def login(request): if request.method == 'POST': # print(request.META['HTTP_ACCESSTOKEN']) # print(request.POST) user = request.POST.get("user", None) pwd = request.POST.get("pwd", None) check_code = request.POST.get("auth_code", None) check_code = check_code.lower() server_check_code = request.session['check_code'] server_check_code = server_check_code.lower() res = {} Hres = HttpResponse() if check_code == server_check_code: user_info = UserInfo.objects.filter(user=user) if user_info[0].user == user and user_info[0].pwd == pwd: # 颁发签证 nonce = ''.join( random.sample(string.ascii_letters + string.digits, 16)) key = user_info[0].key t = int(time.time()) sign_array = [str(t), nonce, key] sign_str = "".join(sorted(sign_array)) server_signature = hashlib.sha1(sign_str.encode()).hexdigest() # 保存签名并设置过期时间 request.session['sign'] = server_signature request.session['sign_timeout'] = time.time( ) + 3600 * 24 # 默认过期时间一天 res = { "errNum": 0, "errMsg": "ok", "access_token": server_signature, } request.session['user'] = user Hres.set_cookie(key="accessToken", value=server_signature, expires=time.time() + 36000) else: res = { "errNum": 100, "errMsg": "用户名或密码错误", } else: res = { "errNum": 102, "errMsg": "验证码错误", } time.sleep(1) Hres.content = json.dumps(res) Hres.content_type = 'application/json' return Hres else: auth_code(request) return render(request, 'host_manage/login.html')
def graph_captcha(request, **kwargs): # 验证码生成 # 通过Captcha生成一张验证码图片,输出为一个HttpResponse text, image = Captcha.gene_graph_captcha() # 将验证码存入session中 request.session[CAPTCHA_TEXT] = text.lower() out = BytesIO() image.save(out, 'png') out.seek(0) resp = HttpResponse(out.read()) resp.content_type = 'image/png' return resp