|
|
@@ -14,6 +14,9 @@
|
|
|
import datetime
|
|
|
import traceback
|
|
|
import time
|
|
|
+
|
|
|
+import jwt
|
|
|
+import simplejson
|
|
|
import simplejson as json
|
|
|
import requests
|
|
|
from django.contrib.auth.hashers import make_password, check_password # 对密码加密模块
|
|
|
@@ -23,6 +26,7 @@ from django.utils.decorators import method_decorator
|
|
|
from django.utils.timezone import utc
|
|
|
from django.views.decorators.csrf import csrf_exempt
|
|
|
from django.views.generic import TemplateView
|
|
|
+from jwt.algorithms import RSAAlgorithm
|
|
|
from ratelimit.decorators import ratelimit
|
|
|
|
|
|
from Ansjer.config import AuthCode_Expire, SERVER_DOMAIN, APNS_CONFIG, JPUSH_CONFIG, FCM_CONFIG, TUTK_PUSH_DOMAIN
|
|
|
@@ -1924,7 +1928,7 @@ class verifyAuthcode(TemplateView):
|
|
|
return response.json(0)
|
|
|
|
|
|
|
|
|
-# 获取验证码
|
|
|
+# 微信登录
|
|
|
class wxAuthSignView(TemplateView):
|
|
|
|
|
|
def post(self, request, *args, **kwargs):
|
|
|
@@ -3291,3 +3295,126 @@ class v3SetFingerprintView(View):
|
|
|
if len(data) > 0:
|
|
|
Device_User.objects.filter(userID=token.userID).update(**data)
|
|
|
return response.json(0)
|
|
|
+
|
|
|
+
|
|
|
+class AppleAuthLogin(View):
|
|
|
+ def post(self, request, *args, **kwargs):
|
|
|
+ request.encoding = 'utf-8'
|
|
|
+ request_dict = request.POST
|
|
|
+ return self.validate(request_dict)
|
|
|
+
|
|
|
+ def get(self, request, *args, **kwargs):
|
|
|
+ request.encoding = 'utf-8'
|
|
|
+ request_dict = request.GET
|
|
|
+ return self.validate(request_dict)
|
|
|
+
|
|
|
+ def validate(self, request_dict):
|
|
|
+ lang = request_dict.get('lang', None)
|
|
|
+ identity_token = request_dict.get('identity_token', None)
|
|
|
+ app_bundle_id = request_dict.get('app_bundle_id', None) # 包名
|
|
|
+
|
|
|
+ response = ResponseObject(lang)
|
|
|
+
|
|
|
+ if identity_token:
|
|
|
+ key_url = 'https://appleid.apple.com/auth/keys'
|
|
|
+ key_response = requests.get(key_url).json()
|
|
|
+ print(key_response)
|
|
|
+ head = jwt.get_unverified_header(identity_token)
|
|
|
+ print(head)
|
|
|
+ token_key = head['kid']
|
|
|
+ key_object = None
|
|
|
+ alg = None
|
|
|
+ for pub_key in key_response['keys']:
|
|
|
+ if pub_key['kid'] == token_key:
|
|
|
+ key_object = simplejson.dumps(pub_key)
|
|
|
+ key_object = RSAAlgorithm.from_jwk(key_object)
|
|
|
+ alg = pub_key['alg']
|
|
|
+ break
|
|
|
+
|
|
|
+ if key_object:
|
|
|
+ try:
|
|
|
+ claims = jwt.decode(identity_token, key=key_object, verify=True, algorithms=[alg], audience=app_bundle_id)
|
|
|
+ unionID = claims['sub']
|
|
|
+ print(claims)
|
|
|
+ user_extend_qs = UserOauth2Model.objects.filter(unionID=unionID, authType=2)
|
|
|
+ if user_extend_qs.exists():
|
|
|
+ # 如果用户绑定过则直接登录
|
|
|
+ userID = user_extend_qs[0].userID_id
|
|
|
+ print(userID)
|
|
|
+ user_qs = Device_User.objects.filter(userID=userID)
|
|
|
+ return self.do_login(user_qs, response)
|
|
|
+ else:
|
|
|
+ # 如果用户为绑定过则创建用户并进行登录返回token
|
|
|
+ userID = CommonService.getUserID(getUser=False)
|
|
|
+ nickname = claims['email']
|
|
|
+ return self.do_register(userID, nickname, response, app_bundle_id, unionID)
|
|
|
+
|
|
|
+ except Exception as e:
|
|
|
+ print(e)
|
|
|
+ return response.json(717)
|
|
|
+ else:
|
|
|
+ return response.json(444)
|
|
|
+ else:
|
|
|
+ return response.json(444)
|
|
|
+
|
|
|
+ # 登录
|
|
|
+ def do_login(self, user_qs, response):
|
|
|
+ now_time = datetime.datetime.utcnow().replace(tzinfo=utc).astimezone(utc)
|
|
|
+ userID = user_qs[0].userID
|
|
|
+ print('userID' + userID)
|
|
|
+ tko = TokenObject()
|
|
|
+ user_list = user_qs.values("NickName", "userIconUrl", "userIconPath", "username", "userEmail", "phone")
|
|
|
+ res = tko.generate(data={'userID': userID, 'lang': response.lang, 'user': user_list[0]["username"]})
|
|
|
+ # 增加角色
|
|
|
+ user_qs[0].role.add(Role.objects.get(rid=1))
|
|
|
+ role_dict = ModelService.own_role(userID=userID)
|
|
|
+ res['rid'] = role_dict['rid']
|
|
|
+ res['roleName'] = role_dict['roleName']
|
|
|
+ res['permList'] = ModelService.own_permission(userID)
|
|
|
+ res['userID'] = userID
|
|
|
+ # 昵称,邮箱,电话,刷新,头像
|
|
|
+ userIconPath = str(user_list[0]["userIconPath"])
|
|
|
+ if userIconPath and userIconPath.find('static/') != -1:
|
|
|
+ userIconPath = userIconPath.replace('static/', '').replace('\\', '/')
|
|
|
+ res['userIconUrl'] = SERVER_DOMAIN + 'account/getAvatar/' + userIconPath
|
|
|
+ else:
|
|
|
+ res['userIconUrl'] = ''
|
|
|
+ res['NickName'] = user_list[0]["NickName"] if user_list[0]["NickName"] is not None else ''
|
|
|
+ res['username'] = user_list[0]["username"] if user_list[0]["username"] is not None else ''
|
|
|
+ res['userEmail'] = user_list[0]["userEmail"] if user_list[0]["userEmail"] is not None else ''
|
|
|
+ res['phone'] = user_list[0]["phone"] if user_list[0]["phone"] is not None else ''
|
|
|
+ print(res)
|
|
|
+ user_qs.update(last_login=now_time, online=True)
|
|
|
+ return response.json(0, res)
|
|
|
+
|
|
|
+ def do_register(self, userID, nickname, response, appBundleId, unionID):
|
|
|
+ data_valid = DataValid()
|
|
|
+ if data_valid.name_validate(userID) is not True:
|
|
|
+ return response.json(105)
|
|
|
+ try:
|
|
|
+ users = Device_User.objects.create(
|
|
|
+ username=userID,
|
|
|
+ NickName=nickname,
|
|
|
+ password=make_password('123456'),
|
|
|
+ userID=userID,
|
|
|
+ is_active=True,
|
|
|
+ user_isValid=True,
|
|
|
+ )
|
|
|
+
|
|
|
+ nowTime = int(time.time())
|
|
|
+ UserOauth2Model.objects.create(
|
|
|
+ addTime=nowTime,
|
|
|
+ updTime=nowTime,
|
|
|
+ userID_id=users.userID,
|
|
|
+ authType=2,
|
|
|
+ unionID=unionID
|
|
|
+ )
|
|
|
+ except Exception as e:
|
|
|
+ errorInfo = traceback.format_exc()
|
|
|
+ print(errorInfo)
|
|
|
+ return response.json(424, repr(e))
|
|
|
+ else:
|
|
|
+ user_qs = Device_User.objects.filter(Q(userID=userID))
|
|
|
+ print('---')
|
|
|
+ print(user_qs)
|
|
|
+ return self.do_login(user_qs, response)
|
tanghongbin