214
/
st-cloud


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177
							from django.shortcuts import render

# Create your views here.

from datetime import datetime, time
from .models import User, LoginToken
from django.http import JsonResponse
from utils.debug import debug_view
from utils.crypto import secure_transport
from utils.http import make_json_response
from .models import get_user
from django.views.decorators.http import require_POST
from .decorators import login_required
from string import printable, ascii_letters, digits
import string


def auth_with_username_or_email(username, password):
    if '@' in username:
        user = User.objects.get(email=username, password=password)
    else:
        user = User.objects.get(username=username, password=password)
    return user


def check_password(password):
    if set(password).isdisjoint(ascii_letters) and set(password).isdisjoint(digits):
        return False
    return set(password).issubset(printable) and len(password) >= 8


@secure_transport
# @debug_view('password', 'email')
@require_POST
def register(request):
    username = request.POST.get('username', '')
    password = request.POST.get('password', '')
    email = request.POST.get('email', '')
    if not username or not password or not email:
        return make_json_response(code=303, error='用户名/密码/邮箱不能为空')

    if User.objects.filter(username=username):
        return make_json_response(code=301, error='用户名已存在')

    if User.objects.filter(email=email):
        return make_json_response(code=302, error='邮箱已存在')

    if not check_password(password):
        return make_json_response(code=304, error='密码长度不能小于8, 必须包含数字和英文字符')

    try:
        User.objects.create(username=username, password=password, email=email)
        print('注册成功')
        return make_json_response()
    except Exception as e:
        return make_json_response(code=500, error=str(e))


@secure_transport
# @debug_view
@require_POST
def login(request):
    username = request.POST.get('username', '')
    password = request.POST.get('password', '')
    old_token = request.POST.get('token', '')

    try:
        user = auth_with_username_or_email(username, password)
        print(user)
    except:
        return make_json_response(code=303, error='用户名或密码错误')

    print(f'token = {old_token}')
    if user.check_token(old_token):
        try:
            user_token = user.tokens.get(token=old_token)
            print('已登录')
            user_token.delete()
            # return JsonResponse({'code': 303, 'msg': '已登录'}, status=303)
        except Exception as e:
            print('token无效')
    else:
        print('token已过期')

    user.last_login = datetime.now()

    token = user.make_token()
    user_token = LoginToken()
    user_token.user = user
    user_token.token = token
    user_token.save()

    print('登录成功')
    print(f'token = {token}')
    return make_json_response(token=token)


@secure_transport
# @debug_view()
@login_required
def logout(request):
    user = get_user(request)
    data = request.POST
    token = data.get('token')
    user_token = user.tokens.get(token=token)
    user_token.delete()
    return make_json_response()


@secure_transport
# @debug_view('email')
@require_POST
def send_email_verification_code(request):
    data = request.POST
    username = data.get('username')
    email = data.get('email')
    try:
        user = User.objects.get(username=username)
    except:
        return make_json_response(code=302, error='用户不存在')
    if user.email != email:
        return make_json_response(code=301, error='邮箱错误')
    try:
        # 发送验证码
        token = user.make_token()
        print(f'发送验证码 email = {user.email} token = {token}')
        user.send_email('ST网盘重置密码验证码', token)
        return make_json_response()
    except Exception as e:
        print(e)
        return make_json_response(code=500, error='验证码发送失败')


@secure_transport
# @debug_view()
@require_POST
def check_token(request):
    data = request.POST
    username = data.get('username')
    token = data.get('token')
    print(username)
    try:
        user = User.objects.get(username=username)
    except:
        return make_json_response(code=302, error='用户不存在')
    print(f'token={token}')
    if token and user.check_token(token):
        print('验证码有效')
        return make_json_response()
    else:
        return make_json_response(code=303, error='验证码无效')


@secure_transport
# @debug_view('password')
@require_POST
def reset_password(request):
    data = request.POST
    username = data.get('username')
    password = data.get('password')
    token = data.get('token')

    if not check_password(password):
        return make_json_response(code=304, error='密码长度不能小于8, 必须包含数字和英文字符')
    try:
        user = User.objects.get(username=username)
    except:
        return make_json_response(code=302, error='用户不存在')
    print(f'token={token}')
    if token and user.check_token(token):
        # 重置密码
        print("验证码有效")
        user.password = password
        user.save()
        return make_json_response()
    else:
        return make_json_response(code=303, error='验证码无效')