def post(self, request):
# registration_info = request.POST
username = request.POST.get('username')
password = request.POST.get('password')
password2 = request.POST.get('password2')
mobile = request.POST.get('mobile')
sms_code = request.POST.get('sms_code')
allow = request.POST.get('allow')
# 数据的 '' 和 None 判断
if not all([username, password, password2, mobile, sms_code, allow]):
return http.HttpResponseForbidden()
# username, password, mobile 判断
if re_verification(username=username, password=password,
mobile=mobile) is False:
return http.HttpResponseForbidden()
# 二次密码判断
if password != password2:
return http.HttpResponseForbidden()
# 协议判断
if allow != 'on':
return http.HttpResponseForbidden()
# 获取 redis 短信验证码
redis_connection = get_redis_connection('verification')
server_sms_code = redis_connection.get('sms_code_%s' % mobile)
# 短信验证码过期
if server_sms_code is None:
return render(request, 'register.html',
{'register_errmsg': "短信验证码过期"})
# 短信验证码不正确
if sms_code != server_sms_code.decode():
redis_connection.delete('sms_code_%s' % mobile)
return render(request, 'register.html',
{'register_errmsg': "短信验证码不正确"})
# 录入信息
User.objects.create_user(username=username,
password=password,
mobile=mobile)
return redirect('/login/')
def put(self, request):
# 获取请求体数据并解码再用 json 反序列化成 dict 然后获取值
email = json.loads(request.body.decode()).get('email')
if email is None:
return http.HttpResponseForbidden()
# 邮箱格式判断
if re_verification(email=email) is False:
return http.HttpResponseForbidden()
# 获取当前登录 user
user = request.user
# 邮箱已注册过
if User.objects.filter(email=email).exclude(id=user.id):
return http.JsonResponse({
'code': RETCODE.EMAILERR,
'errmsg': "该邮箱已注册过"
})
# 验证前端邮箱和当前登录用户是否一样, 避免多次执行 SQL
if user.email != email:
# 保存邮箱地址到当前登录 user
user.email = email
user.save()
verify_query_string = serializer.serialize(900,
id=user.id,
email=user.email).decode()
# celery 将发送 email 任务存放到 broker
send_verify_email.delay(
email,
settings.EMAIL_VERIFICATION_URL + '?token=' + verify_query_string)
return http.JsonResponse({'code': RETCODE.OK, 'errmsg': "ok"})
def post(self, request):
mobile = request.POST.get('mobile')
password = request.POST.get('password')
sms_code = request.POST.get('sms_code')
openid = request.POST.get('openid')
if all([mobile, password, sms_code, openid]) is False:
return http.HttpResponseForbidden()
# 手机号和密码格式判断
if re_verification(mobile=mobile, password=password) is False:
return http.HttpResponseForbidden()
# 获取短信验证码
redis_connection = get_redis_connection('verification')
server_sms_code = redis_connection.get('sms_code_%s' % mobile)
# 短信验证码过期
if server_sms_code is None:
return render(request, 'oauth_callback.html',
{'sms_code_errmsg': '短信验证码过期'})
# 短信验证码不正确
if sms_code != server_sms_code.decode():
# redis_connection.delete('sms_code_%s' % mobile)
return render(request, 'oauth_callback.html',
{'sms_code_errmsg': '短信验证码不正确'})
# 将 open id 解密并重新赋值
openid = serializer.deserialize(openid)
# 解密失败
if openid is None:
return render(request, 'oauth_callback.html',
{'openid_errmsg': 'QQ授权过期'})
try:
# 手机号是否已注册过
user = User.objects.get(mobile=mobile)
# 手机号已绑定过用户
if user.check_password(password) is False:
return render(request, 'oauth_callback.html',
{'qq_login_errmsg': 'QQ登录失败'})
except User.DoesNotExist:
# 手机号未绑定过用户
# 创建新用户
user = User.objects.create_user(username=mobile,
password=password,
mobile=mobile)
# 绑定新建用户
OAuthQQUser.objects.create(user=user, openid=openid['open_id'])
login(request, user)
response = redirect(request.GET.get('state') or '/')
response.set_cookie(
'username',
user.username,
max_age=constants.REMEMBERED_PASSWORD_SESSION_EXPIRY)
return response
def post(self, request):
username = request.POST.get('username')
password = request.POST.get('password')
remembered = request.POST.get('remembered')
if all([username, password]) is False:
return http.HttpResponseForbidden()
# 用户名和密码格式判断
if re_verification(username=username, password=password) is False:
return http.HttpResponseForbidden()
# 用户名密码判断原理
# try:
# user = User.objects.get(username=username)
# except User.DoesNotExist:
# return http.HttpResponse("用户名或密码不正确")
# else:
# if user.check_password(password) is False:
# return http.HttpResponse("用户名或密码不正确")
# 多账号登录, or 查询
# from django.db.models.query_utils import Q
# try:
# user = User.objects.get(Q(username=username) | Q(mobile=username))
# except User.DoesNotExist:
# return http.HttpResponse("用户名或密码不正确")
# else:
# if user.check_password(password) is False:
# return http.HttpResponse("用户名或密码不正确")
# 多账号登录, 正则表达式
# try:
# if re.match(r'^[a-zA-Z0-9_-]{5,20}$', username):
# user = User.objects.get(username=username)
# else:
# user = User.objects.get(mobile=username)
# except User.DoesNotExist:
# return http.HttpResponse("用户名或密码不正确")
# else:
# if user.check_password(password) is False:
# return http.HttpResponse("用户名或密码不正确")
# 用户名密码判断 (正确返回 user 模型类对象, 否则返回 None)
user = authenticate(request, username=username, password=password)
# 用户名或密码不正确
if user is None:
return render(request, 'login.html',
{'account_errmsg': "用户名或密码不正确"})
# 登录状态保持
login(request, user)
# 获取 HttpResponse 对象, 如果有 next 查询参数返回参数值, 否则 '/'
response = redirect(request.GET.get('next') or '/')
# 记住登录没勾选
if remembered is None:
# 登录状态会话结束时消失
request.session.set_expiry(
constants.DEFAULT_PASSWORD_SESSION_EXPIRY)
response.set_cookie('username', user.username)
else:
request.session.set_expiry(
constants.REMEMBERED_PASSWORD_SESSION_EXPIRY)
response.set_cookie(
'username',
user.username,
max_age=constants.REMEMBERED_PASSWORD_SESSION_EXPIRY)
return response
def _address_save(request, create=True, address_id=None):
""" address 新增或修改操作, create == True 新增, False 修改"""
address_info = json.loads(request.body.decode())
title = address_info.get('title')
receiver = address_info.get('receiver')
province_id = address_info.get('province_id')
city_id = address_info.get('city_id')
district_id = address_info.get('district_id')
place = address_info.get('place')
mobile = address_info.get('mobile')
tel = address_info.get('tel')
email = address_info.get('email')
if all([title, receiver, province_id, city_id, district_id, place, mobile
]) is False:
return http.HttpResponseForbidden()
if re_verification(mobile=mobile) is False:
return http.HttpResponseForbidden()
# 如果 tel 不为 '' 做 re 判断
if tel and re_verification(tel=tel) is False:
return http.HttpResponseForbidden()
# 如果 email 不为 '' 做 re 判断
if email and re_verification(email=email) is False:
return http.HttpResponseForbidden()
user = request.user
try:
if create is None:
# 保存收货地址信息
address_obj = Address.objects.create(user_id=user.id,
title=title,
receiver=receiver,
province_id=province_id,
city_id=city_id,
district_id=district_id,
place=place,
mobile=mobile,
tel=tel,
email=email)
# 新增地址设为登录用户默认地址
user.default_address_id = address_obj.id
user.save()
else:
# 修改登录用户的 address 对象
address_obj = Address.objects.get(user_id=user.id,
id=address_id,
is_deleted=False)
# 修改对象属性
address_obj.title = title
address_obj.receiver = receiver
address_obj.province_id = province_id
address_obj.city_id = city_id
address_obj.district_id = district_id
address_obj.place = place
address_obj.mobile = mobile
address_obj.tel = tel
address_obj.email = email
address_obj.save()
except Area.DoesNotExist:
# 省市区数据绑定失败
return http.HttpResponseForbidden()
# 准备 json 的对象数据
address = {
'id': address_obj.id,
'title': address_obj.title,
'receiver': address_obj.receiver,
'province_id': address_obj.province_id,
'province': address_obj.province.name,
'city_id': address_obj.city_id,
'city': address_obj.city.name,
'district_id': address_obj.district_id,
'district': address_obj.district.name,
'place': address_obj.place,
'mobile': address_obj.mobile,
'tel': address_obj.tel,
'email': address_obj.email
}
return http.JsonResponse({
'code': RETCODE.OK,
'errmsg': "ok",
'address': address
})