HTTP_200_OK)) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response return JsonResponse( OrderedDict([('results', serializer.errors)], code=status.HTTP_500_INTERNAL_SERVER_ERROR))
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) send_group_msg("aaa", {"message": "登录成功"}) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.utcnow() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response # return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) return Response({ "code": ERROR_USER_RALATION.status_code, "message": ERROR_USER_RALATION.message })
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): user = serializer.object.get('user') or request.user token = serializer.object.get('token') response_data = jwt_response_payload_handler(token, user, request) response = Response(response_data) if settings.JWT_AUTH['JWT_AUTH_COOKIE']: expiration = (datetime.utcnow() + settings.JWT_AUTH['JWT_EXPIRATION_DELTA']) response.set_cookie( settings.JWT_AUTH['JWT_AUTH_COOKIE'], token, expires=expiration, httponly=True, secure=settings.SECURE_COOKIE, ) response.cookies[settings.JWT_AUTH['JWT_AUTH_COOKIE']][ 'samesite'] = settings.JWT_AUTH['JWT_COOKIE_SAMESITE'] return response return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)