views.py
3.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
import base64
from common.mixins import GenericView, IWABaseView
from rest_framework import status
from rest_framework_jwt.views import ObtainJSONWebToken
from common import response
from common.redis_cache import redis_handler as rh
from .consts import LOGIN_TIMES_LIMIT_EXPIRES, LOGIN_TIMES_LIMIT
from settings import conf
from django.urls import reverse
from django.http import HttpResponseRedirect
from django.contrib.auth import login as auth_login
from django.conf import settings
from django.shortcuts import resolve_url, redirect
# Create your views here.
# https://auth-i.bmwgroup.net/auth/oauth2/
iwa_url_params = {
'scope': 'openid',
'response_type': 'code',
'redirect_uri': conf.IWA_REDIRECT_URI,
'client_id': conf.IWA_CLIENT_ID
}
iwa_url_params_str = '&'.join(['{0}={1}'.format(k, v) for k, v in iwa_url_params.items()])
iwa_url = '{0}intranetb2x/authorize?{1}'.format(conf.IWA_URL, iwa_url_params_str)
client_id_base64 = base64.b64encode('{0}:{1}'.format(
conf.IWA_CLIENT_ID, conf.IWA_CLIENT_SECRET).encode('utf-8')).decode('utf-8')
class LoginView(ObtainJSONWebToken, GenericView):
def post(self, request, *args, **kwargs):
# 登录次数限制
user_name = request.data.get('username', '')
times = rh.get_login_times(user_name)
if isinstance(times, int) and times >= LOGIN_TIMES_LIMIT:
raise self.invalid_params(msg="重试次数限制")
res = super(LoginView, self).post(request, *args, **kwargs)
self.running_log.info('[users.login] username: {0}'.format(user_name))
if res.status_code == status.HTTP_400_BAD_REQUEST:
rh.set_login_times(user_name, LOGIN_TIMES_LIMIT_EXPIRES)
raise self.invalid_params(msg="用户名或密码错误")
serializer = self.get_serializer(data=request.data)
serializer.is_valid()
user = serializer.object.get('user')
data = {
'user_id': user.id,
'user_name': user.username,
'token': res.data.get('token'),
}
return response.ok(data=data)
class IWALoginView(IWABaseView, GenericView):
def post(self, request, *args, **kwargs):
# code = request.data.get('code', '')
is_admin = request.data.get('state', '') == 'admin'
# q_number = self.get_q_number(conf.IWA_URL, code, conf.IWA_REDIRECT_URI, client_id_base64)
q_number = 'admin'
if is_admin:
self.running_log.info('[admin_users.iwalogin] [username: {0}] [params: {1}]'.format(q_number, request.data))
is_valid, data = self.validate_admin(q_number)
if is_valid:
request.user = data
auth_login(request, data)
# index_path = reverse('admin:index')
# return HttpResponseRedirect(index_path)
return redirect('https://staging-bmw-ocr.situdata.com/admin/')
else:
self.no_permission(data)
else:
self.running_log.info('[users.iwalogin] [username: {0}] [params: {1}]'.format(q_number, request.data))
is_valid, data = self.validate(q_number)
if is_valid:
return response.ok(data=data)
else:
self.no_permission(data)
class IWAUrlView(IWABaseView, GenericView):
def get(self, request, *args, **kwargs):
data = {
'iwa_url': iwa_url,
}
return response.ok(data=data)