Update api

8 years ago · d964221689
4 changed files with 48 additions and 12 deletions
--- a/apps/users/api.py
+++ b/apps/users/api.py
@ -1,6 +1,7 @@
 # ~*~ coding: utf-8 ~*~
 #

+import base64

 from django.core.cache import cache
 from django.conf import settings
@ -84,6 +85,31 @@ class UserGroupUpdateUserApi(generics.RetrieveUpdateAPIView):
    permission_classes = (IsSuperUser,)


+class UserToken(APIView):
+    permission_classes = (IsValidUser,)
+    expiration = settings.CONFIG.TOKEN_EXPIRATION or 3600
+
+    def get(self, request):
+        if not request.user:
+            return Response({'error': 'unauthorized'})
+
+        remote_addr = request.META.get('REMOTE_ADDR', '')
+        remote_addr = base64.b16encode(remote_addr).replace('=', '')
+        token = cache.get('%s_%s' % (request.user.id, remote_addr))
+        if not token:
+            token = token_gen(request.user)
+            cache.set(token, request.user.id, self.expiration)
+            cache.set('%s_%s' % (request.user.id, remote_addr), token, self.expiration)
+        return Response({'token': token})
+
+
+class UserProfile(APIView):
+    permission_classes = (IsValidUser,)
+
+    def get(self, request):
+        return Response(request.user.to_json())
+
+
 class UserAuthApi(APIView):
    permission_classes = ()
    expiration = settings.CONFIG.TOKEN_EXPIRATION or 3600
@ -106,6 +132,7 @@ class UserAuthApi(APIView):
            cache.set('%s_%s' % (user.id, remote_addr), token, self.expiration)
            write_login_log_async.delay(user.username, name=user.name, terminal=terminal,
                                        login_ip=remote_addr, login_type=login_type)
-            return Response({'token': token, 'id': user.id, 'username': user.username, 'name': user.name})
+            return Response({'token': token, 'id': user.id, 'username': user.username,
+                             'name': user.name, 'is_active': user.is_active})
        else:
            return Response({'msg': 'Invalid password or public key or user is not active or expired'}, status=401)
--- a/apps/users/backends.py
+++ b/apps/users/backends.py
@ -52,7 +52,7 @@ class TerminalAuthentication(authentication.BaseAuthentication):


 class AccessTokenAuthentication(authentication.BaseAuthentication):
-    keyword = 'Token'
+    keyword = 'Bearer'
    model = User
    expiration = settings.CONFIG.TOKEN_EXPIRATION or 3600

--- a/apps/users/models.py
+++ b/apps/users/models.py
@ -1,15 +1,12 @@
 # ~*~ coding: utf-8 ~*~

 from __future__ import unicode_literals
+from collections import OrderedDict

-from django.conf import settings
-from django.contrib.auth import logout
 from django.contrib.auth.hashers import make_password
 from django.contrib.auth.models import AbstractUser
 from django.core import signing
 from django.db import models, IntegrityError
-from django.db.models.signals import post_save
-from django.dispatch import receiver
 from django.utils.translation import ugettext_lazy as _
 from django.utils import timezone
 from django.shortcuts import reverse
@ -202,6 +199,22 @@ class User(AbstractUser):
    def generate_reset_token(self):
        return signer.sign_t({'reset': self.id, 'email': self.email}, expires_in=3600)

+    def to_json(self):
+        return OrderedDict({
+            'id': self.id,
+            'username': self.username,
+            'name': self.name,
+            'email': self.email,
+            'is_active': self.is_active,
+            'is_superuser': self.is_superuser,
+            'role': self.get_role_display(),
+            'groups': [group.name for group in self.groups.all()],
+            'wechat': self.wechat,
+            'phone': self.phone,
+            'comment': self.comment,
+            'date_expired': self.date_expired.strftime('%Y-%m-%d %H:%M:%S')
+        })
+
    @classmethod
    def validate_reset_token(cls, token):
        try:
--- a/apps/users/urls/api_urls.py
+++ b/apps/users/urls/api_urls.py
@ -16,15 +16,11 @@ router.register(r'v1/user-groups', api.UserGroupViewSet, 'user-group')


 urlpatterns = [
-    # url(r'^v1/users/$', api.UserListUpdateApi.as_view(), name='user-bulk-update-api'),
-    url(r'^v1/users/token/$', api.UserAuthApi.as_view(), name='user-token'),
+    url(r'^v1/users/token/$', api.UserToken.as_view(), name='user-token'),
+    url(r'^v1/users/profile/$', api.UserProfile.as_view(), name='user-profile'),
    url(r'^v1/users/(?P<pk>\d+)/reset-password/$', api.UserResetPasswordApi.as_view(), name='user-reset-password'),
    url(r'^v1/users/(?P<pk>\d+)/reset-pk/$', api.UserResetPKApi.as_view(), name='user-reset-pk'),
    url(r'^v1/users/(?P<pk>\d+)/update-pk/$', api.UserUpdatePKApi.as_view(), name='user-update-pk'),
-    # url(r'^v1/user-groups/$', api.GroupListUpdateApi.as_view(), name='user-group-bulk-update-api'),
-    # url(r'^v1/user-groups/(?P<pk>\d+)/$', api.GroupDetailApi.as_view(), name='user-group-detail-api'),
-    # url(r'^v1/user-groups/(?P<pk>\d+)/user/(?P<uid>\d+)/$',
-    #     api.DeleteUserFromGroupApi.as_view(), name='delete-user-from-group-api'),
    url(r'^v1/users/(?P<pk>\d+)/groups/$',
        api.UserUpdateGroupApi.as_view(), name='user-update-group'),
    url(r'^v1/user-groups/(?P<pk>\d+)/users/$',