更新单点登录的逻辑
This commit is contained in:
virusdefender
@@ -65,6 +65,7 @@ class ResetPasswordSerializer(serializers.Serializer):
|
||||
|
||||
|
||||
class SSOSerializer(serializers.Serializer):
|
||||
appkey = serializers.CharField(max_length=35)
|
||||
token = serializers.CharField(max_length=40)
|
||||
|
||||
|
||||
|
||||
@@ -327,8 +327,9 @@ class ApplyResetPasswordAPIView(APIView):
|
||||
|
||||
email_template = email_template.replace("{{ username }}", user.username). \
|
||||
replace("{{ website_name }}", settings.WEBSITE_INFO["website_name"]). \
|
||||
replace("{{ link }}", request.scheme + "://" + request.META[
|
||||
'HTTP_HOST'] + "/reset_password/t/" + user.reset_password_token)
|
||||
replace("{{ link }}", request.scheme + "://"
|
||||
+ request.META['HTTP_HOST'] + "/reset_password/t/" +
|
||||
user.reset_password_token)
|
||||
|
||||
_send_email.delay(settings.WEBSITE_INFO["website_name"],
|
||||
user.email,
|
||||
@@ -380,11 +381,16 @@ class SSOAPIView(APIView):
|
||||
def post(self, request):
|
||||
serializer = SSOSerializer(data=request.data)
|
||||
if serializer.is_valid():
|
||||
try:
|
||||
User.objects.get(openapi_appkey=serializer.data["appkey"])
|
||||
except User.DoesNotExist:
|
||||
return error_response(u"appkey无效")
|
||||
try:
|
||||
user = User.objects.get(auth_token=serializer.data["token"])
|
||||
user.auth_token = None
|
||||
user.save()
|
||||
return success_response({"username": user.username,
|
||||
"id": user.id,
|
||||
"admin_type": user.admin_type,
|
||||
"avatar": user.userprofile.avatar})
|
||||
except User.DoesNotExist:
|
||||
@@ -395,7 +401,7 @@ class SSOAPIView(APIView):
|
||||
@login_required
|
||||
def get(self, request):
|
||||
callback = request.GET.get("callback", None)
|
||||
if not callback or callback != settings.SSO["callback"]:
|
||||
if not callback:
|
||||
return error_page(request, u"参数错误")
|
||||
token = rand_str()
|
||||
request.user.auth_token = token
|
||||
|
||||
Reference in New Issue
Block a user