def post(self, request, *args, **kwargs):
ret = BaseResponse()
if request.version == 'v1':
try:
username = request.data.get("username")
passwd = request.data.get("passwd")
user = repository_models.AdminInfo.objects.filter(
username=username, password=passwd).first()
if not user:
ret.data = "用户名或密码错误"
return JsonResponse(ret.dict)
# 获取权限
init_permission(user, request._request)
ret.data = {
'session_key': request.session.session_key,
'conn': '登陆成功'
}
ret.code = "20000"
except Exception as error:
print("post-error", error)
ret.error = error
ret.data = "rds录入失败"
ret.code = "5000"
return JsonResponse(ret.dict)
def login(request):
if request.method == 'GET':
return render(request, 'login.html')
user = request.POST.get('user')
pwd = request.POST.get('pwd')
current_user = models.UserInfo.objects.filter(name=user,
password=pwd).first()
if not current_user:
return render(request, 'login.html', {'msg': '用户名或密码错误'})
# 根据当前用户信息获取此用户所拥有的所有权限,并放入session。
init_permission(current_user, request)
# # 当前用户所有权限
# permission_queryset = current_user.roles.filter(permissions__isnull=False).values("permissions__id",
# "permissions__url").distinct()
#
# # 获取权限中所有的URL
# # permission_list = []
# # for item in permission_queryset:
# # permission_list.append(item['permissions__url'])
#
# permission_list = [item['permissions__url'] for item in permission_queryset]
# request.session['luffy_permission_url_list_key'] = permission_list
return redirect('/customer/list/')
def login(request):
global COUNT
if request.is_ajax():
res = {'state': False, 'msg': None}
if COUNT < settings.MAX_PASS_TRY:
valid_code = request.POST.get('valid_code')
right_code = request.session.get('valid_str')
if valid_code.upper() == right_code.upper():
name = request.POST.get('name')
pwd = request.POST.get('pwd')
md_pwd = to_md(pwd)
UserInfoModel = import_string(settings.RBAC_USER_MODLE_CLASS)
user = UserInfoModel.objects.filter(name=name,
password=md_pwd).first()
if not user: # 用户名或密码错误
COUNT += 1
res['msg'] = '用户名或密码错误'
return JsonResponse(res)
COUNT = 0 # 输入都正确,计数清零
init_permission(user, request)
request.session['user_info'] = {'id': user.id}
res['state'], res['msg'] = True, '登录成功'
return JsonResponse(res)
COUNT += 1 # 验证码有误
res['msg'] = '验证码错误'
return JsonResponse(res)
res['msg'] = 'too much try'
return JsonResponse(res)
return render(request, 'login.html')
def login(request):
"""登录"""
if request.method == 'GET':
login_form = my_forms.LoginForm
return render(request, 'login.html', {"login_form": login_form})
else:
login_form = my_forms.LoginForm(request.POST)
if not login_form.is_valid():
return render(request, 'login.html', {"login_form": login_form})
else:
username = login_form.cleaned_data.get('username')
password = login_form.cleaned_data.get('password')
user_obj = rbac_models.User.objects.filter(
username=username, password=password).first()
if not user_obj:
return redirect(reverse('login'))
else:
init_permission(request, user_obj)
# 根据不同的角色跳转到不同页面,这里仅做测试,不应该出现类似app01的硬编码
department_id = user_obj.userinfo.department_id
if department_id == 1000:
return redirect(reverse('app01_customer_mine'))
elif department_id == 1001:
pass
return redirect(reverse('app01_courserecord_changelist'))
def login(request):
if request.method == "GET":
return render(request, "login.html")
elif request.is_ajax():
state = {"state": None}
username = request.POST.get("user")
if username == "":
state["state"] = "user_none"
return HttpResponse(json.dumps(state))
password = request.POST.get("pwd")
if password == "":
state["state"] = "pwd_none"
return HttpResponse(json.dumps(state))
user = models.User.objects.filter(username=username,
password=password).first()
if user:
state["state"] = "login_success"
init_permission(user, request)
else:
state["state"] = "failed"
return HttpResponse(json.dumps(state))
def login(request):
title = '教务系统登录'
message = ''
error = json.dumps(True)
if request.method == "GET":
print()
try:
test = request.session[settings.SESSION_PERMISSION_URL_KEY]
except:
error = json.dumps(False)
return render(request, "login.html", locals())
else:
return redirect('/index/')
else:
username = request.POST.get('username')
password = request.POST.get('password')
print(username)
print(password)
user_obj = UserInfo.objects.filter(username=username,
password=password).first()
if not user_obj:
message = '用户名或密码错误'
return render(request, "login.html", locals())
else:
init_permission(request, user_obj)
return redirect('/index/')
def login(request):
"""
用户登录
:param request:
:return:
"""
# print(request)
# request.cc = 22
# print(request.cc)
# return HttpResponse('...')
if request.method == 'GET':
return render(request, 'login.html')
user = request.POST.get('user')
pwd = gen_md5(request.POST.get('pwd', ''))
# print(user, pwd)
# 根据用户名和密码去用户表中获取用户对象
user = models.UserInfo.objects.filter(name=user, password=pwd).first()
if not user:
return render(request, 'login.html', {'msg': '用户名或密码错误'})
request.session['user_info'] = {'id': user.id, 'nickname': user.nickname}
# 用户权限信息的初始化
init_permission(user, request)
return redirect('/index/')
def login(request):
"""
登录
:param request:
:return:
"""
if request.method == 'GET':
return render(request, 'login-action.html')
user = request.POST.get('user')
pwd = request.POST.get('pwd')
current_user = models.UserInfo.objects.filter(
name=user, password=gen_md5(pwd)).first()
if not current_user:
return render(request, 'login-action.html', {'msg': '用户名或密码错误'})
# session初始化:用户信息
request.session['user_info'] = {
'id': current_user.id,
'nickname': current_user.nickname
}
# session初始化:用户权限
init_permission(current_user, request)
return redirect('/index/')
def login(request):
'''
login登录验证函数
'''
if request.method == "GET":
form = LoginForm()
return render(request,'login_v2.html',{'form':form})
else:
response = {'status': True, 'data': None, 'msg': None}
form = LoginForm(request.POST)
if form.is_valid():
user = request.POST.get('username',None) #获取input标签里的username的值 None:获取不到不会报错
pwd = request.POST.get('password',None)
pwd = encrypt(pwd) #md5加密密码字符串
user_obj = AdminInfo.objects.filter(username=user, password=pwd).first()
if user_obj:
role = user_obj.user.roles.values('title')
# print(role)
if role:
role = role.first().get('title')
else:
role = '访客'
request.session['is_login'] = {'user': user_obj.user.name, 'role': role} # 仅作为登录后用户名和身份显示session
init_permission(user_obj, request)
response['data'] = {}
else:
response['status'] = False
response['msg'] = {'password': ['*用户名或者密码错误']}
else:
response['status'] = False
response['msg'] = form.errors
# print(response)
return HttpResponse(json.dumps(response))
def login(request):
""" 完整用户登陆验证及权限初始化
参数: request, 当前用户请求对象
返回值: 响应对象,由render或者redirect实现
"""
if request.method == 'POST':
form = LoginForm(data=request.POST)
if not form.is_valid(): # 表单验证失败
return render(request, 'login.html', {"form": form})
else: # 表单验证成功
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user_queryset = models.User.objects.filter(username=username,
password=password)
if not user_queryset: # 用户在数据库中不存在
form.add_error(field='password', error='用户名或密码错误')
return render(request, 'login.html', {'form': form})
else: # 用户在数据库中存在
init_permission(user_queryset[0], request)
return redirect(to='/home/')
elif request.method == 'GET': # 使用elif是考虑到请求的其他方法
form = LoginForm()
return render(request, 'login.html', {"form": form})
def login(request):
if request.method == 'GET':
return render(request, 'login.html')
if request.method == 'POST':
info = {'status': 0, 'msg': ''}
user = request.POST.get('user')
pwd = gen_md5(request.POST.get('pwd', ''))
# 根据用户名和密码去用户表中获取用户对象
user = models.UserInfo.objects.filter(name=user, password=pwd).first()
if not user:
#return render(request, 'login.html', {'msg': '用户名或密码错误'}) 使用这个前端有时候不显示错误信息不知为啥
info['msg'] = '用户名或密码错误'
else:
info['status'] = 1
request.session['user_info'] = {
'id': user.id,
'name': user.name,
'nickname': user.nickname
}
# 用户权限信息的初始化
init_permission(user, request)
#return redirect('/index/')#如果使用重定向 页面没反应 和前端的 return false; 这个有关系 所以关于页面的跳转都放在了前端
return HttpResponse(json.dumps(info))
def login(request):
msg = ""
if request.method == 'GET':
return render(request, 'login.html', {"msg": msg})
else:
username = request.POST.get("username")
password = request.POST.get("password")
validCode = request.POST.get("validCode")
if validCode.upper() == request.session.get("keepValidCode").upper():
user = rbac_model.User.objects.filter(username=username,
password=password).first()
if user:
# 表示已登录
request.session['user_info'] = {
'user_id': user.id,
'uid': user.userinfo.id,
'name': user.userinfo.name
}
# 权限写入session
init_permission(user, request)
# 跳转
return redirect('/index/')
else:
msg = "账号或密码错误"
else:
msg = "验证码错误"
return render(request, 'login.html', {"msg": msg})
def login(request):
data = {'code': None, 'msg': None}
if request.method == 'GET':
return render(request, 'blog/login.html')
elif request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
# 用项目的用户Model做校验
user_obj = models.UserInfo.objects.filter(name=username,
password=password).first()
print(user_obj, type(user_obj))
if user_obj:
# 权限注入
init_permission(user_obj, request)
request.session['is_login'] = True
request.session['user_id'] = user_obj.pk
request.session['user'] = user_obj.name
data['code'] = 1000
return JsonResponse(data)
else:
data['code'] = 2000
data['msg'] = '用户名或密码错误'
return JsonResponse(data)
def login(request):
if request.method == "GET":
form = LoginFrom()
return render(request, 'login.html', {'form': form})
else:
form = LoginFrom(request.POST)
if form.is_valid():
# print(form.cleaned_data) 通过form验证可以拿到前端的用户名,密码 {'username': '******', 'password': '******'}
# form.cleaned_data['password'] = md5(form.cleaned_data['password'])
user = models.UserInfo.objects.filter(**form.cleaned_data).first()
#另外两种
# models.UserInfo.objects.filter(username=form.cleaned_data['username'],password=form.cleaned_data['password'])
# models.UserInfo.objects.filter(**{'username':'******','password':123456})
if user:
# 将用户信息放置到session中,user是个对象,python只能序列化字典,元组
request.session[settings.USER_SESSION_KEY] = {
'id': user.id,
'username': user.username
}
# print(user.id,user.username) # 1 叶良辰
# 获取当前用户的所有角色
# role_liat = user.roles.all()
# print(role_liat) 打印出来的为对象,使用__str__回调函数可以显示中文
init_permission(user, request) # 跟init_permission函数关联,作用权限初始化
return HttpResponse('登陆成功')
else:
form.add_error('password', '用户名或密码错误')
return render(request, 'login.html', {'form': form})
def login(request):
if request.method == 'GET':
return render(request, 'rbac/login.html')
else:
key = PrpCrypt('wzjtwzjtwzjtwzjt')
username = request.POST.get('username')
password = request.POST.get('password')
password = key.encrypt(password)
user_obj = UserInfo.objects.filter(username=username,
password=password).first()
if not user_obj:
return render(request, 'rbac/login.html', {
'error': '用户名或密码错误!',
'username': username,
'password': ''
})
else:
init_permission(request, user_obj) # 调用init__permission,进行初始化
request.session['dep_id'] = user_obj.department_id
request.session['username'] = user_obj.last_name
request.session['user_id'] = user_obj.id
request.session['roles_id'] = user_obj.roles_id
if username == 'admin':
return redirect('/rbac/index/')
else:
return redirect('/wzjt/index/')
def login(request):
if request.method == 'POST':
form = MyForms.UserForms(request.POST)
if form.is_valid():
username = form.cleaned_data.get('username')
password = form.cleaned_data.get('password')
user_obj = auth.authenticate(username=username, password=password)
if user_obj:
auth.login(request, user_obj)
else:
wrong_err = '用户名或密码错误'
return render(request, 'login.html', locals())
init_permission(request, username)
return redirect('/customer/list/')
else:
if form.errors.get('__all__'):
wrong_err = form.errors.get('__all__')[0]
return render(request, 'login.html', locals())
form = MyForms.UserForms()
return render(request, 'login.html', locals())
def login(request):
login_url = verify.login_url
ptoken = ""
try:
ptoken = request.GET['ptoken']
except Exception as e:
print(e)
pass
response = None
if ('uid' not in request.COOKIES and ptoken is ""):
return redirect(login_url)
if (ptoken != ""): #login request callback
message = urllib.parse.unquote(ptoken)
strcode = base64.b64decode(message)
pkey = M2Crypto.RSA.load_pub_key(verify.publicPem_path)
output = pkey.public_decrypt(strcode, M2Crypto.RSA.pkcs1_padding)
try:
json_data = json.loads(output.decode('utf-8'))
uid = json_data['uid']
login_time = int(json_data['ts']) / 1000 #s
userStatus = UserInfo.objects.filter(username=uid)
if userStatus.exists() == False:
insertInfo = UserInfo(username=uid)
insertInfo.save()
except Exception as e:
print(e)
uid = ""
login_time = 0
now_time = time.time()
if (uid != "" and now_time - login_time < 60):
user_obj = UserInfo.objects.filter(username=uid).first()
init_permission(request, user_obj)
response = redirect('/index/')
if ('uid' not in request.COOKIES):
response.set_cookie("uid", uid)
else:
response = None
elif ('uid' in request.COOKIES): #already login
try:
uid = request.COOKIES['uid']
except:
uid = ""
if (uid != ""):
user_obj = UserInfo.objects.filter(username=uid).first()
init_permission(request, user_obj)
response = redirect('/index/')
if ('uid' not in request.COOKIES):
response.set_cookie("uid", uid)
else:
response = None
if (response is None):
return redirect(login_url)
return response
def login(request):
if request.method == 'GET':
return render(request, 'login.html', locals())
user = request.POST.get('user')
pwd = request.POST.get('pwd')
current_user = models.UserInfo.objects.filter(name=user,
password=pwd).first()
if not current_user:
return render(request, 'login.html', {'msg': '用户不存在或账号密码错误'})
# permission_list=current_user.roles.all().values('permissions__id','permissions__url').distinct()
init_permission(current_user, request)
return redirect('/customer/list/')
def post(self, request, *args, **kwargs):
username = self.request.POST.get("username")
password = self.request.POST.get("password")
check_code = self.request.POST.get('authcode')
user = authenticate(username=username, password=password)
# session_code = request.session["authcode"]
session_code = check_code
# if check_code.strip().lower() != session_code.lower():
if check_code.lower() != session_code.lower():
login_err = _('Did you slip the wrong hand? try again')
else:
if user is not None: # pass authencation
if user.is_active == False:
login_err = _('Warning, {} has been disabled'.format(
user.username))
return render(request, 'login.html',
{'login_err': login_err})
login(self.request, user)
init_permission.init_permission(request,
user) # 调用权限注入函数,注入用户权限
login_limit_info = User.objects.filter(username=username)
login_limit_info.update(
limit=0,
login_date=datetime.datetime.now().strftime(
'%Y-%m-%d %H:%M:%S'))
next_url = request.session.get('next_url')
if next_url:
return HttpResponseRedirect(next_url)
return HttpResponseRedirect('/')
else:
try:
limit_num = 5
curr_login_limit = User.objects.get(
username=username).login_limit
new_login_limit = int(curr_login_limit) + 1
login_limit_info = User.objects.filter(username=username)
if new_login_limit == 5:
login_limit_info.update(limit=new_login_limit,
is_active=0)
login_err = _(
"Warning: {} has been disabled, please contact the administrator"
.format(username))
else:
login_limit_info.update(limit=new_login_limit)
login_err = _(
"Warning: {} remaining attempts are {}".format(
username, limit_num - new_login_limit))
except Exception as e:
login_err = _('Verification failed? Think again ^.^')
return render(request, 'login.html', {'login_err': login_err})
def login(request):
if request.method == "GET":
return render(request, 'login.html')
else:
user = request.POST.get('user')
pwd = request.POST.get('pwd')
obj = models.UserMain.objects.filter(username=user,
password=pwd).first()
if obj:
init_permission(request, obj.auth)
return redirect('/arya/crm/case/')
return render(request, 'login.html')
def login(request):
if request.method == "GET":
return render(request, "login.html")
user = request.POST.get('user')
pwd = request.POST.get('pwd')
user_obj = models.UserInfo.objects.filter(name=user, password=pwd).first()
if not user_obj:
return render(request, "login.html", {"msg": "用户名或密码错误"})
'''拆分存储权限相关功能--放置在rbac组件中'''
init_permission(request, user_obj)
# 验证权限信息由中间件中验证
return redirect("/customer/list/")
def login(request):
if request.method == "GET":
return render(request, 'login.html')
else:
user = request.POST.get('user')
pwd = request.POST.get('pwd')
user = models.User.objects.filter(user_info__name=user, user_info__password=pwd).first()
if user:
# 权限初始化
init_permission(user.user_info, request) # 注意此处的用户表对象是rbac用户表对象
return redirect('/users/')
return render(request, 'login.html')
def login(request):
if request.method == "GET":
return render(request,'login.html')
else:
user = request.POST.get('user')
pwd = request.POST.get('pwd')
user = models.User.objects.filter(username=user,password=pwd).first()
print(request.POST)
if not user:
return render(request,'login.html')
init_permission(user,request)
return redirect('/index/')
def post(self, request, *args, **kwargs):
username = request.POST.get('username')
password = request.POST.get('password')
print(" {0}登陆 ".format(username).center(50, '*'))
password = getmd5.md5(password)
obj = models.User.objects.filter(username=username, password=password).first()
if obj:
# 初始化用户session信息
init_permission(request, obj)
request.session['userinfo'] = {'username': obj.username, 'is_login': True}
return redirect("index")
return render(request, 'login.html', {'msg': '用户名或密码错误!'})
def login(request):
if request.method == 'GET':
return render(request, 'login.html')
else:
user = request.POST.get('username')
pwd = request.POST.get('password')
user_obj = rbac_models.UserInfo.objects.filter(username=user,
password=pwd).first()
if not user_obj:
return render(request, 'login.html', {'msg': '用户名或密码错误'})
else:
init_permission(request, user_obj)
return redirect('/index.html')
def login(request):
if request.method == 'GET':
return render(request, 'login.html')
user = request.POST.get('user')
pwd = request.POST.get('pwd')
user_obj = models.UserInfo.objects.filter(name=user, password=pwd).first()
response = {'user': None, 'message': ''}
if not user_obj:
response['message'] = '用户名或者密码错误'
return render(request, 'login.html', response)
init_permission(user_obj, request)
return redirect('/customer/list/')
def login(request):
if request.method == 'GET':
return render(request, 'login.html')
user = request.POST.get('user')
pwd = request.POST.get('pwd')
current_user = models.UserInfo.objects.filter(name=user,
password=pwd).first()
if not current_user:
return render(request, 'login.html', {'msg': '用户名或密码错误'})
init_permission(current_user, request)
return redirect('/customer/list/')
def login(request):
if request.method == "GET":
form = LoginForm()
return render(request, "login.html", {"form": form})
form = LoginForm(request.POST)
if form.is_valid():
user = rm.User.objects.filter(**form.cleaned_data).first()
if not user:
form.add_error("password", "用户名或密码")
return render(request, "login.html", {"form": form})
init_permission(request, user)
return redirect("/index/")
return render(request, "login.html", {"form": form})
def check_user(request):
username = request.POST.get('username')
password = request.POST.get('password')
print(username, password)
try:
user = UserInfo.objects.get(name=username, password=password)
# 处理权限相关的业务
init_permission(user, request)
return JsonResponse({'status': 1})
except BaseException as error:
return JsonResponse({'status': 0, 'msg': f'用户名或密码错误{error}'})
def login(request):
if request.method == "GET":
return render(request, "login.html")
else:
username = request.POST.get('username')
password = request.POST.get('password')
user_obj = UserInfo.objects.filter(username=username,
password=password).first()
if not user_obj:
return render(request, "login.html", {'error': '用户名或密码错误!'})
else:
init_permission(request, user_obj)
return redirect('/index/')
def login(request):
if request.method=='GET':
form=LoginForm()
return render(request,"login.html",{"form":form})
else:
form=LoginForm(request.POST)
if form.is_valid():
form.cleaned_data["password"]=md5(form.cleaned_data["password"])
print("form.cleaned_data:",form.cleaned_data)
user = models.UserInfo.objects.filter(**form.cleaned_data).first()
if user:
#写入session
request.session[settings.USER_SESSION_KEY]={'id': user.pk, 'username': user.username}
# 权限初始化
init_permission(user, request)
return redirect("/hosts/")
else:
form.add_error('password', '用户名或密码错误')
return render(request, 'login.html', {'form': form})
