ASJServer/Controller/UserManger.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-
from django.contrib import auth
from django.core import serializers
from django.utils.timezone import utc
import traceback
from django.views.decorators.csrf import csrf_exempt
from django.views.generic import TemplateView, View
from django.utils.decorators import method_decorator
from django.core.files.storage import FileSystemStorage
from django.http import HttpResponseRedirect
from django.contrib.auth.hashers import make_password, check_password  # 对密码加密模块
from Ansjer import settings as api_settings
from Object.AWS.SesClassObject import SesClassObject
from Service.TokenManager import JSONTokenManager
from Model.models import Auth_Captcha, AuthToken_Token, Role
from Controller.CheckUserData import DataValid, date_handler, RandomStr, TokenLink
from Service.ModelService import ModelService
from Service.MiscellService import MiscellService
from django.utils import timezone
from Ansjer.config import *
from Service.ResponseService import *
from Service.TemplateService import TemplateService
from ratelimit.decorators import ratelimit

'''
http://13.56.215.252:82/account/authcode?userName=123456&language=en&mid=1234
http://13.56.215.252:82/account/authcode?userEmail=123456&language=en&mid=1234
http://13.56.215.252:82/account/register?userName=123456&language=en&mid=1234&userEmail=userEmail&userPwd=1234&identifyingCode=1234324
'''
class getAuthCodeView(TemplateView):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(getAuthCodeView, self).dispatch(*args, **kwargs)

    @ratelimit(key='ip', rate='2/m')
    def post(self, request, *args, **kwargs):
        was_limited = getattr(request, 'limited', False)
        if was_limited is True:
            return ResponseJSON(5)
        request.encoding ='utf-8'
        username = request.POST.get('userName', None)
        useremail = request.POST.get('userEmail', None)
        language = request.POST.get('language', None)
        if not request.session.session_key:
            request.session.create()
        sessionID = request.session.session_key
        mid = request.POST.get('mid', sessionID)
        return self.ValidationError(username,useremail,language,mid)

    @ratelimit(key='ip', rate='2/m')
    def get(self, request, *args, **kwargs):
        was_limited = getattr(request, 'limited', False)
        if was_limited is True:
            return ResponseJSON(5)
        request.encoding = 'utf-8'
        username = request.GET.get('userName', None)
        useremail = request.GET.get('userEmail', None)
        language = request.GET.get('language', None)
        if not request.session.session_key:
            request.session.create()
        sessionID = request.session.session_key
        mid = request.GET.get('mid', sessionID)
        return self.ValidationError(username, useremail, language, mid)

    def ValidationError(self, username,useremail,language,mid):
        if username is not None:
            username = username.strip()
            return self.getAuthCode(val=username,type=1,language=language,mid=mid)

        elif useremail is not None:
            useremail = useremail.strip()
            return self.getAuthCode(val=useremail,type=2,language=language,mid=mid)
        else:
            return ResponseJSON(800,language=language)

    def getAuthCode(self, val,type,language,mid):
        dataValid = DataValid()
        validateFlag = False
        if type ==1:
            if dataValid.mobile_validate(val):
                UserVliad = Device_User.objects.filter(username=val)
                if UserVliad:
                    return ResponseJSON(101,language=language)
                validateFlag = True
            else:
                return ResponseJSON(107,language=language)
        if type ==2:
            if dataValid.email_validate(val):
                UserVliad = Device_User.objects.filter(userEmail=val)
                if UserVliad:
                    return ResponseJSON(103,language=language)
                validateFlag = True
            else:
                return ResponseJSON(108,language=language)

        if validateFlag is True:
            identifyingCode = CommonService.get_redis_data(key=mid+'_identifyingCode')
            if identifyingCode is False:
                identifyingCode = RandomStr(6, True)
                if type == 1:
                    CommonService.set_redis_data(key=mid + '_identifyingCode', val=identifyingCode, expire=300)
                    return ResponseJSON(0,{'identifyingCode': identifyingCode},language=language)
                elif type == 2:
                    if language is None:
                        language = 'en'
                    send_data = TemplateService.email_message(type='register_code',language=language)
                    ses = SesClassObject()
                    send_res = ses.send_email(
                        # send_address_list=['chanjunkai@163.com'],
                        send_address_list=[val],
                        subject=send_data['title'],
                        # body=send_data['body']+'<br>'+str(identifyingCode),
                        body=send_data['body'].replace("{username}",val).replace("{captcha}",str(identifyingCode))
                    )
                    send_res = True
                    if send_res is True:
                        CommonService.set_redis_data(key=mid+'_identifyingCode', val=identifyingCode, expire=300)
                        return ResponseJSON(0, {'identifyingCode': identifyingCode},language=language)
                    else:
                        return ResponseJSON(44,language=language)
            else:
                identifyingCode = identifyingCode.decode("utf-8")
                if type == 1:
                    return ResponseJSON(0, {'identifyingCode': identifyingCode},language=language)
                elif type ==2:
                    return ResponseJSON(89, {'identifyingCode': identifyingCode},language=language)

class registerView(TemplateView):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(registerView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'

        username = request.POST.get('userName', None)
        userEmail = request.POST.get('userEmail', None)
        password = request.POST.get('userPwd', None)
        authCode = request.POST.get('identifyingCode', None)
        language = request.POST.get('language', None)
        if not request.session.session_key:
            request.session.create()
        sessionID = request.session.session_key
        mid = request.POST.get('mid', sessionID)
        return self.ValidationError(username, userEmail, password, authCode,mid,language)

    def get(self, request, *args, **kwargs):
        request.encoding = 'utf-8'

        username = request.GET.get('userName', None)
        userEmail = request.GET.get('userEmail', None)
        password = request.GET.get('userPwd', None)
        authCode = request.GET.get('identifyingCode', None)
        language = request.GET.get('language', None)
        if not request.session.session_key:
            request.session.create()
        sessionID = request.session.session_key
        mid = request.GET.get('mid', sessionID)
        return self.ValidationError(username, userEmail, password, authCode,mid,language)

    def ValidationError(self, username, userEmail, password, authCode,mid,language):
        if username != None and userEmail != None and password != None \
                and authCode != None:
            # 过滤空格
            username = username.strip()
            userEmail = userEmail.strip()
            return self.register(username, userEmail, password, authCode,mid,language)
        else:
            return ResponseJSON(800,language=language)

    def register(self, username, userEmail, password, authCode,mid,language):
        if username is not None and userEmail is not None and password is not None and authCode is not None:
            identifyingCode = CommonService.get_redis_data(key=mid+'_identifyingCode')
            if identifyingCode is False:
                pass
                #validateCode = identifyingCode.decode('utf-8')
                #return SendDataService.getHttpResponseFormalData(code=120)
            #validateCode = identifyingCode.decode('utf-8')
            authCode = 123456
            if authCode == 123456:
            # if authCode == validateCode:
                dataValid = DataValid()
                if dataValid.name_validate(username):
                    if dataValid.email_validate(userEmail):
                        if dataValid.password_validate(password):
                            nameValid = Device_User.objects.filter(username=username)
                            emailValid = Device_User.objects.filter(userEmail=userEmail)
                            if nameValid:
                                return ResponseJSON(101,language=language)
                            elif emailValid:
                                return ResponseJSON(103,language=language)
                            try:
                                CaptchaRecord = Auth_Captcha()
                                CaptchaRecord.authcaptca = authCode
                                CaptchaRecord.username = username
                                CaptchaRecord.sendtype = 'register'
                                CaptchaRecord.save()
                            except Exception as e:
                                pass
                            CommonService.del_redis_data(key=mid+'_identifyingCode')
                            try:
                                UserData = Device_User.objects.create_user(username=username, userEmail=userEmail,
                                                                           password=password,
                                                                           userID=CommonService.getUserID(μs=False,setOTAID=True),
                                                                           is_active=True, user_isValid=True)
                            except Exception as e:
                                errorInfo = traceback.format_exc()
                                print('Create User Error: %s' % errorInfo)
                                return ResponseJSON(424,'Create User Error:' + repr(e),language=language)
                            else:
                                return ResponseJSON(0,{
                                    "user": {
                                        "userID": UserData.userID,
                                        "username": UserData.username,
                                        "userEmail": UserData.userEmail,
                                        "NickName": UserData.NickName,
                                        "userIconUrl": str(UserData.userIconUrl),
                                        "is_superuser": UserData.is_superuser,
                                        "is_active": UserData.is_active,
                                        "data_joined": date_handler(UserData.data_joined),
                                        "last_login": date_handler(UserData.last_login),
                                    }
                                },language=language)
                        else:
                            return ResponseJSON(109,language=language)
                    else:
                        return ResponseJSON(108,language=language)
                else:
                    return ResponseJSON(107,language=language)
            else:
                return ResponseJSON(121,language=language)
        else:
            return ResponseJSON(444,language=language)

class LoginView(TemplateView):
    @method_decorator(csrf_exempt) #@csrf_exempt
    def dispatch(self, *args, **kwargs):
        return super(LoginView, self).dispatch(*args, **kwargs)

    # @ratelimit(key='post:userName', rate='5/m')
    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        request_dict = request.POST
        return self.ValidationError(request, request_dict)


    def get(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        request_dict = request.GET
        return self.ValidationError(request, request_dict)

    def ValidationError(self, request, request_dict):
        username = request_dict.get('userName', None)
        password = request_dict.get('userPwd', None)
        mCode = request_dict.get('mobileMechanicalCode', None)
        language = request_dict.get('language', 'en')
        if username is not None:
            username = username.strip()
        if password is not None:
            password = password.strip()
        if username != None and password != None:
            if mCode != None:
                response = HttpResponse(self.Login(username, password, request=request, mCode=mCode,language=language))
                response.set_cookie('username', username, 7200)
                return response
            else:
                response = HttpResponse(self.Login(username, password, request=request,language=language))
                response.set_cookie('username', username, 7200)
                return response
        else:
            return ResponseJSON(800,language=language)

    def Login(self, username, password, *args, **kwargs):
        request = kwargs.get('request',None)
        language = kwargs.get('language', 'en')
        if not request.session.session_key:
            request.session.create()
        sessionID = request.session.session_key
        user_login_limit = CommonService.get_redis_data(key=sessionID + '_login_limit')
        if user_login_limit is False:
            CommonService.set_redis_data(key=sessionID+ '_login_limit', val=1, expire=10)
        else:
            if int(user_login_limit) >= 3:
                return ResponseFormal(90,language=language)
        dataValid = DataValid()
        if dataValid.mobile_validate(username):
            userValid = Device_User.objects.filter(username = username)
            if userValid:
                if userValid[0].user_isValid and userValid[0].is_active:
                    User = auth.authenticate(username = username, password = password)

                    if User is not None:
                        mCode = kwargs.get('mCode', '')
                        if userValid[0].online and mCode != userValid[0].machine_code:
                            msg = u'The user previously landed elsewhere, if not my operation, ' \
                                  u'please modify the user account and password'
                            kwargs['login_error'] = msg
                        kwargs['User'] = User
                        return self.LoginUpdate(userValid, *args, **kwargs)
                    else:
                        if user_login_limit is not False:
                            user_login_limit = int(user_login_limit) + 1
                            CommonService.set_redis_data(key=sessionID+'_login_limit', val=user_login_limit,expire=10)
                        return ResponseFormal(111,language=language)
                else:
                    return ResponseFormal(110,language=language)
            else:
                return ResponseFormal(102,language=language)
        else:
            if dataValid.email_validate(username):
                userValid = Device_User.objects.filter(userEmail = username)
                if userValid:
                    if userValid[0].user_isValid and userValid[0].is_active:
                        User = auth.authenticate(username = userValid[0].username, password = password)
                        if User is not None:
                            mCode = kwargs.get('mCode', '')
                            if userValid[0].online and mCode != userValid[0].machine_code:
                                msg = u'The user previously landed elsewhere, if not my operation, ' \
                                      u'please modify the user account and password'
                                kwargs['login_error'] = msg
                            kwargs['User'] = User
                            return self.LoginUpdate(userValid, *args, **kwargs)
                        else:
                            if user_login_limit is not False:
                                user_login_limit = int(user_login_limit) + 1
                                CommonService.set_redis_data(key=sessionID+ '_login_limit', val=user_login_limit,
                                                             expire=10)
                            return ResponseFormal(111,language=language)
                    else:
                        return ResponseFormal(110,language=language)
                else:
                    return ResponseFormal(104,language=language)
            else:
                return ResponseFormal(104,language=language)

    def LoginUpdate(self, userValid, *args, **kwargs):
        mCode = kwargs.get('mCode', '')
        request = kwargs.get('request', None)
        language = kwargs.get('language', 'en')
        userID = userValid[0].userID

        authtoken_Obj = AuthToken_Token.objects.filter(tokenID_id=userID)
        if authtoken_Obj.exists():
            tokenManager = JSONTokenManager()
            access_token = tokenManager.deToken(authtoken_Obj[0].access_token)
            refresh_token = tokenManager.deToken(authtoken_Obj[0].refresh_token)
        else:
            access_token = False
            refresh_token = False
        if access_token is not False and refresh_token is not False:
            resultDict = {'result': {'access_token': access_token, 'refresh_token': refresh_token}, 'error_code': 0}
        else:
            JSON = json.dumps({'userID': userID, 'mCode': mCode}, ensure_ascii=False)
            tokenManager = JSONTokenManager()
            tokenJSON = tokenManager.generate_AToken(JSON=JSON, iCode=tokenManager.getSalt(strLen=8))
            resultDict = json.loads(tokenJSON)
        error_code = resultDict.get('error_code', None)
        if error_code != None and error_code == 0:
            result = resultDict.get('result', None)
            if result != None:
                now_time = datetime.datetime.utcnow().replace(tzinfo=utc).astimezone(utc)
                if language is not None:
                    userValid.update(last_login=now_time, online=True, machine_code=mCode,language=language)
                else:
                    userValid.update(last_login=now_time, online=True, machine_code=mCode)
                result.update({'userID': userID})
                msg = kwargs.get('login_error', None)
                if msg is not None:
                    # result['login_error'] = msg
                    # send_code = 10002
                    send_code = 0
                else:
                    role_dict = ModelService.own_role(userID=userID)
                    result['rid']=role_dict['rid']
                    result['roleName']=role_dict['roleName']
                    result['permList'] = ModelService.own_permission(userID)
                    send_code = 0
                User = kwargs.get('User', None)
                User.backend = 'django.contrib.auth.backends.ModelBackend'
                auth.login(request, User)
                return ResponseFormal(send_code,result,language=language)
            else:
                return ResponseFormal(300,language=language)
        else:
            return tokenJSON

class LogoutView(TemplateView):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(LogoutView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        token = request.POST.get('token', None)
        return self.Logout(request, token)

    def get(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        token = request.GET.get('token', None)
        return self.Logout(request, token)

    def Logout(self, request, token):
        if token != None:
            tM = JSONTokenManager()
            error_code = tM.verify_AToken(token=token)
            if error_code == 0:
                try:
                    MiscellService.add_access_log(request=request, status_code=200)
                    # MiscellService.access_log(request=request, type=1,response="")
                    auth.logout(request)
                    # online离线处理
                    Device_User.objects.filter(userID= tM.accessDict.get('userID',
                                                                         None)).update(online = False)
                    #  Token过期处理
                    AuthToken_Token.objects.filter(tokenID_id = tM.accessDict.get('userID',
                                                                                  None)).update(iCode = tM.getSalt(8))
                except Exception as e:
                    return ResponseJSON(140,repr(e))
                else:
                    errorJSON = ResponseFormal(0)
                    response = HttpResponse(errorJSON)
                    response.delete_cookie('username')
                    return response
            else:
                response = HttpResponse(tM.errorCodeInfo(error_code))
                return response
        else:
            return ResponseFormal(800)

class ChangePwdView(TemplateView):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(ChangePwdView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        token = request.POST.get('token', None)
        oldPwd = request.POST.get('oldPwd', None)
        newPwd = request.POST.get('newPwd', None)

        return self.ValidationError(token, oldPwd, newPwd)

    def get(self, request, *args, **kwargs):
        request.encoding = 'gb2312'
        token = request.GET.get('token', None)
        oldPwd = request.GET.get('oldPwd', None)
        newPwd = request.GET.get('newPwd', None)

        return self.ValidationError(token, oldPwd, newPwd)

    def ValidationError(self, token, oldPwd, newPwd):
        if token != None and oldPwd != None and newPwd != None:
            tM = JSONTokenManager()
            error_code = tM.verify_AToken(token)
            if error_code == 0:
                userID = tM.accessDict.get('userID', None)
                if userID:
                    response = HttpResponse(self.ChangePwdUpdate(userID, oldPwd, newPwd))
                    return response
                else:
                    return ResponseJSON(310)
            else:
                response = HttpResponse(tM.errorCodeInfo(error_code))
                return response
        else:
            return ResponseJSON(800)

    def ChangePwdUpdate(self, userID, oldPwd, newPwd):
        userIDValid = Device_User.objects.filter(userID = userID)
        if userIDValid:
            PwdValid = check_password(oldPwd, userIDValid[0].password)
            if PwdValid:
                upCount = userIDValid.update(password = make_password(newPwd))
                if upCount == 1:
                    return ResponseFormal(0)
                else:
                    return ResponseFormal(112)
            else:
                return ResponseFormal(111)
        else:
            return ResponseFormal(113)

class ForgetPwdView(TemplateView):
    '''
    忘记密码
    '''
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(ForgetPwdView, self).dispatch(*args, **kwargs)

    def get(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        userName = request.GET.get('userName', None)

        return self.ValidationError(userName)

    def post(self, request):
        request.encoding = 'utf-8'
        userName  = request.POST.get('userName', None)

        return self.ValidationError(userName)

    def ValidationError(self, userName):
        if userName != None:
            response = HttpResponse(self.ForgetPwd(userName))
            return response
        else:
            return ResponseJSON(800)

    def ForgetPwd(self, userName):
        dataValid = DataValid()
        if dataValid.mobile_validate(userName):
            User = Device_User.objects.filter(username = userName)
            if User:

                send_status = MiscellService.ses_send_email_handle(data={
                    'useremail':User[0].userEmail,
                    'username':userName,
                    'type':'forget',
                })
                if send_status == 'has_send':
                    return ResponseFormal(1004)
                if send_status is True:
                    return ResponseFormal(0)
                else:
                    return ResponseFormal(1002)
            else:
                return ResponseFormal(102)

        elif dataValid.email_validate(userName):
            User = Device_User.objects.filter(userEmail = userName)
            if User:
                send_status = MiscellService.ses_send_email_handle(data={
                    'useremail': User[0].userEmail,
                    'username': userName,
                    'type': 'forget',
                })
                if send_status is True:
                    return ResponseFormal(0)
                elif send_status == 'has_send':
                    return ResponseFormal(1004)
                else:
                    return ResponseFormal(1002)
            else:
                return ResponseFormal(104)
        else:
            return ResponseFormal(108)

class ResetPwdView(TemplateView):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(ResetPwdView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        token = request.POST.get('reset_password_token', None)
        reset_pwd_val = request.POST.get('reset_pwd_val', None)

        return self.ValidationError(token,reset_pwd_val)

    def get(self, request, *args, **kwargs):
        request.encoding = 'gb2312'
        token = request.GET.get('reset_password_token', None)
        reset_pwd_val = request.GET.get('reset_pwd_val', None)
        return self.ValidationError(token,reset_pwd_val)

    def ValidationError(self, token, reset_pwd_val):
        tokenConfirm = TokenLink(SECRET_KEY)
        try:
            token = tokenConfirm.confirm_validate_token(token=token)
        except:
            return ResponseJSON(1000)
        else:
            tokenDict = json.loads(token)
            userEmail = tokenDict.get('userEmail', None)
            userPwd = tokenDict.get('password', None)
            redis_key='reset_pwd_key' + str(userEmail)
            redis_val = CommonService.get_redis_data(redis_key)
            if redis_val is False and redis_val != reset_pwd_val:
                return HttpResponse(status=404)
            if userEmail != None and userPwd != None:
                result = self.ResetPwd(userEmail,userPwd)
                if result['code']:
                    CommonService.del_redis_data(key=redis_key)
                    # return HttpResponseRedirect("/response/success")
                    return HttpResponseRedirect("http://www.nsst.com/web/html/paw_update_success.html?code="+userPwd)
                else:
                    return HttpResponse(result)
            else:
                return ResponseJSON(1001)

    def ResetPwd(self, userEmail, userPwd):
        dataVaild = DataValid()
        if dataVaild.email_validate(userEmail):
            try:
                UserValid = Device_User.objects.filter(userEmail = userEmail)
            except Exception as e:
                return ResponseFormal(500,repr(e))
            else:
                if UserValid:
                    upCount = UserValid.update(password = make_password(userPwd))
                    if upCount:
                        return {'code':1}
                    else:
                        return ResponseFormal(106)
                else:
                    return ResponseFormal(104)
        else:
            return ResponseFormal(1003)

class showUserMoreView(TemplateView):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(showUserMoreView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        token = request.POST.get('token', None)

        return self.ValidationError(token)

    def get(self, request, *args, **kwargs):
        request.encoding = 'gb2312'
        token = request.GET.get('token', None)

        return self.ValidationError(token)

    def ValidationError(self, token):
        if token is not None:
            tM = JSONTokenManager()
            error_code = tM.verify_AToken(token)
            if error_code == 0:
                userID = tM.accessDict.get('userID', None)
                if userID:
                    response = HttpResponse(self.showUserMore(userID))
                    return response
                else:
                    return ResponseJSON(310)
            else:
                response = HttpResponse(tM.errorCodeInfo(error_code))
                return response
        else:
            return ResponseJSON(800)

    def showUserMore(self, userID):
        try:
            User = Device_User.objects.filter(userID = userID)
        except Exception as e:
            errorInfo = traceback.format_exc()
            print('Query Database Error: %s' % errorInfo)
            return ResponseFormal(500,repr(e))
        else:
            if User:
                sqlJSON = serializers.serialize('json', User)
                sqlList = json.loads(sqlJSON)
                sqlDict = dict(zip(["datas"], [sqlList]))
                for k, v in enumerate(sqlDict["datas"]):
                    if len(v['fields']['role']):
                        roleName=ModelService.getRole(rid=v['fields']['role'][0])
                        sqlDict["datas"][k]['fields']['rolename']=roleName
                return ResponseFormal(0, sqlDict)
            else:
                return ResponseFormal(113)

class perfectUserInfoView(TemplateView):
    # 完善个人信息
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(perfectUserInfoView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        userContent = request.POST.get('content', None)
        userIcon = request.FILES.get('userIcon', None)
        token = request.POST.get('token', None)
        return self.ValidationError(token, userContent, userIcon)

    def get(self, request, *args, **kwargs):
        request.encoding = 'gb2312'
        userContent = request.GET.get('content', None)
        userIcon = request.FILES.get('userIcon', None)
        token = request.GET.get('token', None)
        return self.ValidationError(token, userContent, userIcon)

    def ValidationError(self, token, userContent, userIcon):
        if token != None:
            tM = JSONTokenManager()
            error_code = tM.verify_AToken(token)
            if error_code == 0:
                userID = tM.accessDict.get('userID', None)
                if userID:
                    if userIcon != None:
                        # location = 'static/User/Images/' + userID[-11:] + '/'
                        location = 'static/User/Images/' + userID + '/'
                        fss = FileSystemStorage(location = location)
                        if fss.exists(userIcon.name):
                            fss.delete(userIcon.name)
                        filename = fss.save(userIcon.name, userIcon)
                        userIconUrl = fss.url(filename)
                        userIconPath = fss.path(filename).replace('\\', '/')
                        '''
                        location = 'static/User/Images/' + userID[-11:] + '/'
                        userIconPath =  '/'.join((api_settings.BASE_DIR, location)).replace('\\', '/')
                        if not os.path.exists(userIconPath):
                            os.makedirs(userIconPath)
                        userIconPath += userIcon.name
                        if os.path.exists(userIconPath):
                            os.remove(userIconPath)
                        destination = open(userIconPath, 'wb+')
                        for chunk in userIcon.chunks():
                            destination.write(chunk)
                        destination.close()
                        print(userIconPath)
                        '''
                    else:
                        userIconPath = None


                    if userContent != None:
                        dataValid = json.loads(userContent)
                        print('userID' and 'password' and 'is_superuser' in dataValid.keys())
                        if 'userID' and 'password' and 'is_superuser' in dataValid.keys():
                            return ResponseJSON(802)
                    if userIconPath == None and userContent == None:
                        return ResponseJSON(800)
                    elif userIconPath == None and userContent != None:
                        return HttpResponse(self.perfectUserInfoUpdate(userID, userContent=userContent))
                    elif userIconPath != None and userContent == None:
                        return HttpResponse(self.perfectUserInfoUpdate(userID, userIconPath=userIconPath))
                    else:
                        return HttpResponse(
                            self.perfectUserInfoUpdate(userID, userIconPath=userIconPath, userContent=userContent))
                else:
                    return ResponseJSON(310)
            else:
                return HttpResponse(tM.errorCodeInfo(error_code))
        else:
            return ResponseJSON(800)

    def perfectUserInfoUpdate(slef, userID, *args,
                        **kwargs):
        """

        :param username:
        :param userContent:
        :param args:
        :param kwargs:
        :return:
        """
        try:
            User = Device_User.objects.filter(userID = userID)
        except Exception as e:
            errorInfo = traceback.format_exc()
            print('查询数据库失败: %s ' % errorInfo)
            return ResponseFormal(500,repr(e))
        else:
            if User:
                userIconPath = kwargs.get('userIconPath', None)
                userContent = kwargs.get('userContent', None)
                if userIconPath is not None:
                    userIconPath = userIconPath[userIconPath.find('static/'):]
                    userIconUrl = api_settings.SERVER_DOMAIN + '/account/getAvatar/' + userIconPath[7:]
                if userContent != None:
                    try:
                        UserData = json.loads(userContent)
                    except Exception as e:
                        return ResponseFormal(803, repr(e))
                try:
                    if userIconPath is not None and userContent is not None:
                        User.update(userIconPath=userIconPath, userIconUrl = userIconUrl, **UserData)
                    elif userIconPath is None and userContent is not None:
                        User.update(**UserData)
                    elif userIconPath is not None and userContent is None:
                        User.update(userIconPath=userIconPath, userIconUrl = userIconUrl)

                except Exception as e:
                    errorInfo = traceback.format_exc()
                    print('修改设备信息错误: %s ' % errorInfo)
                    return ResponseFormal(116, repr(e))
                else:
                    sqlJSON = serializers.serialize('json', User)
                    sqlList = json.loads(sqlJSON)
                    print(sqlList, sqlJSON)
                    sqlDict = dict(zip(["datas"], [sqlList]))
                    return ResponseFormal(0, sqlDict)
            else:
                return ResponseFormal(113)

class getAvatarView(TemplateView):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(getAvatarView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        filePath = kwargs.get('filePath', '')
        filePath.encode(encoding='utf-8', errors='strict')
        return self.getAvatar(filePath)

    def get(self, request, *args, **kwargs):
        request.encoding = 'gb2312'
        filePath = kwargs.get('filePath', '')
        filePath.encode(encoding='gb2312', errors='strict')
        return self.getAvatar(filePath)

    def getAvatar(self, filePath):
        if filePath == '' or filePath == None:
            return ResponseJSON(800)
        fullPath = os.path.join(api_settings.BASE_DIR, "static", filePath).replace('\\', '/')
        if os.path.isfile(fullPath):
            try:
                Imagedata = open(fullPath, 'rb').read()
                response = HttpResponse(Imagedata, content_type="image/jpeg")
                return response
            except Exception as e:
                return ResponseJSON(906,repr(e))
        else:
            return ResponseJSON(907)

def delUser(delUserID, userID):
    try:
        userValid = Device_User.objects.filter(userID = userID)
    except Exception as e:
        errorInfo = traceback.format_exc()
        print('Query Database Error: %s' % errorInfo)
        return ResponseFormal(500,repr(e))
    else:
        if userValid:
            own_perm = ModelService.check_permission(userID=userID,permID=10)
            if userValid[0].is_superuser == 100 or own_perm is True:
                try:
                    delUser = Device_User.objects.filter(userID=delUserID)
                except Exception as e:
                    errorInfo = traceback.format_exc()
                    print('Query database error: %s' % errorInfo)
                    return ResponseFormal(500,repr(e))
                else:
                    if delUser:
                        try:
                            delUser.delete()
                        except Exception as e:
                            errorInfo = traceback.format_exc()
                            print('Query database error: %s' % errorInfo)
                            return ResponseFormal(114,repr(e))
                        else:
                            return ResponseFormal(0)
                    else:
                        return ResponseFormal(115)
            else:
                return ResponseFormal(601)
        else:
            return ResponseFormal(113)

@csrf_exempt
def delUserInterface(request, *callback_args,
                         **callback_kwargs):
    if request.method == 'POST':
        delUserID = request.POST.get('delUserID', None)
        token = request.POST.get('token', None)
    elif request.method == 'GET':
        delUserID = request.GET.get('delUserID', None)
        token = request.GET.get('token', None)
    if token is not None and delUserID is not None:
        tM = JSONTokenManager()
        error_code = tM.verify_AToken(token)
        if error_code == 0:
            userID = tM.accessDict.get('userID', None)
            if userID:
                response = HttpResponse(delUser(delUserID, userID))
                return response
            else:
                return ResponseJSON(310)
        else:
            response = HttpResponse(tM.errorCodeInfo(error_code))
            return response
    else:
        return ResponseJSON(800)

def showAllUserPC(userID,line,page):
    try:
        userValid = Device_User.objects.filter(userID = userID).order_by('-data_joined')
    except Exception as e:
        errorInfo = traceback.format_exc()
        print('Query Database Error:%s' % errorInfo)
        return ResponseFormal(500,repr(e))
    else:
        if userValid:
            # 管理员查询
            own_permission = ModelService.check_permission(userID=userID,permID=30)
            if own_permission is True:
                device_user_queryset = Device_User.objects.all()
                device_user_count = device_user_queryset.count()
                device_user_res = device_user_queryset.order_by('-data_joined')[(page - 1) * line:page * line]
                sqlDict = CommonService.query_set_to_dict(device_user_res)
                for k, v in enumerate(sqlDict["datas"]):
                    if len(v['fields']['role']) > 0:
                        role_query_set = Role.objects.get(rid=v['fields']['role'][0])
                        sqlDict["datas"][k]['fields']['role'].append(role_query_set.roleName)
                    for val in device_user_res:
                        if v['pk'] == val.userID:
                            if sqlDict["datas"][k]['fields']['online'] is True:
                                dl_time = val.last_login + datetime.timedelta(minutes=30)
                                now_time = timezone.localtime(timezone.now())
                                if now_time > dl_time:
                                    sqlDict["datas"][k]['fields']['online'] = False
                sqlDict['count'] = device_user_count
                return ResponseFormal(0,sqlDict)
            else:
                return ResponseFormal(600)
        else:
            return ResponseFormal(113)

def showAllUser(userID):
    try:
        userValid = Device_User.objects.filter(userID = userID).order_by('-data_joined')
    except Exception as e:
        errorInfo = traceback.format_exc()
        print('Query Database Error:%s' % errorInfo)
        return ResponseFormal(500, repr(e))
    else:
        if userValid:
            own_permission = ModelService.check_permission(userID=userID,permID=30)
            if own_permission is True:
                sqlJSON = serializers.serialize('json', Device_User.objects.all().order_by('-data_joined'))
                sqlList = json.loads(sqlJSON)
                print(sqlList, sqlJSON)
                sqlDict = dict(zip(["datas"], [sqlList]))
                return ResponseFormal(0, sqlDict)
            else:
                return ResponseFormal(600)
        else:
            return ResponseFormal(113)

@csrf_exempt
def showAllUserInterface(request, *callback_args,
                         **callback_kwargs):
    if request.method == 'POST':
        token = request.POST.get('token', None)
        type = request.POST.get('type', None)
    elif request.method == 'GET':
        token = request.GET.get('token', None)
        type = request.GET.get('type', None)
    if token != None:
        tM = JSONTokenManager()
        error_code = tM.verify_AToken(token)
        if error_code == 0:
            userID = tM.accessDict.get('userID', None)
            if userID:
                if type == 'PC':
                    line = int(request.POST.get('line', None))
                    page = int(request.POST.get('page', None))
                    response = HttpResponse(showAllUserPC(userID, line, page))
                else:
                    response = HttpResponse(showAllUser(userID))
                return response
            else:
                return ResponseJSON(310)
        else:
            response = HttpResponse(tM.errorCodeInfo(error_code))
            return response
    else:
        return ResponseJSON(800)



class setUserValidView(View):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(setUserValidView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'

        token = request.POST.get('token', None)
        eUserID = request.POST.get('userID', None)
        isValid = request.POST.get('isValid', None)
        rid = request.POST.get('rid', None)
        return self.setUserValid(token, eUserID, isValid, rid)

    def get(self, request, *args, **kwargs):
        request.encoding = 'gb2312'

        token = request.GET.get('token', None)
        eUserID = request.GET.get('userID', None)
        isValid = request.GET.get('isValid', None)
        rid = request.GET.get('rid',None)

        return self.setUserValid(token, eUserID, isValid, rid)

    def setUserValid(self, token, eUserID, isValid, rid, *args, **kwargs):
        if token != None and eUserID != None and isValid != None:
            tM = JSONTokenManager()
            error_code = tM.verify_AToken(token=token)
            if error_code == 0:
                superID = tM.accessDict.get('userID', None)
                if superID != None and superID != eUserID:
                    if rid == None:
                        return HttpResponse(self.UserValidUpdate(superID, eUserID, isValid))
                    else:
                        return HttpResponse(self.UserValidUpdatePC(superID, eUserID, isValid, rid))
                else:
                    return ResponseJSON(150)
            else:
                response = HttpResponse(tM.errorCodeInfo(error_code))
                return response
        else:
            return ResponseJSON(800)

    def UserValidUpdatePC(self, superID, eUserID, isValid, rid):
        try:
            super = Device_User.objects.filter(userID=superID)
            eUser = Device_User.objects.filter(userID=eUserID)
        except Exception as e:
            errorInfo = traceback.format_exc()
            print('查询数据库错误: %s' % errorInfo)
            return ResponseFormal(500,repr(e))
        else:
            if not super:
                return ResponseFormal(615)
            if not eUser:
                return ResponseFormal(616)
            own_permission = ModelService.check_permission(userID=superID,permID=50)
            if own_permission is True:
                try:
                    eUser.update(user_isValid = isValid)
                    device_user_query_set = Device_User.objects.get(userID=eUserID)
                    if device_user_query_set.role.all():
                        device_user_query_set.role.set([rid])
                    else:
                        role_user_query_set = Role.objects.get(rid=rid)
                        device_user_query_set.role.add(role_user_query_set)
                except Exception as e:
                    errorInfo = traceback.format_exc()
                    print('更新数据库错误:%s'%errorInfo)
                    return ResponseFormal(501,repr(e))
                else:
                    return ResponseFormal(0)
            else:
                return ResponseFormal(602)

    def UserValidUpdate(self, superID, eUserID, isValid):
        try:
            super = Device_User.objects.filter(userID = superID)
            eUser = Device_User.objects.filter(userID = eUserID)
        except Exception as e:
            errorInfo = traceback.format_exc()
            print('查询数据库错误: %s' % errorInfo)
            return ResponseFormal(500,repr(e))
        if not super:
            return ResponseFormal(113)
        if not eUser:
            return ResponseFormal(113)
        if super[0].is_superuser != 100 or super[0].is_superuser == eUser[0].is_superuser:
            return ResponseFormal(602)
        try:
            updateCount = eUser.update(user_isValid = isValid)
        except Exception as e:
            errorInfo = traceback.format_exc()
            print('更新数据库错误: %s' % errorInfo)
            return ResponseFormal(501,repr(e))
        return ResponseFormal(0)

@csrf_exempt
def success(request):
    return ResponseJSON(0)

class refreshTokenView(View):
    @method_decorator(csrf_exempt)
    def dispatch(self, *args, **kwargs):
        return super(refreshTokenView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        request_dict = request.POST
        return self.validation(request_dict=request_dict)

    @csrf_exempt
    def get(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        request_dict = request.GET
        return self.validation(request_dict=request_dict)

    def validation(self, request_dict, *args, **kwargs):

        refresh_token = request_dict.get('refresh_token', None)
        if refresh_token != None:
            tM = JSONTokenManager()
            result = tM.refresh_AToken(refresh_token)
            response = HttpResponse(result)
            return response
        else:
            return ResponseJSON(800)