Skip to content

J
jumpserver
Commit 6d552f46 authored by ibuler's avatar ibuler
Browse files
Options

[Feature] 添加链接token

parent cc4eca25
Show whitespace changes
Inline Side-by-side
Showing with 35 additions and 2 deletions
apps/users/api.py
View file @ 6d552f46
# ~*~ coding: utf-8 ~*~ # ~*~ coding: utf-8 ~*~
import uuid
from django.core.cache import cache
from rest_framework import generics from rest_framework import generics
from rest_framework.permissions import AllowAny, IsAuthenticated from rest_framework.permissions import AllowAny, IsAuthenticated
...@@ -11,7 +14,8 @@ from .serializers import UserSerializer, UserGroupSerializer, \ ...@@ -11,7 +14,8 @@ from .serializers import UserSerializer, UserGroupSerializer, \
UserUpdateGroupSerializer, ChangeUserPasswordSerializer UserUpdateGroupSerializer, ChangeUserPasswordSerializer
from .tasks import write_login_log_async from .tasks import write_login_log_async
from .models import User, UserGroup from .models import User, UserGroup
from .permissions import IsSuperUser, IsValidUser, IsCurrentUserOrReadOnly from .permissions import IsSuperUser, IsValidUser, IsCurrentUserOrReadOnly, \
IsSuperUserOrAppUser
from .utils import check_user_valid, generate_token from .utils import check_user_valid, generate_token
from common.mixins import CustomFilterMixin from common.mixins import CustomFilterMixin
from common.utils import get_logger from common.utils import get_logger
...@@ -160,3 +164,30 @@ class UserAuthApi(APIView): ...@@ -160,3 +164,30 @@ class UserAuthApi(APIView):
return Response({'token': token, 'user': user.to_json()}) return Response({'token': token, 'user': user.to_json()})
else: else:
return Response({'msg': msg}, status=401) return Response({'msg': msg}, status=401)
class UserConnectionTokenApi(APIView):
permission_classes = (IsSuperUserOrAppUser,)
def post(self, request):
user_id = request.data.get('user', '')
asset_id = request.data.get('asset', '')
system_user_id = request.data.get('system_user', '')
token = str(uuid.uuid4())
value = {
'user': user_id,
'asset': asset_id,
'system_user': system_user_id
}
cache.set(token, value, timeout=3600)
return Response({"token": token}, status=201)
def get(self, request):
token = request.query_params.get('token')
value = cache.get(token, None)
if value:
cache.delete(token)
return Response(value)
apps/users/urls/api_urls.py
View file @ 6d552f46
...@@ -17,6 +17,7 @@ router.register(r'v1/groups', api.UserGroupViewSet, 'user-group') ...@@ -17,6 +17,7 @@ router.register(r'v1/groups', api.UserGroupViewSet, 'user-group')
urlpatterns = [ urlpatterns = [
# url(r'', api.UserListView.as_view()), # url(r'', api.UserListView.as_view()),
url(r'^v1/token/$', api.UserToken.as_view(), name='user-token'), url(r'^v1/token/$', api.UserToken.as_view(), name='user-token'),
url(r'^v1/connection-token/$', api.UserConnectionTokenApi.as_view(), name='connection-token'),
url(r'^v1/profile/$', api.UserProfile.as_view(), name='user-profile'), url(r'^v1/profile/$', api.UserProfile.as_view(), name='user-profile'),
url(r'^v1/auth/$', api.UserAuthApi.as_view(), name='user-auth'), url(r'^v1/auth/$', api.UserAuthApi.as_view(), name='user-auth'),
url(r'^v1/users/(?P<pk>[0-9a-zA-Z\-]{36})/password/$', url(r'^v1/users/(?P<pk>[0-9a-zA-Z\-]{36})/password/$',
......
apps/users/views/login.py
View file @ 6d552f46
...@@ -80,7 +80,8 @@ class UserLogoutView(TemplateView): ...@@ -80,7 +80,8 @@ class UserLogoutView(TemplateView):
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
auth_logout(request) auth_logout(request)
return super().get(request, *args, **kwargs) response = super().get(request, *args, **kwargs)
return response
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = { context = {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment