修改登录接口

Controller/UserController.py

@@ -13,8 +13,9 @@
 """
 import datetime
 import traceback
-
 import simplejson as json
+import socket
+import uuid
 from django.contrib.auth.hashers import make_password, check_password  # 对密码加密模块
 from django.db.models import Q
 from django.http import HttpResponseRedirect
@@ -1023,6 +1024,13 @@ class v2LoginView(TemplateView):
         language = request_dict.get('language', 'en')
         response = ResponseObject(language)
         was_limited = getattr(request, 'limited', False)
+        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]  # 所以这里是真实的ip
+        else:
+            ip = request.META.get('REMOTE_ADDR')  # 这里获得代理ip
+        print ('访问者的ip:')
+        print (ip)
         if was_limited is True:
             return response.json(5)
         return self.validates(request_dict, response)
@@ -1041,46 +1049,50 @@ class v2LoginView(TemplateView):
     def validates(self, request_dict, response):
         username = request_dict.get('userName', None)
         password = request_dict.get('userPwd', None)
+        # 标志ios登录还是安卓登录标记
+        phone_code = request_dict.get('phone_code', None)
+        if not phone_code:
+            phone_code = ''
         if not username or not password:
             return response.json(111)
         username = username.strip()
         password = password.strip()
         data_valid = DataValid()
         if data_valid.email_validate(username):
-            return self.do_email_login(username, password, response)
+            return self.do_email_login(phone_code,username, password, response)
         elif data_valid.mobile_validate(username):
-            return self.do_phone_login(username, password, response)
+            return self.do_phone_login(phone_code,username, password, response)
         elif data_valid.name_validate(username):
-            return self.do_name_login(username, password, response)
+            return self.do_name_login(phone_code,username, password, response)
         else:
             return response.json(107)
 
-    def do_email_login(self, email, password, response):
+    def do_email_login(self, phone_code,email, password, response):
         user_qs = Device_User.objects.filter(Q(username=email) | Q(userEmail=email))
-        return self.valid_login(user_qs, password, response)
+        return self.valid_login(phone_code,user_qs, password, response)
 
-    def do_phone_login(self, phone, password, response):
+    def do_phone_login(self, phone_code,phone, password, response):
         user_qs = Device_User.objects.filter(Q(phone=phone) | Q(username=phone), is_active=True, user_isValid=True)
-        return self.valid_login(user_qs, password, response)
+        return self.valid_login(phone_code,user_qs, password, response)
 
-    def do_name_login(self, username, password, response):
+    def do_name_login(self,phone_code, username, password, response):
         user_qs = Device_User.objects.filter(Q(username=username) | Q(phone=username) | Q(userEmail=username),
                                              is_active=True, user_isValid=True)
-        return self.valid_login(user_qs, password, response)
+        return self.valid_login(phone_code,user_qs, password, response)
 
-    def valid_login(self, user_qs, password, response):
+    def valid_login(self,phone_code, user_qs, password, response):
         if not user_qs.exists():
             return response.json(104)
         users = user_qs.values('role__rid', 'role__roleName', 'userID', 'role', 'NickName', 'username', 'userEmail',
-                               'phone', 'password', 'userIconPath', 'user_isValid', 'is_active')[0]
+                               'phone','machine_code', 'password', 'userIconPath', 'user_isValid', 'is_active')[0]
         if not check_password(password, users['password']):
             return response.json(111)
         userID = users['userID']
         tko = TokenObject()
-        res = tko.generate(data={'userID': userID, 'lang': response.lang, 'user': users['username']})
+        res = tko.generate(data={'userID': userID, 'lang': response.lang, 'user': users['username'], 'machine_code': phone_code})
         if tko.code == 0:
             now_time = datetime.datetime.utcnow().replace(tzinfo=utc).astimezone(utc)
-            user_qs.update(last_login=now_time, language=response.lang)
+            user_qs.update(last_login=now_time, language=response.lang, machine_code=phone_code )
             res['rid'] = users['role__rid']
             res['roleName'] = users['role__roleName']
             res['permList'] = ModelService.own_permission(userID)
@@ -1096,6 +1108,33 @@ class v2LoginView(TemplateView):
             res['username'] = users['username'] if users['username'] is not None else ''
             res['userEmail'] = users['userEmail'] if users['userEmail'] is not None else ''
             res['phone'] = users['phone'] if users['phone'] is not None else ''
+            reds = RedisObject()
+            print (res['access_token'])
+            if  phone_code == users['machine_code'] :
+                res['machine_code'] = '本机登录'
+            else:
+                res['machine_code'] = '别地登录被挤出！'
+            if not reds.set_data(key=res['userID']+'_tokenValues', val=res['access_token'], expire=300): #1个小时
+                return response.json(10, '生成缓存错误')
+            # if not reds.del_data(res['userID']):
+            #     return response.json(10, '删除缓存失败')
+
+            # 获取主机名
+            hostname = socket.gethostname()
+            # 获取IP
+            ip = socket.gethostbyname(hostname)
+
+            # 获取Mac地址
+            def get_mac_address():
+                mac = uuid.UUID(int=uuid.getnode()).hex[-12:]
+                return ":".join([mac[e:e + 2] for e in range(0, 11, 2)])
+
+            # ipList = socket.gethostbyname_ex(hostname)
+            # print(ipList)
+            print("主机名：", hostname)
+            print("IP：", ip)
+            print("Mac地址：", get_mac_address())
+            print (reds.get_data(key=res['userID']))
             return response.json(0, res)
         else:
             return response.json(tko.code)

Object/TokenObject.py

@@ -14,6 +14,7 @@
 from Ansjer.config import OAUTH_ACCESS_TOKEN_SECRET, OAUTH_REFRESH_TOKEN_SECRET, OAUTH_ACCESS_TOKEN_TIME, \
     OAUTH_REFRESH_TOKEN_TIME
 import jwt, time
+from Model.models import Device_User
 from Object.RedisObject import RedisObject
 
 
@@ -37,7 +38,54 @@ class TokenObject:
             return
         try:
             res = jwt.decode(self.token, OAUTH_ACCESS_TOKEN_SECRET, algorithms='HS256')
-            # print(res)
+            reds = RedisObject()
+            resetCode = reds.get_data(key=res['userID']+'_tokenValues')
+            if resetCode is False :
+                # 空
+                print('token是已经过期了')
+                user_qs = Device_User.objects.filter(userID=res['userID'], is_active=True, user_isValid=True).values(
+                    "machine_code", )
+                order_list = list(user_qs)
+                print ('继续是当前唯一编码')
+                print (resetCode)
+                print (self.token)
+                for ev in order_list:
+                    if resetCode != self.token:
+                        print (res['machine_code'])
+                        print (ev['machine_code'])
+                        if res['machine_code'] != ev['machine_code'] :
+                            print ('发现不同唯一码那么就309')
+                            self.code = 309
+                            return
+                        else:
+                            if not reds.set_data(key=res['userID'] + '_tokenValues', val=self.token,
+                                                 expire=300):  # 1个小时
+                                return response.json(10, '生成缓存错误')
+                            print ('相同的用户token值过期了，而且那个唯一码又没有过期的，然后续期')
+                    else:
+                        print ('相同的用户token值并续期了')
+                    if ev['machine_code'] =='':
+                        if not reds.set_data(key=res['userID'] + '_tokenValues', val=self.token,
+                                             expire=300):  # 1个小时
+                            return response.json(10, '生成缓存错误')
+                        print ('旧的方式访问，过期后，再续期')
+            elif (resetCode!=self.token) :
+                user_qs = Device_User.objects.filter(userID=res['userID'], is_active=True, user_isValid=True).values(
+                    "machine_code", )
+                order_list = list(user_qs)
+                for ev in order_list:
+                    if ev['machine_code'] == '':
+                        if not reds.set_data(key=res['userID'] + '_tokenValues', val=self.token,
+                                             expire=300):  # 1个小时
+                            return response.json(10, '生成缓存错误')
+                        print ('旧的方式登录访问还没有过期只是token值不同了，然后续期')
+                    else :
+                        print ('相同用户id不同token值')
+                        self.code = 309
+                        return
+            else :
+                print ('相同的用户token值')
+
             self.userID = res.get('userID', None)
             self.lang = res.get('lang', None)
             self.user = res.get('user', '')
@@ -111,3 +159,4 @@ class TokenObject:
             lang = self.lang
             refreshRes = self.generate(data={'userID': userID, 'lang':lang , 'user': user})
             return refreshRes
+