# -*- coding: utf-8 -*- from django.contrib.auth.hashers import make_password, check_password from django.contrib.auth.models import User, Group from django.http import JsonResponse from rest_framework import viewsets from account.models import LensmanInfo, UserInfo, UserLoginLogInfo from account.serializers import UserSerializer, GroupSerializer, LensmanInfoSerializer, UserInfoSerializer from utils.ip_utils import ip_addr from curtail_uuid import CurtailUUID from TimeConvert import TimeConvert as tc # curl -X POST -F username=xxxxxxx -F password=xxxxxxx http://api.xfoto.com.cn/login def lesman_login_api(request): username = request.POST.get('username', '') password = request.POST.get('password', '') try: lensman = LensmanInfo.objects.get(username=username) except LensmanInfo.DoesNotExist: return JsonResponse({ 'status': 4000, 'message': u'用户不存在', }) if not check_password(password, lensman.encryption): return JsonResponse({ 'status': 4001, 'message': u'用户密码错误', }) return JsonResponse({ 'status': 200, 'message': u'登录成功', 'data': { 'user': lensman.lensman_id }, }) def user_is_registered_api(request): username = request.POST.get('username', '') return JsonResponse({ 'status': 200, 'message': '', 'data': { 'registered': UserInfo.objects.filter(username=username).exists(), } }) def user_signup_api(request): username = request.POST.get('username', '') password = request.POST.get('password', '') if UserInfo.objects.filter(username=username).exists(): return JsonResponse({ 'status': 4010, 'message': u'该用户名已注册', }) user = UserInfo.objects.create( user_id=CurtailUUID.uuid(UserInfo, 'user_id'), username=username, password=make_password(password, None, 'pbkdf2_sha256'), user_status=UserInfo.ACTIVATED, signup_ip=ip_addr(request), ) return JsonResponse({ 'status': 200, 'message': u'注册成功', 'data': user.data, }) def user_login_api(request): username = request.POST.get('username', '') password = request.POST.get('password', '') try: user = UserInfo.objects.get(username=username) except UserInfo.DoesNotExist: return JsonResponse({ 'status': 4011, 'message': u'用户不存在', }) login_ip, login_at = ip_addr(request), tc.utc_datetime() if not check_password(password, user.password): UserLoginLogInfo.objects.create( user_id=user.user_id, login_ip=login_ip, login_result=UserLoginLogInfo.PWD_ERROR ) return JsonResponse({ 'status': 4012, 'message': u'用户密码错误', }) UserLoginLogInfo.objects.create( user_id=user.user_id, login_ip=login_ip, login_result=UserLoginLogInfo.SUCCESS ) user.login_ip = login_ip user.login_at = login_at user.save() return JsonResponse({ 'status': 200, 'message': u'登录成功', 'data': user.data, }) class UserViewSet(viewsets.ModelViewSet): """ API endpoint that allows users to be viewed or edited. """ queryset = User.objects.all().order_by('-date_joined') serializer_class = UserSerializer class GroupViewSet(viewsets.ModelViewSet): """ API endpoint that allows groups to be viewed or edited. """ queryset = Group.objects.all() serializer_class = GroupSerializer class LensmanInfoViewSet(viewsets.ModelViewSet): queryset = LensmanInfo.objects.all().order_by('-created_at') serializer_class = LensmanInfoSerializer class UserInfoViewSet(viewsets.ModelViewSet): queryset = UserInfo.objects.all().order_by('-created_at') serializer_class = UserInfoSerializer