def login(request):
if request.method == 'POST':
# print(request.META['HTTP_ACCESSTOKEN'])
# print(request.POST)
user = request.POST.get("user", None)
pwd = request.POST.get("pwd", None)
check_code = request.POST.get("auth_code", None)
check_code = check_code.lower()
server_check_code = request.session['check_code']
server_check_code = server_check_code.lower()
res = {}
Hres = HttpResponse()
if check_code == server_check_code:
user_info = UserInfo.objects.filter(user=user)
if user_info[0].user == user and user_info[0].pwd == pwd:
# 颁发签证
nonce = ''.join(
random.sample(string.ascii_letters + string.digits, 16))
key = user_info[0].key
t = int(time.time())
sign_array = [str(t), nonce, key]
sign_str = "".join(sorted(sign_array))
server_signature = hashlib.sha1(sign_str.encode()).hexdigest()
# 保存签名并设置过期时间
request.session['sign'] = server_signature
request.session['sign_timeout'] = time.time(
) + 3600 * 24 # 默认过期时间一天
res = {
"errNum": 0,
"errMsg": "ok",
"access_token": server_signature,
}
request.session['user'] = user
Hres.set_cookie(key="accessToken",
value=server_signature,
expires=time.time() + 36000)
else:
res = {
"errNum": 100,
"errMsg": "用户名或密码错误",
}
else:
res = {
"errNum": 102,
"errMsg": "验证码错误",
}
time.sleep(1)
Hres.content = json.dumps(res)
Hres.content_type = 'application/json'
return Hres
else:
auth_code(request)
return render(request, 'host_manage/login.html')
def graph_captcha(request, **kwargs):
# 验证码生成
# 通过Captcha生成一张验证码图片,输出为一个HttpResponse
text, image = Captcha.gene_graph_captcha()
# 将验证码存入session中
request.session[CAPTCHA_TEXT] = text.lower()
out = BytesIO()
image.save(out, 'png')
out.seek(0)
resp = HttpResponse(out.read())
resp.content_type = 'image/png'
return resp
