def user_auth(request):
jwt_token = request.META.get('HTTP_AUTHORIZATION', None).encode('utf8')
try:
data = jwt.decode(jwt_token, 'secret', algorithm='HS256')
except Exception as e:
logger.error(e, jwt_token)
return json_res(403, '认证失败')
# if get token then user must exist
try:
user = User.objects.get(id=data['sub'])
except Exception as e:
logger.error(e)
return json_res(403, '用户不存在')
new_token = create_token(data['sub'])
has_weixin = False
if user.weixin:
has_weixin = True
return json_res(200, 'Confirmed', {
'jwt_token': new_token,
'has_weixin': has_weixin
})
def process_request(self, request):
# check if url is in lists_need_to_auth
url_path = request.path
is_need_auth = 0
for each in need_auth_path:
if re.fullmatch(each, url_path):
is_need_auth = 1
break
if not is_need_auth:
# if already need auth, skip this check
if request.method != 'GET':
for each in post_need_auth_path:
if re.fullmatch(each, url_path):
is_need_auth = 1
break
if is_need_auth:
# if authenticated, add custom_user to request
jwt_token = request.META.get('HTTP_AUTHORIZATION',
None).encode('utf8')
try:
data = jwt.decode(jwt_token, 'secret', algorithm='HS256')
except Exception as e:
logger.error(e, jwt_token)
return json_res(403, '认证失败')
# if get token then user must exist
try:
user = User.objects.get(id=data['sub'])
except Exception as e:
logger.error(e)
return json_res(404, '用户不存在')
request.custom_user = user
def change_user_info(request):
req_data = json.loads(request.body.decode('utf-8'))
user = request.custom_user
try:
save_or_not(user, req_data, ['nickname', 'major', 'weixin', 'phone'])
except Exception as e:
logger.error(e)
return json_res(400, '更新用户信息失败')
return json_res(200, '更新用户信息成功')
def wx_login(request):
"""
微信登录接口, 需要提供code, encryptedData, iv
"""
req_data = json.loads(request.body.decode('utf-8'))
code = req_data.get('code', None)
encryptedData = req_data.get('encryptedData', None)
iv = req_data.get('iv', None)
if not code or not encryptedData or not iv:
return json_res(400, '缺少必要参数')
user_info = get_user_info(code, encryptedData, iv)
openid = user_info.get('openId', 'None')
if not openid:
return json_res(400, '缺少参数')
# 如果用户已绑定openid, 直接登录, 否则,自动创建新用户
try:
user = User.objects.get(openid=openid)
except Exception as e:
logger.error(e, 'Automatically create a new account.')
user = None
if not user:
nickname = user_info.get('nickName', None)
avatarUrl = user_info.get('avatarUrl', None)
try:
user = User.objects.create(nickname=nickname, openid=openid)
fetch_avatar(avatarUrl, user)
user.save()
except Exception as e:
logger.error(e)
return json_res(400, '用户创建失败')
jwt_token = create_token(user.id)
data = {
'jwt_token': jwt_token,
'user_id': user.id,
'detail_url': 'http://139.199.131.21/api/user/{}/'.format(user.id),
'avatarUrl': 'http://139.199.131.21' + user.avatar.url,
'nickname': user.nickname
}
return json_res(200, '登录成功', data)
def post(self, request, pk):
book = get_object_or_404(Book, pk=pk)
if book.owner != request.custom_user:
return json_res(403, "用户认证失败")
req_data = request.POST
image = request.FILES.get('img', None)
if image:
book.image = image
try:
save_or_not(book, req_data, ['name', 'price', 'original_price', 'category_id', 'description'])
except Exception as e:
logger.error(e)
return json_res(400, '编辑书籍信息失败')
return json_res(200, '编辑书籍信息成功', {'detail_url': 'http://139.199.131.21/api/book/{}'.format(book.id)})
def book_advice(request):
# 基于用户发布的书籍量和时间对书籍进行推荐, 发布书越多的用户,会取其最新发布的一本书作为推荐
try:
user_ranking = redis_service.zrange('user_ranking', 0, -1, desc=True)[:5]
except Exception as e:
logger.error(e)
return json_res(400, '无人传书', {'books': None})
user_ranking_ids = [int(id) for id in user_ranking]
most_offer = list(User.objects.filter(id__in=user_ranking_ids))
most_offer.sort(key=lambda x: user_ranking_ids.index(x.id))
books = [user.sell_books.order_by('-created')[0] for user in most_offer]
res_dict = book_serializer(books)
return json_res(200, '获取推荐图书成功', res_dict)
def delete(self, request, pk):
book = get_object_or_404(Book, pk=pk)
if book.owner != request.custom_user:
return json_res(403, "用户认证失败")
try:
# 删除或减少redis中推荐排行的键值
num = int(redis_service.zscore('user_ranking', book.owner.id))
if num == 1:
redis_service.zrem('user_ranking', book.owner.id)
else:
redis_service.zincrby('user_ranking', book.owner.id, -1)
book.delete()
except Exception as e:
logger.error(e)
return json_res(400, '删除书籍失败')
return json_res(200, '删除书籍成功')
def get_all_categories(request):
categories = Category.objects.all()
counter = categories.count()
res_list = []
for c in categories:
res_list.append({"image_url": 'http://139.199.131.21' + c.image.url, "name": c.name,
"detail_url": "http://139.199.131.21/api/book/category/{}/".format(c.id), "id": c.id})
res_dict = {'sum': counter, 'categories': res_list}
return json_res(200, '获取所有分类成功', res_dict)
def user_info(request, user_id):
user = get_object_or_404(User, id=user_id)
res_dict = {
'id': user.id,
'nickname': user.nickname,
'major': user.major,
'avatarUrl': 'http://139.199.131.21' + user.avatar.url
}
return json_res(200, '获取用户信息成功', res_dict)
def create_book_info(request):
req_data = request.POST
image = request.FILES.get('img', None)
category_id = req_data.get('category_id', None)
if not image:
return json_res(400, '缺少图片')
try:
new_book = Book.objects.create(name=req_data['name'], price=req_data['price'],
original_price=req_data['original_price'], owner=request.custom_user,
category_id=category_id, description=req_data['description'])
new_book.image = image
new_book.save()
except Exception as e:
logger.error(e)
return json_res(400, '创建书籍信息失败')
# 保存所有用户发布的书籍数用来进行推荐
redis_service.zincrby('user_ranking', request.custom_user.id, 1)
return json_res(200, '创建书籍信息成功', {'detail_url': 'http://139.199.131.21/api/book/{}'.format(new_book.id)})
def book_search(request):
# 基于关键字和类别进行查询
category_id = request.GET.get('category_id', None)
query = request.GET.get('query')
books = Book.objects.all().order_by('-created')
for c in query:
books = [book for book in books if c in book.name]
# books = Book.objects.filter(name__icontains=query).order_by('-created')
if category_id:
books = [book for book in books if book.category_id == int(category_id)]
res_dict = book_serializer(books)
return json_res(200, '搜索成功', res_dict)
def get(self, request, pk):
category = get_object_or_404(Category, pk=pk)
books = category.books.all()
res_dict = book_serializer(books)
return json_res(200, '获取书籍列表成功', res_dict)
def get(self, request, pk):
book = get_object_or_404(Book, pk=pk)
books = BookSerializer(book).data
return json_res(200, '获取书籍详情成功', books)
def get(self, request):
books = Book.objects.all()
res_dict = book_serializer(books)
return json_res(200, '获取书籍列表成功', res_dict)
def get_user_books(request):
books = Book.objects.filter(owner=request.custom_user)
res_dict = book_serializer(books)
return json_res(200, '获取用户书架成功', res_dict)
