| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 |
- from django.shortcuts import render, redirect
- from .form import UserLoginForm, UserRegisterForm
- from django.contrib.auth import authenticate, login, logout
- from django.http import HttpResponse
- from .models import Profile, Devices
- import random
- import datetime
- import json
- """
- 在此处修改token过期时间,30代表30天过期
- """
- expiration_date = 30
- def user_login(request):
- if request.method == 'POST':
- user_login_form = UserLoginForm(request.POST)
- if user_login_form.is_valid():
- # 清洗出合法的数据
- data = user_login_form.cleaned_data
- # 检测是否有登录凭证
- if data['token'] != 'token':
- try:
- device = Devices.objects.filter(token__exact=data['token']).get()
- sub_time = (device.last_login_time - datetime.date).total_seconds() / (3600 * 24)
- # 检查token是否过期
- if sub_time < expiration_date:
- # 更新此user此设备的token
- # token由设备uid、用户名、当前时间hash得来
- device.token = hash(
- device.device_uid + device.user.username + datetime.datetime.now().strftime("%Y%m%d%H%M%S"))
- device.save()
- # 登录
- user = device.user
- login(request, user)
- response = {'result': 'login successfully'}
- return HttpResponse(json.dumps(response))
- # return redirect("chat:index")
- else:
- response = {'result': 'token time out'}
- return HttpResponse(json.dumps(response))
- # 已过期的token并且已经被删除
- except Devices.DoesNotExist:
- response = {'result': 'detected new device'}
- return HttpResponse(json.dumps(response))
- else:
- # 检测账号密码是否匹配数据库中的一个用户
- # 如果均匹配,则返回此User对象
- user = authenticate(username=data['username'], password=data['password'])
- if user:
- # 新建一个该user的设备
- device = Devices()
- device.user = user
- device.device_uid = generate_random_str(10)
- device.token = hash(
- device.device_uid + device.user.username + datetime.datetime.now().strftime("%Y%m%d%H%M%S"))
- device.save()
- login(request, user)
- response = {'result': 'login successfully'}
- return HttpResponse(json.dumps(response))
- else:
- response = {'result': 'wrong account or password'}
- return HttpResponse(json.dumps(response))
- else:
- response = {'result', 'illegal input'}
- return HttpResponse(json.dumps(response))
- # 用于测试,登录界面
- # elif request.method == 'GET':
- # user_login_form = UserLoginForm()
- # context = {'form': user_login_form}
- # return render(request, 'login.html', context)
- else:
- # 请求方法错误,请使用POST
- response = {'result', 'illegal method, please use post'}
- return HttpResponse(json.dumps(response))
- def generate_random_str(random_length=16):
- """
- 生成一个指定长度的随机字符串
- """
- random_str = ''
- base_str = 'ABCDEFGHIGKLMNOPQRSTUVWXYZabcdefghigklmnopqrstuvwxyz0123456789'
- length = len(base_str) - 1
- for i in range(random_length):
- random_str += base_str[random.randint(0, length)]
- return random_str
- def user_logout(request):
- logout(request)
- return redirect("chat:index")
- def user_register(request):
- if request.method == 'POST':
- user_register_form = UserRegisterForm(data=request.POST)
- if user_register_form.is_valid():
- # 新建一个user,但是不提交
- new_user = user_register_form.save(commit=False)
- # 设置密码
- new_user.set_password(user_register_form.cleaned_data['password'])
- # 保存
- new_user.save()
- response = {'result': 'reg successfully'}
- return HttpResponse(json.dumps(response))
- else:
- response = {'result', 'illegal input'}
- return HttpResponse(json.dumps(response))
- # 用于测试
- # elif request.method == 'GET':
- # user_register_form = UserRegisterForm()
- # context = {'form': user_register_form}
- # return render(request, 'register.html', context)
- else:
- response = {'result', 'illegal method, please use post'}
- return HttpResponse(json.dumps(response))
|
