from django.shortcuts import render, redirect from .form import UserLoginForm, UserRegisterForm from django.contrib.auth import authenticate, login, logout from django.http import HttpResponse from .models import Profile, Devices import random import datetime import json """ 在此处修改token过期时间,30代表30天过期 """ expiration_date = 30 def user_login(request): if request.method == 'POST': user_login_form = UserLoginForm(request.POST) if user_login_form.is_valid(): # 清洗出合法的数据 data = user_login_form.cleaned_data # 检测是否有登录凭证 if data['token'] != 'token': try: device = Devices.objects.filter(token__exact=data['token']).get() sub_time = (device.last_login_time - datetime.date).total_seconds() / (3600 * 24) # 检查token是否过期 if sub_time < expiration_date: # 更新此user此设备的token # token由设备uid、用户名、当前时间hash得来 device.token = hash( device.device_uid + device.user.username + datetime.datetime.now().strftime("%Y%m%d%H%M%S")) device.save() # 登录 user = device.user login(request, user) response = {'result': 'login successfully'} return HttpResponse(json.dumps(response)) # return redirect("chat:index") else: response = {'result': 'token time out'} return HttpResponse(json.dumps(response)) # 已过期的token并且已经被删除 except Devices.DoesNotExist: response = {'result': 'detected new device'} return HttpResponse(json.dumps(response)) else: # 检测账号密码是否匹配数据库中的一个用户 # 如果均匹配,则返回此User对象 user = authenticate(username=data['username'], password=data['password']) if user: # 新建一个该user的设备 device = Devices() device.user = user device.device_uid = generate_random_str(10) device.token = hash( device.device_uid + device.user.username + datetime.datetime.now().strftime("%Y%m%d%H%M%S")) device.save() login(request, user) response = {'result': 'login successfully'} return HttpResponse(json.dumps(response)) else: response = {'result': 'wrong account or password'} return HttpResponse(json.dumps(response)) else: response = {'result', 'illegal input'} return HttpResponse(json.dumps(response)) # 用于测试,登录界面 # elif request.method == 'GET': # user_login_form = UserLoginForm() # context = {'form': user_login_form} # return render(request, 'login.html', context) else: # 请求方法错误,请使用POST response = {'result', 'illegal method, please use post'} return HttpResponse(json.dumps(response)) def generate_random_str(random_length=16): """ 生成一个指定长度的随机字符串 """ random_str = '' base_str = 'ABCDEFGHIGKLMNOPQRSTUVWXYZabcdefghigklmnopqrstuvwxyz0123456789' length = len(base_str) - 1 for i in range(random_length): random_str += base_str[random.randint(0, length)] return random_str def user_logout(request): logout(request) return redirect("chat:index") def user_register(request): if request.method == 'POST': user_register_form = UserRegisterForm(data=request.POST) if user_register_form.is_valid(): # 新建一个user,但是不提交 new_user = user_register_form.save(commit=False) # 设置密码 new_user.set_password(user_register_form.cleaned_data['password']) # 保存 new_user.save() response = {'result': 'reg successfully'} return HttpResponse(json.dumps(response)) else: response = {'result', 'illegal input'} return HttpResponse(json.dumps(response)) # 用于测试 # elif request.method == 'GET': # user_register_form = UserRegisterForm() # context = {'form': user_register_form} # return render(request, 'register.html', context) else: response = {'result', 'illegal method, please use post'} return HttpResponse(json.dumps(response))