From 1a597f51f9e3469ee41b5bc9a422289c4872b033 Mon Sep 17 00:00:00 2001
From: zhuzhenchao <zhuzhenchao@qccr.com>
Date: Tue, 29 Nov 2016 09:08:06 +0800
Subject: [PATCH] add login token

---
 decrators.py                      |  2 +
 homepage/models.py                | 25 ++++-------
 homepage/views.py                 | 20 ++++-----
 middlewares/__init__.py           |  0
 middlewares/session_middleware.py | 94 ++++++++++++++++++++++++++++++++-------
 weapp_sys/settings.py             | 15 ++++---
 6 files changed, 105 insertions(+), 51 deletions(-)
 create mode 100644 middlewares/__init__.py

diff --git a/decrators.py b/decrators.py
index e69de29..3117685 100644
--- a/decrators.py
+++ b/decrators.py
@@ -0,0 +1,2 @@
+# coding: utf-8
+
diff --git a/homepage/models.py b/homepage/models.py
index 0ef2839..99b56d4 100644
--- a/homepage/models.py
+++ b/homepage/models.py
@@ -11,24 +11,17 @@ class ForumUser(AbstractUser):
     django.contrib.auth.models.User 默认User类字段太少，用AbstractUser
     自定义一个User类，增加字段
     '''
-    nickname = models.CharField(max_length=200, null=True, blank=True)
-    avatar = models.CharField(max_length=200, null=True, blank=True)    # 头像
-    signature = models.CharField(max_length=500, null=True, blank=True) # 签名
-    location = models.CharField(max_length=200, null=True, blank=True)
-    website = models.URLField(null=True, blank=True)
-    company = models.CharField(max_length=200, null=True, blank=True)
-    role = models.IntegerField(null=True, blank=True)                   # 角色
-    balance = models.IntegerField(null=True, blank=True)                # 余额
-    reputation = models.IntegerField(null=True, blank=True)             # 声誉
-    self_intro = models.CharField(max_length=500, null=True, blank=True)# 自我介绍
-    updated = models.DateTimeField(null=True, blank=True)
-    twitter = models.CharField(max_length=200, null=True, blank=True)
-    github = models.CharField(max_length=200, null=True, blank=True)
-    douban = models.CharField(max_length=200, null=True, blank=True)
+    suid = models.IntegerField(u'uid')
+    user_name = models.CharField(u'用户名', max_length=20)
+    level = models.IntegerField(u'level')
+    create_time = models.DateTimeField()
+    status = models.IntegerField()
+    last_login_ip = models.CharField(max_length=20)
+    last_login_time = models.DateTimeField()
 
     def __unicode__(self):
-        return self.username
+        return self.user_name
 
     class Meta(object):
-        db_table = 'forum_forumuser'
+        db_table = 'sys_user'
         verbose_name = verbose_name_plural = u'用户'
\ No newline at end of file
diff --git a/homepage/views.py b/homepage/views.py
index 11ac426..c1d61a8 100644
--- a/homepage/views.py
+++ b/homepage/views.py
@@ -2,6 +2,7 @@
 
 import json
 import logging
+import requests
 from django.contrib import auth
 from django.contrib.auth import logout
 from django.contrib.auth.decorators import login_required
@@ -16,6 +17,7 @@ from django.conf import settings
 def homepage(request):
 
     username = request.user.username
+    import pdb; pdb.set_trace()
     t = HttpResponseRedirect('/admin/')
     t.set_cookie('username', username, 864000)
     return t
@@ -37,7 +39,7 @@ def mylogin(request):
             'user_name': username,
             'password': password,
         }
-        resp = request.post(settings.AUTH_DOMAIN, data=post_params, verify=False)
+        resp = requests.post(settings.AUTH_DOMAIN, data=post_params, verify=False)
         if resp.status_code == 200:
             rst = resp.json()
             if rst.get('status') == 1:
@@ -45,16 +47,12 @@ def mylogin(request):
                 token = data.get('token')
                 suid = data.get('1000')
                 t = HttpResponseRedirect('/admin/')
-                t.set_cookie('pu', username, 864000)
-                t.set_cookie(('pt'), )
-
-        else:
-            pass
-        if user:
-            auth.login(request, user)
-            t = HttpResponseRedirect('/admin/')
-            t.set_cookie('username', username, 864000)
-            return t
+                t.set_cookie('pu', token, 864000)
+                t.set_cookie('pt', suid, 864000)
+                t.set_cookie('username', username, 86400)
+                return t
+
+        t = HttpResponseRedirect('/login/')
 
 
 def mylogout(request):
diff --git a/middlewares/__init__.py b/middlewares/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/middlewares/session_middleware.py b/middlewares/session_middleware.py
index 353be7b..2ab8d82 100644
--- a/middlewares/session_middleware.py
+++ b/middlewares/session_middleware.py
@@ -23,22 +23,10 @@ class SessionWithoutLocalUserMiddleware(object):
         else:
             pt = request.COOKIES.get('pt')
             pu = request.COOKIES.get('pu')
+            username = request.COOKIES.get('username')
             if pt and pu:
-                # 能拿到统一认证session的情况，优先从缓存中拿用户
-                user = self.cache.get(pu)
-                if not user:
-                    # 如果缓存未命中，则直接调用统一权限，查询当前session的状态，构造用户，并存入缓存
-                    user_info = ''
-
-                    manager = Manager()
-                    user_info = manager.get_user_info(request)
-                    if user_info is None:
-                        # 查询session状态失败的情况，构造匿名用户
-                        user = AnonymousUser()
-                    else:
-                        # 查询session状态成功的情况，构造QCCRUser
-                        user = user_info
-                        self.cache.set(pt, user, 60)
+                # 查询session状态成功的情况，构造QCCRUser
+                user = XYTUser(username, pu, pt)
                 request.user = user
             else:
                 # 拿不到统一认证的session，将当前用户设为匿名用户
@@ -50,5 +38,77 @@ class Manager(object):
     def __init__(self):
         self.auth_domain = 'https://api.xiuyetang.com/sys/user/login'
 
-    def get_user_info(self, request):
-        pass
\ No newline at end of file
+
+class XYTUser(object):
+    id = None
+    pk = None
+    username = ''
+    sessionId = ''
+    accountNo = ''
+    employeeName = ''
+    employeeId = 0
+    employeeNo = ''
+    employeeTel = ''
+    deptIds = ''
+    email = ''
+    entryTime = ''
+    uid = ''
+    is_staff = False
+    is_active = False
+    is_superuser = False
+    _groups = ''
+    _user_permissions = ''
+
+    def __init__(self, username, pu, pt):
+        self.username = username
+        self.id = pu
+        self.pk = pu
+        self.sessionId = pt
+
+    def __str__(self):
+        return self.username
+
+    def __eq__(self, other):
+        return self.username == other.username
+
+    def __ne__(self, other):
+        return not self.__eq__(other)
+
+    def __hash__(self):
+        return hash(self.username)
+
+    def save(self):
+        raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
+
+    def delete(self):
+        raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
+
+    def set_password(self, raw_password):
+        raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
+
+    def check_password(self, raw_password):
+        raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
+
+    def _get_groups(self):
+        return self._groups
+
+    groups = property(_get_groups)
+
+    def _get_user_permissions(self):
+        return self._user_permissions
+
+    user_permissions = property(_get_user_permissions)
+
+    def get_group_permissions(self, obj=None):
+        return set()
+
+    @property
+    def is_anonymous(self):
+        return lambda: False
+
+    @property
+    def is_authenticated(self):
+        return lambda: True
+
+    def get_username(self):
+        return self.username
\ No newline at end of file
diff --git a/weapp_sys/settings.py b/weapp_sys/settings.py
index 20792c3..6e3d055 100644
--- a/weapp_sys/settings.py
+++ b/weapp_sys/settings.py
@@ -34,21 +34,22 @@ INSTALLED_APPS = (
     'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',
-    'django.contrib.sessions',
+    # 'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'homepage',
 )
 
 MIDDLEWARE_CLASSES = (
-    'django.contrib.sessions.middleware.SessionMiddleware',
+    # 'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
-    'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
-    'django.contrib.messages.middleware.MessageMiddleware',
+    # 'django.contrib.auth.middleware.AuthenticationMiddleware',
+    # 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
+    # 'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'django.middleware.security.SecurityMiddleware',
+    'middlewares.session_middleware.SessionWithoutLocalUserMiddleware',
 )
 
 ROOT_URLCONF = 'weapp_sys.urls'
@@ -83,8 +84,8 @@ DATABASES = {
         'NAME': 'forum',                      # Or path to database file if using sqlite3.
         # The following settings are not used with sqlite3:
         'USER': 'root',
-        'PASSWORD': '',
-        'HOST': '127.0.0.1',                      # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
+        'PASSWORD': 'nineteen',
+        'HOST': '121.40.31.31',                      # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
         'PORT': '3306',
     }
 }
-- 
2.0.0