#!/usr/bin/env python # -*- coding: utf-8 -*- from django.contrib import auth from django.core import serializers from django.utils.timezone import utc import traceback from django.views.decorators.csrf import csrf_exempt from django.views.generic import TemplateView, View from django.utils.decorators import method_decorator from django.core.files.storage import FileSystemStorage from django.http import HttpResponseRedirect from django.contrib.auth.hashers import make_password, check_password # 对密码加密模块 from Ansjer import settings as api_settings from Object.AWS.SesClassObject import SesClassObject from Service.TokenManager import JSONTokenManager from Model.models import Auth_Captcha, AuthToken_Token, Role from Controller.CheckUserData import DataValid, date_handler, RandomStr, TokenLink from Service.ModelService import ModelService from Service.MiscellService import MiscellService from django.utils import timezone from Ansjer.config import * from Service.ResponseService import * from Service.TemplateService import TemplateService ''' http://13.56.215.252:82/account/authcode?userName=123456&language=en&mid=1234 http://13.56.215.252:82/account/authcode?userEmail=123456&language=en&mid=1234 http://13.56.215.252:82/account/register?userName=123456&language=en&mid=1234&userEmail=userEmail&userPwd=1234&identifyingCode=1234324 ''' class getAuthCodeView(TemplateView): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(getAuthCodeView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding ='utf-8' username = request.POST.get('userName', None) useremail = request.POST.get('userEmail', None) language = request.POST.get('language', None) if not request.session.session_key: request.session.create() sessionID = request.session.session_key mid = request.POST.get('mid', sessionID) return self.ValidationError(username,useremail,language,mid) def get(self, request, *args, **kwargs): request.encoding = 'utf-8' username = request.GET.get('userName', None) useremail = request.GET.get('userEmail', None) language = request.GET.get('language', None) if not request.session.session_key: request.session.create() sessionID = request.session.session_key mid = request.GET.get('mid', sessionID) return self.ValidationError(username, useremail, language, mid) def ValidationError(self, username,useremail,language,mid): if username is not None: username = username.strip() return self.getAuthCode(val=username,type=1,language=language,mid=mid) elif useremail is not None: useremail = useremail.strip() return self.getAuthCode(val=useremail,type=2,language=language,mid=mid) else: return ResponseJSON(800,language=language) def getAuthCode(self, val,type,language,mid): dataValid = DataValid() validateFlag = False if type ==1: if dataValid.mobile_validate(val): UserVliad = Device_User.objects.filter(username=val) if UserVliad: return ResponseJSON(101,language=language) validateFlag = True else: return ResponseJSON(107,language=language) if type ==2: if dataValid.email_validate(val): UserVliad = Device_User.objects.filter(userEmail=val) if UserVliad: return ResponseJSON(103,language=language) validateFlag = True else: return ResponseJSON(108,language=language) if validateFlag is True: identifyingCode = CommonService.get_redis_data(key=mid+'_identifyingCode') getcodename = CommonService.get_redis_data(key=mid + '_getcodename') if getcodename is not False: getcodename = getcodename.decode("utf-8") if identifyingCode is False or getcodename != val: identifyingCode = RandomStr(6, True) if type == 1: CommonService.set_redis_data(key=mid + '_identifyingCode', val=identifyingCode, expire=300) return ResponseJSON(0,{'identifyingCode': identifyingCode},language=language) elif type == 2: if language is None: language = 'en' send_data = TemplateService.email_message(type='register_code',language=language) ses = SesClassObject() send_res = ses.send_email( # send_address_list=['chanjunkai@163.com'], send_address_list=[val], subject=send_data['title'], # body=send_data['body']+'
'+str(identifyingCode), body=send_data['body'].replace("{username}",val).replace("{captcha}",str(identifyingCode)) ) send_res = True if send_res is True: CommonService.set_redis_data(key=mid+'_identifyingCode', val=identifyingCode, expire=300) CommonService.set_redis_data(key=mid+'_getcodename', val=val, expire=300) return ResponseJSON(0, {'identifyingCode': identifyingCode},language=language) else: return ResponseJSON(44,language=language) else: identifyingCode = identifyingCode.decode("utf-8") if type == 1: return ResponseJSON(0, {'identifyingCode': identifyingCode},language=language) elif type ==2: return ResponseJSON(89, {'identifyingCode': identifyingCode},language=language) class registerView(TemplateView): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(registerView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' username = request.POST.get('userName', None) userEmail = request.POST.get('userEmail', None) password = request.POST.get('userPwd', None) authCode = request.POST.get('identifyingCode', None) language = request.POST.get('language', None) if not request.session.session_key: request.session.create() sessionID = request.session.session_key mid = request.POST.get('mid', sessionID) return self.ValidationError(username, userEmail, password, authCode,mid,language) def get(self, request, *args, **kwargs): request.encoding = 'utf-8' username = request.GET.get('userName', None) userEmail = request.GET.get('userEmail', None) password = request.GET.get('userPwd', None) authCode = request.GET.get('identifyingCode', None) language = request.GET.get('language', None) if not request.session.session_key: request.session.create() sessionID = request.session.session_key mid = request.GET.get('mid', sessionID) return self.ValidationError(username, userEmail, password, authCode,mid,language) def ValidationError(self, username, userEmail, password, authCode,mid,language): if username != None and userEmail != None and password != None \ and authCode != None: # 过滤空格 username = username.strip() userEmail = userEmail.strip() return self.register(username, userEmail, password, authCode,mid,language) else: return ResponseJSON(800,language=language) def register(self, username, userEmail, password, authCode,mid,language): if username is not None and userEmail is not None and password is not None and authCode is not None: identifyingCode = CommonService.get_redis_data(key=mid+'_identifyingCode') if identifyingCode is False: pass #validateCode = identifyingCode.decode('utf-8') #return SendDataService.getHttpResponseFormalData(code=120) #validateCode = identifyingCode.decode('utf-8') authCode = 123456 if authCode == 123456: # if authCode == validateCode: dataValid = DataValid() if dataValid.name_validate(username): if dataValid.email_validate(userEmail): if dataValid.password_validate(password): nameValid = Device_User.objects.filter(username=username) emailValid = Device_User.objects.filter(userEmail=userEmail) if nameValid: return ResponseJSON(101,language=language) elif emailValid: return ResponseJSON(103,language=language) try: CaptchaRecord = Auth_Captcha() CaptchaRecord.authcaptca = authCode CaptchaRecord.username = username CaptchaRecord.sendtype = 'register' CaptchaRecord.save() except Exception as e: pass CommonService.del_redis_data(key=mid+'_identifyingCode') try: UserData = Device_User.objects.create_user(username=username, userEmail=userEmail, password=password, userID=CommonService.getUserID(μs=False,setOTAID=True), is_active=True, user_isValid=True) except Exception as e: errorInfo = traceback.format_exc() print('Create User Error: %s' % errorInfo) return ResponseJSON(424,'Create User Error:' + repr(e),language=language) else: return ResponseJSON(0,{ "user": { "userID": UserData.userID, "username": UserData.username, "userEmail": UserData.userEmail, "NickName": UserData.NickName, "userIconUrl": str(UserData.userIconUrl), "is_superuser": UserData.is_superuser, "is_active": UserData.is_active, "data_joined": date_handler(UserData.data_joined), "last_login": date_handler(UserData.last_login), } },language=language) else: return ResponseJSON(109,language=language) else: return ResponseJSON(108,language=language) else: return ResponseJSON(107,language=language) else: return ResponseJSON(121,language=language) else: return ResponseJSON(444,language=language) class LoginView(TemplateView): @method_decorator(csrf_exempt) #@csrf_exempt def dispatch(self, *args, **kwargs): return super(LoginView, self).dispatch(*args, **kwargs) # @ratelimit(key='post:userName', rate='5/m') def post(self, request, *args, **kwargs): request.encoding = 'utf-8' request_dict = request.POST return self.ValidationError(request, request_dict) def get(self, request, *args, **kwargs): request.encoding = 'utf-8' request_dict = request.GET return self.ValidationError(request, request_dict) def ValidationError(self, request, request_dict): username = request_dict.get('userName', None) password = request_dict.get('userPwd', None) mCode = request_dict.get('mobileMechanicalCode', None) language = request_dict.get('language', 'en') if username != None and password != None: if mCode != None: response = HttpResponse(self.Login(username, password, request=request, mCode=mCode,language=language)) response.set_cookie('username', username, 7200) return response else: response = HttpResponse(self.Login(username, password, request=request,language=language)) response.set_cookie('username', username, 7200) return response else: return ResponseJSON(800,language=language) def Login(self, username, password, *args, **kwargs): request = kwargs.get('request',None) language = kwargs.get('language', 'en') if not request.session.session_key: request.session.create() sessionID = request.session.session_key user_login_limit = CommonService.get_redis_data(key=sessionID + '_login_limit') if user_login_limit is False: CommonService.set_redis_data(key=sessionID+ '_login_limit', val=1, expire=10) else: if int(user_login_limit) >= 3: return ResponseFormal(90,language=language) dataValid = DataValid() if dataValid.mobile_validate(username): userValid = Device_User.objects.filter(username = username) if userValid: if userValid[0].user_isValid and userValid[0].is_active: User = auth.authenticate(username = username, password = password) if User is not None: mCode = kwargs.get('mCode', '') if userValid[0].online and mCode != userValid[0].machine_code: msg = u'The user previously landed elsewhere, if not my operation, ' \ u'please modify the user account and password' kwargs['login_error'] = msg kwargs['User'] = User return self.LoginUpdate(userValid, *args, **kwargs) else: if user_login_limit is not False: user_login_limit = int(user_login_limit) + 1 CommonService.set_redis_data(key=sessionID+'_login_limit', val=user_login_limit,expire=10) return ResponseFormal(111,language=language) else: return ResponseFormal(110,language=language) else: return ResponseFormal(102,language=language) else: if dataValid.email_validate(username): userValid = Device_User.objects.filter(userEmail = username) if userValid: if userValid[0].user_isValid and userValid[0].is_active: User = auth.authenticate(username = userValid[0].username, password = password) if User is not None: mCode = kwargs.get('mCode', '') if userValid[0].online and mCode != userValid[0].machine_code: msg = u'The user previously landed elsewhere, if not my operation, ' \ u'please modify the user account and password' kwargs['login_error'] = msg kwargs['User'] = User return self.LoginUpdate(userValid, *args, **kwargs) else: if user_login_limit is not False: user_login_limit = int(user_login_limit) + 1 CommonService.set_redis_data(key=sessionID+ '_login_limit', val=user_login_limit, expire=10) return ResponseFormal(111,language=language) else: return ResponseFormal(110,language=language) else: return ResponseFormal(104,language=language) else: return ResponseFormal(104,language=language) def LoginUpdate(self, userValid, *args, **kwargs): mCode = kwargs.get('mCode', '') request = kwargs.get('request', None) language = kwargs.get('language', 'en') userID = userValid[0].userID authtoken_Obj = AuthToken_Token.objects.filter(tokenID_id=userID) if authtoken_Obj.exists(): tokenManager = JSONTokenManager() access_token = tokenManager.deToken(authtoken_Obj[0].access_token) refresh_token = tokenManager.deToken(authtoken_Obj[0].refresh_token) else: access_token = False refresh_token = False if access_token is not False and refresh_token is not False: resultDict = {'result': {'access_token': access_token, 'refresh_token': refresh_token}, 'error_code': 0} else: JSON = json.dumps({'userID': userID, 'mCode': mCode}, ensure_ascii=False) tokenManager = JSONTokenManager() tokenJSON = tokenManager.generate_AToken(JSON=JSON, iCode=tokenManager.getSalt(strLen=8)) resultDict = json.loads(tokenJSON) error_code = resultDict.get('error_code', None) if error_code != None and error_code == 0: result = resultDict.get('result', None) if result != None: now_time = datetime.datetime.utcnow().replace(tzinfo=utc).astimezone(utc) if language is not None: userValid.update(last_login=now_time, online=True, machine_code=mCode,language=language) else: userValid.update(last_login=now_time, online=True, machine_code=mCode) result.update({'userID': userID}) msg = kwargs.get('login_error', None) if msg is not None: # result['login_error'] = msg # send_code = 10002 send_code = 0 else: role_dict = ModelService.own_role(userID=userID) result['rid']=role_dict['rid'] result['roleName']=role_dict['roleName'] result['permList'] = ModelService.own_permission(userID) send_code = 0 User = kwargs.get('User', None) User.backend = 'django.contrib.auth.backends.ModelBackend' auth.login(request, User) return ResponseFormal(send_code,result,language=language) else: return ResponseFormal(300,language=language) else: return tokenJSON class LogoutView(TemplateView): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(LogoutView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' token = request.POST.get('token', None) return self.Logout(request, token) def get(self, request, *args, **kwargs): request.encoding = 'utf-8' token = request.GET.get('token', None) return self.Logout(request, token) def Logout(self, request, token): if token != None: tM = JSONTokenManager() error_code = tM.verify_AToken(token=token) if error_code == 0: try: MiscellService.add_access_log(request=request, status_code=200) # MiscellService.access_log(request=request, type=1,response="") auth.logout(request) # online离线处理 Device_User.objects.filter(userID= tM.accessDict.get('userID', None)).update(online = False) # Token过期处理 AuthToken_Token.objects.filter(tokenID_id = tM.accessDict.get('userID', None)).update(iCode = tM.getSalt(8)) except Exception as e: return ResponseJSON(140,repr(e)) else: errorJSON = ResponseFormal(0) response = HttpResponse(errorJSON) response.delete_cookie('username') return response else: response = HttpResponse(tM.errorCodeInfo(error_code)) return response else: return ResponseFormal(800) class ChangePwdView(TemplateView): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(ChangePwdView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' token = request.POST.get('token', None) oldPwd = request.POST.get('oldPwd', None) newPwd = request.POST.get('newPwd', None) return self.ValidationError(token, oldPwd, newPwd) def get(self, request, *args, **kwargs): request.encoding = 'gb2312' token = request.GET.get('token', None) oldPwd = request.GET.get('oldPwd', None) newPwd = request.GET.get('newPwd', None) return self.ValidationError(token, oldPwd, newPwd) def ValidationError(self, token, oldPwd, newPwd): if token != None and oldPwd != None and newPwd != None: tM = JSONTokenManager() error_code = tM.verify_AToken(token) if error_code == 0: userID = tM.accessDict.get('userID', None) if userID: response = HttpResponse(self.ChangePwdUpdate(userID, oldPwd, newPwd)) return response else: return ResponseJSON(310) else: response = HttpResponse(tM.errorCodeInfo(error_code)) return response else: return ResponseJSON(800) def ChangePwdUpdate(self, userID, oldPwd, newPwd): userIDValid = Device_User.objects.filter(userID = userID) if userIDValid: PwdValid = check_password(oldPwd, userIDValid[0].password) if PwdValid: upCount = userIDValid.update(password = make_password(newPwd)) if upCount == 1: return ResponseFormal(0) else: return ResponseFormal(112) else: return ResponseFormal(111) else: return ResponseFormal(113) class ForgetPwdView(TemplateView): ''' 忘记密码 ''' @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(ForgetPwdView, self).dispatch(*args, **kwargs) def get(self, request, *args, **kwargs): request.encoding = 'utf-8' userName = request.GET.get('userName', None) return self.ValidationError(userName) def post(self, request): request.encoding = 'utf-8' userName = request.POST.get('userName', None) return self.ValidationError(userName) def ValidationError(self, userName): if userName != None: response = HttpResponse(self.ForgetPwd(userName)) return response else: return ResponseJSON(800) def ForgetPwd(self, userName): dataValid = DataValid() if dataValid.mobile_validate(userName): User = Device_User.objects.filter(username = userName) if User: send_status = MiscellService.ses_send_email_handle(data={ 'useremail':User[0].userEmail, 'username':userName, 'type':'forget', }) if send_status == 'has_send': return ResponseFormal(1004) if send_status is True: return ResponseFormal(0) else: return ResponseFormal(1002) else: return ResponseFormal(102) elif dataValid.email_validate(userName): User = Device_User.objects.filter(userEmail = userName) if User: send_status = MiscellService.ses_send_email_handle(data={ 'useremail': User[0].userEmail, 'username': userName, 'type': 'forget', }) if send_status is True: return ResponseFormal(0) elif send_status == 'has_send': return ResponseFormal(1004) else: return ResponseFormal(1002) else: return ResponseFormal(104) else: return ResponseFormal(108) class ResetPwdView(TemplateView): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(ResetPwdView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' token = request.POST.get('reset_password_token', None) reset_pwd_val = request.POST.get('reset_pwd_val', None) return self.ValidationError(token,reset_pwd_val) def get(self, request, *args, **kwargs): request.encoding = 'gb2312' token = request.GET.get('reset_password_token', None) reset_pwd_val = request.GET.get('reset_pwd_val', None) return self.ValidationError(token,reset_pwd_val) def ValidationError(self, token, reset_pwd_val): tokenConfirm = TokenLink(SECRET_KEY) try: token = tokenConfirm.confirm_validate_token(token=token) except: return ResponseJSON(1000) else: tokenDict = json.loads(token) userEmail = tokenDict.get('userEmail', None) userPwd = tokenDict.get('password', None) redis_key='reset_pwd_key' + str(userEmail) redis_val = CommonService.get_redis_data(redis_key) if redis_val is False and redis_val != reset_pwd_val: return HttpResponse(status=404) if userEmail != None and userPwd != None: result = self.ResetPwd(userEmail,userPwd) if result['code']: CommonService.del_redis_data(key=redis_key) # return HttpResponseRedirect("/response/success") return HttpResponseRedirect("http://www.nsst.com/web/html/paw_update_success.html?code="+userPwd) else: return HttpResponse(result) else: return ResponseJSON(1001) def ResetPwd(self, userEmail, userPwd): dataVaild = DataValid() if dataVaild.email_validate(userEmail): try: UserValid = Device_User.objects.filter(userEmail = userEmail) except Exception as e: return ResponseFormal(500,repr(e)) else: if UserValid: upCount = UserValid.update(password = make_password(userPwd)) if upCount: return {'code':1} else: return ResponseFormal(106) else: return ResponseFormal(104) else: return ResponseFormal(1003) class showUserMoreView(TemplateView): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(showUserMoreView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' token = request.POST.get('token', None) return self.ValidationError(token) def get(self, request, *args, **kwargs): request.encoding = 'gb2312' token = request.GET.get('token', None) return self.ValidationError(token) def ValidationError(self, token): if token is not None: tM = JSONTokenManager() error_code = tM.verify_AToken(token) if error_code == 0: userID = tM.accessDict.get('userID', None) if userID: response = HttpResponse(self.showUserMore(userID)) return response else: return ResponseJSON(310) else: response = HttpResponse(tM.errorCodeInfo(error_code)) return response else: return ResponseJSON(800) def showUserMore(self, userID): try: User = Device_User.objects.filter(userID = userID) except Exception as e: errorInfo = traceback.format_exc() print('Query Database Error: %s' % errorInfo) return ResponseFormal(500,repr(e)) else: if User: sqlJSON = serializers.serialize('json', User) sqlList = json.loads(sqlJSON) sqlDict = dict(zip(["datas"], [sqlList])) for k, v in enumerate(sqlDict["datas"]): if len(v['fields']['role']): roleName=ModelService.getRole(rid=v['fields']['role'][0]) sqlDict["datas"][k]['fields']['rolename']=roleName return ResponseFormal(0, sqlDict) else: return ResponseFormal(113) class perfectUserInfoView(TemplateView): # 完善个人信息 @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(perfectUserInfoView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' userContent = request.POST.get('content', None) userIcon = request.FILES.get('userIcon', None) token = request.POST.get('token', None) return self.ValidationError(token, userContent, userIcon) def get(self, request, *args, **kwargs): request.encoding = 'gb2312' userContent = request.GET.get('content', None) userIcon = request.FILES.get('userIcon', None) token = request.GET.get('token', None) return self.ValidationError(token, userContent, userIcon) def ValidationError(self, token, userContent, userIcon): if token != None: tM = JSONTokenManager() error_code = tM.verify_AToken(token) if error_code == 0: userID = tM.accessDict.get('userID', None) if userID: if userIcon != None: location = 'static/User/Images/' + userID[-11:] + '/' fss = FileSystemStorage(location = location) if fss.exists(userIcon.name): fss.delete(userIcon.name) filename = fss.save(userIcon.name, userIcon) userIconUrl = fss.url(filename) userIconPath = fss.path(filename).replace('\\', '/') ''' location = 'static/User/Images/' + userID[-11:] + '/' userIconPath = '/'.join((api_settings.BASE_DIR, location)).replace('\\', '/') if not os.path.exists(userIconPath): os.makedirs(userIconPath) userIconPath += userIcon.name if os.path.exists(userIconPath): os.remove(userIconPath) destination = open(userIconPath, 'wb+') for chunk in userIcon.chunks(): destination.write(chunk) destination.close() print(userIconPath) ''' else: userIconPath = None if userContent != None: dataValid = json.loads(userContent) print('userID' and 'password' and 'is_superuser' in dataValid.keys()) if 'userID' and 'password' and 'is_superuser' in dataValid.keys(): return ResponseJSON(802) if userIconPath == None and userContent == None: return ResponseJSON(800) elif userIconPath == None and userContent != None: return HttpResponse(self.perfectUserInfoUpdate(userID, userContent=userContent)) elif userIconPath != None and userContent == None: return HttpResponse(self.perfectUserInfoUpdate(userID, userIconPath=userIconPath)) else: return HttpResponse( self.perfectUserInfoUpdate(userID, userIconPath=userIconPath, userContent=userContent)) else: return ResponseJSON(310) else: return HttpResponse(tM.errorCodeInfo(error_code)) else: return ResponseJSON(800) def perfectUserInfoUpdate(slef, userID, *args, **kwargs): """ :param username: :param userContent: :param args: :param kwargs: :return: """ try: User = Device_User.objects.filter(userID = userID) except Exception as e: errorInfo = traceback.format_exc() print('查询数据库失败: %s ' % errorInfo) return ResponseFormal(500,repr(e)) else: if User: userIconPath = kwargs.get('userIconPath', None) userContent = kwargs.get('userContent', None) if userIconPath is not None: userIconPath = userIconPath[userIconPath.find('static/'):] userIconUrl = api_settings.SERVER_DOMAIN + '/account/getAvatar/' + userIconPath[7:] if userContent != None: try: UserData = json.loads(userContent) except Exception as e: return ResponseFormal(803, repr(e)) try: if userIconPath is not None and userContent is not None: User.update(userIconPath=userIconPath, userIconUrl = userIconUrl, **UserData) elif userIconPath is None and userContent is not None: User.update(**UserData) elif userIconPath is not None and userContent is None: User.update(userIconPath=userIconPath, userIconUrl = userIconUrl) except Exception as e: errorInfo = traceback.format_exc() print('修改设备信息错误: %s ' % errorInfo) return ResponseFormal(116, repr(e)) else: sqlJSON = serializers.serialize('json', User) sqlList = json.loads(sqlJSON) print(sqlList, sqlJSON) sqlDict = dict(zip(["datas"], [sqlList])) return ResponseFormal(0, sqlDict) else: return ResponseFormal(113) class getAvatarView(TemplateView): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(getAvatarView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' filePath = kwargs.get('filePath', '') filePath.encode(encoding='utf-8', errors='strict') return self.getAvatar(filePath) def get(self, request, *args, **kwargs): request.encoding = 'gb2312' filePath = kwargs.get('filePath', '') filePath.encode(encoding='gb2312', errors='strict') return self.getAvatar(filePath) def getAvatar(self, filePath): if filePath == '' or filePath == None: return ResponseJSON(800) fullPath = os.path.join(api_settings.BASE_DIR, "static", filePath).replace('\\', '/') if os.path.isfile(fullPath): try: Imagedata = open(fullPath, 'rb').read() response = HttpResponse(Imagedata, content_type="image/jpeg") return response except Exception as e: return ResponseJSON(906,repr(e)) else: return ResponseJSON(907) def delUser(delUserID, userID): try: userValid = Device_User.objects.filter(userID = userID) except Exception as e: errorInfo = traceback.format_exc() print('Query Database Error: %s' % errorInfo) return ResponseFormal(500,repr(e)) else: if userValid: own_perm = ModelService.check_permission(userID=userID,permID=10) if userValid[0].is_superuser == 100 or own_perm is True: try: delUser = Device_User.objects.filter(userID=delUserID) except Exception as e: errorInfo = traceback.format_exc() print('Query database error: %s' % errorInfo) return ResponseFormal(500,repr(e)) else: if delUser: try: delUser.delete() except Exception as e: errorInfo = traceback.format_exc() print('Query database error: %s' % errorInfo) return ResponseFormal(114,repr(e)) else: return ResponseFormal(0) else: return ResponseFormal(115) else: return ResponseFormal(601) else: return ResponseFormal(113) @csrf_exempt def delUserInterface(request, *callback_args, **callback_kwargs): if request.method == 'POST': delUserID = request.POST.get('delUserID', None) token = request.POST.get('token', None) elif request.method == 'GET': delUserID = request.GET.get('delUserID', None) token = request.GET.get('token', None) if token is not None and delUserID is not None: tM = JSONTokenManager() error_code = tM.verify_AToken(token) if error_code == 0: userID = tM.accessDict.get('userID', None) if userID: response = HttpResponse(delUser(delUserID, userID)) return response else: return ResponseJSON(310) else: response = HttpResponse(tM.errorCodeInfo(error_code)) return response else: return ResponseJSON(800) def showAllUserPC(userID,line,page): try: userValid = Device_User.objects.filter(userID = userID).order_by('-data_joined') except Exception as e: errorInfo = traceback.format_exc() print('Query Database Error:%s' % errorInfo) return ResponseFormal(500,repr(e)) else: if userValid: # 管理员查询 own_permission = ModelService.check_permission(userID=userID,permID=30) if own_permission is True: device_user_queryset = Device_User.objects.all() device_user_count = device_user_queryset.count() device_user_res = device_user_queryset.order_by('-data_joined')[(page - 1) * line:page * line] sqlDict = CommonService.query_set_to_dict(device_user_res) for k, v in enumerate(sqlDict["datas"]): if len(v['fields']['role']) > 0: role_query_set = Role.objects.get(rid=v['fields']['role'][0]) sqlDict["datas"][k]['fields']['role'].append(role_query_set.roleName) for val in device_user_res: if v['pk'] == val.userID: if sqlDict["datas"][k]['fields']['online'] is True: dl_time = val.last_login + datetime.timedelta(minutes=30) now_time = timezone.localtime(timezone.now()) if now_time > dl_time: sqlDict["datas"][k]['fields']['online'] = False sqlDict['count'] = device_user_count return ResponseFormal(0,sqlDict) else: return ResponseFormal(600) else: return ResponseFormal(113) def showAllUser(userID): try: userValid = Device_User.objects.filter(userID = userID).order_by('-data_joined') except Exception as e: errorInfo = traceback.format_exc() print('Query Database Error:%s' % errorInfo) return ResponseFormal(500, repr(e)) else: if userValid: own_permission = ModelService.check_permission(userID=userID,permID=30) if own_permission is True: sqlJSON = serializers.serialize('json', Device_User.objects.all().order_by('-data_joined')) sqlList = json.loads(sqlJSON) print(sqlList, sqlJSON) sqlDict = dict(zip(["datas"], [sqlList])) return ResponseFormal(0, sqlDict) else: return ResponseFormal(600) else: return ResponseFormal(113) @csrf_exempt def showAllUserInterface(request, *callback_args, **callback_kwargs): if request.method == 'POST': token = request.POST.get('token', None) type = request.POST.get('type', None) elif request.method == 'GET': token = request.GET.get('token', None) type = request.GET.get('type', None) if token != None: tM = JSONTokenManager() error_code = tM.verify_AToken(token) if error_code == 0: userID = tM.accessDict.get('userID', None) if userID: if type == 'PC': line = int(request.POST.get('line', None)) page = int(request.POST.get('page', None)) response = HttpResponse(showAllUserPC(userID, line, page)) else: response = HttpResponse(showAllUser(userID)) return response else: return ResponseJSON(310) else: response = HttpResponse(tM.errorCodeInfo(error_code)) return response else: return ResponseJSON(800) class setUserValidView(View): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(setUserValidView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' token = request.POST.get('token', None) eUserID = request.POST.get('userID', None) isValid = request.POST.get('isValid', None) rid = request.POST.get('rid', None) return self.setUserValid(token, eUserID, isValid, rid) def get(self, request, *args, **kwargs): request.encoding = 'gb2312' token = request.GET.get('token', None) eUserID = request.GET.get('userID', None) isValid = request.GET.get('isValid', None) rid = request.GET.get('rid',None) return self.setUserValid(token, eUserID, isValid, rid) def setUserValid(self, token, eUserID, isValid, rid, *args, **kwargs): if token != None and eUserID != None and isValid != None: tM = JSONTokenManager() error_code = tM.verify_AToken(token=token) if error_code == 0: superID = tM.accessDict.get('userID', None) if superID != None and superID != eUserID: if rid == None: return HttpResponse(self.UserValidUpdate(superID, eUserID, isValid)) else: return HttpResponse(self.UserValidUpdatePC(superID, eUserID, isValid, rid)) else: return ResponseJSON(150) else: response = HttpResponse(tM.errorCodeInfo(error_code)) return response else: return ResponseJSON(800) def UserValidUpdatePC(self, superID, eUserID, isValid, rid): try: super = Device_User.objects.filter(userID=superID) eUser = Device_User.objects.filter(userID=eUserID) except Exception as e: errorInfo = traceback.format_exc() print('查询数据库错误: %s' % errorInfo) return ResponseFormal(500,repr(e)) else: if not super: return ResponseFormal(615) if not eUser: return ResponseFormal(616) own_permission = ModelService.check_permission(userID=superID,permID=50) if own_permission is True: try: eUser.update(user_isValid = isValid) device_user_query_set = Device_User.objects.get(userID=eUserID) if device_user_query_set.role.all(): device_user_query_set.role.set([rid]) else: role_user_query_set = Role.objects.get(rid=rid) device_user_query_set.role.add(role_user_query_set) except Exception as e: errorInfo = traceback.format_exc() print('更新数据库错误:%s'%errorInfo) return ResponseFormal(501,repr(e)) else: return ResponseFormal(0) else: return ResponseFormal(602) def UserValidUpdate(self, superID, eUserID, isValid): try: super = Device_User.objects.filter(userID = superID) eUser = Device_User.objects.filter(userID = eUserID) except Exception as e: errorInfo = traceback.format_exc() print('查询数据库错误: %s' % errorInfo) return ResponseFormal(500,repr(e)) if not super: return ResponseFormal(113) if not eUser: return ResponseFormal(113) if super[0].is_superuser != 100 or super[0].is_superuser == eUser[0].is_superuser: return ResponseFormal(602) try: updateCount = eUser.update(user_isValid = isValid) except Exception as e: errorInfo = traceback.format_exc() print('更新数据库错误: %s' % errorInfo) return ResponseFormal(501,repr(e)) return ResponseFormal(0) @csrf_exempt def success(request): return ResponseJSON(0) class refreshTokenView(View): @method_decorator(csrf_exempt) def dispatch(self, *args, **kwargs): return super(refreshTokenView, self).dispatch(*args, **kwargs) def post(self, request, *args, **kwargs): request.encoding = 'utf-8' request_dict = request.POST return self.validation(request_dict=request_dict) @csrf_exempt def get(self, request, *args, **kwargs): request.encoding = 'utf-8' request_dict = request.GET return self.validation(request_dict=request_dict) def validation(self, request_dict, *args, **kwargs): refresh_token = request_dict.get('refresh_token', None) if refresh_token != None: tM = JSONTokenManager() result = tM.refresh_AToken(refresh_token) response = HttpResponse(result) return response else: return ResponseJSON(800)