def update(self, request, *args, **kwargs):
data = request.data
# 修改角色
if data.get('role_user'):
user = self.get_object()
role = UserRole.objects.filter(user=user).first()
role.role_id = 2
role.save()
return Response({
'code': 2000,
'message': '修改成功',
})
# 修改用户信息
if data:
if data.get('password'):
password = data.get('password')
old_password = data.get('oldPassword')
user = User.objects.filter(userid=kwargs['pk']).first()
if user.password == to_md5_hex(old_password):
user.password = to_md5_hex(password)
user.save()
res = Response({
'code': 2000,
'message': '密码修改成功',
})
else:
res = Response({
'code': 4000,
'message': '密码不正确',
})
return res
else:
user = User.objects.filter(userid=kwargs['pk'])
user.update(**data)
res = Response({
'code': 2000,
'message': '修改成功',
})
return res
# 删除用户
else:
instance = self.get_object()
instance.status = False
instance.save()
res = Response({
'code': 2000,
'message': '删除成功',
})
return res
def login(request):
resp_dict = {'code': 30000, 'message': '用户登录成功'}
username = request.data.get('username', '')
password = request.data.get('password', '')
password = to_md5_hex(password)
user = User.objects.filter(username=username, password=password) \
.only('userid').first()
if user:
request.session['userid'] = user.userid
request.session['realname'] = user.realname
with transaction.atomic():
resp_dict['token'] = token = uuid1().hex
UserToken.objects.update_or_create(user=user,
defaults={'token': token})
current_time = timezone.now()
delta = current_time - user.lastvisit
if delta.days >= 1:
user.point += 5
user.lastvisit = current_time
user.save()
log = LoginLog()
log.user = user
log.ipaddr = get_ip_address(request)
log.save()
else:
resp_dict['code'] = '30001'
resp_dict['message'] = '用户名或密码错误'
return Response(resp_dict)
def login(request):
"""用户登录"""
if request.method == 'GET':
return render(request, 'login.html')
else:
if request.session['captcha'] == request.POST['captcha'].lower():
username = request.POST['username']
password = request.POST['password']
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
hint = '用户名或密码错误'
else:
if user and user.password == to_md5_hex(password):
request.session['userid'] = user.userid
request.session['realname'] = user.realname
delta = timezone.now() - user.lastvisit
if delta.days >= 1:
user.point += randint(1, 10)
user.lastvisit = timezone.now()
user.save()
ipaddr = get_ip_address(request)
log = LoginLog(user=user, ipaddr=ipaddr)
log.save()
return redirect('/')
else:
hint = '用户名或密码错误'
else:
hint = '请输入正确的图片验证码'
return render(request, 'login.html', {'hint': hint})
def test_to_md5_hex(self):
pass_pairs = {
'123456': 'e10adc3949ba59abbe56e057f20f883e',
'123123': '4297f44b13955235245b2497399d7a93',
'1qaz2wsx': '1c63129ae9db9c60c3e8aa94d3e00495',
}
for key, value in pass_pairs.items():
self.assertEqual(value, to_md5_hex(key))
def create(self, validated_data):
del validated_data['code']
validated_data['password'] = to_md5_hex(validated_data['password'])
with atomic():
user = User.objects.create(**validated_data)
role = Role.objects.get(roleid=1)
UserRole.objects.create(user=user, role=role)
return user
def create(self, validated_data):
del validated_data['code']
caches['default'].delete(f'{validated_data["tel"]}:valid')
validated_data['password'] = to_md5_hex(validated_data['password'])
with atomic():
user = User.objects.create(**validated_data)
role = Role.objects.get(roleid=1)
UserRole.objects.create(user=user, role=role)
return user
def upload_house_photo(request):
file_obj = request.FILES.get('mainphoto')
if file_obj and len(file_obj) < MAX_PHOTO_SIZE:
prefix = to_md5_hex(file_obj.file)
filename = f'{prefix}{os.path.splitext(file_obj.name)[1]}'
upload_stream_to_qiniu.delay(file_obj, filename, len(file_obj))
# photo = HousePhoto()
# photo.path = f'http://q69nr46pe.bkt.clouddn.com/{filename}'
# photo.ismain = True
# photo.save()
resp = DefaultResponse(
*FILE_UPLOAD_SUCCESS,
data={'url': f'http://q6i8nba3h.bkt.clouddn.com/{filename}'})
else:
resp = DefaultResponse(*FILE_SIZE_EXCEEDED)
return resp
def login(request):
"""登录(获取用户身份令牌)"""
username = request.data.get('username')
password = request.data.get('password')
if (check_tel(username) or check_email(username)
or check_username(username)) and len(password) >= 6:
password = to_md5_hex(password)
q = Q(username=username, password=password) | \
Q(tel=username, password=password) | \
Q(email=username, password=password)
user = User.objects.filter(q)\
.only('username', 'realname').first()
if user:
if user.status:
# 用户登录成功通过JWT生成用户身份令牌
payload = {
'exp':
datetime.datetime.utcnow() + datetime.timedelta(days=1),
'data': {
'userid': user.userid,
'realname': user.realname,
'roleid': user.roles.get_queryset().first().roleid
}
}
token = jwt.encode(payload, SECRET_KEY,
algorithm='HS256').decode()
with atomic():
current_time = timezone.now()
if not user.lastvisit or \
(current_time - user.lastvisit).days >= 1:
user.point += 2
user.lastvisit = current_time
user.save()
loginlog = LoginLog()
loginlog.user = user
loginlog.logdate = current_time
loginlog.ipaddr = get_ip_address(request)
loginlog.save()
resp = DefaultResponse(*USER_LOGIN_SUCCESS,
data={'token': token})
else:
resp = DefaultResponse(*USER_LOGIN_STATUS)
else:
resp = DefaultResponse(*USER_LOGIN_FAILED)
else:
resp = DefaultResponse(*INVALID_LOGIN_INFO)
return resp
def login(request):
"""登录(获取用户身份令牌)"""
username = request.data.get('username')
password = request.data.get('password')
if username and password:
password = to_md5_hex(password)
user = User.objects.filter(
Q(username=username, password=password) |
Q(tel=username, password=password) |
Q(email=username, password=password)
).first()
if user:
# roles = RoleSimpleSerializer(user.roles.all(), many=True).data
# 用户登录成功通过JWT生成用户身份令牌
payload = {
'exp': datetime.datetime.utcnow() + datetime.timedelta(days=1),
'data': {'userid': user.userid, }
}
token = jwt.encode(payload, SECRET_KEY, algorithm='HS256').encode()
with atomic():
current_time = timezone.now()
if not user.lastvisit or \
(current_time - user.lastvisit).days >= 1:
user.point += 2
user.lastvisit = current_time
user.save()
loginlog = LoginLog()
loginlog.user = user
loginlog.logdate = current_time
loginlog.ipaddr = get_ip_address(request)
loginlog.save()
resp = DefaultResponse(*USER_LOGIN_SUCCESS, data={'token': token})
else:
resp = DefaultResponse(*USER_LOGIN_FAILED)
else:
resp = DefaultResponse(*INVALID_LOGIN_INFO)
return resp
def save(self, is_insert=False):
if is_insert:
self.password = to_md5_hex(self.password)
return super().save()
