xuyue/OnlineJudge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

使用Python3和更科学的API写法

Browse Source
This commit is contained in:
virusdefender
2016-11-19 12:32:23 +08:00
parent d9b1141cb9
commit 172fd4b1f4
21 changed files with 335 additions and 270 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
account/decorators.py
View File

@@ -1,13 +1,10 @@
# coding=utf-8
from __future__ import unicode_literals
import urllib
import json
import functools
from django.http import HttpResponse
from django.utils.translation import ugettext as _
from utils.shortcuts import JSONResponse
from utils.api import JSONResponse
from .models import AdminType
@@ -19,7 +16,7 @@ class BasePermissionDecorator(object):
return functools.partial(self.__call__, obj)
def error(self, data):
return JSONResponse({"error": "permission-denied", "data": data})
return JSONResponse.response({"error": "permission-denied", "data": data})
def __call__(self, *args, **kwargs):
self.request = args[1]

10
account/middleware.py
View File

@@ -1,12 +1,8 @@
# coding=utf-8
import time
import json
from django.http import HttpResponse
from django.utils.translation import ugettext as _
from django.contrib import auth
from utils.shortcuts import JSONResponse
from utils.api import JSONResponse
from .models import AdminType
@@ -17,7 +13,7 @@ class SessionSecurityMiddleware(object):
# 24 hours passed since last visit
if time.time() - request.session["last_activity"] >= 24 * 60 * 60:
auth.logout(request)
return JSONResponse({"error": "login-required", "data": _("Please login in first")})
return JSONResponse.response({"error": "login-required", "data": _("Please login in first")})
# update last active time
request.session["last_activity"] = time.time()
@@ -27,4 +23,4 @@ class AdminRequiredMiddleware(object):
path = request.path_info
if path.startswith("/admin/") or path.startswith("/api/admin/"):
if not(request.user.is_authenticated() and request.user.is_admin()):
return JSONResponse({"error": "login-required", "data": _("Please login in first")})
return JSONResponse.response({"error": "login-required", "data": _("Please login in first")})

2
account/models.py
View File

@@ -1,5 +1,3 @@
# coding=utf-8
from __future__ import unicode_literals
from django.contrib.auth.models import AbstractBaseUser
from django.db import models
from jsonfield import JSONField

3
account/serializers.py
View File

@@ -1,7 +1,6 @@
# coding=utf-8
from rest_framework import serializers
from utils.api import serializers, DateTimeTZField
from utils.serializers import DateTimeTZField
from .models import User, AdminType

18
account/tests.py
View File

@@ -1,17 +1,13 @@
# coding=utf-8
from __future__ import unicode_literals
import time
from unittest import mock
import mock
from django.contrib import auth
from django.core.urlresolvers import reverse
from django.utils.translation import ugettext as _
from rest_framework.test import APIClient
from utils.otp_auth import OtpAuth
from utils.shortcuts import rand_str
from utils.tests import APITestCase
from utils.api.tests import APITestCase, APIClient
from .models import User, AdminType
@@ -37,7 +33,7 @@ class UserLoginAPITest(APITestCase):
def setUp(self):
self.username = self.password = "test"
self.user = self.create_user(username=self.username, password=self.password)
self.login_url = reverse("user_login_api")
self.login_url = self.reverse("user_login_api")
def _set_tfa(self):
self.user.two_factor_auth = True
@@ -110,7 +106,7 @@ class CaptchaTest(APITestCase):
class UserRegisterAPITest(CaptchaTest):
def setUp(self):
self.client = APIClient()
self.register_url = reverse("user_register_api")
self.register_url = self.reverse("user_register_api")
self.captcha = rand_str(4)
self.data = {"username": "test_user", "password": "testuserpassword",
@@ -150,7 +146,7 @@ class UserRegisterAPITest(CaptchaTest):
class UserChangePasswordAPITest(CaptchaTest):
def setUp(self):
self.client = APIClient()
self.url = reverse("user_change_password_api")
self.url = self.reverse("user_change_password_api")
# Create user at first
self.username = "test_user"
@@ -183,7 +179,7 @@ class AdminUserTest(APITestCase):
self.user = self.create_super_admin(login=True)
self.username = self.password = "test"
self.regular_user = self.create_user(username=self.username, password=self.password)
self.url = reverse("user_admin_api")
self.url = self.reverse("user_admin_api")
self.data = {"id": self.regular_user.id, "username": self.username, "real_name": "test_name",
"email": "test@qq.com", "admin_type": AdminType.REGULAR_USER,
"open_api": True, "two_factor_auth": False, "is_disabled": False}

1
account/urls/admin.py
View File

@@ -1,4 +1,3 @@
# coding=utf-8
from django.conf.urls import url
from ..views.admin import UserAdminAPIView

1
account/urls/oj.py
View File

@@ -1,4 +1,3 @@
# coding=utf-8
from django.conf.urls import url
from ..views.oj import UserLoginAPIView, UserRegisterAPIView, UserChangePasswordAPIView

100
account/views/admin.py
View File

@@ -1,75 +1,73 @@
# coding=utf-8
from __future__ import unicode_literals
from django.core.exceptions import MultipleObjectsReturned
from django.db.models import Q
from django.utils.translation import ugettext as _
from utils.shortcuts import (APIView, paginate_data, rand_str)
from utils.api import APIView, validate_serializer
from utils.shortcuts import rand_str
from ..decorators import super_admin_required
from ..models import User, AdminType
from ..models import User
from ..serializers import (UserSerializer, EditUserSerializer)
class UserAdminAPIView(APIView):
@validate_serializer(EditUserSerializer)
@super_admin_required
def put(self, request):
"""
Edit user api
"""
serializer = EditUserSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
try:
user = User.objects.get(id=data["id"])
except User.DoesNotExist:
return self.error(_("User does not exist"))
try:
user = User.objects.get(username=data["username"])
if user.id != data["id"]:
return self.error(_("Username already exists"))
except User.DoesNotExist:
pass
data = request.data
try:
user = User.objects.get(id=data["id"])
except User.DoesNotExist:
return self.error(_("User does not exist"))
try:
user = User.objects.get(username=data["username"])
if user.id != data["id"]:
return self.error(_("Username already exists"))
except User.DoesNotExist:
pass
try:
user = User.objects.get(email=data["email"])
if user.id != data["id"]:
return self.error(_("Email already exists"))
# Some old data has duplicate email
except MultipleObjectsReturned:
try:
user = User.objects.get(email=data["email"])
if user.id != data["id"]:
return self.error(_("Email already exists"))
except User.DoesNotExist:
pass
# Some old data has duplicate email
except MultipleObjectsReturned:
return self.error(_("Email already exists"))
except User.DoesNotExist:
pass
user.username = data["username"]
user.real_name = data["real_name"]
user.email = data["email"]
user.admin_type = data["admin_type"]
user.is_disabled = data["is_disabled"]
user.username = data["username"]
user.real_name = data["real_name"]
user.email = data["email"]
user.admin_type = data["admin_type"]
user.is_disabled = data["is_disabled"]
if data["password"]:
user.set_password(data["password"])
if data["password"]:
user.set_password(data["password"])
if data["open_api"]:
# Avoid reset user appkey after saving changes
if not user.open_api:
user.open_api_appkey = rand_str()
else:
user.open_api_appkey = None
user.open_api = data["open_api"]
if data["two_factor_auth"]:
# Avoid reset user tfa_token after saving changes
if not user.two_factor_auth:
user.tfa_token = rand_str()
else:
user.tfa_token = None
user.two_factor_auth = data["two_factor_auth"]
user.save()
return self.success(UserSerializer(user).data)
if data["open_api"]:
# Avoid reset user appkey after saving changes
if not user.open_api:
user.open_api_appkey = rand_str()
else:
return self.invalid_serializer(serializer)
user.open_api_appkey = None
user.open_api = data["open_api"]
if data["two_factor_auth"]:
# Avoid reset user tfa_token after saving changes
if not user.two_factor_auth:
user.tfa_token = rand_str()
else:
user.tfa_token = None
user.two_factor_auth = data["two_factor_auth"]
user.save()
return self.success(UserSerializer(user).data)
@super_admin_required
def get(self, request):
@@ -97,4 +95,4 @@ class UserAdminAPIView(APIView):
user = user.filter(Q(username__contains=keyword) |
Q(real_name__contains=keyword) |
Q(email__contains=keyword))
return self.success(paginate_data(request, user, UserSerializer))
return self.success(self.paginate_data(request, user, UserSerializer))

114
account/views/oj.py
View File

@@ -1,13 +1,10 @@
# coding=utf-8
from __future__ import unicode_literals
from django.contrib import auth
from django.core.exceptions import MultipleObjectsReturned
from django.utils.translation import ugettext as _
from utils.api import APIView, validate_serializer
from utils.captcha import Captcha
from utils.otp_auth import OtpAuth
from utils.shortcuts import (APIView, )
from ..decorators import login_required
from ..models import User, UserProfile
from ..serializers import (UserLoginSerializer, UserRegisterSerializer,
@@ -15,33 +12,30 @@ from ..serializers import (UserLoginSerializer, UserRegisterSerializer,
class UserLoginAPIView(APIView):
@validate_serializer(UserLoginSerializer)
def post(self, request):
"""
User login api
"""
serializer = UserLoginSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
user = auth.authenticate(username=data["username"], password=data["password"])
# None is returned if username or password is wrong
if user:
if not user.two_factor_auth:
auth.login(request, user)
return self.success(_("Succeeded"))
data = request.data
user = auth.authenticate(username=data["username"], password=data["password"])
# None is returned if username or password is wrong
if user:
if not user.two_factor_auth:
auth.login(request, user)
return self.success(_("Succeeded"))
# `tfa_code` not in post data
if user.two_factor_auth and "tfa_code" not in data:
return self.success("tfa_required")
# `tfa_code` not in post data
if user.two_factor_auth and "tfa_code" not in data:
return self.success("tfa_required")
if OtpAuth(user.tfa_token).valid_totp(data["tfa_code"]):
auth.login(request, user)
return self.success(_("Succeeded"))
else:
return self.error(_("Invalid two factor verification code"))
if OtpAuth(user.tfa_token).valid_totp(data["tfa_code"]):
auth.login(request, user)
return self.success(_("Succeeded"))
else:
return self.error(_("Invalid username or password"))
return self.error(_("Invalid two factor verification code"))
else:
return self.invalid_serializer(serializer)
return self.error(_("Invalid username or password"))
# todo remove this, only for debug use
def get(self, request):
@@ -50,56 +44,50 @@ class UserLoginAPIView(APIView):
class UserRegisterAPIView(APIView):
@validate_serializer(UserRegisterSerializer)
def post(self, request):
"""
User register api
"""
serializer = UserRegisterSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error(_("Invalid captcha"))
try:
User.objects.get(username=data["username"])
return self.error(_("Username already exists"))
except User.DoesNotExist:
pass
try:
User.objects.get(email=data["email"])
return self.error(_("Email already exists"))
# Some old data has duplicate email
except MultipleObjectsReturned:
return self.error(_("Email already exists"))
except User.DoesNotExist:
user = User.objects.create(username=data["username"], email=data["email"])
user.set_password(data["password"])
user.save()
UserProfile.objects.create(user=user)
return self.success(_("Succeeded"))
else:
return self.invalid_serializer(serializer)
data = request.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error(_("Invalid captcha"))
try:
User.objects.get(username=data["username"])
return self.error(_("Username already exists"))
except User.DoesNotExist:
pass
try:
User.objects.get(email=data["email"])
return self.error(_("Email already exists"))
# Some old data has duplicate email
except MultipleObjectsReturned:
return self.error(_("Email already exists"))
except User.DoesNotExist:
user = User.objects.create(username=data["username"], email=data["email"])
user.set_password(data["password"])
user.save()
UserProfile.objects.create(user=user)
return self.success(_("Succeeded"))
class UserChangePasswordAPIView(APIView):
@validate_serializer(UserChangePasswordSerializer)
@login_required
def post(self, request):
"""
User change password api
"""
serializer = UserChangePasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error(_("Invalid captcha"))
username = request.user.username
user = auth.authenticate(username=username, password=data["old_password"])
if user:
user.set_password(data["new_password"])
user.save()
return self.success(_("Succeeded"))
else:
return self.error(_("Invalid old password"))
data = request.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error(_("Invalid captcha"))
username = request.user.username
user = auth.authenticate(username=username, password=data["old_password"])
if user:
user.set_password(data["new_password"])
user.save()
return self.success(_("Succeeded"))
else:
return self.invalid_serializer(serializer)
return self.error(_("Invalid old password"))