xuyue/OnlineJudge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加后台编辑两步验证和openapi appkey的功能。

Browse Source 
同时修复:
 - 去除部分表单的 id 和 name,阻止chrome的自动填充
 - 不再需要的model
 - 部分代码格式问题
This commit is contained in:
virusdefender
2016-02-17 09:45:35 +08:00
parent c00d631ed0
commit 030a9b52f1
6 changed files with 69 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
account/migrations/0018_auto_20160217_0920.py Normal file
View File

@@ -0,0 +1,23 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.9.1 on 2016-02-17 01:20
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('account', '0017_auto_20151212_2139'),
]
operations = [
migrations.DeleteModel(
name='AdminGroup',
),
migrations.AddField(
model_name='user',
name='openapi_appkey',
field=models.CharField(blank=True, max_length=35, null=True),
),
]

8
account/models.py
View File

@@ -5,10 +5,6 @@ from django.contrib.auth.models import AbstractBaseUser
from jsonfield import JSONField
class AdminGroup(models.Model):
pass
class UserManager(models.Manager):
use_in_migrations = True
@@ -38,11 +34,13 @@ class User(AbstractBaseUser):
reset_password_token = models.CharField(max_length=40, blank=True, null=True)
# token 生成时间
reset_password_token_create_time = models.DateTimeField(blank=True, null=True)
# 论坛授权token
# SSO授权token
auth_token = models.CharField(max_length=40, blank=True, null=True)
# 是否开启两步验证
two_factor_auth = models.BooleanField(default=False)
tfa_token = models.CharField(max_length=40, blank=True, null=True)
# open api key
openapi_appkey = models.CharField(max_length=35, blank=True, null=True)
USERNAME_FIELD = 'username'
REQUIRED_FIELDS = []

5
account/serializers.py
View File

@@ -38,7 +38,8 @@ class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ["id", "username", "real_name", "email", "admin_type", "create_time", "last_login"]
fields = ["id", "username", "real_name", "email", "admin_type",
"create_time", "last_login", "two_factor_auth", "openapi_appkey"]
class EditUserSerializer(serializers.Serializer):
@@ -48,6 +49,8 @@ class EditUserSerializer(serializers.Serializer):
password = serializers.CharField(max_length=30, min_length=6, required=False, default=None)
email = serializers.EmailField(max_length=254)
admin_type = serializers.IntegerField(default=0)
openapi = serializers.BooleanField()
tfa_auth = serializers.BooleanField()
class ApplyResetPasswordSerializer(serializers.Serializer):

21
account/views.py
View File

@@ -210,8 +210,24 @@ class UserAdminAPIView(APIView):
user.real_name = data["real_name"]
user.email = data["email"]
user.admin_type = data["admin_type"]
if data["password"]:
user.set_password(data["password"])
# 后台控制用户是否可以使用openapi
if data["openapi"] is False:
user.openapi_appkey = None
elif data["openapi"] and user.openapi_appkey is None:
user.openapi_appkey = rand_str()
# 后台控制用户是否使用两步验证
# 注意:用户没开启,后台开启的话,用户没有绑定过两步验证token,会造成无法登陆的!
if data["tfa_auth"] is False:
user.two_factor_auth = False
elif data["tfa_auth"] and user.two_factor_auth is False:
user.two_factor_auth = True
user.tfa_token = rand_str()
user.save()
return success_response(UserSerializer(user).data)
else:
@@ -368,8 +384,9 @@ class SSOAPIView(APIView):
user = User.objects.get(auth_token=serializer.data["token"])
user.auth_token = None
user.save()
return success_response(
{"username": user.username, "admin_type": user.admin_type, "avatar": user.userprofile.avatar})
return success_response({"username": user.username,
"admin_type": user.admin_type,
"avatar": user.userprofile.avatar})
except User.DoesNotExist:
return error_response(u"用户不存在")
else: