From 83124f3c866a7657b8120034b6d83e1bb2b37fbc Mon Sep 17 00:00:00 2001
From: virusdefender <1670873886@qq.com>
Date: Sat, 19 Sep 2015 18:46:03 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=88=A4=E6=96=AD=E9=AA=8C?=
 =?UTF-8?q?=E8=AF=81=E7=A0=81=E6=98=AF=E5=90=A6=E5=AD=98=E5=9C=A8=E7=9A=84?=
 =?UTF-8?q?=E6=97=B6=E5=80=99=EF=BC=8C=E7=94=A8=E6=88=B7=E4=B8=8D=E5=AD=98?=
 =?UTF-8?q?=E5=9C=A8=E5=AF=BC=E8=87=B4=E7=9A=84=E6=8A=A5=E9=94=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 account/serializers.py |  2 +-
 account/views.py       | 14 ++++++--------
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/account/serializers.py b/account/serializers.py
index f60e9ca..c2852a3 100644
--- a/account/serializers.py
+++ b/account/serializers.py
@@ -7,7 +7,7 @@ from .models import User
 class UserLoginSerializer(serializers.Serializer):
     username = serializers.CharField(max_length=30)
     password = serializers.CharField(max_length=30)
-    captcha = serializers.CharField(required=False,min_length=4,max_length=4)
+    captcha = serializers.CharField(required=False, min_length=4, max_length=4)
 
 
 class UsernameCheckSerializer(serializers.Serializer):
diff --git a/account/views.py b/account/views.py
index 8a3414f..c482aea 100644
--- a/account/views.py
+++ b/account/views.py
@@ -26,17 +26,15 @@ class UserLoginAPIView(APIView):
         serializer = UserLoginSerializer(data=request.data)
         if serializer.is_valid():
             data = serializer.data
-            user = User.objects.get(username=data["username"])
-            # 只有管理员才适用验证码登录
-            if user.admin_type > 0:
-                if not "captcha" in data:
-                    return error_response(u"请填写验证码！")
-                captcha = Captcha(request)
-                if not captcha.check(data["captcha"]):
-                    return error_response(u"验证码错误")
             user = auth.authenticate(username=data["username"], password=data["password"])
             # 用户名或密码错误的话 返回None
             if user:
+                if user.admin_type > 0:
+                    if "captcha" not in data:
+                        return error_response(u"请填写验证码！")
+                    captcha = Captcha(request)
+                    if not captcha.check(data["captcha"]):
+                        return error_response(u"验证码错误")
                 auth.login(request, user)
                 return success_response(u"登录成功")
             else: