def post(self,request):
# 接收参数
mobile = request.POST.get('mobile')
password = request.POST.get('password')
sms_code = request.POST.get('sms_code')
# 校验参数
if not all([mobile,password,sms_code]):
return http.HttpResponseForbidden('缺少必传参数')
if not re.match(r'^1[3-9]\d{9}',mobile):
return http.HttpResponseForbidden('请输入正确的手机号码')
if not re.match(r'^[0-9a-zA-Z_]{8,20}',password):
return http.HttpResponseForbidden('请输入8-20位的密码')
# 验证短信验证码
redis_conn = get_redis_connection('sms_code')
redis_sms_code = redis_conn.get('sms_%s' % mobile)
if redis_sms_code is None:
return render(request, 'oauth_callback.html', {'sms_code_errmsg': '无效的短信验证码'})
if sms_code.lower() != redis_sms_code.decode().lower():
return render(request, 'oauth_callback.html', {'sms_code_errmsg': '输入短信验证码有误'})
# 取出openid
openid = request.POST.get('openid')
# 解密
openid_dict = SecretOauth().loads(openid)
openid = openid_dict.get('openid')
# 判断该手机号是否存在
try:
user = User.objects.get(mobile=mobile)
except:
# 如果不存在 则创建
user = User.objects.create_user(username=mobile,password=password,mobile=mobile)
else:
# 如果存在 则校验密码
if not user.check_password(password):
return http.HttpResponseForbidden('手机号已经存在或密码错误')
# 将用户和openid绑定
OAuthSinaUser.objects.create(
uid=openid,
user=user,
)
# 状态保持
login(request,user)
# 重定向到用户原先所在的位置页面
response = redirect(reverse('contents:index'))
# 将用户名写入cookie
response.set_cookie('username',user.username,max_age=3600*24*15)
# 响应结果
return response
def get(self, request, username):
# 1.接收参数
image_code = request.GET.get('image_code')
uuid = request.GET.get('image_code_id')
# 2.校验用户名 和 图形验证码
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
return http.JsonResponse({'status': 5004})
img_client = get_redis_connection('verify_image_code')
redis_img_code = img_client.get('img_%s' % uuid)
if image_code.lower() != redis_img_code.decode().lower():
return http.JsonResponse({'status': 5001})
# 生成随机64位码字符串 存入redis 为下次发短信提交做准备
mobile = user.mobile
random_str = generat_csrf()
img_client.setex('random_%s' % mobile, 300, random_str)
access_token = SecretOauth().dumps(random_str)
# 3.返回响应
return http.JsonResponse({
'status': 5000,
"mobile": mobile,
"access_token": access_token
})
def post(self, request, user_id):
data = request.body.decode()
data_dict = json.loads(data)
password = data_dict.get('password')
password2 = data_dict.get('password2')
access_token = data_dict.get('access_token')
if not all([access_token, password, password2]):
return http.HttpResponseForbidden('填写数据不完整')
if password != password2:
return http.HttpResponseForbidden('两个密码不一致')
user_dict = SecretOauth().loads(access_token)
if user_dict is None:
return http.JsonResponse({{'status': 400, 'errmsg': '参数错误'}})
if int(user_id) != user_dict['user_id']:
return http.JsonResponse({{'status': 400, 'errmsg': '用户不存在'}})
try:
user = User.objects.get(id=user_id)
except:
return http.JsonResponse({'status': 400, 'errmsg': '用户不匹配'})
user.set_password(password)
user.save()
return http.JsonResponse({'status': RETCODE.OK, 'errmsg': '修改密码成功'})
def get(self, request, username):
sms_code = request.GET.get('sms_code')
try:
user = User.objects.get(username=username)
except:
return http.JsonResponse({'status': 400, 'errmsg': '用户名错误'})
# 短信验证码
# 1.读取redis中的短信验证码
redis_cli = get_redis_connection('sms_code')
sms_code_redis = redis_cli.get(user.mobile)
# 2.判断是否过期
if sms_code_redis is None:
return http.HttpResponseForbidden('短信验证码已经过期')
# 3.删除短信验证码,不可以使用第二次
redis_cli.delete(user.mobile)
redis_cli.delete(user.mobile + '_flag')
# 4.判断是否正确
if sms_code_redis.decode() != sms_code:
return http.HttpResponseForbidden('短信验证码错误')
json_str = SecretOauth().dumps({
"user_id": user.id,
'mobile': user.mobile
})
return http.JsonResponse({
'user_id': user.id,
'access_token': json_str
})
def get(self, request):
access_token = request.GET.get('access_token')
user_dict = SecretOauth().loads(access_token)
if user_dict is None:
return http.JsonResponse({'status': 400, 'errmsg': '参数不全'})
mobile = user_dict['mobile']
try:
User.objects.get(mobile=mobile)
except:
return http.JsonResponse({'status': 400, 'errmsg': '手机号不存在'})
# 验证
redis_cli_sms = get_redis_connection('sms_code')
# 是否60秒内
if redis_cli_sms.get(mobile + '_flag') is not None:
return http.JsonResponse({
'status': 400,
'errmsg': '发送短信太频繁,请稍候再发'
})
# 处理
# 1.生成随机6位数
sms_code = '%06d' % random.randint(0, 999999)
print(sms_code)
# 2.优化:使用管道
redis_pl = redis_cli_sms.pipeline()
redis_pl.setex(mobile, contants.SMS_CODE_REDIS_EXPIRE, sms_code)
redis_pl.setex(mobile + '_flag', contants.SEND_SMS_CODE_INTERVAL, 1)
redis_pl.execute()
# 3.发短信
# 通过delay调用,可以将任务加到队列中,交给celery去执行
ccp_send_sms_code.delay(mobile, sms_code)
return http.JsonResponse({'status': RETCODE.OK, 'errmsg': 'OK'})
def get(self, request, username):
# 1.接收参数
uuid = request.GET.get('image_code_id')
image_code = request.GET.get('text')
# 2.图形验证码是否正确
# 2.1从redis中读取之前保存的图形验证码文本
redis_cli_image = get_redis_connection('verify_image_code')
image_code_redis = redis_cli_image.get('img_%s' % uuid)
# 2.2如果redis中的数据过期则提示
if image_code_redis is None:
return http.JsonResponse({
'status': 400,
'errmsg': '图形验证码已过期,点击图片换一个'
})
# 2.3立即删除redis中图形验证码,表示这个值不能使用第二次
redis_cli_image.delete(uuid)
# 2.4对比图形验证码:不区分大小写
if image_code_redis.decode().lower() != image_code.lower():
return http.JsonResponse({'status': 400, 'errmsg': '图形验证码错误'})
try:
user = User.objects.get(username=username)
except Exception as e:
return http.JsonResponse({'status': 404, 'errmsg': '用户名错误'})
# 处理
json_str = SecretOauth().dumps({
"user_id": user.id,
'mobile': user.mobile
})
return http.JsonResponse({
'mobile': user.mobile,
'access_token': json_str
})
def post(self,request):
# 1.解析参数
mobile = request.POST.get('mobile')
pwd = request.POST.get('password')
sms_code = request.POST.get('sms_code')
openid = request.POST.get('openid')
if openid is None:
return http.HttpResponseForbidden('openid失效了')
from utils.secret import SecretOauth
openid = SecretOauth().loads(openid).get('openid')
# 2.校验 判空 正则 图形 短信验证码
# 3.校验mobile是否存在
try:
user = User.objects.get(mobile=mobile)
if not user.check_password(pwd):
return render(request,'oauth_callback.html', {'errmsg':"用户名或密码不正确"})
except Exception as e:
user = User.objects.create_user(username=mobile, password=pwd, mobile=mobile)
# 4.绑定openid
oauth_user = OAuthQQUser.objects.create(openid=openid, user=user)
# 5.保持登陆状态 set_cookie 重定向到首页
login(request, oauth_user.user)
response = redirect(reverse('contents:index'))
response.set_cookie('username', user.username, max_age=24*30*3600)
return response
def is_bind_openid(request, openid):
# 如果绑定了
try:
oauth_user = OAuthQQUser.objects.get(openid=openid)
except Exception as e:
logger.error(e)
# 没有绑定了-->重定向到绑定页面
secret_openid = SecretOauth().dumps({'openid': openid})
context = {
'openid': secret_openid
}
return render(request, 'oauth_callback.html', context)
else:
# 绑定了-保持登录状态->重定向到首页-->设置cookie username
qq_user = oauth_user.user
login(request, qq_user)
# 响应结果
response = redirect(reverse('contents:index'))
# 登录时用户名写入到cookie,有效期15天
response.set_cookie('username', qq_user.username, constants.USERNAME_EXPIRE_TIME)
return response
def put(self,request):
#取出请求参数中的email
json_str = request.body.decode()
json_dict = json.loads(json_str)
email = json_dict.get('email')
#校验email格式是否满足要求
# if not re.match(r'^[a-z0-9][\w\.\-]*@[a-z0-9\-]+(\.[a-z]{2,5}){1,2}$', email):
# return http.HttpResponseForbidden('参数email有误')
#保存email
try :
request.user.email = email
request.user.save()
except Exception as e:
logger.error(e)
return http.JsonResponse({'code': RETCODE.DBERR,'errmsg':'添加邮箱失败'})
token_value = {
'user_id': request.user.id,
'email': email
}
from utils.secret import SecretOauth
secret_str = SecretOauth().dumps(token_value)
verify_url = settings.EMAIL_ACTIVE_URL + "?token=" + secret_str
from celery_tasks.email.tasks import send_verify_email
send_verify_email.delay(email, verify_url)
# 4. 返回前端结果
return http.JsonResponse({'code': RETCODE.OK, 'errmsg': '添加邮箱成功'})
def is_bind_openid(openid, request):
try:
# openid = SecretOauth().loads(openid).get('openid')
oauth_user = OAuthQQUser.objects.get(openid=openid)
except Exception as e:
logger.error(e)
context = SecretOauth().dumps(openid)
context = {'openid': context}
return render(request, 'oauth_callback.html', context=context)
else:
# 如果openid已绑定美多商城用户
# 实现状态保持
qq_user = oauth_user.user
login(request, qq_user)
# 重定向到主页
response = redirect(reverse('contents:index'))
# 登录时用户名写入到cookie,有效期15天
response.set_cookie('username',
qq_user.username,
max_age=3600 * 24 * 15)
return response
def is_bind_openid(openid, request):
try:
# 1. 如果 数据表里面啊存在 --绑过了
oauth_user = OAuthQQUser.objects.get(openid=openid)
except Exception as e:
# 2. 不存在 没有绑定过
print(openid)
openid = SecretOauth().dumps({'openid': openid})
return render(request,
'oauth_callback.html',
context={'openid': openid})
else:
user = oauth_user.user
# 保持登录状态
login(request, user)
# 设置首页用户名
response = redirect(reverse('contents:index'))
response.set_cookie('username', user.username, max_age=24 * 14 * 3600)
# 重定向 首页
return response
def post(self, request, user_id):
json_dict = json.loads(request.body.decode())
password = json_dict.get('password')
password2 = json_dict.get('password2')
access_token = json_dict.get('access_token')
if not all([password, password2, access_token]):
return http.HttpResponseForbidden('参数不能为空!')
# 解密前端 传入的
loads_acces_token = SecretOauth().loads(access_token)
if not re.match('^[0-9A-Za-z]{8,20}$', password):
return http.HttpResponseForbidden('请输入8-20位的密码')
# * 3.确认密码: ---------判空,判断是否相等
if password2 != password:
return http.HttpResponseForbidden('两次密码输入不一致')
try:
user = User.objects.get(id=user_id)
except User.DoesNotExist:
return http.JsonResponse({"status": 5002, 'message': "user_id有误!"})
redis_client = get_redis_connection('verify_image_code')
redis_random_token = redis_client.get('random_%s' % user.mobile)
if loads_acces_token != redis_random_token.decode():
return http.JsonResponse({"status": 5001, 'message': "token错误!"})
# 更新密码
user.set_password(password)
user.save()
return http.JsonResponse({"status": 5000, 'message': "密码设置成功!"})
def get(self, request, mobile):
sms_code = request.GET.get('sms_code')
# 1.校验手机号
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
return http.JsonResponse({"status": 5004})
# 2.校验验证码
sms_client = get_redis_connection('sms_code')
redis_sms_code = sms_client.get('sms_%s' % mobile)
if sms_code != redis_sms_code.decode():
return http.JsonResponse({"status": 5001})
# 3.返回正确的响应
redis_client = get_redis_connection('verify_image_code')
redis_random_token = redis_client.get('random_%s' % mobile)
access_token = SecretOauth().dumps(redis_random_token.decode())
return http.JsonResponse({
"status": 5000,
"user_id": user.id,
"access_token": access_token
})
def put(self, request):
# 1.接收 请求体非表单参数 json
json_bytes = request.body
json_str = json_bytes.decode()
json_dict = json.loads(json_str)
email = json_dict.get('email')
# 2.正则校验邮箱
if not re.match(r'^[a-z0-9][\w\.\-]*@[a-z0-9\-]+(\.[a-z]{2,5}){1,2}$', email):
return http.HttpResponseForbidden('参数email有误')
# 3.修改 数据库中 email 值
try:
request.user.email = email
request.user.save()
except Exception as e:
logger.error(e)
return http.JsonResponse({'code': RETCODE.DBERR, 'errmsg': '添加邮箱失败'})
# 自动发邮件(需要加密)
token_value = {
'user_id': request.user.id,
'email': email
}
# 加密 --->对象方法SecretOauth()
from utils.secret import SecretOauth
secret_str = SecretOauth().dumps(token_value)
# http://www.meiduo.site:8000/emails/verification/?token={%22user_id%22:%201,%20%22email%22:%20%[email protected]%22}
verify_url = settings.EMAIL_ACTIVE_URL + "?token=" + secret_str
from celery_tasks.email.tasks import send_verify_email
send_verify_email.delay(email, verify_url)
# 4.返回前端结果
return http.JsonResponse({'code': RETCODE.OK, 'errmsg': '添加邮箱成功'})
def put(self, request):
json_str = request.body.decode()
# print(json_str)
import json
json_dict = json.loads(json_str)
email = json_dict.get('email')
# print(request.user)
# print(email)
# username= json_dict.get("username")
# print(username)
# request.user.email= email
# request.user.save()
# 校验
if not re.match(r'^[a-z0-9][\w\.\-]*@[a-z0-9\-]+(\.[a-z]{2,5}){1,2}$',
email):
return http.HttpResponseForbidden('参数email有误')
# 1.加密的数据
data_dict = {'user_id': request.user.id, "email": request.user.email}
# 2. 进行加密数据
secret_data = SecretOauth().dumps(data_dict)
# 发送邮件
#subject 邮件标题
# message 普通邮件正文,普通字符串
# from_email 发件人
# recipient_list 收件人列表
# html_message 多媒体邮件正文,可以是html字符串
subject = "美多商城邮箱验证"
# subject = "ai爱直播"
verify_url = settings.EMAIL_VERIFY_URL + '?token=' + secret_data
html_message = '<p>尊敬的用户您好!</p>' \
'<p>感谢您使用美多商城。</p>' \
'<p>您的邮箱为:%s 。请点击此链接激活您的邮箱:</p>' \
'<p><a href="%s">%s</a></p>' % (email,verify_url, verify_url)
# html_message = '<p>尊敬的用户赵博您好!</p>' \
# '<p>感谢您的注册</p>' \
# '<p>您的邮箱为:%s 。请点击此链接激活您的邮箱:</p>' \
# '<p><a href="http://www.sharesome.com">点此进入</a></p>' % (email)
send_mail(subject,
message="1",
from_email="*****@*****.**",
recipient_list=[email],
html_message=html_message)
# 保存数据库中
try:
User.objects.filter(username=request.user).update(email=email)
except Exception as e:
logger.error(e)
return http.JsonResponse({
'code': RETCODE.DBERR,
'errmsg': '添加邮箱失败'
})
return http.JsonResponse({'code': RETCODE.OK, 'errmsg': '添加邮箱成功'})
def generate_verify_emails_url(user):
# 获取必传的两个参数 user_id email
data_dict = {'user_id': user.id, 'email': user.email}
# 加密数据
from utils.secret import SecretOauth
dumps_str = SecretOauth().dumps(data_dict)
# 拼接完整的 带参数的链接
return settings.EMAIL_ACTIVE_URL + '?token=' + dumps_str
def post(self, request):
# 1.接收解析参数
mobile = request.POST.get('mobile')
pwd = request.POST.get('password')
sms_code = request.POST.get('sms_code')
# 2. 校验---判断空, 正则---短信验证码
openid = request.POST.get('openid')
loads_openid_dict = SecretOauth().loads(openid)
openid = loads_openid_dict.get('openid')
if not openid:
return render(request, 'oauth_callback.html',
{'openid_errmsg': "openid是无效的!"})
# 3.判断用户是否存在
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
# 5.不存在---创建新用户
user = User.objects.create_user(username=mobile,
mobile=mobile,
password=pwd)
else:
# 4.存在---校验密码
if not user.check_password(pwd):
return render(request, 'oauth_callback.html',
{'account_errmsg': "用户名或密码错误!"})
# 6. 绑定 openid
try:
qq_user = OAuthQQUser.objects.create(user=user, openid=openid)
except Exception as e:
return render(request, 'oauth_callback.html',
{'qq_login_errmsg': "qq绑定失败!"})
# 7. 保持登录状态---设置cookie首页用户名----首页
# 1.保持登录状态
login(request, user)
response = redirect(reverse('contents:index'))
# 2. 设置cookie
response.set_cookie('username', user.username, max_age=14 * 24 * 3600)
# 3. 首页
return response
def post(self, request):
# 1.接收参数 form POST
mobile = request.POST.get('mobile')
pwd = request.POST.get('password')
sms_code = request.POST.get('sms_code')
openid = request.POST.get('openid')
# 2.校验--判空--正则--短信验证码
# 判断参数是否齐全
if not all([mobile, pwd]):
return HttpResponseForbidden('参数不齐')
# 判断手机号是否合法
if not re.match(r'^1[3-9]\d{9}$', mobile):
return HttpResponseForbidden('请输入正确的手机号码')
# 判断密码是否合格
if not re.match(r'^[0-9A-Za-z]{8,20}$', pwd):
return HttpResponseForbidden('请输入8-20位的密码')
# 判断短信验证码是否一致
sms_code = request.POST.get('msg_code')
# 6.1 从redis 中取出来
redis_code_client = get_redis_connection('sms_code')
redis_code = redis_code_client.get('sms_%s' % mobile)
if redis_code is None:
return render(request, 'oauth_callback.html', {'sms_code_errmsg': '无效的短信验证码'})
if sms_code != redis_code.decode():
return render(request, 'oauth_callback.html', {'sms_code_errmsg': '输入短信验证码有误'})
# 判断openid是否有效:错误提示放在sms_code_errmsg位置
# 3.解密--openid 校验
openid = SecretOauth().loads(openid).get('openid')
if not openid:
return render(request, 'oauth_callback.html', {'openid_errmsg': '无效的openid'})
# 4.判断用户是否存在 存在 user; 不存在新建user
try:
user = User.objects.get(mobile=mobile)
except Exception as e:
# 用户不存在 新建user
user = User.objects.create(username=mobile, password=pwd, mobile=mobile)
else:
# 如果用户存在,检查密码 密码不正确
if not user.check_password(pwd):
return render(request, 'oauth_callback.html', {'account_errmsg': '用户名或密码错误'})
# 5.user绑定openid
try:
OAuthQQUser.objects.create(openid=openid, user=user)
except Exception as e:
return render(request, 'oauth_callback.html', {'qq_login_errmsg': 'QQ登录失败'})
# 6. 保持登录状态--重定向首页--set_cookie username
login(request, user)
response = redirect(reverse('contents:index'))
response.set_cookie('username', user.username,constants.USERNAME_EXPIRE_TIME)
return response
def post(self, request):
"""美多商城用户绑定到openid"""
# 接收参数
mobile = request.POST.get('mobile')
pwd = request.POST.get('password')
sms_code_client = request.POST.get('sms_code')
openid = request.POST.get('openid')
# 校验参数
# 判断参数是否齐全
if not all([mobile, pwd, sms_code_client]):
return http.HttpResponseForbidden('缺少必传参数')
# 判断手机号是否合法
if not re.match(r'^1[3-9]\d{9}$', mobile):
return http.HttpResponseForbidden('请输入正确的手机号码')
# 判断密码是否合格
if not re.match(r'^[0-9A-Za-z]{8,20}$', pwd):
return http.HttpResponseForbidden('请输入8-20位的密码')
# 判断短信验证码是否一致
redis_conn = get_redis_connection('sms_code')
sms_code_server = redis_conn.get('sms_%s' % mobile)
if sms_code_server is None:
return render(request, 'oauth_callback.html', {'sms_code_errmsg': '无效的短信验证码'})
if sms_code_client != sms_code_server.decode():
return render(request, 'oauth_callback.html', {'sms_code_errmsg': '输入短信验证码有误'})
# 解密出openid 再判断openid是否有效
openid = SecretOauth().loads(openid).get('openid')
if not openid:
return render(request, 'oauth_callback.html', {'openid_errmsg': '无效的openid'})
# 保存注册数据
try:
user = User.objects.get(mobile=mobile)
except User.DoesNotExist:
# 用户不存在,新建用户
user = User.objects.create_user(username=mobile, password=pwd, mobile=mobile)
else:
# 如果用户存在,检查用户密码
if not user.check_password(pwd):
return render(request, 'oauth_callback.html', {'account_errmsg': '用户名或密码错误'})
# 将用户绑定openid
try:
OAuthQQUser.objects.create(openid=openid, user=user)
except DatabaseError:
return render(request, 'oauth_callback.html', {'qq_login_errmsg': 'QQ登录失败'})
# 实现状态保持
login(request, user)
# 响应绑定结果
next = request.GET.get('state')
response = redirect(next)
# 登录时用户名写入到cookie,有效期15天
response.set_cookie('username', user.username, max_age=3600 * 24 * 15)
return response
def generate_verify_email_url(user):
# 1.userid email
data_dict = {'user_id':user.id,'email':user.email}
# 2.加密
secret_data = SecretOauth().dumps(data_dict)
# 3.拼接连接
verify_url = settings.EMAIL_ACTIVE_URL + '?token=' + secret_data
# 4. 返回去
return verify_url
def generate_verify_email_url(user):
# http://www.meiduo.site:8000/emails/verification/
# ?token=eyJhbGciOiJIUzUxMiIsImlhdCI6MTU2NjE5ODk4MywiZXhwIjoxNTY2MjAyNTgzfQ.eyJ1c2VyX2lkIjo2LCJlbWFpbCI6ImxpdWNoZW5nZmVuZzY2NjZAMTYzLmNvbSJ9.okIKKAHjeskFild3EZeK3034N2r0vMb_tvUaVA7h4qPdfxmsDG4JvzXsTLl2_98Ln6rpWN4EmAdrdthZeG2DdQ
# 1.获取 比传的 两个 参数 user_id email
data_dict = {'user_id': user.id, 'email': user.email}
# 2.加密 数据
from utils.secret import SecretOauth
dumps_str = SecretOauth().dumps(data_dict)
# 3. 拼接完整的 带参数 的链接
return settings.EMAIL_ACTIVE_URL + '?token=' + dumps_str
def generate_verify_email_url(user):
# 1. user_id email
dict_data = {'user_id': user.id, 'email': user.email}
# 2.参数加密
from utils.secret import SecretOauth
secret_data = SecretOauth().dumps(dict_data)
# 3.拼接 完整的路由
verify_url = settings.EMAIL_ACTIVE_URL + '?token=' + secret_data
return verify_url
def check_verify_email_token(token):
# 解密
from utils.secret import SecretOauth
json_dict = SecretOauth().loads(token)
# 校验用户是否存在 同时邮箱也匹配
try:
user = User.objects.get(id=json_dict['user_id'], email=json_dict['email'])
except Exception as e:
logger.error(e)
return None
else:
return user
def get(self, requests):
# 接收参数
code = requests.GET.get("code")
# 微博连接
from utils import sinaweibopy3
client = sinaweibopy3.APIClient(
# app_key: app_key值
app_key=settings.APP_KEY,
# app_secret:app_secret 值
app_secret=settings.APP_SECRET,
# redirect_uri : 回调地址
redirect_uri=settings.REDIRECT_URL)
# 通过code获得token
result = client.request_access_token(code)
access_token = result.access_token
uid = result.uid
uid = int(uid)
# print(type(uid))
try:
user_sian = OAuthSinaUser.objects.get(uid=uid)
except Exception as e:
from utils.secret import SecretOauth
uid = SecretOauth().dumps(uid)
logger.error(e)
return render(requests, 'sina_callback.html', context={'uid': uid})
else:
user = user_sian.user
user = User.objects.get(id=user.id)
login(requests, user)
# response = http.JsonResponse({"status": 5000})
response = redirect(reverse("users:index"))
# response = http.HttpResponseRedirect(reverse('users:index'))
# response = render(requests,"index.html",context={'uid': str(uid)})
response.set_cookie("username",
user.username,
max_age=14 * 24 * 3600)
# try:
# OAuthSinaUser.objects.create(uid=uid,user_id=user.id)
# except Exception as e:
# logger.error(e)
# login(request,user=user)
# response = redirect(reverse("users:index"))
# response = redirect(reverse("users:index"))
# # 设置cookie
# response.set_cookie("username", user.username, max_age=3600 * 24 * 15)
return response
def get(self, request):
# 1.接收参数 request.GET
token = request.GET.get('token')
# 解密
data_dict = SecretOauth().loads(token)
user_id = data_dict.get('user_id')
email = data_dict.get('email')
# 2.校验
try:
user = User.objects.get(id=user_id, email=email)
except Exception as e:
print(e)
return http.HttpResponseForbidden('token无效的!')
# 3. 修改 email_active
user.email_active = True
user.save()
# 4. 返回
return redirect(reverse('users:info'))
def generate_verify_email_url(user):
"""
:param user: 用户对象
:return:
"""
# 1.加密的数据
data_dict = {'user_id': user.id, "email": user.email}
# 2. 进行加密数据
from utils.secret import SecretOauth
secret_data = SecretOauth().dumps(data_dict)
# 3. 返回拼接url
active_url = settings.EMAIL_ACTIVE_URL + '?token=' + secret_data
return active_url
def get(self,request):
# 1.接受参数
token = request.GET.get('token')
# 2.解密
token_dict = SecretOauth().loads(token)
# 3.校验userid email
try:
user = User.objects.get(id=token_dict['user_id'],email=token_dict['email'])
except Exception as e :
return HttpResponseForbidden('无效的token')
# 4.修改email_active
user.email_active = True
user.save()
# 5.重定向到首页
return redirect(reverse('contents:index'))
def get(self,request):
#1.接收参数
token = request.GET.get('token')
#2.解密
from utils.secret import SecretOauth
json_dict = SecretOauth().loads(token)
#3.校验,用户是否存在,并且邮箱也正确
try:
user = User.objects.get(id=json_dict['user_id'],email=json_dict['email'])
except Exception as e:
logger.error(e)
return http.HttpResponseForbidden('无效的token')
user.email_active = True
user.save()
return redirect(reverse('users:info'))
def generate_verify_email_url(user):
'''
传递user_id , email
:param user:
:return:
'''
# 1. 发送的数据
data_dict = {'user_id': user.id, 'email': user.email}
# 2. 加密数据
secret_dict = SecretOauth().dumps(data_dict)
# 3. 返回拼接的url
verify_url = settings.EMAIL_ACTIVE_URL + '?token=' + secret_dict
return verify_url
def check_verify_email_token(token):
from utils.secret import SecretOauth
try:
token_dict = SecretOauth().loads(token)
except:
return None
try:
user = User.objects.get(id=token_dict['user_id'],
email=token_dict['email'])
except Exception as e:
logger.error(e)
return None
else:
return user
