admin test

@@ -6,6 +6,9 @@ from common import response
 from common.redis_cache import redis_handler as rh
 from .consts import LOGIN_TIMES_LIMIT_EXPIRES, LOGIN_TIMES_LIMIT
 from settings import conf
+from django.urls import reverse
+from django.http import HttpResponseRedirect
+from django.contrib.auth import login as auth_login
 
 # Create your views here.
 
@@ -51,16 +54,30 @@ class LoginView(ObtainJSONWebToken, GenericView):
 class IWALoginView(IWABaseView, GenericView):
 
     def post(self, request, *args, **kwargs):
-        code = request.data.get('code', '')
-        # redirect_uri = request.data.get('redirect_uri', '')
-        iwa_res = self.get_q_number(conf.IWA_URL, code, conf.IWA_REDIRECT_URI, client_id_base64)
-        q_number = iwa_res.get('sub', '')
-        self.running_log.info('iwa_res: {0}'.format(iwa_res))
+        # code = request.data.get('code', '')
+        is_admin = request.data.get('state', '') == 'admin'
+        # q_number = self.get_q_number(conf.IWA_URL, code, conf.IWA_REDIRECT_URI, client_id_base64)
 
-        is_valid, data = self.validate(q_number)
+        q_number = 'zwq'
+
+        if is_admin:
+
+            self.running_log.info('[admin_users.iwalogin] [username: {0}] [params: {1}]'.format(q_number, request.data))
+
+            is_valid, data = self.validate_admin(q_number)
+
+            if is_valid:
+                auth_login(request, data)
+                index_path = reverse('admin:index')
+                return HttpResponseRedirect(index_path)
+            else:
+                self.no_permission(data)
+        else:
 
             self.running_log.info('[users.iwalogin] [username: {0}] [params: {1}]'.format(q_number, request.data))
 
+            is_valid, data = self.validate(q_number)
+
             if is_valid:
                 return response.ok(data=data)
             else:

 from django.contrib import admin
+from django.urls import reverse
 from django.views.decorators.cache import never_cache
 from django.http import HttpResponseRedirect
 from settings import conf
@@ -21,7 +22,12 @@ class MyAdminSite(admin.AdminSite):
 
     @never_cache
     def login(self, request, extra_context=None):
-        return HttpResponseRedirect(iwa_admin_url)
+        if request.method == 'GET' and self.has_permission(request):
+            # Already logged-in, redirect to admin index
+            index_path = reverse('admin:index', current_app=self.name)
+            return HttpResponseRedirect(index_path)
+        # return HttpResponseRedirect(iwa_admin_url)
+        return HttpResponseRedirect('https://staging-bmw-ocr.situdata.com/login?state=admin')
 
 
 admin_site = MyAdminSite()

@@ -135,7 +135,7 @@ class IWABaseView:
         iwa_user_url = '{0}intranetb2x/userinfo'.format(iwa_url_base)
         res = requests.get(iwa_user_url, headers=headers)
 
-        return res.json()
+        return res.json().get('sub', '')
 
     @staticmethod
     def validate(q_number):
@@ -159,3 +159,22 @@ class IWABaseView:
         else:
             msg = 'q_number user not found'
             return False, msg
+
+    @staticmethod
+    def validate_admin(q_number):
+        if not q_number:
+            return False, 'get q_number empty'
+        user = get_user_model().objects.filter(username=q_number).first()
+        if user:
+            if not user.is_active:
+                msg = 'User account is disabled.'
+                return False, msg
+
+            if not user.is_superuser:
+                msg = 'User account is not admin user'
+                return False, msg
+
+            return True, user
+        else:
+            msg = 'q_number user not found'
+            return False, msg