def login(request):
if request.method == "POST":
info = loads(request.body.decode('utf-8'))
try:
phone = info['phone']
user = User.objects.filter(phone=phone)
if user.exists():
password = info['password']
if user[0].password == password:
Device(dev_id=info['deviceId'],
reg_id=info['deviceToken'],
name=phone,
is_active=True).save()
user.update(status=True)
tok = get_random_string(length=32)
tok = Token(user=user[0],
token=tok,
expiry_date=datetime.datetime.now())
tok.save(force_insert=True)
return my_response(True, 'success', tok.to_json())
else:
return my_response(False, 'invalid information', {})
else:
return my_response(False, 'user not found', {})
except Exception as e:
e = str(e)
if e.__contains__('UNIQUE constraint'):
Device.objects.filter(dev_id=info['deviceId']).delete()
return login(request)
return my_response(False, 'error in login, check login body, ' + e,
{})
else:
return my_response(False, 'invalid method', {})
def get(self, request):
credentials = twitter.Api().GetAppOnlyAuthToken(
os.environ['CONSUMER_KEY'], os.environ['CONSUMER_SECRET'])
token = Token(token_type=credentials['token_type'],
access_token=credentials['access_token'])
token.save()
return Response(credentials)
def register_member(data):
member = Member(first_name=data['first_name'],
last_name=data['last_name'],
email=data['email'],
patronymic=data['patronymic'],
phone_number=data['phone_number'],
role_id=data['role'],
swimming_skill=data['swimming_skill'],
password=func.Hash(data['password']),
take_part_flag=data['take_part_flag'])
try:
member.save()
token = Token(user_id=member.id, token=secrets.token_hex(51))
token.save()
return HttpResponse(renderers.JSONRenderer().render({
'member_id':
member.id,
'auth_token':
token.token
}))
except Exception as e:
return HttpResponse(renderers.JSONRenderer().render({
'status': '0',
'error': type(e)
}))
def load_token():
tokens = Token.objects.filter(ts__gte=ts())
if len(tokens) == 0:
settings = T411_SETTINGS
try:
t411 = T411(settings)
except Exception as e:
raise e
t = Token(token=t411.token, ts=ts() + 3600 * 24 * 90)
t.save()
token = t411.token
else:
token = tokens[0].token
return token
def authenticate(self, request):
authorization = request.META.get("HTTP_AUTHORIZATION", None)
if not authorization or not authorization.startswith("Bearer"):
return None
token = authorization.split(" ")[-1]
role = UserRole.User.name.lower()
if token == SUPER_USER_TOKEN:
username = ADMIN_NAME
user_model, _ = UserModel.objects.get_or_create(name=username)
else:
try:
token_model = Token.objects.get(token=token,
expire_date__gt=timezone.now())
except ObjectDoesNotExist:
try:
token_info = keycloak_openid.introspect(token)
active = token_info.get("active", False)
role = token_info.get("role", UserRole.User.name.lower())
exp_time = timezone.make_aware(
datetime.fromtimestamp(token_info.get("exp")))
username = token_info.get("preferred_username", "")
sub = token_info.get("sub", "")
if not active:
return None
except Exception as exc:
LOG.error("exception %s", str(exc))
return None
user_model, _ = UserModel.objects.get_or_create(id=sub,
name=username)
user_model.role = role
user_model.save()
token_model = Token(token=token,
user=user_model,
expire_date=exp_time)
token_model.save()
else:
username = token_model.user.name
user_model = token_model.user
role = user_model.role
user = User()
user.username = username
user.token = token
user.role = role
user.user_model = user_model
return user, None
def register(request):
if request.method == "POST":
try:
info = loads(request.body.decode('utf-8'))
p = info['phone']
e = info['email']
this_otp = info['otp']
o = Otp.objects.get(email=e)
if o.otp != this_otp:
return my_response(False, 'confirmation code invalid', None)
if time_diff(get_hour_minute(), o.expiry) > 5:
o.delete()
return my_response(
False, 'confirmation code invalid, try from first', None)
user = User(
phone=p,
email=e,
name=info['name'],
password=info['password'],
)
user.save(force_insert=True)
tok = get_random_string(length=32)
tok = Token(user=user,
token=tok,
expiry_date=datetime.datetime.now())
tok.save(force_insert=True)
o.delete()
Device(dev_id=info['deviceId'],
reg_id=info['deviceToken'],
name=p,
is_active=True).save()
return my_response(True, 'user registered', tok.to_json())
except Exception as e:
e = str(e)
if e.__contains__('UNIQUE constraint'):
return my_response(False, 'user exist! please sign in', {})
else:
return my_response(False,
'error in register, check body send, ' + e,
{})
else:
return my_response(False, 'invalid method', {})
def token_add(request):
if request.method == 'POST':
f = ApiTokenForm(request.POST)
if f.is_valid():
cleaned_data = f.cleaned_data
try:
token = Token()
token.title = cleaned_data['title']
token.token = cleaned_data['token']
token.save()
messages.info(request, '添加成功')
except:
messages.error(request, '添加失败')
finally:
return redirect('admin:api.token')
else:
f = ApiTokenForm()
return render(request, 'admin/api/add_token.html', {
"form": f,
"auto_generate_token": uuid4(),
})
def signup(request):
username = request.POST.get('username')
password = request.POST.get('password')
fname = request.POST.get('fname')
lname = request.POST.get('lname')
encode = jwt.encode({'username': username}, settings.SECRET_KEY)
if User.objects.filter(username=username).exists():
response = {'result': -1, 'message': 'User name exist'}
else:
try:
user = User(username=username,
password=password,
first_name=fname,
last_name=lname)
user.set_password(password)
user.is_active = True
user.is_staff = True
user.is_superuser = True
group_name = 'admin'
try:
group = Group.objects.get(name=group_name)
except Group.DoesNotExist:
new_group, created = Group.objects.get_or_create(
name=group_name)
group = Group.objects.get(name=group_name)
user.save()
group.user_set.add(user)
token = Token(user=user, token=str(encode))
token.save()
response = {'result': 1, 'message': 'Save success'}
except Exception as e:
response = {'result': 0, 'message': 'Can not save user'}
return JsonResponse(response)
def add_token(self):
# assign a token to the user
t = Token(user=self, daily_computation_time=600)
t.token = t.generate_token(self.email)
t.save()
def add_token(self):
# assign a token to the user
t = Token(user=self, daily_computation_time=600)
t.token = t.generate_token(self.email)
t.save()