|
|
@@ -12,8 +12,9 @@
|
|
|
@Contact: pzb3076@163.com
|
|
|
"""
|
|
|
import requests
|
|
|
+import base64
|
|
|
from Ansjer.config import SERVER_TYPE
|
|
|
-from Model.models import ApplicationModel
|
|
|
+from Model.models import ApplicationModel, Device_User, GrantCodeModel
|
|
|
from django.views.generic.base import View
|
|
|
from Object.RedisObject import RedisObject
|
|
|
from Object.TokenObject import TokenObject
|
|
|
@@ -30,96 +31,136 @@ class AuthView(View):
|
|
|
def get(self, request, *args, **kwargs):
|
|
|
request.encoding = 'utf-8'
|
|
|
operation = kwargs.get('operation', None)
|
|
|
- return self.validation(request.GET, operation)
|
|
|
+ try:
|
|
|
+ content_range = request.META['HTTP_AUTHORIZATION']
|
|
|
+ print(content_range)
|
|
|
+ except Exception as e:
|
|
|
+ content_range = ''
|
|
|
+ return self.validation(request.GET, operation, content_range)
|
|
|
|
|
|
def post(self, request, *args, **kwargs):
|
|
|
request.encoding = 'utf-8'
|
|
|
+
|
|
|
operation = kwargs.get('operation', None)
|
|
|
- return self.validation(request.POST, operation)
|
|
|
+ try:
|
|
|
+ content_range = request.META['HTTP_AUTHORIZATION']
|
|
|
+ print(content_range)
|
|
|
+ except Exception as e:
|
|
|
+ content_range = ''
|
|
|
+ return self.validation(request.POST, operation, content_range)
|
|
|
|
|
|
- def validation(self, request_dict, operation):
|
|
|
+ def validation(self, request_dict, operation, content_range):
|
|
|
response = ResponseObject()
|
|
|
- token = request_dict.get('token', None)
|
|
|
- tko = TokenObject(token)
|
|
|
- if tko.code == 0:
|
|
|
- userID = tko.userID
|
|
|
- if operation == 'authorize':
|
|
|
- return self.do_authorize(request_dict, userID, response)
|
|
|
- elif operation == 'access_token':
|
|
|
- return self.do_token(request_dict, userID, response)
|
|
|
- elif operation == 'user':
|
|
|
- return self.do_user(request_dict, userID, response)
|
|
|
- else:
|
|
|
- return response.json(tko.code)
|
|
|
+ if operation == 'authorize':
|
|
|
+ return self.do_authorize(request_dict, response,content_range)
|
|
|
+ elif operation == 'access_token':
|
|
|
+ return self.do_token(request_dict, response, content_range)
|
|
|
+ elif operation == 'user':
|
|
|
+ return self.do_user(request_dict, response,content_range)
|
|
|
else:
|
|
|
return response.json(414)
|
|
|
|
|
|
- def do_authorize(self,request_dict, userID, response):
|
|
|
+ def do_authorize(self,request_dict, response, content_range):
|
|
|
state = request_dict.get("state", '')
|
|
|
client_id = request_dict.get("client_id", '')
|
|
|
response_type = request_dict.get("response_type", '')
|
|
|
scope = request_dict.get("scope", '')
|
|
|
redirect_uri = request_dict.get("redirect_uri", '')
|
|
|
- code = CommonService.encrypt_data(32)
|
|
|
- print(redirect_uri)
|
|
|
- redirect_uri = redirect_uri + '?code=' + code + '&state=' + state
|
|
|
- return response.json(0, res=redirect_uri)
|
|
|
+ client_secret = request_dict.get("client_secret", '')
|
|
|
+ token = request_dict.get('token', None)
|
|
|
+ # print("client_id", client_id)
|
|
|
+ # print("state", state)
|
|
|
+ # print("response_type", response_type)
|
|
|
+ # print("scope", scope)
|
|
|
+ # print("redirect_uri", redirect_uri)
|
|
|
+ # print("client_secret", client_secret)
|
|
|
+ tko = TokenObject(token)
|
|
|
+ if tko.code == 0:
|
|
|
+ userID = tko.userID
|
|
|
+ nowTime = int(time.time())
|
|
|
+ user_qs = GrantCodeModel.objects.filter(userID__userID=userID)
|
|
|
+ code = CommonService.encrypt_data(randomlength=32)
|
|
|
+ Application = ApplicationModel.objects.filter(client_id=client_id)
|
|
|
+ if Application.exists():
|
|
|
+ print(Application.exists())
|
|
|
+ else:
|
|
|
+ return JsonResponse({'error': 'config error,client_id This value is wrong'})
|
|
|
+ if not user_qs.exists():
|
|
|
+ print('在创建')
|
|
|
+ try:
|
|
|
+ grantcode = GrantCodeModel(
|
|
|
+ userID=Device_User.objects.get(userID=userID),
|
|
|
+ application=ApplicationModel.objects.get(client_id=client_id),
|
|
|
+ code=code,
|
|
|
+ expire_time=nowTime+3600,
|
|
|
+ add_time=nowTime,
|
|
|
+ update_time=nowTime)
|
|
|
+ grantcode.save()
|
|
|
+
|
|
|
+ except Exception as e:
|
|
|
+ print(repr(e))
|
|
|
+ return response.json(178)
|
|
|
+ else:
|
|
|
+ print('在修改')
|
|
|
+ user_qs.update(code=code,update_time=nowTime,expire_time=nowTime+3600)
|
|
|
+ redirect_uri = redirect_uri + '?code=' + code + '&state=' + state
|
|
|
+ return response.json(0, {'url': redirect_uri})
|
|
|
+ else:
|
|
|
+ return response.json(tko.code)
|
|
|
|
|
|
# 增加对code和client_id的校验代码,返回access_token和refresh_token
|
|
|
- def do_token(self,request_dict, userID, response):
|
|
|
- code = request_dict.get("code", None)
|
|
|
- client_id = request_dict.get("client_id", None)
|
|
|
- refresh_token = request_dict.get("refresh_token", None)
|
|
|
- print('refresh_token:')
|
|
|
- print(refresh_token)
|
|
|
- print('code:')
|
|
|
- print(code)
|
|
|
- print('client_id:')
|
|
|
- print(client_id)
|
|
|
- access_token = CommonService.encrypt_data(randomlength=32)
|
|
|
- refresh_token = CommonService.encrypt_data(randomlength=32)
|
|
|
- res_json = {
|
|
|
- "access_token": access_token,
|
|
|
- "token_type": "bearer",
|
|
|
- "expires_in": 3600,
|
|
|
- "refresh_token": refresh_token
|
|
|
- }
|
|
|
- print(res_json)
|
|
|
- return JsonResponse(res_json)
|
|
|
-
|
|
|
- def do_user(self, request_dict, userID, response):
|
|
|
+ def do_token(self,request_dict, response, content_range):
|
|
|
code = request_dict.get("code", None)
|
|
|
- client_id = request_dict.get("client_id", None)
|
|
|
- refresh_token = request_dict.get("refresh_token", None)
|
|
|
- print('refresh_token:')
|
|
|
- print(refresh_token)
|
|
|
print('code:')
|
|
|
print(code)
|
|
|
- print('client_id:')
|
|
|
- print(client_id)
|
|
|
- access_token = CommonService.encrypt_data(randomlength=32)
|
|
|
- refresh_token = CommonService.encrypt_data(randomlength=32)
|
|
|
- res_json ={
|
|
|
- "login": "pengzhibo168",
|
|
|
- "id": 1,
|
|
|
- "node_id": "MDQ6VXNlcjE=",
|
|
|
- "gravatar_id": "",
|
|
|
- "type": "User",
|
|
|
- "name": "monalisa octocat",
|
|
|
- "company": "asdfda",
|
|
|
- "location": "San Francisco",
|
|
|
- "email": "sadf@sadf.com",
|
|
|
- "bio": "There once was...",
|
|
|
- "public_repos": 2,
|
|
|
- "public_gists": 1,
|
|
|
- "followers": 20,
|
|
|
- "following": 0,
|
|
|
- "created_at": "2008-01-14T04:33:35Z",
|
|
|
- "updated_at": "2008-01-14T04:33:35Z"
|
|
|
- }
|
|
|
- print(res_json)
|
|
|
- return JsonResponse(res_json)
|
|
|
+ str = content_range
|
|
|
+ # str = 'Basic cHpiMTIzNDU2Nzg6cHpiMTIzNDU2Nzg='
|
|
|
+ if str != '':
|
|
|
+ str = str[6:]
|
|
|
+ str = base64.b64decode(str)
|
|
|
+ print(str)
|
|
|
+ str = bytes.decode(str)
|
|
|
+ print(type(str))
|
|
|
+ str_all = str.split(":", 1)
|
|
|
+ client_id = str_all[0]
|
|
|
+ client_secret = str_all[1]
|
|
|
+ eq = ApplicationModel.objects.filter(client_secret=client_secret)
|
|
|
+ if eq.exists():
|
|
|
+ access_token = code
|
|
|
+ refresh_token = CommonService.encrypt_data(randomlength=32)
|
|
|
+ res_json = {
|
|
|
+ "access_token": access_token,
|
|
|
+ "token_type": "bearer",
|
|
|
+ "expires_in": 3600,
|
|
|
+ "refresh_token": refresh_token,
|
|
|
+ 'scope': 'cHpi'
|
|
|
+ }
|
|
|
+ print(res_json)
|
|
|
+ return JsonResponse(res_json)
|
|
|
+ else:
|
|
|
+ return JsonResponse({'error': 'client_secret This value is misconfigured.'})
|
|
|
+ else:
|
|
|
+ return JsonResponse({'error': 'Check your configuration:no client_id,client_secret'})
|
|
|
|
|
|
+ def do_user(self, request_dict, response,content_range):
|
|
|
+ str = content_range
|
|
|
+ # str = 'Bearer iBO4WssoK60eF4o6zm1e0fcHe2wRlRm1'
|
|
|
+ if str != '':
|
|
|
+ token = str[7:]
|
|
|
+ code_qs = GrantCodeModel.objects.filter(code=token)
|
|
|
+ if code_qs.exists():
|
|
|
+ print(code_qs[0].userID_id)
|
|
|
+ user_qs = Device_User.objects.filter(userID=code_qs[0].userID_id)
|
|
|
+ # print(CommonService.qs_to_dict(user_qs)['datas'][0]['fields'])
|
|
|
+ res_json = CommonService.qs_to_dict(user_qs)['datas'][0]['fields']
|
|
|
+ res_json.pop('password')
|
|
|
+ print(res_json)
|
|
|
+ return JsonResponse(res_json)
|
|
|
+ else:
|
|
|
+ print('没有找到数据')
|
|
|
+ return JsonResponse({'error': 'token inexistence'})
|
|
|
+ else:
|
|
|
+ return JsonResponse({'error': 'The request method is not correct. Please contact the administrator.'})
|
|
|
|
|
|
|
|
|
|
|
|
@@ -154,28 +195,60 @@ class ApplicationView(View):
|
|
|
return self.delete(request_dict, userID, response)
|
|
|
else:
|
|
|
return response.json(414)
|
|
|
+ else:
|
|
|
+ return response.json(tko.code)
|
|
|
+ def add(self, request_dict, userID, response):
|
|
|
+ own_perm = ModelService.check_perm(userID=userID, permID=40)
|
|
|
+ if own_perm is not True:
|
|
|
+ return response.json(404)
|
|
|
+ # http://192.168.136.39:8000/application/add?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySUQiOiIxMzgwMDEzODAwMSIsImxhbmciOiJjbiIsInVzZXIiOiIxMzgwMDEzODAwMSIsIm1fY29kZSI6IjEyMzQxMzI0MzIxNCIsImV4cCI6MTU4NzYxNjQ0NX0.BIwq - eWDcTnqLBTxqpi7BgJoU9TeIHC5Ibc2LUUJPls&name=pzb&client_id=pzb12345&client_secret=pzb12345678&client_type=confidential&grant_type=authorization_code&redirect_uri=https://www.zositech.cn&skip_auth=1
|
|
|
+
|
|
|
+ nowTime = int(time.time())
|
|
|
+ name = request_dict.get('name', None)
|
|
|
+ client_id = request_dict.get('client_id', None)
|
|
|
+ client_secret = request_dict.get('client_secret', None)
|
|
|
+ client_type = request_dict.get('client_type', None)
|
|
|
+ grant_type = request_dict.get('grant_type', None)
|
|
|
+ redirect_uri = request_dict.get('redirect_uri', None)
|
|
|
+ skip_auth = request_dict.get('skip_auth', None)
|
|
|
+ try:
|
|
|
+ ApplicationModel.objects.create(add_time=nowTime, update_time=nowTime, client_id=client_id, name=name, client_secret=client_secret,
|
|
|
+ client_type=client_type,redirect_uri=redirect_uri,skip_auth=skip_auth,grant_type=grant_type)
|
|
|
+ return response.json(0)
|
|
|
+ except Exception:
|
|
|
+ return response.json(178)
|
|
|
+
|
|
|
+
|
|
|
|
|
|
def query(self, request_dict, userID, response):
|
|
|
- page = int(request_dict.get('page', 0))
|
|
|
- line = int(request_dict.get('line', 0))
|
|
|
- if page == 0:
|
|
|
- page=1
|
|
|
- if line == 0:
|
|
|
- line=10
|
|
|
- qs = ApplicationModel.objects.all()
|
|
|
- if qs.exists():
|
|
|
- count = qs.count()
|
|
|
- res = qs[(page - 1) * line:page * line]
|
|
|
- send_json = CommonService.qs_to_dict(res)
|
|
|
- send_json['count'] = count
|
|
|
- return response.json(0, send_json)
|
|
|
- return response.json(0, {'datas': [], 'count': 0})
|
|
|
+ own_perm = ModelService.check_perm(userID, 20)
|
|
|
+ if own_perm is True:
|
|
|
+ page = int(request_dict.get('page', 0))
|
|
|
+ line = int(request_dict.get('line', 0))
|
|
|
+ if page == 0:
|
|
|
+ page=1
|
|
|
+ if line == 0:
|
|
|
+ line=10
|
|
|
+ qs = ApplicationModel.objects.all()
|
|
|
+ gc = GrantCodeModel.objects.all()
|
|
|
+ if qs.exists():
|
|
|
+ count = qs.count()
|
|
|
+ res = qs[(page - 1) * line:page * line]
|
|
|
+ send_json = CommonService.qs_to_dict(res)
|
|
|
+ send_json['count'] = count
|
|
|
+ send_json['gc_count'] = gc.count()
|
|
|
+ return response.json(0, send_json)
|
|
|
+ else:
|
|
|
+ return response.json(0, {'datas': [], 'count': 0})
|
|
|
+ else:
|
|
|
+ return response.json(404)
|
|
|
|
|
|
# 管理员的编辑
|
|
|
def update(self, request_dict, userID, response):
|
|
|
own_perm = ModelService.check_perm(userID=userID, permID=50)
|
|
|
if own_perm is not True:
|
|
|
return response.json(404)
|
|
|
+
|
|
|
deviceContent = request_dict.get('content', None)
|
|
|
id = request_dict.get('id', None)
|
|
|
if not deviceContent or not id:
|
|
|
@@ -185,31 +258,23 @@ class ApplicationView(View):
|
|
|
deviceData = json.loads(deviceContent)
|
|
|
uid_set = ApplicationModel.objects.filter(id=id)
|
|
|
if uid_set.exists():
|
|
|
- uid_set.update(updTime=timestamp, **deviceData)
|
|
|
- return response.json(0)
|
|
|
+ uid_set.update(update_time=timestamp, **deviceData)
|
|
|
+ return response.json(0,{"update_time":timestamp})
|
|
|
else:
|
|
|
return response.json(173)
|
|
|
except Exception:
|
|
|
- errorInfo = traceback.format_exc()
|
|
|
- print(errorInfo)
|
|
|
- return response.json(500, {'details': errorInfo})
|
|
|
-
|
|
|
-
|
|
|
+ return response.json(177)
|
|
|
|
|
|
def delete(self, request_dict, userID, response):
|
|
|
own_perm = ModelService.check_perm(userID=userID, permID=10)
|
|
|
if own_perm is not True:
|
|
|
return response.json(404)
|
|
|
- id_list = request_dict.getlist('id', None)
|
|
|
- if not id_list:
|
|
|
- return response.json(444, 'id must list')
|
|
|
- try:
|
|
|
- for id in id_list:
|
|
|
- ApplicationModel.objects.filter(id=id).delete()
|
|
|
- except Exception as e:
|
|
|
- errorInfo = traceback.format_exc()
|
|
|
- print(errorInfo)
|
|
|
- return response.json(424, {'details': repr(e)})
|
|
|
- else:
|
|
|
+ id = request_dict.get('id', None)
|
|
|
+ uid_set = ApplicationModel.objects.filter(id=id)
|
|
|
+ if uid_set.exists():
|
|
|
+ uid_set.delete()
|
|
|
return response.json(0)
|
|
|
+ else:
|
|
|
+ return response.json(173)
|
|
|
+
|
|
|
|
pengzhibo168