send_email_verification_code

check_token
reset_password
folder.views
file.views

account/form.py

@@ -1,28 +0,0 @@
-from django import forms
-from user.models import User
-from .models import Profile
-
-
-class UserLoginForm(forms.Form):
-    username = forms.CharField()
-    password = forms.CharField()
-    token = forms.CharField()
-
-
-class UserRegisterForm(forms.ModelForm):
-    password = forms.CharField()
-    password2 = forms.CharField()
-
-    class Meta:
-        model = User
-        fields = ('username', 'email')
-
-    def clean_password2(self):
-        data = self.cleaned_data
-        if data.get('password') == data.get('password2'):
-            return data.get('password')
-        else:
-            raise forms.ValidationError('密码输入不一致，请重新输入!')
-
-
-

account/models.py

@@ -74,6 +74,19 @@ class User(models.Model):
         return f'{self.pk}{self.password}{timestamp}{self.email}'
 
 
+def get_user(request):
+    username = request.data.get('username', '')
+    token = request.data.get('token', '')
+    try:
+        user = User.objects.get(username=username)
+        if user.check_token(token):
+            user.tokens.get(token=token)
+            return user
+    except:
+        return None
+    return None
+
+
 def _timestamp():
     dt = datetime.now()
     return int((dt - datetime(2001, 1, 1)).total_seconds())
@@ -106,6 +119,9 @@ class Profile(models.Model):
 def create_user_profile(sender, instance, created, **kwargs):
     if created:
         Profile.objects.create(user=instance)
+        root_folder = Folder.objects.create(owner=instance)
+        instance.profile.root_folder = root_folder
+        instance.save()
 
 
 # 信号接收函数，每当更新User实例的时候自动调用
@@ -113,13 +129,3 @@ def create_user_profile(sender, instance, created, **kwargs):
 def save_user_profile(sender, instance, **kwargs):
     pass
     # instance.profile.save()
-
-
-# 信号接收函数，每当新建Profile实例的时候自动调用
-@receiver(post_save, sender=Profile)
-def create_root_folder(sender, instance, created, **kwargs):
-    # pass
-    if created:
-        root_folder = Folder.objects.create()
-        instance.root_folder = root_folder
-        instance.save()

account/views.py

@@ -17,32 +17,28 @@ def auth_with_username_or_email(username, password):
     return user
 
 
-def get_user(request):
-    username = request.data.get('username', '')
-    token = request.data.get('token', '')
-    try:
-        user = User.objects.get(username=username)
-        if user.check_token(token):
-            user.tokens.get(token=token)
-            return user
-    except:
-        return None
-    return None
-
-
 @api_view(['POST'])
 def register(request):
     username = request.data.get('username', '')
     password = request.data.get('password', '')
     email = request.data.get('email', '')
+    if not username or not password or email:
+        return JsonResponse({'code': 303, 'error': '用户名/密码/邮箱不能为空'})
+    else:
+        print(request.POST)
+        if User.objects.filter(username=username):
+            return JsonResponse({'code': 301, 'error': '用户名已存在'})
 
-    try:
-        User.objects.create(username=username, password=password, email=email)
-        print('注册成功')
-        return JsonResponse({'code': 200})
-    except Exception as e:
-        print(e)
-        return JsonResponse({'code': 303, 'error': str(e)}, status=303)
+        if User.objects.filter(email=email):
+            return JsonResponse({'code': 302, 'error': '邮箱已存在'})
+
+        try:
+            User.objects.create(username=username, password=password, email=email)
+            print('注册成功')
+            return JsonResponse({'code': 200})
+        except Exception as e:
+            print(e)
+            return JsonResponse({'code': 400, 'error': str(e)})
 
 
 @api_view(['POST'])
@@ -57,7 +53,7 @@ def login(request):
     except Exception as e:
         print(e)
         print('用户名或密码错误')
-        return JsonResponse({'code': 303, 'error': '用户名或密码错误'}, status=303)
+        return JsonResponse({'code': 303, 'error': '用户名或密码错误'})
 
     print(f'token = {token}')
     if user.check_token(token):
@@ -79,10 +75,6 @@ def login(request):
     user_token.token = new_token
     user_token.save()
 
-    if hasattr(request, '_user'):
-        print('设置reqeust._user')
-        request.user = user
-
     print('登录成功')
     print(f'new_token = {new_token}')
     return JsonResponse({'code': 200, 'token': new_token})
@@ -90,47 +82,79 @@ def login(request):
 
 @api_view(['POST'])
 def logout(request):
-    username = request.data.get('username', '')
-    token = request.data.get('token', '')
+    username = request.data.get('username')
+    token = request.data.get('token')
     try:
         user = User.objects.get(username=username)
-        try:
-            user_token = user.tokens.get(token=token)
-            user_token.delete()
-        except Exception as e:
-            print(e)
-            print('token无效')
-        return JsonResponse({'code': 200})
+    except Exception as e:
+        print('用户不存在')
+        return JsonResponse({'code': 302, 'error': '用户不存在'})
+    try:
+        user_token = user.tokens.get(token=token)
+        user_token.delete()
     except Exception as e:
         print(e)
-        return JsonResponse({'code': 303, 'error': str(e)}, status=303)
+        print('token无效')
+    return JsonResponse({'code': 200})
 
 
 @api_view(['POST'])
-def reset_password(request):
-    username = request.data.get('username', '')
-    password = request.data.get('password', '')
+def send_email_verification_code(request):
+    username = request.data.get('username')
+    if not username:
+        return JsonResponse({'code': 301, 'error': '用户名不能为空'})
     try:
         user = User.objects.get(username=username)
-        token = request.data.get('token')
-        if token:
-            print(f'token={token}')
-            if user.check_token(token):
-                # 重置密码
-                print("验证码有效")
-                user.password = password
-                user.save()
-                return JsonResponse({'code': 200})
-            else:
-                print("验证码无效")
-                return JsonResponse({'code': 303, 'error': '验证码错误'}, status=303)
-        else:
-            # 发送验证码
-            token = user.make_token()
-            print(f'')
-            print(f'发送验证码 email = {user.email} token = {token}')
-            user.send_email('ST网盘重置密码验证码', token)
-            return JsonResponse({'code': 200})
+    except:
+        print('用户不存在')
+        return JsonResponse({'code': 302, 'error': '用户不存在'})
+    try:
+        # 发送验证码
+        token = user.make_token()
+        print(f'发送验证码 email = {user.email} token = {token}')
+        user.send_email('ST网盘重置密码验证码', token)
+        return JsonResponse({'code': 200})
     except Exception as e:
         print(e)
-        return JsonResponse({'code': 303, 'error': str(e)}, status=303)
+        return JsonResponse({'code': 303, 'error': str(e)})
+
+
+@api_view(['POST'])
+def check_token(request):
+    username = request.data.get('username')
+    token = request.data.get('token')
+    if not username:
+        return JsonResponse({'code': 301, 'error': '用户名不能为空'})
+    try:
+        user = User.objects.get(username=username)
+    except:
+        print('用户不存在')
+        return JsonResponse({'code': 302, 'error': '用户不存在'})
+    if token and user.check_token(token):
+        return JsonResponse({'code': 200})
+    else:
+        return JsonResponse({'code': 303, 'error': '验证码无效'})
+
+
+@api_view(['POST'])
+def reset_password(request):
+    username = request.data.get('username')
+    password = request.data.get('password')
+    token = request.data.get('token')
+    if not username:
+        return JsonResponse({'code': 301, 'error': '用户名不能为空'})
+    try:
+        user = User.objects.get(username=username)
+    except:
+        print('用户不存在')
+        return JsonResponse({'code': 302, 'error': '用户不存在'})
+    print(f'token={token}')
+    if token and user.check_token(token):
+        # 重置密码
+        print("验证码有效")
+        user.password = password
+        user.save()
+        return JsonResponse({'code': 200})
+    else:
+        print("验证码无效")
+        return JsonResponse({'code': 303, 'error': '验证码无效'})

file/admin.py

@@ -4,7 +4,7 @@ from .models import File
 
 # Register your models here.
 class FileAdmin(admin.ModelAdmin):
-    list_display = ["file_id", "file_name", "folder", "file_path", "update_time", "file_type", "file_size"]
+    list_display = ["file_id", "file_name", "folder", "update_time", "file_type", "file_size", "owner"]
 
 
 admin.site.register(File, FileAdmin)

file/migrations/0002_alter_file_folder.py

@@ -0,0 +1,20 @@
+# Generated by Django 3.2.5 on 2021-09-09 12:18
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('folder', '0004_alter_folder_father_folder'),
+        ('file', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='file',
+            name='folder',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='children_files', to='folder.folder'),
+        ),
+    ]

file/migrations/0003_auto_20210909_2239.py

@@ -0,0 +1,25 @@
+# Generated by Django 3.2.5 on 2021-09-09 14:39
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('account', '0001_initial'),
+        ('file', '0002_alter_file_folder'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='file',
+            name='file_path',
+        ),
+        migrations.AddField(
+            model_name='file',
+            name='owner',
+            field=models.ForeignKey(default=1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='files', to='account.user'),
+            preserve_default=False,
+        ),
+    ]

file/models.py

@@ -1,5 +1,6 @@
 from django.db import models
 from folder.models import Folder
+from account.models import User
 
 
 # 文件表
@@ -9,12 +10,20 @@ class File(models.Model):
     # 文件名
     file_name = models.CharField(max_length=50, blank=False)
     # 从属的文件夹
-    folder = models.ForeignKey(Folder, on_delete=models.CASCADE, related_name='file_folder')
-    # 存储路径
-    file_path = models.CharField(max_length=128)
+    folder = models.ForeignKey(Folder, on_delete=models.CASCADE, related_name='children_files')
     # 上传时间
     update_time = models.DateTimeField()
     # 文件类型
     file_type = models.CharField(max_length=32)
     # 文件大小
     file_size = models.CharField(max_length=16)
+
+    owner = models.ForeignKey(User, on_delete=models.DO_NOTHING, related_name='files')
+
+    def to_json(self):
+        return {'file_id': self.file_id,
+                'file_name': self.file_name,
+                'folder_id': self.folder_id,
+                'update_time': self.update_time,
+                'file_type': self.file_type,
+                'file_size': self.file_size}

file/views.py

@@ -10,9 +10,8 @@ from django.utils import timezone
 from folder.models import Folder
 from .judgement_function import judge_filepath, format_size
 from django.utils.http import urlquote
-from django.contrib.auth.models import User
-import json
 import os
+from account.models import get_user
 
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
@@ -22,39 +21,38 @@ DEBUG = 1
 # Create your views here.
 
 
-#
-
-
 @login_required
 def upload_file(request):
     if request.method == "POST":
+        user = get_user(request)
         try:
             file_obj = request.FILES.get('upload')
-            file_type = judge_filepath(file_obj.name.split('.')[-1].lower())
-            file_folder = request.POST.get('file_path')
-            update_time = timezone.now().strftime("%Y-%m-%d %H:%M:%S")
-            file_size = format_size(file_obj.size)
-            file_name = file_obj.name
-            save_path = BASE_DIR + '/' + file_folder
-            file_path = file_folder + file_name
-            file_id_1 = ''.join(random.sample(string.digits, 8))
-            File.objects.create(file_id=file_id_1,
-                                file_name=file_name,
-                                folder=Folder.objects.filter(folder_id=request.POST.get('folder_id')).get(),
-                                file_path=file_path,
-                                update_time=update_time,
-                                file_size=file_size,
-                                file_type=file_type)
-            with open(save_path + file_name, 'wb+') as f:
-                for chunk in file_obj.chunks():
-                    f.write(chunk)
-            return HttpResponse(status=200)
-        except Exception as e:
-            print(e)
-            return HttpResponse(status=401)
-    elif request.method == 'GET':
-        if DEBUG:
-            return render(request, 'upload_file.html')
+        except:
+            print('文件不存在')
+            return JsonResponse({'code': 401, 'error': '文件不存在'})
+        file_type = judge_filepath(file_obj.name.split('.')[-1].lower()) if '.' in file_obj.name else ''
+        update_time = timezone.now().strftime("%Y-%m-%d %H:%M:%S")
+        file_size = format_size(file_obj.size)
+        file_name = file_obj.name
+        folder_id = request.POST.get('folder_id')
+        try:
+            folder = user.folders.get(folder_id=folder_id)
+        except:
+            print('文件夹不存在')
+            return JsonResponse({'code': 402, 'error': '文件夹不存在'})
+        file = File.objects.create(file_name=file_name,
+                                   folder=folder,
+                                   update_time=update_time,
+                                   file_size=file_size,
+                                   file_type=file_type)
+        # TODO: 文件hash
+        file_dir = BASE_DIR + '/' + file.file_id
+        with open(file_dir, 'wb+') as f:
+            for chunk in file_obj.chunks():
+                f.write(chunk)
+        return JsonResponse({'code': 200})
+    elif request.method == 'GET' and DEBUG:
+        return render(request, 'upload_file.html')
     else:
         return HttpResponse(status=400)
 
@@ -62,18 +60,22 @@ def upload_file(request):
 @login_required
 def download_file(request):
     if request.method == "POST":
-        print(request)
-        file_path = request.POST.get('file_path')
-        file_name = file_path.split('/')[-1]
-        file_dir = BASE_DIR + '/' + file_path
+        user = get_user(request)
+        file_id = request.POST.get('file_id')
+        try:
+            file = user.files.get(file_id=file_id)
+        except:
+            print('文件不存在')
+            return JsonResponse({'code': 401, 'error': '文件不存在'})
+        file_name = file.file_name
+        file_dir = BASE_DIR + '/' + file.file_id
         file = open(file_dir, 'rb')
         response = FileResponse(file)
         response['Content-Type'] = 'application/octet-stream'
         response['Content-Disposition'] = 'attachment;filename={}'.format(urlquote(file_name))
         return response
-    elif request.method == 'GET':
-        if DEBUG:
-            return render(request, 'download_file.html')
+    elif request.method == 'GET' and DEBUG:
+        return render(request, 'download_file.html')
     else:
         return HttpResponse(status=400)
 
@@ -82,24 +84,20 @@ def download_file(request):
 def delete_file(request):
     if request.method == "POST":
         data = request.POST
-        file_path = data.get('file_path')
+        user = get_user(request)
+        file_id = data.get('file_id')
         try:
-            file = File.objects.filter(file_path=file_path, file_id=data.get('file_id')).get()
+            file = user.files.get(file_id=file_id)
+        except:
+            print('文件不存在')
+            return JsonResponse({'code': 401, 'error': '文件不存在'})
+        file.delete()
+        try:
+            os.remove(BASE_DIR + '/' + file_id)
         except Exception as e:
             print(e)
-        else:
-            if file:
-                file.delete()
-                try:
-                    os.remove(BASE_DIR + '//' + file_path)
-                except Exception as e:
-                    print(e)
-                return HttpResponse(status=200)
-
-            else:
-                return HttpResponse(status=421)
-    elif request.method == 'GET':
-        if DEBUG:
-            return render(request, 'delete_file.html')
+        return JsonResponse({'code': 200})
+    elif request.method == 'GET' and DEBUG:
+        return render(request, 'delete_file.html')
     else:
         return HttpResponse(status=400)

folder/admin.py

@@ -4,7 +4,7 @@ from .models import Folder
 
 # Register your models here.
 class FolderAdmin(admin.ModelAdmin):
-    list_display = ["folder_id", "folder_name", "father_folder"]
+    list_display = ["folder_id", "folder_name", "father_folder", "owner"]
 
 
 admin.site.register(Folder, FolderAdmin)

folder/migrations/0003_alter_folder_father_folder.py

@@ -0,0 +1,19 @@
+# Generated by Django 3.2.5 on 2021-09-09 12:16
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('folder', '0002_alter_folder_folder_name'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='folder',
+            name='father_folder',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='children_folder', to='folder.folder'),
+        ),
+    ]

folder/migrations/0004_alter_folder_father_folder.py

@@ -0,0 +1,19 @@
+# Generated by Django 3.2.5 on 2021-09-09 12:18
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('folder', '0003_alter_folder_father_folder'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='folder',
+            name='father_folder',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='children_folders', to='folder.folder'),
+        ),
+    ]

folder/migrations/0005_folder_owner.py

@@ -0,0 +1,21 @@
+# Generated by Django 3.2.5 on 2021-09-09 12:38
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('account', '0001_initial'),
+        ('folder', '0004_alter_folder_father_folder'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='folder',
+            name='owner',
+            field=models.ForeignKey(default=1, on_delete=django.db.models.deletion.CASCADE, related_name='folders', to='account.user'),
+            preserve_default=False,
+        ),
+    ]

folder/models.py

@@ -1,7 +1,7 @@
 from django.db import models
 
 # 文件夹表
-from django.db.models import SET_NULL
+from account.models import User
 
 
 class Folder(models.Model):
@@ -10,8 +10,13 @@ class Folder(models.Model):
     # 文件夹名
     folder_name = models.CharField(max_length=50, blank=False, default='root')
     # 父节点
-    father_folder = models.ForeignKey('self', blank=True, on_delete=SET_NULL, null=True,
-                                      related_name='the_father_folder')
+    father_folder = models.ForeignKey('self', blank=True, on_delete=models.SET_NULL, null=True,
+                                      related_name='children_folders')
+    # 所有者
+    owner = models.ForeignKey(User, on_delete=models.CASCADE, related_name='folders')
+
+    def to_json(self):
+        return {'folder_id': self.folder_id, 'folder_name': self.folder_name, 'father_folder_id': self.father_folder_id}
 
     def __unicode__(self):
         return self.folder_id

folder/urls.py

@@ -6,5 +6,5 @@ urlpatterns = [
     path('folder_list/', views.folder_list, name='folder_list'),
     path('add_folder/', views.add_folder, name='add_folder'),
     path('delete_folder/', views.delete_folder, name='delete_folder'),
-    path('get_first_folder/', views.get_first_folder, name='get_first_folder'),
+    path('get_first_folder/', views.get_root_folder, name='get_first_folder'),
 ]

folder/views.py

@@ -1,29 +1,27 @@
 import random
 import string
 
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 from django.shortcuts import render
 from account.decorators import login_required
 from .models import Folder
 from file.models import File
 import json
+from account.models import get_user
 
 # Create your views here.
 DEBUG = 1
 
 
 @login_required
-def get_first_folder(request):
+def get_root_folder(request):
+    # 获取根目录
     if request.method == 'POST':
         # 获取所有根文件夹id
-        folders = Folder.objects.filter(father_folder=None)
-        response = []
-        for i in folders:
-            response.append([i.folder_name, i.folder_id])
-        return HttpResponse(json.dumps(response), status=200)
-    elif request.method == 'GET':
-        if DEBUG:
-            return render(request, 'folder_list.html')
+        user = get_user(request)
+        return JsonResponse({'code': 200, 'root_folder_id': user.profile.root_folder_id})
+    elif request.method == 'GET' and DEBUG:
+        return render(request, 'folder_list.html')
     else:
         return HttpResponse(status=400)
 
@@ -33,18 +31,21 @@ def get_first_folder(request):
 def folder_list(request):
     if request.method == 'POST':
         data = request.POST
-        # 获取所有文件夹
-        folders = Folder.objects.filter(father_folder__folder_id=data['folder_id'])
-        files = File.objects.filter(folder__folder_id=data['folder_id'])
-        response = []
-        for i in folders:
-            response.append(['folders', i.folder_name, i.folder_id])
-        for i in files:
-            response.append(['files', i.file_name, i.file_id, i.file_path, i.file_id, i.update_time, i.file_type, i.file_size])
-        return HttpResponse(json.dumps(response), status=200)
-    elif request.method == 'GET':
-        if DEBUG:
-            return render(request, 'folder_list.html')
+        folder_id = data['folder_id']
+        user = get_user(request)
+        try:
+            folder = user.folders.get(folder_id=folder_id)
+        except:
+            print('无法访问')
+            return JsonResponse({'code': 404, 'error': '无法访问'})
+
+        children_folders = folder.children_folders.all()
+        children_files = folder.children_files.all()
+        children = [*map(lambda f: {'type': 'folder', **f.to_json}, children_folders),
+                    *map(lambda f: {'type': 'file', **f.to_json}, children_files)]
+        return JsonResponse({'code': 200, 'children': children})
+    elif request.method == 'GET' and DEBUG:
+        return render(request, 'folder_list.html')
     else:
         return HttpResponse(status=400)
 
@@ -55,22 +56,22 @@ def folder_list(request):
 def add_folder(request):
     if request.method == 'POST':
         data = request.POST
-        folder_id_random = ''.join(random.sample(string.digits, 8))
-        father_folder = Folder.objects.filter(folder_id=data['father_folder_id']).get()
-        print(data)
-        if not father_folder:
-            # 查无此文件夹
-            return HttpResponse(status=421)
-        else:
-            if 'folder_name' in data:
-                print('yes')
-            Folder.objects.create(folder_id=folder_id_random,
-                                  folder_name=data.get("folder_name"),
-                                  father_folder=father_folder)
-            return HttpResponse(status=200)
-    elif request.method == 'GET':
-        if DEBUG:
-            return render(request, 'add_folder.html')
+        user = get_user(request)
+        # folder_id_random = ''.join(random.sample(string.digits, 8))
+        # father_folder = Folder.objects.filter(folder_id=data.get('father_folder_id')).get()
+
+        father_folder_id = data.get('father_folder_id')
+        try:
+            father_folder = user.folders.get(folder_id=father_folder_id)
+        except:
+            print('上级文件夹不存在')
+            return JsonResponse({'code': '421', 'error': '上级文件夹不存在'})
+
+        folder_name = data.get('folder_name')
+        Folder.objects.create(folder_name=folder_name, father_folder=father_folder)
+        return JsonResponse({'code': '200'})
+    elif request.method == 'GET' and DEBUG:
+        return render(request, 'add_folder.html')
     else:
         return HttpResponse(status=400)
 
@@ -80,15 +81,16 @@ def add_folder(request):
 def delete_folder(request):
     if request.method == 'POST':
         data = request.POST
-        folder = Folder.objects.filter(folder_id=data['folder_id']).get()
-        if not folder:
-            # 查无此文件夹
-            return HttpResponse(status=421)
-        else:
-            folder.delete()
-            return HttpResponse(status=200)
-    elif request.method == 'GET':
-        if DEBUG:
-            return render(request, 'delete_folder.html')
+        user = get_user(request)
+        folder_id = data.get('folder_id')
+        try:
+            folder = user.folders.get(folder_id=folder_id)
+        except:
+            print('无此文件夹')
+            return JsonResponse({'code': '421', 'error': '无此文件夹'})
+        folder.delete()
+        return JsonResponse({'code': 200})
+    elif request.method == 'GET' and DEBUG:
+        return render(request, 'delete_folder.html')
     else:
         return HttpResponse(status=400)

templates/upload_file.html

@@ -9,11 +9,6 @@
                 <input type="text" id="username" name="username">
             </div>
             <!-- 昵称 -->
-            <div>
-                <label for="file_path">file_path</label>
-                <input type="text" id="file_path" name="file_path">
-            </div>
-            <!-- 昵称 -->
             <div>
                 <label for="folder_id">folder_id</label>
                 <input type="text" id="folder_id" name="folder_id">