locky
/
ASJServer


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
							from datetime import datetime

import pytz
from django.db.models import Q
from django.views import View
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
from django.contrib.auth.hashers import check_password
from Model.models import Device_User
from Object.ResponseObject import ResponseObject
import base64
import hmac
import hashlib
import os
import json


class ShopifyMultipass:
    @staticmethod
    def generate_multipass_token(secret, customer_data):
        # 第一步：将客户数据转换为JSON格式
        json_data = json.dumps(customer_data)

        # 第二步：生成加密密钥和签名密钥
        hash_digest = hashlib.sha256(secret.encode()).digest()
        encryption_key = hash_digest[:16]  # 128位加密密钥
        signature_key = hash_digest[16:32]  # 128位签名密钥

        # 第三步：加密JSON数据
        iv = os.urandom(16)  # 随机初始化向量
        cipher = AES.new(encryption_key, AES.MODE_CBC, iv)
        ciphertext = cipher.encrypt(pad(json_data.encode(), AES.block_size))

        # 第四步：签名加密数据
        data_to_sign = iv + ciphertext
        signature = hmac.new(signature_key, data_to_sign, hashlib.sha256).digest()

        # 第五步：Base64编码
        multipass_token = base64.urlsafe_b64encode(iv + ciphertext + signature).decode()

        return multipass_token


class ShopifyView(View):
    def get(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        operation = kwargs.get('operation')
        request_dict = request.GET
        return self.validation(request, request_dict, operation)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        operation = kwargs.get('operation')
        request_dict = request.POST
        return self.validation(request, request_dict, operation)

    def validation(self, request, request_dict, operation):
        language = request_dict.get('language', 'cn')
        response = ResponseObject(language)
        if operation == 'shopifyLogin':  # APP查詢定制客户信息
            return self.shopify_login(request_dict, response)
        else:
            return response.json(414)

    @staticmethod
    def shopify_login(request_dict, response):
        email = request_dict.get("email", None)
        password = request_dict.get("password", None)

        if not all([email, password]):
            return response.json(444)

        user_qs = Device_User.objects.filter(Q(username=email) | Q(userEmail=email))
        users = user_qs.values('role__rid', 'role__roleName', 'userID', 'NickName', 'username', 'userEmail',
                               'phone', 'password', 'userIconPath')[0]

        check_flag = check_password(password, users['password'])
        if not check_flag:
            return response.json(111)

        # 获取当前时间
        now = datetime.now(pytz.timezone('America/New_York'))  # 你可以根据需要更改时区

        # 格式化时间戳
        timestamp = now.strftime('%Y-%m-%dT%H:%M:%S%z')
        # 添加冒号到时区部分
        timestamp = timestamp[:-2] + ':' + timestamp[-2:]

        customer_data = {
            "email": email,
            "created_at": timestamp,
        }
        multipass_secret = "f4863c9979d7ddd16e23817c0dfe7863"  # multipass密钥
        token = ShopifyMultipass.generate_multipass_token(multipass_secret, customer_data)

        # 构造重定向URL
        redirect_url = f"https://eu.zositech.com/account/login/multipass/{token}"

        return response.json(0, redirect_url)