def post(self, request): #1 获取参数 username = request.POST.get("username") pwd = request.POST.get("pwd") #记住密码单选项 remembered = request.POST.get("remembered") # 2.校验参数 # 2-1判断参数是否齐全 if not all([username, pwd]): return http.HttpResponseForbidden('请填齐资料') #用户名及密码格式校验 # 2,2 用户名格式校验 #若涉及用手机号(多账号)时会~~~ if not re.match(r'^[a-zA-Z0-9_-]{5,20}$', username): return http.HttpResponseForbidden("用户名格式有误") # 2,3 密码格式校验 if not re.match(r'^[0-9A-Za-z]{8,20}$', pwd): return http.HttpResponseForbidden("密码格式有误") # # 判断是否是会员 # count = User.objects.filter(username=username).count() # if count ==0: # return http.HttpResponseForbidden('请输入正确的用户名') # #判断密码是否正确 # c_pwd = User.objects.filter(username=username).password # if pwd != c_pwd: # return http.HttpResponseForbidden('密码错误') #2.4校验用户名及密码的正确性,使用django的authenticate方法 #方法1 可以通过加入方法,实现多账号登录 user = authenticate(request, username=username, password=pwd) # #方法2 用此传统方法只能使用用户名登录无法用手机登录 # user =User.objects.get(username=username) # user.check_password(pwd) if not user: return http.HttpResponseForbidden("账号或者密码错误") #3 状态保持 login(request, user) #3.1设置状态保持的时间 if remembered == "on": request.session.set_expiry(3600 * 24 * 2) else: request.session.set_expiry(0) from carts.utils import merge_cookie_redis_cart #登录成功 response = redirect("/") response.set_cookie("username", user.username, 3600 * 24 * 2) #合并购物车 response = merge_cookie_redis_cart(request, user, response) return response
def get(self, request): # 1,获取参数,code code = request.GET.get("code") state = request.GET.get("state", "/") if not code: return http.HttpResponseForbidden("code丢了") # 2,通过code换取access_token oauth_qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state=state) access_token = oauth_qq.get_access_token(code) print('access_token:', access_token) # 3,通过access_token换取openid openid = oauth_qq.get_open_id(access_token) # 4,根据openid,取到qq用户的对象 try: print('openid:', openid) oauth_qq_user = OAuthQQUser.objects.get(openid=openid) except OAuthQQUser.DoesNotExist: print('初次授权') # import time # time.sleep(200) # 初次授权 sign_openid = generate_sign_openid(openid) return render(request, 'oauth_callback.html', context={"token": sign_openid}) else: # 5,非初次授权 user = oauth_qq_user.user # 5,1状态保持 login(request, user) request.session.set_expiry(3600 * 24 * 2) # 5,2,返回响应 response = redirect("/") response.set_cookie("username", user.username) response = merge_cookie_redis_cart(request, user, response) return response
def get(self, request): #1,获取参数(code,state) code = request.GET.get("code") state = request.GET.get("state", "/") #2,校验 if not code: return http.HttpResponseForbidden("code丢失") #3,获取access_token oauth_qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state=state) try: access_token = oauth_qq.get_access_token(code) except Exception: return http.HttpResponseForbidden("code已过期") #4,获取openid openid = oauth_qq.get_open_id(access_token) #5,通过openid,查询qq授权用户 try: oauth_qq_user = OAuthQQUser.objects.get(openid=openid) except Exception as e: #5,1 初次授权,加密openid,返回授权页面 encrypt_openid = encode_openid(openid) context = {"token": encrypt_openid} return render(request, 'oauth_callback.html', context=context) else: #6,1 非初次授权,获取美多用户 user = oauth_qq_user.user #6,2 状态保持 login(request, user) #6,3 返回响应 response = redirect("/") response.set_cookie("username", user.username) response = merge_cookie_redis_cart(request, response, user) return response
def get(self, request): #http://www.meiduo.site:8000/oauth_callback?code=FDE1DC283B08B2 # 96DC530EA7DEFBDB2C&state=%3Cbuilt-in%2Bfunction%2Bnext%3E #1 获取url中参数code code = request.GET.get("code") state = request.GET.get("state") if not code: return http.HttpResponseForbidden("code丢失") #2通过code换取access_token oauth_qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state=next) access_token = oauth_qq.get_access_token(code) #3通过access_token找到openid openid = oauth_qq.get_open_id(access_token) #4根据openid,取到qq用户对象,查询数据库 try: oauth_qq_user = OAuthQQUser.objects.get(openid=openid) except OAuthQQUser.DoesNotExist: #初次授权,需要配合表单提交,传参,验证 #调用utils文件中的加密方法 sign_openid = generate_sign_openid(openid) #下面的"token"是oauth_callback.html中的参数名称,openid存入url中 return render(request, 'oauth_callback.html', context={"token": sign_openid}) else: #5,非初次授权,直接登录成功 user = oauth_qq_user.user #5.1 状态保持 login(request, user) request.session.set_expiry(3600 * 24 * 2) response = redirect("/") response.set_cookie("username", user.username) # 合并购物车 response = merge_cookie_redis_cart(request, user, response) #返回响应 return response
def post(self, request): # 1,获取参数 username = request.POST.get("username") password = request.POST.get("pwd") remembered = request.POST.get("remembered") # 2,校验参数 # 2,0 为空校验 if not all([username, password]): return http.HttpResponseForbidden("参数不全") # 2,1 用户名格式校验 if not re.match(r'^[a-zA-Z0-9_-]{5,20}$', username): return http.HttpResponseForbidden("用户名格式有误") # 2,2 密码格式校验 if not re.match(r'^[0-9A-Za-z]{8,20}$', password): return http.HttpResponseForbidden("密码格式有误") # 2,3 校验用户名和密码的正确性 user = authenticate(request, username=username, password=password) if not user: return http.HttpResponseForbidden("账号或者密码错误") # 3,状态保持 login(request, user) # 3,1设置状态保持的时间 if remembered == "on": request.session.set_expiry(3600 * 24 * 2) # 两天有效 else: request.session.set_expiry(0) # 4,返回响应 response = redirect('/') response.set_cookie("username", user.username, 3600 * 24 * 2) response = merge_cookie_redis_cart(request, user, response) return response
def get(self, request): #获取参数 code = request.GET.get("code") if not code: return http.HttpResponseForbidden("code丢失") #对象 oauth_sina = APIClient( app_key=settings.APP_KEY, app_secret=settings.APP_SECRET, redirect_uri=settings.REDIRECT_URL, ) result = oauth_sina.request_access_token(code) access_token = result.access_token uid = result.uid # 4根据uid,取到sina用户对象,查询数据库 try: oauth_sina_user = OAuthSinaUser.objects.get(uid=uid) except OAuthSinaUser.DoesNotExist: # 初次授权 # 调用utils文件中的加密方法 sign_uid = generate_sign_openid(uid) #TODO 下面的"access_token"是传递给js使用 ?? return http.JsonResponse({"access_token": sign_uid}) else: # 5,非初次授权 user = oauth_sina_user.user # 5.1 状态保持 login(request, user) request.session.set_expiry(3600 * 24 * 2) response = redirect("/") response.set_cookie("username", user.username) # 合并购物车 response = merge_cookie_redis_cart(request, user, response) # 返回响应 return response
def post(self, request): #1,获取参数 username = request.POST.get("username") password = request.POST.get("pwd") remembered = request.POST.get("remembered") #2,校验参数 #2,1为空校验 if not all([username, password]): return http.HttpResponseForbidden("参数不全") #2,2用户名格式校验 if not re.match(r'^[a-zA-Z0-9_-]{5,20}$', username): return http.HttpResponseForbidden("用户名格式错误") #2,3密码格式校验 if not re.match(r'^[0-9A-Za-z]{8,20}$', password): return http.HttpResponseForbidden("用户密码错误") #2,3校验账号,密码正确性(认证),并判断是否认证成功 user = authenticate(request, username=username, password=password) if not user: return http.HttpResponseForbidden("用户名或者密码错误") #3,状态保持 login(request, user) #记录用户信息到session if remembered == 'on': request.session.set_expiry(3600 * 24 * 2) #两天有效 else: request.session.set_expiry(0) #4,返回响应 response = redirect("/") response.set_cookie("username", user.username, max_age=3600 * 24 * 2) response = merge_cookie_redis_cart(request, response, user) return response
def post(self, request): #1,获取参数,参数来自oauth_callback.html sign_openid = request.POST.get("access_token") mobile = request.POST.get("mobile") pwd = request.POST.get("pwd") sms_code = request.POST.get("sms_code") #2,校验参数 #2.1为空校验 if not all([sign_openid, mobile, pwd, sms_code]): return http.HttpResponseForbidden("参数不全") #2.2校验openid # #对openid进行解密 openid = decode_sign_openid(sign_openid) if not openid: return http.HttpResponseForbidden("openid过期") #2.3校验手机号的格式 if not re.match(r'^1[3-9]\d{9}$', mobile): return http.HttpResponseForbidden("手机号格式有误") #2.4校验密码的格式 if not re.match(r'^[0-9a-zA-Z]{8,20}$', pwd): return http.HttpResponseForbidden("密码格式有误") #2.5校验短信验证码的正确性 #连接redis redis_conn = get_redis_connection("code") #查询存在redis中的短信验证码 redis_sms_code = redis_conn.get("sms_code_%s" % mobile) #判断是否过期 if not redis_sms_code: return http.HttpResponseForbidden("短信验证码已过期") #判断正确性,redis_sms_code 为二进制类型,应转换 if redis_sms_code.decode() != sms_code: return http.HttpResponseForbidden("短信验证码错误") #3,判断是否存在美多用户,在tb_user里匹配 try: user = User.objects.get(mobile=mobile) except User.DoesNotExist: #3.1 手机号不存在,为其创建美多账号 user = User.objects.create_user(username=mobile, password=pwd, mobile=mobile) #3.2绑定美多用户 qq用户 OAuthQQUser.objects.create(openid=openid, user=user) # 3.3密码正确,状态保持 login(request, user) request.session.set_expiry(3600 * 24 * 2) # 3.4返回首页 response = redirect("/") response.set_cookie("username", user.username, max_age=3600 * 24 * 2) # 合并购物车 response = merge_cookie_redis_cart(request, user, response) return response else: #3.2 手机号存在,直接绑定 #4校验密码正确性 if not user.check_password(pwd): return http.HttpResponseForbidden("密码错误") #4.1密码正确,状态保持 login(request, user) request.session.set_expiry(3600 * 24 * 2) #4.2返回首页 response = redirect("/") response.set_cookie("username", user.username, max_age=3600 * 24 * 2) # 合并购物车 response = merge_cookie_redis_cart(request, user, response) return response
def post(self, request): # 1,获取参数 sign_openid = request.POST.get("access_token") mobile = request.POST.get("mobile") pwd = request.POST.get("pwd") sms_code = request.POST.get("sms_code") # 2,校验参数 # 2,1为空校验 if not all([sign_openid, mobile, pwd, sms_code]): return http.HttpResponseForbidden("参数不全") # 2,2 校验sign_openid是否正确 openid = decode_sign_openid(sign_openid) if not openid: return http.HttpResponseForbidden("openid过期") # 2,3 校验手机号的格式 if not re.match(r'^1[3-9]\d{9}$', mobile): return http.HttpResponseForbidden("手机号格式有误") # 2,4 校验密码的格式 if not re.match(r'^[0-9a-zA-Z]{8,20}$', pwd): return http.HttpResponseForbidden("密码格式有误") # 2,5 校验短信验证码的正确性 redis_conn = get_redis_connection("code") redis_sms_code = redis_conn.get("sms_code_%s" % mobile) if not redis_sms_code: return http.HttpResponseForbidden("短信验证码已过期") if sms_code != redis_sms_code.decode(): return http.HttpResponseForbidden("短信验证码填写错误") # 3,判断是否存在美多用户,如果存在直接绑定,如果不存在直接创建用户再绑定 try: user = User.objects.get(mobile=mobile) except User.DoesNotExist: # 3,1创建美多用户 user = User.objects.create_user(username=mobile, password=pwd, mobile=mobile) # 3,2绑定美多用户和qq用户 OAuthQQUser.objects.create(openid=openid, user=user) # 3.3,状态保持 login(request, user) request.session.set_expiry(3600 * 24 * 2) # 3.4,返回到首页中 response = redirect("/") response.set_cookie("username", user.username, max_age=3600 * 24 * 2) response = merge_cookie_redis_cart(request, user, response) return response else: # 4.1校验密码正确性 if not user.check_password(pwd): return http.HttpResponseForbidden("密码错误") # 4,2绑定美多用户和qq用户 OAuthQQUser.objects.create(openid=openid, user=user) # 4.3,状态保持 login(request, user) request.session.set_expiry(3600 * 24 * 2) # 4.4,返回到首页中 response = redirect("/") response.set_cookie("username", user.username, max_age=3600 * 24 * 2) response = merge_cookie_redis_cart(request, user, response) return response
def post(self, request): #1,获取参数 openid = request.POST.get("access_token") mobile = request.POST.get("mobile") password = request.POST.get("pwd") sms_code = request.POST.get("sms_code") #2,校验参数 #2,1 为空校验 if not all([openid, mobile, password, sms_code]): return http.HttpResponseForbidden('参数不全') #2,2 校验openid openid = decode_openid(openid) if not openid: return http.HttpResponseForbidden("openid已过期") #2,3 短信验证码校验 redis_conn = get_redis_connection("code") redis_sms_code = redis_conn.get("sms_code_%s" % mobile) if not redis_sms_code: return http.HttpResponseForbidden("短信验证码已过期") if sms_code != redis_sms_code.decode(): return http.HttpResponseForbidden("短信验证码错误") #2,3 账号密码,正确性 user = authenticate(request, username=mobile, password=password) #3,数据入库,判断用户对象 if user: #3,1 创建qq授权对象 oauth_qq_user = OAuthQQUser() #3,2 关联美多用户和 openid oauth_qq_user.user = user oauth_qq_user.openid = openid #3,3 入库 oauth_qq_user.save() #3,4 状态保持,返回响应 login(request, user) response = redirect('/') response.set_cookie("username", user.username) response = merge_cookie_redis_cart(request, response, user) return response else: #4,1 创建美多用户 user = User.objects.create_user(username=mobile, password=password) #4,2 创建qq授权对象 oauth_qq_user = OAuthQQUser() #4,3 关联美多用户和openid,入库 oauth_qq_user.user = user oauth_qq_user.openid = openid oauth_qq_user.save() #4,4 状态保持,返回响应 login(request, user) response = redirect('/') response.set_cookie("username", user.username) response = merge_cookie_redis_cart(request, response, user) return response