| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280 |
- #!/usr/bin/env python3
- # -*- coding: utf-8 -*-
- """
- @Copyright (C) ansjer cop Video Technology Co.,Ltd.All rights reserved.
- @AUTHOR: ASJRD019
- @NAME: AnsjerFormal
- @software: PyCharm
- @DATE: 2020/3/18 9:38
- @Version: python3.6
- @MODIFY DECORD:ansjer dev
- @file: AppSetController.py
- @Contact: pzb3076@163.com
- """
- import requests
- import base64
- from Ansjer.config import SERVER_TYPE
- from Model.models import ApplicationModel, Device_User, GrantCodeModel
- from django.views.generic.base import View
- from Object.RedisObject import RedisObject
- from Object.TokenObject import TokenObject
- from Service.ModelService import ModelService
- from Service.CommonService import CommonService
- from django.http import JsonResponse
- from django.contrib import auth
- import time,json
- from Object.ResponseObject import ResponseObject
- # http://192.168.136.39:8000/login/oauth/authorize
- # http://192.168.136.39:8000/application/query
- class AuthView(View):
- def get(self, request, *args, **kwargs):
- request.encoding = 'utf-8'
- operation = kwargs.get('operation', None)
- try:
- content_range = request.META['HTTP_AUTHORIZATION']
- print(content_range)
- except Exception as e:
- content_range = ''
- return self.validation(request.GET, operation, content_range)
- def post(self, request, *args, **kwargs):
- request.encoding = 'utf-8'
- operation = kwargs.get('operation', None)
- try:
- content_range = request.META['HTTP_AUTHORIZATION']
- print(content_range)
- except Exception as e:
- content_range = ''
- return self.validation(request.POST, operation, content_range)
- def validation(self, request_dict, operation, content_range):
- response = ResponseObject()
- if operation == 'authorize':
- return self.do_authorize(request_dict, response,content_range)
- elif operation == 'access_token':
- return self.do_token(request_dict, response, content_range)
- elif operation == 'user':
- return self.do_user(request_dict, response,content_range)
- else:
- return response.json(414)
- def do_authorize(self,request_dict, response, content_range):
- state = request_dict.get("state", '')
- client_id = request_dict.get("client_id", '')
- response_type = request_dict.get("response_type", '')
- scope = request_dict.get("scope", '')
- redirect_uri = request_dict.get("redirect_uri", '')
- client_secret = request_dict.get("client_secret", '')
- token = request_dict.get('token', None)
- # print("client_id", client_id)
- # print("state", state)
- # print("response_type", response_type)
- # print("scope", scope)
- # print("redirect_uri", redirect_uri)
- # print("client_secret", client_secret)
- tko = TokenObject(token)
- if tko.code == 0:
- userID = tko.userID
- nowTime = int(time.time())
- user_qs = GrantCodeModel.objects.filter(userID__userID=userID)
- code = CommonService.encrypt_data(randomlength=32)
- Application = ApplicationModel.objects.filter(client_id=client_id)
- if Application.exists():
- print(Application.exists())
- else:
- return JsonResponse({'error': 'config error,client_id This value is wrong'})
- if not user_qs.exists():
- print('在创建')
- try:
- grantcode = GrantCodeModel(
- userID=Device_User.objects.get(userID=userID),
- application=ApplicationModel.objects.get(client_id=client_id),
- code=code,
- expire_time=nowTime+3600,
- add_time=nowTime,
- update_time=nowTime)
- grantcode.save()
- except Exception as e:
- print(repr(e))
- return response.json(178)
- else:
- print('在修改')
- user_qs.update(code=code,update_time=nowTime,expire_time=nowTime+3600)
- redirect_uri = redirect_uri + '?code=' + code + '&state=' + state
- return response.json(0, {'url': redirect_uri})
- else:
- return response.json(tko.code)
- # 增加对code和client_id的校验代码,返回access_token和refresh_token
- def do_token(self,request_dict, response, content_range):
- code = request_dict.get("code", None)
- print('code:')
- print(code)
- str = content_range
- # str = 'Basic cHpiMTIzNDU2Nzg6cHpiMTIzNDU2Nzg='
- if str != '':
- str = str[6:]
- str = base64.b64decode(str)
- print(str)
- str = bytes.decode(str)
- print(type(str))
- str_all = str.split(":", 1)
- client_id = str_all[0]
- client_secret = str_all[1]
- eq = ApplicationModel.objects.filter(client_secret=client_secret)
- if eq.exists():
- access_token = code
- refresh_token = CommonService.encrypt_data(randomlength=32)
- res_json = {
- "access_token": access_token,
- "token_type": "bearer",
- "expires_in": 3600,
- "refresh_token": refresh_token,
- 'scope': 'cHpi'
- }
- print(res_json)
- return JsonResponse(res_json)
- else:
- return JsonResponse({'error': 'client_secret This value is misconfigured.'})
- else:
- return JsonResponse({'error': 'Check your configuration:no client_id,client_secret'})
- def do_user(self, request_dict, response,content_range):
- str = content_range
- # str = 'Bearer iBO4WssoK60eF4o6zm1e0fcHe2wRlRm1'
- if str != '':
- token = str[7:]
- code_qs = GrantCodeModel.objects.filter(code=token)
- if code_qs.exists():
- print(code_qs[0].userID_id)
- user_qs = Device_User.objects.filter(userID=code_qs[0].userID_id)
- # print(CommonService.qs_to_dict(user_qs)['datas'][0]['fields'])
- res_json = CommonService.qs_to_dict(user_qs)['datas'][0]['fields']
- res_json.pop('password')
- print(res_json)
- return JsonResponse(res_json)
- else:
- print('没有找到数据')
- return JsonResponse({'error': 'token inexistence'})
- else:
- return JsonResponse({'error': 'The request method is not correct. Please contact the administrator.'})
- class ApplicationView(View):
- def get(self, request, *args, **kwargs):
- request.encoding = 'utf-8'
- operation = kwargs.get('operation', None)
- return self.validation(request.GET, operation)
- def post(self, request, *args, **kwargs):
- request.encoding = 'utf-8'
- operation = kwargs.get('operation', None)
- return self.validation(request.POST, operation)
- def validation(self, request_dict, operation):
- response = ResponseObject()
- token = request_dict.get('token', None)
- tko = TokenObject(token)
- if tko.code == 0:
- userID = tko.userID
- if operation == 'query':
- return self.query(request_dict, userID, response)
- elif operation == 'add':
- return self.add(request_dict, userID, response)
- elif operation == 'update':
- return self.update(request_dict, userID, response)
- elif operation == 'delete':
- return self.delete(request_dict, userID, response)
- else:
- return response.json(414)
- else:
- return response.json(tko.code)
- def add(self, request_dict, userID, response):
- own_perm = ModelService.check_perm(userID=userID, permID=40)
- if own_perm is not True:
- return response.json(404)
- # http://192.168.136.39:8000/application/add?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySUQiOiIxMzgwMDEzODAwMSIsImxhbmciOiJjbiIsInVzZXIiOiIxMzgwMDEzODAwMSIsIm1fY29kZSI6IjEyMzQxMzI0MzIxNCIsImV4cCI6MTU4NzYxNjQ0NX0.BIwq - eWDcTnqLBTxqpi7BgJoU9TeIHC5Ibc2LUUJPls&name=pzb&client_id=pzb12345&client_secret=pzb12345678&client_type=confidential&grant_type=authorization_code&redirect_uri=https://www.zositech.cn&skip_auth=1
- nowTime = int(time.time())
- name = request_dict.get('name', None)
- client_id = request_dict.get('client_id', None)
- client_secret = request_dict.get('client_secret', None)
- client_type = request_dict.get('client_type', None)
- grant_type = request_dict.get('grant_type', None)
- redirect_uri = request_dict.get('redirect_uri', None)
- skip_auth = request_dict.get('skip_auth', None)
- try:
- ApplicationModel.objects.create(add_time=nowTime, update_time=nowTime, client_id=client_id, name=name, client_secret=client_secret,
- client_type=client_type,redirect_uri=redirect_uri,skip_auth=skip_auth,grant_type=grant_type)
- return response.json(0)
- except Exception:
- return response.json(178)
- def query(self, request_dict, userID, response):
- own_perm = ModelService.check_perm(userID, 20)
- if own_perm is True:
- page = int(request_dict.get('page', 0))
- line = int(request_dict.get('line', 0))
- if page == 0:
- page=1
- if line == 0:
- line=10
- qs = ApplicationModel.objects.all()
- gc = GrantCodeModel.objects.all()
- if qs.exists():
- count = qs.count()
- res = qs[(page - 1) * line:page * line]
- send_json = CommonService.qs_to_dict(res)
- send_json['count'] = count
- send_json['gc_count'] = gc.count()
- return response.json(0, send_json)
- else:
- return response.json(0, {'datas': [], 'count': 0})
- else:
- return response.json(404)
- # 管理员的编辑
- def update(self, request_dict, userID, response):
- own_perm = ModelService.check_perm(userID=userID, permID=50)
- if own_perm is not True:
- return response.json(404)
- deviceContent = request_dict.get('content', None)
- id = request_dict.get('id', None)
- if not deviceContent or not id:
- return response.json(444, 'content,id')
- try:
- timestamp = int(time.time())
- deviceData = json.loads(deviceContent)
- uid_set = ApplicationModel.objects.filter(id=id)
- if uid_set.exists():
- uid_set.update(update_time=timestamp, **deviceData)
- return response.json(0,{"update_time":timestamp})
- else:
- return response.json(173)
- except Exception:
- return response.json(177)
- def delete(self, request_dict, userID, response):
- own_perm = ModelService.check_perm(userID=userID, permID=10)
- if own_perm is not True:
- return response.json(404)
- id = request_dict.get('id', None)
- uid_set = ApplicationModel.objects.filter(id=id)
- if uid_set.exists():
- uid_set.delete()
- return response.json(0)
- else:
- return response.json(173)
|
