def get(self, request): # 获取token数据 token = request.GET.get('token') if token is None: return HttpResponse("缺少token值", status=400) # 机密tocken tjs = TJS(settings.SECRET_KEY, 300) try: data = tjs.loads(token) except: return HttpResponse("无效的token值", status=400) # 提起username heemail username = data.get('username') email = data.get('email') if username is None or email is None: return HttpResponse("token值失效", status=400) try: # 教研username email是否正确 user = User.objects.get(username=username, email=email) except: return HttpResponse("错误的数据", status=400) # 更新邮箱数据 user.email_actice = True user.save() return render(request, 'user_center_info.html')
def put(self, request): # 获取json书库用户的基本信息 data = request.body.decode() # 讲json数据转化为字典 data_dict = json.loads(data) # 获取邮箱信息数据 标题 邮件信息内容 收件人信息内容 列表【收件人的邮箱】 to_emali = data_dict['email'] # 验证邮箱的有效性 # send_mall # 更新邮箱数据 user = request.user tjs = TJS(settings.SECRET_KEY, 300) token = tjs.dumps({ 'username': user.username, 'email': to_emali }).decode() verify_url = settings.EMAIL_VERIFY_URL + '?token=%s' % token send_emails(to_emali, verify_url, settings.EMAIL_FROM) if not user.is_authenticated: return JsonResponse({'code': '4101'}) user.email = to_emali user.save() # 正确登陆状态的 return JsonResponse({'code': '0'})
def get(self, request): access_token = request.query_params.get('access_token') #解密access_token tjs = TJS(settings.SECRET_KEY, 300) try: user_id = tjs.loads(access_token) except IOError: return ActionResult.failure(status.HTTP_400_BAD_REQUEST, 'access_token值无效') #获取用户 user = User.objects.get(id=user_id) #获取手机号 mobile = user.mobile # 建立连接redis的对象 conn = get_redis_connection('verify_codes') flag = conn.get('sms_code_flag_%s' % mobile) if flag: return Response({'error': '请求过于频繁'}, status=400) # 2、生成短信验证码 sms_code = '%06d' % randint(0, 999999) # 3、保存短信验证码到缓存中 # string pl = conn.pipeline() # 生成管道对象 pl.setex('forget_sms_code_%s' % mobile, 300, sms_code) pl.setex('sms_code_flag_%s' % mobile, 60, 1) pl.execute() # 连接缓存,传入写入指令 # 4、发送短信 print(sms_code) return ActionResult.success()
def get(self, request): """ 思路:前端会携带着包含有用户id和username的token, 后台只需获取到里面的数据,加以判断,然后更改email_active的状态即可 :return: """ # 1. 获取token,判断 token = request.query_params.get("token") if not token: return Response({'message': '缺少token'}, status=status.HTTP_400_BAD_REQUEST) # 2. 解码 tjs = TJS(settings.SECRET_KEY, 300) try: data = tjs.loads(token) except: raise Exception('错误的token') # 3. 判断是否存在用户 try: user = User.objects.get(id=data['id'], username=data['username']) except: # 如果不存在,说明token无效 return Response({'message': '链接信息无效'}, status=status.HTTP_400_BAD_REQUEST) # 4. 如果存在就修改email_active user.email_active = True user.save() return Response({'message': 'OK'})
def validate(self, attrs): #验证短信验证码' conn = get_redis_connection('sms_code') mobile_code = conn.get('sms_code%s' % attrs['mobile']) if mobile_code is None: raise serializers.ValidationError('验证码已过期') if mobile_code.decode() != attrs['sms_code']: raise serializers.ValidationError("验证码错误") #解密openid print(type(attrs['access_token'])) tjs = TJS(settings.QQ_CLIENT_SECRET, 300) try: data = tjs.loads(attrs['access_token']) print(data) except Exception as e: print(e) raise serializers.ValidationError("openid解码错误") openid = data['openid'] if not openid: raise serializers.ValidationError("openid获取失败") attrs['openid'] = openid #通过openid验证用户是否绑定 try: user = User.objects.get(mobile=attrs['mobile']) except: #用户未绑定 return attrs else: attrs['user'] = user return attrs
def validate(self, attrs): tjs = TJS(settings.SECRET_KEY, 300) try: # 如果解密成功,则openid验证通过,解密得到的类型为dict类型 data = tjs.loads(attrs['access_token']) # {'openid':openid} except: raise serializers.ValidationError('无效的access_token') openid = data['openid'] # 将取出的openid添加到attrs attrs['openid'] = openid # 验证短信验证码 conn = get_redis_connection('sms_code') real_sms_code = conn.get('sms_code_%s' % attrs['mobile']) if not real_sms_code: raise serializers.ValidationError('验证码过期') if real_sms_code.decode() != attrs['sms_code']: raise serializers.ValidationError('短信验证失败') # 判断用户是否存在 try: user = User.objects.get(mobile=attrs['mobile']) except: # 用户未注册过 return attrs else: # 用户注册过 # 校验密码 if not user.check_password(attrs['password']): raise serializers.ValidationError('密码错误') attrs['user'] = user return attrs
def put(self, request): '''实现添加邮箱逻辑''' # 接收参数 json_dict = json.loads(request.body.decode()) email = json_dict.get('email') # 校验参数 if not email: return HttpResponse('缺少email参数', status=400) if not re.match(r'^[a-z0-9][\w\.\-]*@[a-z0-9\-]+(\.[a-z]{2,5}){1,2}$', email): return HttpResponse('参数email有误', status=400) # 赋值email字段 try: request.user.email = email request.user.save() except Exception as e: return JsonResponse({'{code}': 5000, 'errmag': '添加邮箱失败'}) # 异步发送验证邮件 data = {'user_id': request.user.id, 'emaill': request.user.email} tjs = TJS(settings.SECRET_KEY, 5 * 60) token = tjs.dumps(data).decode() verify_url = settings.EMAIL_VERIFY_URL + '?token=' + token print(email, verify_url) send_verify_email.delay(email, verify_url) # 响应添加结果 return JsonResponse({'code': 0, 'errmsg': '添加邮箱成功'})
def get(self, request): # 1.获取code值 code = request.GET.get("code") state = request.GET.get("state") # 2.检查参数 if not code: return JsonResponse({'errors': '缺少code值'}, status=400) # 获取微博登录网页 weiboauth = OAuthWeibo(client_id=settings.WEIBO_APP_ID, client_secret=settings.WEIBO_APP_KEY, redirect_uri=settings.WEIBO_REDIRECT_URI, state=state) weibotoken = weiboauth.get_access_token(code=code) uid = weibotoken.get("uid") print(uid) # 5.判断是否绑定过美多账号 try: weibo_user = OAuthSinaUser.objects.get(uid=uid) except: # 6.未绑定,进入绑定页面,完成绑定 tjs = TJS(settings.SECRET_KEY, 300) uid = tjs.dumps({'uid': uid}).decode() return render(request, 'oauth_callback.html', {'token': uid}) # 绑定的用户 login(request, weibo_user.user) # 将用户写入cookie方便在页面中展示 response = redirect("/index/") response.set_cookie("username", weibo_user.user.username) return response
def get(self, request): # 获取查询字符串数据 token = request.query_params.get('token') # 解密操作,获取TJS对象 tjs = TJS(settings.SECRET_KEY, 300) # 调用解密方法 try: data = tjs.loads(token) except: return Response({'error': 'token值无效'}) # 获取data中的值 username = data['name'] # 通过username获取对应的user user = User.objects.get(username=username) # user = self.request.user # 修改user中的值 user.email_active = True user.save() # 返回数据给前端 return Response({'message': 'OK'})
def get(self, request): # 1、获取手机号 路由中进行正则匹配 # 判断请求间隔,是否在60s内 access_token = request.query_params.get('access_token') tjs = TJS(settings.SECRET_KEY, 300) mobile = tjs.loads(access_token)['mobile'] conn = get_redis_connection('sms_code') flag = conn.get('sms_code_flag_%s' % mobile) if flag: return Response({'error': '请求过于频发'}, status=400) # 2、生成短信验证 sms_code = '%06d' % randint(0, 999999) # 3、保存短信到redis缓存 pl = conn.pipeline() # 生成管道对象 pl.setex('sms_code_%s' % mobile, 300, sms_code) pl.setex('sms_code_flag_%s' % mobile, 60, 'a') pl.execute() # 4. 发送短信 # ccp = CCP() # ccp.send_template_sms(mobile, [sms_code, '5'], 1) send_sms_code.delay(mobile, sms_code) print(sms_code) # 5、结果返回 return Response({'message': 'ok'})
def verify_reset_token(token): """FUnction to verify token""" s = TJS(current_app.config['SECRET_KEY']) try: user_id = s.loads(token)['user_id'] except: return None return User.query.get(user_id)
def update(self, instance, validated_data): instance.email = validated_data['email'] instance.save() # to_email = validated_data['email'] data = {'name': instance.username} tjs = TJS(settings.SECRET_KEY, 300) token = tjs.dumps(data).decode() verify_url = 'http://www.meiduo.site:8080/success_verify_email.html?token=' + token send_email.delay(to_email, verify_url) return instance
def validate(self, attrs): #token解密 tjs = TJS(settings.SECRET_KEY, 300) try: data = tjs.loads(attrs['token']) except: raise serializers.ValidationError('错误的token') if not data: raise serializers.ValidationError('token') attrs['data'] = data return attrs
def update(self, instance, validated_data): user = self.context['request'].user # 加密用户信息 tjs = TJS(settings.SECRET_KEY, 300) token = tjs.dumps({'username': instance.username}).decode() to_email = validated_data['email'] # 发送给谁 verify_url = 'http://www.meiduo.site:8080/success_verify_email.html?token=' + token # 验证连接 # 发送邮件 send_email.delay(to_email, verify_url) instance.email = validated_data['email'] instance.save() return instance
def get(self, request): """ 第三方登录检查 oauth/sina/user/ ?code=0e67548e9e075577630cc983ff79fa6a :param request: :return: """ # 1.获取code值 code = request.query_params.get("code") # 2.检查参数 if not code: return Response({'errors': '缺少code值'}, status=400) # 3.获取token值 next = "/" # 获取微博登录网页 weiboauth = OAuthWeibo(client_id=settings.WEIBO_CLIENT_ID, client_secret=settings.WEIBO_CLIENT_SECRET, redirect_uri=settings.WEIBO_REDIRECT_URI, state=next) weibotoken = weiboauth.get_access_token(code=code) print(weibotoken) # 5.判断是否绑定过美多账号 try: weibo_user = OAuthSinaUser.objects.get(weibotoken=weibotoken) except: # 6.未绑定,进入绑定页面,完成绑定 tjs = TJS(settings.SECRET_KEY, 300) weibotoken = tjs.dumps({'weibotoken': weibotoken}).decode() return Response({'access_token': weibotoken}) else: # 7.绑定过,则登录成功 # 生成jwt-token值 user = weibo_user.user jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user) # 生成载荷部分 token = jwt_encode_handler(payload) # 生成token response = Response({ 'token': token, 'username': user.username, 'user_id': user.id }) return response
def update(self, instance, validated_data): # 收件人 to_email = validated_data['email'] tjs = TJS(settings.SECRET_KEY, 300) token = tjs.dumps({'username': instance.username}).decode() send_email.delay(token, to_email) instance.email = validated_data['email'] instance.save() return instance
def update(self, instance, validated_data): # 更新邮箱 instance.email = validated_data['email'] instance.save() #加密用户信息 tjs = TJS(settings.SECRET_KEY, 300) token = tjs.dumps({ 'user_id': instance.id, 'email': validated_data['email'] }).decode() to_email = validated_data['email'] #异步发送邮件 send_email.delay(validated_data['email'], token) return instance
def update(self, instance, validated_data): # 更新操作 instance.email = validated_data['email'] instance.save() # 发送邮件 # subject, message, from_email, recipient_list,html_message=None # message为普通正文,有转义. html_message为html字符串 data = {'name': instance.username} tjs = TJS(settings.SECRET_KEY, 300) token = tjs.dumps(data).decode() verify_url = 'http://www.meiduo.site:8080/success_verify_email.html?token=' + token # send_mail(subject, '', settings.EMAIL_FROM, [validated_data['email']], html_message=html_message) send_verify_email.delay(validated_data['email'], verify_url) return instance
def update(self, instance, validated_data): # 更新 instance.email = validated_data['email'] instance.save() # 发送邮箱 data = {'name': instance.username} # 加密 tjs = TJS(settings.SECRET_KEY, 300) token = tjs.dumps(data).decode() send_email.delay(token, validated_data['email']) return instance
def get(self, request): # 获取code值 code = request.query_params.get("code") if not code: return Response({'message': '缺少code'}, status=400) # 获取access_token值 qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state='/') access_token = qq.get_access_token(code) openid = qq.get_open_id(access_token) try: QQuser = OAuthQQUser.objects.get(openid=openid) except: tjs = TJS(settings.SECRET_KEY, 300) data = tjs.dumps({'openid': openid}).decode() return Response({'access_token': data}) else: user = QQuser.user jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) # data = { # 'user_id': user.id, # 'username': user.name, # 'token': token # } response = Response({ 'user_id': user.id, 'username': user.username, 'token': token }) response = merge_cart_cookie_to_redis(request, user, response) return response
def get(self, request): # 1、获取code值 code = request.query_params.get('code', None) # 2、判断是否真的前端传递有code值 if code is None: return Response({'errors': '缺少code值'}, status=400) # 3、通过code值获取access_token # 初始化OAuthQQ对象 qq = OAuthQQ(client_secret=settings.QQ_CLIENT_SECRET, client_id=settings.QQ_CLIENT_ID, redirect_uri=settings.QQ_REDIRECT_URI, state='/') access_token = qq.get_access_token(code) # 4、通过access_token值或openid openid = qq.get_open_id(access_token) # 5、判断openid是否绑定 try: # 6、查询openid所对应的数据是否存在 qq_user = OAuthQQUser.objects.get(openid=openid) except: # 7、 不存在则进入绑定页面进行保存绑定 tjs = TJS(settings.SECRET_KEY, 300) open_id = tjs.dumps({'openid': openid}).decode() return Response({'access_token': open_id}) else: # 8、存在则用户登录成功跳转到首页 # 9、生成jwt token值 user = qq_user.user jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) response = Response({ 'token': token, 'username': user.username, 'user_id': user.id }) response = merge_cart_cookie_to_redis(request, response, user) return response
def update(self, instance, validated_data): # 更新 instance.email=validated_data['email'] instance.save() # 加密用户数据 data={'name':instance.username} tjs=TJS(settings.SECRET_KEY,300) token=tjs.dumps(data).decode() verify_url = 'http://www.meiduo.site:8080/success_verify_email.html?token='+token # 发送邮件 # send_mail(subject,'',settings.EMAIL_FROM,[validated_data['email']],html_message=html_message) # 异步发送邮件 send_email.delay(validated_data['email'],verify_url) return instance
def get(self, request): # 获取前端传入的token token = request.query_params.get('token') if not token: return Response({'error': '缺少token'}, status=400) tjs = TJS(settings.SECRET_KEY, 300) try: # 检查token data = tjs.loads(token) except Exception: return Response({'errors': '无效token'}, status=400) username = data['name'] user = User.objects.get(username) user.email_active = True user.save() print(111) return Response({'message': 'ok'})
def get(self, request): # 获取code值 code = request.query_params.get('code') if not code: return Response({'message': '缺少code值'}, status=401) # 获取access——token oauth = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state=next) access_token = oauth.get_access_token(code) # 获取openid数据 openid = oauth.get_open_id(access_token) # 进行绑定 #1\判断用户有没有绑定过 try: qq_oauth = OAuthQQModel.objects.get(openid=openid) except: # 未绑定 tjs = TJS(settings.SECRET_KEY, 300) data = {'openid': openid} access_token = tjs.dumps(data).decode() return Response({'access_token': access_token}) # 绑定过跳转到登录成功页面 # 获取user用户 user = qq_oauth.user jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) return Response({ 'token': token, 'username': user.username, 'user_id': user.id })
def get(self, request): # 1.获取code值 # 2.判断前端是否传递code值 # 3.通过code值获取access_token值,需先建立qq对象 # 4.通过access_token获取openid值 code = request.GET.get('code', None) if not code: return Response({'error': ' 缺少code值'}) state = '/' qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state=state) try: access_token = qq.get_access_token(code) openid = qq.get_open_id(access_token) except Exception: return Response({'message': 'QQ服务异常'}, status=503) # 判断openid是否绑定 try: oauth_user = OAuthQQUser.objects.get(openid=openid) except Exception: # 捕获到异常说明openid不存在,用户没有绑定过,将openid返回,用于绑定用户身份并进入绑定界面 tjs = TJS(settings.SECRET_KEY, 300) # 加密之后为byte类型,要先解码 open_id = tjs.dumps({'openid': openid}).decode() return Response({'access_token': open_id}) else: user = oauth_user.user # 存在则用户登陆成功,跳转到首页,绑定token值 jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) response = Response({ 'token': token, 'username': user.username, 'user_id': user.id, }) merge_cart_cookie_to_redis(request, user, response) return response
def validate(self, attrs): """ 验证access_token :param attrs: :return: """ tjs = TJS(settings.SECRET_KEY, 300) try: data = tjs.loads(attrs["access_token"]) # 解析token except: raise serializers.ValidationError("无效的token") # 获取weibotoken weibotoken = data.get("weibotoken") # attrs中添加weibotoken attrs["weibotoken"] = weibotoken # # 验证短信验证码: # rel_sms_code = RegisterSMSCodeView.checkSMSCode(attrs["mobile"]) # if not rel_sms_code: # raise serializers.ValidationError('短信验证码失效') # 检验短信验证码 mobile = data['mobile'] sms_code = data['sms_code'] redis_conn = get_redis_connection('code') real_sms_code = redis_conn.get('sms_%s' % mobile) if real_sms_code.decode() != sms_code: raise serializers.ValidationError('短信验证码错误') # 3、比对用户输入的短信和redis中真实短信 if attrs['sms_code'] != real_sms_code: raise serializers.ValidationError('短信验证不一致') # 验证手机号是否被注册过 try: user = User.objects.get(mobile=attrs['mobile']) except: # 未注册过,注册为新用户 return attrs else: # 注册过 查询用户进行绑定 # 判断密码 if not user.check_password(attrs['password']): raise serializers.ValidationError('密码错误') attrs['user'] = user return attrs
def validate(self, attrs): # 验证access_token是否正确 即解密操作 tjs = TJS(settings.SECRET_KEY, 300) try: # 调用解密方法 data = tjs.loads(attrs['access_token']) except : raise serializers.ValidationError('无效的access_token值') # 取出openid openid = data.get('openid') # 添加到验证后的数据中 attrs['openid'] = openid # 验证短信验证码 # 1. 获取redis对象 conn = get_redis_connection('sms_code') # 2. 获取短信验证码 rel_sms_code = conn.get("sms_code_" + attrs['mobile']) # 3. 判断验证码是否过期 if not rel_sms_code: raise serializers.ValidationError('短信验证码过期') # 4. 将redis中的验证码与用户输入的验证码进行比较 if rel_sms_code.decode() != attrs['sms_code']: raise serializers.ValidationError('短信验证码有误') print(rel_sms_code) # 判断手机号对应的用户是否存在 try: user = User.objects.get(mobile=attrs['mobile']) except: # 不存在,说明没有注册,进行注册操作,注册操作需要爱create方法中进行 return attrs else: # 存在说明已经注册 # 验证密码是否正确 if not user.check_password(attrs['password']): raise serializers.ValidationError('密码错误') # 添加用户到以验证的数据中 attrs['user'] = user # 返回添加了用户的已验证信息 return attrs
def get(self, request): # 获取code值 code = request.query_params.get('code', None) # 判断code值是否存在 if not code: return Response({'errors': '缺少code值'}, status=400) # 生成qq对象 state = '/' oauth = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state=state) # 通过code值获取assess_token access_token = oauth.get_access_token(code) # 通过assess_token值获取openid openid = oauth.get_open_id(access_token) # 判断openid是否绑定美多对象 try: qq_user = OAuthQQUser.objects.get(openid=openid) except: # openid未绑定用户 # return Response({'errors': '缺少code值'}, status=400) # openid加密 tjs = TJS(settings.SECRET_KEY, 300) open_id = tjs.dumps({'openid': openid}).decode() return Response({'access_token': open_id}) else: # 已经绑定过用户 # 登陆成功 # 获取用户对象 user = qq_user.user jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) # 对user对象添加token属性字段 user.token = token return Response({ 'token': token, 'username': user.username, 'user_id': user.id })
def get(self, request): # 获取前段数据 token = request.query_params.get('token') # 解密token tjs = TJS(settings.SECRET_KEY, 300) try: data = tjs.loads(token) except: return Response({'errors': '错误的token'}, status=400) # 获取用户数据 username = data.get('username') # username # 查询用户对象 user = User.objects.get(username=username) # 更新用户的邮箱验证状态 user.email_active = True user.save() # 返回验证状态 return Response({'email_active': user.email_active})
def get(self, request): # 获取code数据 code = request.query_params.get("code", None) if code is None: return Response({"message": "缺少code值"}, status=400) # 通过code值请求qq服务器获取access_token值 state = "/" qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state=state) access_token = qq.get_access_token(code) # 通过access_token值请求qq服务器获取openid值 openid = qq.get_open_id(access_token) # 判断openid值是否绑定过美多 try: qq_user = OAuthQQUser.objects.get(openid=openid) # 未绑定进行绑定操作 except: # 对openid进行加密 tjs = TJS(settings.SECRET_KEY, 300) open_id = tjs.dumps({'openid': openid}).decode() return Response({"openid": open_id}) # 已经绑定登录成功 else: user = qq_user.user # 生成token jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) return Response({ 'token': token, 'username': user.username, 'user_id': user.id })