def post(self, request):
#1 获取参数
username = request.POST.get("username")
pwd = request.POST.get("pwd")
#记住密码单选项
remembered = request.POST.get("remembered")
# 2.校验参数
# 2-1判断参数是否齐全
if not all([username, pwd]):
return http.HttpResponseForbidden('请填齐资料')
#用户名及密码格式校验
# 2,2 用户名格式校验
#若涉及用手机号(多账号)时会~~~
if not re.match(r'^[a-zA-Z0-9_-]{5,20}$', username):
return http.HttpResponseForbidden("用户名格式有误")
# 2,3 密码格式校验
if not re.match(r'^[0-9A-Za-z]{8,20}$', pwd):
return http.HttpResponseForbidden("密码格式有误")
# # 判断是否是会员
# count = User.objects.filter(username=username).count()
# if count ==0:
# return http.HttpResponseForbidden('请输入正确的用户名')
# #判断密码是否正确
# c_pwd = User.objects.filter(username=username).password
# if pwd != c_pwd:
# return http.HttpResponseForbidden('密码错误')
#2.4校验用户名及密码的正确性,使用django的authenticate方法
#方法1 可以通过加入方法,实现多账号登录
user = authenticate(request, username=username, password=pwd)
# #方法2 用此传统方法只能使用用户名登录无法用手机登录
# user =User.objects.get(username=username)
# user.check_password(pwd)
if not user:
return http.HttpResponseForbidden("账号或者密码错误")
#3 状态保持
login(request, user)
#3.1设置状态保持的时间
if remembered == "on":
request.session.set_expiry(3600 * 24 * 2)
else:
request.session.set_expiry(0)
from carts.utils import merge_cookie_redis_cart
#登录成功
response = redirect("/")
response.set_cookie("username", user.username, 3600 * 24 * 2)
#合并购物车
response = merge_cookie_redis_cart(request, user, response)
return response
def get(self, request):
# 1,获取参数,code
code = request.GET.get("code")
state = request.GET.get("state", "/")
if not code:
return http.HttpResponseForbidden("code丢了")
# 2,通过code换取access_token
oauth_qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID,
client_secret=settings.QQ_CLIENT_SECRET,
redirect_uri=settings.QQ_REDIRECT_URI,
state=state)
access_token = oauth_qq.get_access_token(code)
print('access_token:', access_token)
# 3,通过access_token换取openid
openid = oauth_qq.get_open_id(access_token)
# 4,根据openid,取到qq用户的对象
try:
print('openid:', openid)
oauth_qq_user = OAuthQQUser.objects.get(openid=openid)
except OAuthQQUser.DoesNotExist:
print('初次授权')
# import time
# time.sleep(200)
# 初次授权
sign_openid = generate_sign_openid(openid)
return render(request,
'oauth_callback.html',
context={"token": sign_openid})
else:
# 5,非初次授权
user = oauth_qq_user.user
# 5,1状态保持
login(request, user)
request.session.set_expiry(3600 * 24 * 2)
# 5,2,返回响应
response = redirect("/")
response.set_cookie("username", user.username)
response = merge_cookie_redis_cart(request, user, response)
return response
def get(self, request):
#1,获取参数(code,state)
code = request.GET.get("code")
state = request.GET.get("state", "/")
#2,校验
if not code:
return http.HttpResponseForbidden("code丢失")
#3,获取access_token
oauth_qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID,
client_secret=settings.QQ_CLIENT_SECRET,
redirect_uri=settings.QQ_REDIRECT_URI,
state=state)
try:
access_token = oauth_qq.get_access_token(code)
except Exception:
return http.HttpResponseForbidden("code已过期")
#4,获取openid
openid = oauth_qq.get_open_id(access_token)
#5,通过openid,查询qq授权用户
try:
oauth_qq_user = OAuthQQUser.objects.get(openid=openid)
except Exception as e:
#5,1 初次授权,加密openid,返回授权页面
encrypt_openid = encode_openid(openid)
context = {"token": encrypt_openid}
return render(request, 'oauth_callback.html', context=context)
else:
#6,1 非初次授权,获取美多用户
user = oauth_qq_user.user
#6,2 状态保持
login(request, user)
#6,3 返回响应
response = redirect("/")
response.set_cookie("username", user.username)
response = merge_cookie_redis_cart(request, response, user)
return response
def get(self, request):
#http://www.meiduo.site:8000/oauth_callback?code=FDE1DC283B08B2
# 96DC530EA7DEFBDB2C&state=%3Cbuilt-in%2Bfunction%2Bnext%3E
#1 获取url中参数code
code = request.GET.get("code")
state = request.GET.get("state")
if not code:
return http.HttpResponseForbidden("code丢失")
#2通过code换取access_token
oauth_qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID,
client_secret=settings.QQ_CLIENT_SECRET,
redirect_uri=settings.QQ_REDIRECT_URI,
state=next)
access_token = oauth_qq.get_access_token(code)
#3通过access_token找到openid
openid = oauth_qq.get_open_id(access_token)
#4根据openid,取到qq用户对象,查询数据库
try:
oauth_qq_user = OAuthQQUser.objects.get(openid=openid)
except OAuthQQUser.DoesNotExist:
#初次授权,需要配合表单提交,传参,验证
#调用utils文件中的加密方法
sign_openid = generate_sign_openid(openid)
#下面的"token"是oauth_callback.html中的参数名称,openid存入url中
return render(request,
'oauth_callback.html',
context={"token": sign_openid})
else:
#5,非初次授权,直接登录成功
user = oauth_qq_user.user
#5.1 状态保持
login(request, user)
request.session.set_expiry(3600 * 24 * 2)
response = redirect("/")
response.set_cookie("username", user.username)
# 合并购物车
response = merge_cookie_redis_cart(request, user, response)
#返回响应
return response
def post(self, request):
# 1,获取参数
username = request.POST.get("username")
password = request.POST.get("pwd")
remembered = request.POST.get("remembered")
# 2,校验参数
# 2,0 为空校验
if not all([username, password]):
return http.HttpResponseForbidden("参数不全")
# 2,1 用户名格式校验
if not re.match(r'^[a-zA-Z0-9_-]{5,20}$', username):
return http.HttpResponseForbidden("用户名格式有误")
# 2,2 密码格式校验
if not re.match(r'^[0-9A-Za-z]{8,20}$', password):
return http.HttpResponseForbidden("密码格式有误")
# 2,3 校验用户名和密码的正确性
user = authenticate(request, username=username, password=password)
if not user:
return http.HttpResponseForbidden("账号或者密码错误")
# 3,状态保持
login(request, user)
# 3,1设置状态保持的时间
if remembered == "on":
request.session.set_expiry(3600 * 24 * 2) # 两天有效
else:
request.session.set_expiry(0)
# 4,返回响应
response = redirect('/')
response.set_cookie("username", user.username, 3600 * 24 * 2)
response = merge_cookie_redis_cart(request, user, response)
return response
def get(self, request):
#获取参数
code = request.GET.get("code")
if not code:
return http.HttpResponseForbidden("code丢失")
#对象
oauth_sina = APIClient(
app_key=settings.APP_KEY,
app_secret=settings.APP_SECRET,
redirect_uri=settings.REDIRECT_URL,
)
result = oauth_sina.request_access_token(code)
access_token = result.access_token
uid = result.uid
# 4根据uid,取到sina用户对象,查询数据库
try:
oauth_sina_user = OAuthSinaUser.objects.get(uid=uid)
except OAuthSinaUser.DoesNotExist:
# 初次授权
# 调用utils文件中的加密方法
sign_uid = generate_sign_openid(uid)
#TODO 下面的"access_token"是传递给js使用 ??
return http.JsonResponse({"access_token": sign_uid})
else:
# 5,非初次授权
user = oauth_sina_user.user
# 5.1 状态保持
login(request, user)
request.session.set_expiry(3600 * 24 * 2)
response = redirect("/")
response.set_cookie("username", user.username)
# 合并购物车
response = merge_cookie_redis_cart(request, user, response)
# 返回响应
return response
def post(self, request):
#1,获取参数
username = request.POST.get("username")
password = request.POST.get("pwd")
remembered = request.POST.get("remembered")
#2,校验参数
#2,1为空校验
if not all([username, password]):
return http.HttpResponseForbidden("参数不全")
#2,2用户名格式校验
if not re.match(r'^[a-zA-Z0-9_-]{5,20}$', username):
return http.HttpResponseForbidden("用户名格式错误")
#2,3密码格式校验
if not re.match(r'^[0-9A-Za-z]{8,20}$', password):
return http.HttpResponseForbidden("用户密码错误")
#2,3校验账号,密码正确性(认证),并判断是否认证成功
user = authenticate(request, username=username, password=password)
if not user:
return http.HttpResponseForbidden("用户名或者密码错误")
#3,状态保持
login(request, user) #记录用户信息到session
if remembered == 'on':
request.session.set_expiry(3600 * 24 * 2) #两天有效
else:
request.session.set_expiry(0)
#4,返回响应
response = redirect("/")
response.set_cookie("username", user.username, max_age=3600 * 24 * 2)
response = merge_cookie_redis_cart(request, response, user)
return response
def post(self, request):
#1,获取参数,参数来自oauth_callback.html
sign_openid = request.POST.get("access_token")
mobile = request.POST.get("mobile")
pwd = request.POST.get("pwd")
sms_code = request.POST.get("sms_code")
#2,校验参数
#2.1为空校验
if not all([sign_openid, mobile, pwd, sms_code]):
return http.HttpResponseForbidden("参数不全")
#2.2校验openid
# #对openid进行解密
openid = decode_sign_openid(sign_openid)
if not openid:
return http.HttpResponseForbidden("openid过期")
#2.3校验手机号的格式
if not re.match(r'^1[3-9]\d{9}$', mobile):
return http.HttpResponseForbidden("手机号格式有误")
#2.4校验密码的格式
if not re.match(r'^[0-9a-zA-Z]{8,20}$', pwd):
return http.HttpResponseForbidden("密码格式有误")
#2.5校验短信验证码的正确性
#连接redis
redis_conn = get_redis_connection("code")
#查询存在redis中的短信验证码
redis_sms_code = redis_conn.get("sms_code_%s" % mobile)
#判断是否过期
if not redis_sms_code:
return http.HttpResponseForbidden("短信验证码已过期")
#判断正确性,redis_sms_code 为二进制类型,应转换
if redis_sms_code.decode() != sms_code:
return http.HttpResponseForbidden("短信验证码错误")
#3,判断是否存在美多用户,在tb_user里匹配
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
#3.1 手机号不存在,为其创建美多账号
user = User.objects.create_user(username=mobile,
password=pwd,
mobile=mobile)
#3.2绑定美多用户 qq用户
OAuthQQUser.objects.create(openid=openid, user=user)
# 3.3密码正确,状态保持
login(request, user)
request.session.set_expiry(3600 * 24 * 2)
# 3.4返回首页
response = redirect("/")
response.set_cookie("username",
user.username,
max_age=3600 * 24 * 2)
# 合并购物车
response = merge_cookie_redis_cart(request, user, response)
return response
else:
#3.2 手机号存在,直接绑定
#4校验密码正确性
if not user.check_password(pwd):
return http.HttpResponseForbidden("密码错误")
#4.1密码正确,状态保持
login(request, user)
request.session.set_expiry(3600 * 24 * 2)
#4.2返回首页
response = redirect("/")
response.set_cookie("username",
user.username,
max_age=3600 * 24 * 2)
# 合并购物车
response = merge_cookie_redis_cart(request, user, response)
return response
def post(self, request):
# 1,获取参数
sign_openid = request.POST.get("access_token")
mobile = request.POST.get("mobile")
pwd = request.POST.get("pwd")
sms_code = request.POST.get("sms_code")
# 2,校验参数
# 2,1为空校验
if not all([sign_openid, mobile, pwd, sms_code]):
return http.HttpResponseForbidden("参数不全")
# 2,2 校验sign_openid是否正确
openid = decode_sign_openid(sign_openid)
if not openid:
return http.HttpResponseForbidden("openid过期")
# 2,3 校验手机号的格式
if not re.match(r'^1[3-9]\d{9}$', mobile):
return http.HttpResponseForbidden("手机号格式有误")
# 2,4 校验密码的格式
if not re.match(r'^[0-9a-zA-Z]{8,20}$', pwd):
return http.HttpResponseForbidden("密码格式有误")
# 2,5 校验短信验证码的正确性
redis_conn = get_redis_connection("code")
redis_sms_code = redis_conn.get("sms_code_%s" % mobile)
if not redis_sms_code:
return http.HttpResponseForbidden("短信验证码已过期")
if sms_code != redis_sms_code.decode():
return http.HttpResponseForbidden("短信验证码填写错误")
# 3,判断是否存在美多用户,如果存在直接绑定,如果不存在直接创建用户再绑定
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
# 3,1创建美多用户
user = User.objects.create_user(username=mobile,
password=pwd,
mobile=mobile)
# 3,2绑定美多用户和qq用户
OAuthQQUser.objects.create(openid=openid, user=user)
# 3.3,状态保持
login(request, user)
request.session.set_expiry(3600 * 24 * 2)
# 3.4,返回到首页中
response = redirect("/")
response.set_cookie("username",
user.username,
max_age=3600 * 24 * 2)
response = merge_cookie_redis_cart(request, user, response)
return response
else:
# 4.1校验密码正确性
if not user.check_password(pwd):
return http.HttpResponseForbidden("密码错误")
# 4,2绑定美多用户和qq用户
OAuthQQUser.objects.create(openid=openid, user=user)
# 4.3,状态保持
login(request, user)
request.session.set_expiry(3600 * 24 * 2)
# 4.4,返回到首页中
response = redirect("/")
response.set_cookie("username",
user.username,
max_age=3600 * 24 * 2)
response = merge_cookie_redis_cart(request, user, response)
return response
def post(self, request):
#1,获取参数
openid = request.POST.get("access_token")
mobile = request.POST.get("mobile")
password = request.POST.get("pwd")
sms_code = request.POST.get("sms_code")
#2,校验参数
#2,1 为空校验
if not all([openid, mobile, password, sms_code]):
return http.HttpResponseForbidden('参数不全')
#2,2 校验openid
openid = decode_openid(openid)
if not openid:
return http.HttpResponseForbidden("openid已过期")
#2,3 短信验证码校验
redis_conn = get_redis_connection("code")
redis_sms_code = redis_conn.get("sms_code_%s" % mobile)
if not redis_sms_code:
return http.HttpResponseForbidden("短信验证码已过期")
if sms_code != redis_sms_code.decode():
return http.HttpResponseForbidden("短信验证码错误")
#2,3 账号密码,正确性
user = authenticate(request, username=mobile, password=password)
#3,数据入库,判断用户对象
if user:
#3,1 创建qq授权对象
oauth_qq_user = OAuthQQUser()
#3,2 关联美多用户和 openid
oauth_qq_user.user = user
oauth_qq_user.openid = openid
#3,3 入库
oauth_qq_user.save()
#3,4 状态保持,返回响应
login(request, user)
response = redirect('/')
response.set_cookie("username", user.username)
response = merge_cookie_redis_cart(request, response, user)
return response
else:
#4,1 创建美多用户
user = User.objects.create_user(username=mobile, password=password)
#4,2 创建qq授权对象
oauth_qq_user = OAuthQQUser()
#4,3 关联美多用户和openid,入库
oauth_qq_user.user = user
oauth_qq_user.openid = openid
oauth_qq_user.save()
#4,4 状态保持,返回响应
login(request, user)
response = redirect('/')
response.set_cookie("username", user.username)
response = merge_cookie_redis_cart(request, response, user)
return response
