# Create your views here. from datetime import datetime from .models import User, LoginToken from utils.crypto import secure_transport from utils.http import make_json_response from .models import get_user from django.views.decorators.http import require_POST from .decorators import login_required from .utils import auth_with_username_or_email, check_password @secure_transport @require_POST def register(request): username = request.POST.get('username', '') password = request.POST.get('password', '') email = request.POST.get('email', '') if not username or not password or not email: return make_json_response(code=303, error='用户名/密码/邮箱不能为空') if User.objects.filter(username=username): return make_json_response(code=301, error='用户名已存在') if User.objects.filter(email=email): return make_json_response(code=302, error='邮箱已存在') if not check_password(password): return make_json_response(code=304, error='密码长度不能小于8, 必须包含数字和英文字符') try: User.objects.create(username=username, password=password, email=email) print('注册成功') return make_json_response() except Exception as e: return make_json_response(code=500, error=str(e)) @secure_transport @require_POST def login(request): username = request.POST.get('username', '') password = request.POST.get('password', '') old_token = request.POST.get('token', '') try: user = auth_with_username_or_email(username, password) print(user) except: return make_json_response(code=303, error='用户名或密码错误') print(f'token = {old_token}') if user.check_token(old_token): try: user_token = user.tokens.get(token=old_token) print('已登录') user_token.delete() # return JsonResponse({'code': 303, 'msg': '已登录'}, status=303) except Exception as e: print('token无效') else: print('token已过期') user.last_login = datetime.now() token = user.make_token() user_token = LoginToken() user_token.user = user user_token.token = token user_token.save() print('登录成功') print(f'token = {token}') return make_json_response(token=token) @secure_transport @login_required def logout(request): user = get_user(request) data = request.POST token = data.get('token') user_token = user.tokens.get(token=token) user_token.delete() return make_json_response() @secure_transport @require_POST def send_email_verification_code(request): data = request.POST username = data.get('username') email = data.get('email') try: user = User.objects.get(username=username) except: return make_json_response(code=302, error='用户不存在') if user.email != email: return make_json_response(code=301, error='邮箱错误') try: # 发送验证码 token = user.make_token() print(f'发送验证码 email = {user.email} token = {token}') user.send_email('ST网盘重置密码验证码', token) return make_json_response() except Exception as e: print(e) return make_json_response(code=500, error='验证码发送失败') @secure_transport @require_POST def check_token(request): data = request.POST username = data.get('username') token = data.get('token') print(username) try: user = User.objects.get(username=username) except: return make_json_response(code=302, error='用户不存在') print(f'token={token}') if token and user.check_token(token): print('验证码有效') return make_json_response() else: return make_json_response(code=303, error='验证码无效') @secure_transport @require_POST def reset_password(request): data = request.POST username = data.get('username') password = data.get('password') token = data.get('token') if not check_password(password): return make_json_response(code=304, error='密码长度不能小于8, 必须包含数字和英文字符') try: user = User.objects.get(username=username) except: return make_json_response(code=302, error='用户不存在') print(f'token={token}') if token and user.check_token(token): # 重置密码 print("验证码有效") user.password = password user.save() return make_json_response() else: return make_json_response(code=303, error='验证码无效')