add login token

zhuzhenchao
1 parent e11f60ade2
Showing 6 changed files with 105 additions and 51 deletions Show diff stats
decrators.py
homepage/models.py
homepage/views.py
middlewares/__init__.py
middlewares/session_middleware.py
weapp_sys/settings.py
@@ -0,0 +1,2 @@
+# coding: utf-8
+
@@ -11,24 +11,17 @@ class ForumUser(AbstractUser):
     django.contrib.auth.models.User 默认User类字段太少，用AbstractUser
     自定义一个User类，增加字段
     '''
-    nickname = models.CharField(max_length=200, null=True, blank=True)
-    avatar = models.CharField(max_length=200, null=True, blank=True)    # 头像
-    signature = models.CharField(max_length=500, null=True, blank=True) # 签名
-    location = models.CharField(max_length=200, null=True, blank=True)
-    website = models.URLField(null=True, blank=True)
-    company = models.CharField(max_length=200, null=True, blank=True)
-    role = models.IntegerField(null=True, blank=True)                   # 角色
-    balance = models.IntegerField(null=True, blank=True)                # 余额
-    reputation = models.IntegerField(null=True, blank=True)             # 声誉
-    self_intro = models.CharField(max_length=500, null=True, blank=True)# 自我介绍
-    updated = models.DateTimeField(null=True, blank=True)
-    twitter = models.CharField(max_length=200, null=True, blank=True)
-    github = models.CharField(max_length=200, null=True, blank=True)
-    douban = models.CharField(max_length=200, null=True, blank=True)
+    suid = models.IntegerField(u'uid')
+    user_name = models.CharField(u'用户名', max_length=20)
+    level = models.IntegerField(u'level')
+    create_time = models.DateTimeField()
+    status = models.IntegerField()
+    last_login_ip = models.CharField(max_length=20)
+    last_login_time = models.DateTimeField()
  
     def __unicode__(self):
-        return self.username
+        return self.user_name
  
     class Meta(object):
-        db_table = 'forum_forumuser'
+        db_table = 'sys_user'
         verbose_name = verbose_name_plural = u'用户'
 \ No newline at end of file
@@ -2,6 +2,7 @@
  
 import json
 import logging
+import requests
 from django.contrib import auth
 from django.contrib.auth import logout
 from django.contrib.auth.decorators import login_required
@@ -16,6 +17,7 @@ from django.conf import settings
 def homepage(request):
  
     username = request.user.username
+    import pdb; pdb.set_trace()
     t = HttpResponseRedirect('/admin/')
     t.set_cookie('username', username, 864000)
     return t
@@ -37,7 +39,7 @@ def mylogin(request):
             'user_name': username,
             'password': password,
         }
-        resp = request.post(settings.AUTH_DOMAIN, data=post_params, verify=False)
+        resp = requests.post(settings.AUTH_DOMAIN, data=post_params, verify=False)
         if resp.status_code == 200:
             rst = resp.json()
             if rst.get('status') == 1:
@@ -45,16 +47,12 @@ def mylogin(request):
                 token = data.get('token')
                 suid = data.get('1000')
                 t = HttpResponseRedirect('/admin/')
-                t.set_cookie('pu', username, 864000)
-                t.set_cookie(('pt'), )
-
-        else:
-            pass
-        if user:
-            auth.login(request, user)
-            t = HttpResponseRedirect('/admin/')
-            t.set_cookie('username', username, 864000)
-            return t
+                t.set_cookie('pu', token, 864000)
+                t.set_cookie('pt', suid, 864000)
+                t.set_cookie('username', username, 86400)
+                return t
+
+        t = HttpResponseRedirect('/login/')
  
  
 def mylogout(request):
@@ -23,22 +23,10 @@ class SessionWithoutLocalUserMiddleware(object):
         else:
             pt = request.COOKIES.get('pt')
             pu = request.COOKIES.get('pu')
+            username = request.COOKIES.get('username')
             if pt and pu:
-                # 能拿到统一认证session的情况，优先从缓存中拿用户
-                user = self.cache.get(pu)
-                if not user:
-                    # 如果缓存未命中，则直接调用统一权限，查询当前session的状态，构造用户，并存入缓存
-                    user_info = ''
-
-                    manager = Manager()
-                    user_info = manager.get_user_info(request)
-                    if user_info is None:
-                        # 查询session状态失败的情况，构造匿名用户
-                        user = AnonymousUser()
-                    else:
-                        # 查询session状态成功的情况，构造QCCRUser
-                        user = user_info
-                        self.cache.set(pt, user, 60)
+                # 查询session状态成功的情况，构造QCCRUser
+                user = XYTUser(username, pu, pt)
                 request.user = user
             else:
                 # 拿不到统一认证的session，将当前用户设为匿名用户
@@ -50,5 +38,77 @@ class Manager(object):
     def __init__(self):
         self.auth_domain = 'https://api.xiuyetang.com/sys/user/login'
  
-    def get_user_info(self, request):
-        pass
 \ No newline at end of file
+
+class XYTUser(object):
+    id = None
+    pk = None
+    username = ''
+    sessionId = ''
+    accountNo = ''
+    employeeName = ''
+    employeeId = 0
+    employeeNo = ''
+    employeeTel = ''
+    deptIds = ''
+    email = ''
+    entryTime = ''
+    uid = ''
+    is_staff = False
+    is_active = False
+    is_superuser = False
+    _groups = ''
+    _user_permissions = ''
+
+    def __init__(self, username, pu, pt):
+        self.username = username
+        self.id = pu
+        self.pk = pu
+        self.sessionId = pt
+
+    def __str__(self):
+        return self.username
+
+    def __eq__(self, other):
+        return self.username == other.username
+
+    def __ne__(self, other):
+        return not self.__eq__(other)
+
+    def __hash__(self):
+        return hash(self.username)
+
+    def save(self):
+        raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
+
+    def delete(self):
+        raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
+
+    def set_password(self, raw_password):
+        raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
+
+    def check_password(self, raw_password):
+        raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
+
+    def _get_groups(self):
+        return self._groups
+
+    groups = property(_get_groups)
+
+    def _get_user_permissions(self):
+        return self._user_permissions
+
+    user_permissions = property(_get_user_permissions)
+
+    def get_group_permissions(self, obj=None):
+        return set()
+
+    @property
+    def is_anonymous(self):
+        return lambda: False
+
+    @property
+    def is_authenticated(self):
+        return lambda: True
+
+    def get_username(self):
+        return self.username
 \ No newline at end of file
@@ -34,21 +34,22 @@ INSTALLED_APPS = (
     'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',
-    'django.contrib.sessions',
+    # 'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'homepage',
 )
  
 MIDDLEWARE_CLASSES = (
-    'django.contrib.sessions.middleware.SessionMiddleware',
+    # 'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
-    'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
-    'django.contrib.messages.middleware.MessageMiddleware',
+    # 'django.contrib.auth.middleware.AuthenticationMiddleware',
+    # 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
+    # 'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'django.middleware.security.SecurityMiddleware',
+    'middlewares.session_middleware.SessionWithoutLocalUserMiddleware',
 )
  
 ROOT_URLCONF = 'weapp_sys.urls'
@@ -83,8 +84,8 @@ DATABASES = {
         'NAME': 'forum',                      # Or path to database file if using sqlite3.
         # The following settings are not used with sqlite3:
         'USER': 'root',
-        'PASSWORD': '',
-        'HOST': '127.0.0.1',                      # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
+        'PASSWORD': 'nineteen',
+        'HOST': '121.40.31.31',                      # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
         'PORT': '3306',
     }
 }
...	...	@@ -11,24 +11,17 @@ class ForumUser(AbstractUser):
11	11	django.contrib.auth.models.User 默认User类字段太少，用AbstractUser
12	12	自定义一个User类，增加字段
13	13	'''
14		- nickname = models.CharField(max_length=200, null=True, blank=True)
15		- avatar = models.CharField(max_length=200, null=True, blank=True) # 头像
16		- signature = models.CharField(max_length=500, null=True, blank=True) # 签名
17		- location = models.CharField(max_length=200, null=True, blank=True)
18		- website = models.URLField(null=True, blank=True)
19		- company = models.CharField(max_length=200, null=True, blank=True)
20		- role = models.IntegerField(null=True, blank=True) # 角色
21		- balance = models.IntegerField(null=True, blank=True) # 余额
22		- reputation = models.IntegerField(null=True, blank=True) # 声誉
23		- self_intro = models.CharField(max_length=500, null=True, blank=True)# 自我介绍
24		- updated = models.DateTimeField(null=True, blank=True)
25		- twitter = models.CharField(max_length=200, null=True, blank=True)
26		- github = models.CharField(max_length=200, null=True, blank=True)
27		- douban = models.CharField(max_length=200, null=True, blank=True)
	14	+ suid = models.IntegerField(u'uid')
	15	+ user_name = models.CharField(u'用户名', max_length=20)
	16	+ level = models.IntegerField(u'level')
	17	+ create_time = models.DateTimeField()
	18	+ status = models.IntegerField()
	19	+ last_login_ip = models.CharField(max_length=20)
	20	+ last_login_time = models.DateTimeField()
28	21
29	22	def __unicode__(self):
30		- return self.username
	23	+ return self.user_name
31	24
32	25	class Meta(object):
33		- db_table = 'forum_forumuser'
	26	+ db_table = 'sys_user'
34	27	verbose_name = verbose_name_plural = u'用户'
35	28	\ No newline at end of file
...	...
...	...	@@ -2,6 +2,7 @@
2	2
3	3	import json
4	4	import logging
	5	+import requests
5	6	from django.contrib import auth
6	7	from django.contrib.auth import logout
7	8	from django.contrib.auth.decorators import login_required
...	...	@@ -16,6 +17,7 @@ from django.conf import settings
16	17	def homepage(request):
17	18
18	19	username = request.user.username
	20	+ import pdb; pdb.set_trace()
19	21	t = HttpResponseRedirect('/admin/')
20	22	t.set_cookie('username', username, 864000)
21	23	return t
...	...	@@ -37,7 +39,7 @@ def mylogin(request):
37	39	'user_name': username,
38	40	'password': password,
39	41	}
40		- resp = request.post(settings.AUTH_DOMAIN, data=post_params, verify=False)
	42	+ resp = requests.post(settings.AUTH_DOMAIN, data=post_params, verify=False)
41	43	if resp.status_code == 200:
42	44	rst = resp.json()
43	45	if rst.get('status') == 1:
...	...	@@ -45,16 +47,12 @@ def mylogin(request):
45	47	token = data.get('token')
46	48	suid = data.get('1000')
47	49	t = HttpResponseRedirect('/admin/')
48		- t.set_cookie('pu', username, 864000)
49		- t.set_cookie(('pt'), )
50		-
51		- else:
52		- pass
53		- if user:
54		- auth.login(request, user)
55		- t = HttpResponseRedirect('/admin/')
56		- t.set_cookie('username', username, 864000)
57		- return t
	50	+ t.set_cookie('pu', token, 864000)
	51	+ t.set_cookie('pt', suid, 864000)
	52	+ t.set_cookie('username', username, 86400)
	53	+ return t
	54	+
	55	+ t = HttpResponseRedirect('/login/')
58	56
59	57
60	58	def mylogout(request):
...	...
...	...	@@ -23,22 +23,10 @@ class SessionWithoutLocalUserMiddleware(object):
23	23	else:
24	24	pt = request.COOKIES.get('pt')
25	25	pu = request.COOKIES.get('pu')
	26	+ username = request.COOKIES.get('username')
26	27	if pt and pu:
27		- # 能拿到统一认证session的情况，优先从缓存中拿用户
28		- user = self.cache.get(pu)
29		- if not user:
30		- # 如果缓存未命中，则直接调用统一权限，查询当前session的状态，构造用户，并存入缓存
31		- user_info = ''
32		-
33		- manager = Manager()
34		- user_info = manager.get_user_info(request)
35		- if user_info is None:
36		- # 查询session状态失败的情况，构造匿名用户
37		- user = AnonymousUser()
38		- else:
39		- # 查询session状态成功的情况，构造QCCRUser
40		- user = user_info
41		- self.cache.set(pt, user, 60)
	28	+ # 查询session状态成功的情况，构造QCCRUser
	29	+ user = XYTUser(username, pu, pt)
42	30	request.user = user
43	31	else:
44	32	# 拿不到统一认证的session，将当前用户设为匿名用户
...	...	@@ -50,5 +38,77 @@ class Manager(object):
50	38	def __init__(self):
51	39	self.auth_domain = 'https://api.xiuyetang.com/sys/user/login'
52	40
53		- def get_user_info(self, request):
54		- pass
55	41	\ No newline at end of file
	42	+
	43	+class XYTUser(object):
	44	+ id = None
	45	+ pk = None
	46	+ username = ''
	47	+ sessionId = ''
	48	+ accountNo = ''
	49	+ employeeName = ''
	50	+ employeeId = 0
	51	+ employeeNo = ''
	52	+ employeeTel = ''
	53	+ deptIds = ''
	54	+ email = ''
	55	+ entryTime = ''
	56	+ uid = ''
	57	+ is_staff = False
	58	+ is_active = False
	59	+ is_superuser = False
	60	+ _groups = ''
	61	+ _user_permissions = ''
	62	+
	63	+ def __init__(self, username, pu, pt):
	64	+ self.username = username
	65	+ self.id = pu
	66	+ self.pk = pu
	67	+ self.sessionId = pt
	68	+
	69	+ def __str__(self):
	70	+ return self.username
	71	+
	72	+ def __eq__(self, other):
	73	+ return self.username == other.username
	74	+
	75	+ def __ne__(self, other):
	76	+ return not self.__eq__(other)
	77	+
	78	+ def __hash__(self):
	79	+ return hash(self.username)
	80	+
	81	+ def save(self):
	82	+ raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
	83	+
	84	+ def delete(self):
	85	+ raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
	86	+
	87	+ def set_password(self, raw_password):
	88	+ raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
	89	+
	90	+ def check_password(self, raw_password):
	91	+ raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
	92	+
	93	+ def _get_groups(self):
	94	+ return self._groups
	95	+
	96	+ groups = property(_get_groups)
	97	+
	98	+ def _get_user_permissions(self):
	99	+ return self._user_permissions
	100	+
	101	+ user_permissions = property(_get_user_permissions)
	102	+
	103	+ def get_group_permissions(self, obj=None):
	104	+ return set()
	105	+
	106	+ @property
	107	+ def is_anonymous(self):
	108	+ return lambda: False
	109	+
	110	+ @property
	111	+ def is_authenticated(self):
	112	+ return lambda: True
	113	+
	114	+ def get_username(self):
	115	+ return self.username
56	116	\ No newline at end of file
...	...
...	...	@@ -34,21 +34,22 @@ INSTALLED_APPS = (
34	34	'django.contrib.admin',
35	35	'django.contrib.auth',
36	36	'django.contrib.contenttypes',
37		- 'django.contrib.sessions',
	37	+ # 'django.contrib.sessions',
38	38	'django.contrib.messages',
39	39	'django.contrib.staticfiles',
40	40	'homepage',
41	41	)
42	42
43	43	MIDDLEWARE_CLASSES = (
44		- 'django.contrib.sessions.middleware.SessionMiddleware',
	44	+ # 'django.contrib.sessions.middleware.SessionMiddleware',
45	45	'django.middleware.common.CommonMiddleware',
46	46	'django.middleware.csrf.CsrfViewMiddleware',
47		- 'django.contrib.auth.middleware.AuthenticationMiddleware',
48		- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
49		- 'django.contrib.messages.middleware.MessageMiddleware',
	47	+ # 'django.contrib.auth.middleware.AuthenticationMiddleware',
	48	+ # 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
	49	+ # 'django.contrib.messages.middleware.MessageMiddleware',
50	50	'django.middleware.clickjacking.XFrameOptionsMiddleware',
51	51	'django.middleware.security.SecurityMiddleware',
	52	+ 'middlewares.session_middleware.SessionWithoutLocalUserMiddleware',
52	53	)
53	54
54	55	ROOT_URLCONF = 'weapp_sys.urls'
...	...	@@ -83,8 +84,8 @@ DATABASES = {
83	84	'NAME': 'forum', # Or path to database file if using sqlite3.
84	85	# The following settings are not used with sqlite3:
85	86	'USER': 'root',
86		- 'PASSWORD': '',
87		- 'HOST': '127.0.0.1', # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
	87	+ 'PASSWORD': 'nineteen',
	88	+ 'HOST': '121.40.31.31', # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
88	89	'PORT': '3306',
89	90	}
90	91	}
...	...