Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
d9642216
Commit
d9642216
authored
8 years ago
by
ibuler
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update api
parent
0e4804b5
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
48 additions
and
12 deletions
+48
-12
api.py
apps/users/api.py
+28
-1
backends.py
apps/users/backends.py
+1
-1
models.py
apps/users/models.py
+17
-4
api_urls.py
apps/users/urls/api_urls.py
+2
-6
No files found.
apps/users/api.py
View file @
d9642216
# ~*~ coding: utf-8 ~*~
#
import
base64
from
django.core.cache
import
cache
from
django.conf
import
settings
...
...
@@ -84,6 +85,31 @@ class UserGroupUpdateUserApi(generics.RetrieveUpdateAPIView):
permission_classes
=
(
IsSuperUser
,)
class
UserToken
(
APIView
):
permission_classes
=
(
IsValidUser
,)
expiration
=
settings
.
CONFIG
.
TOKEN_EXPIRATION
or
3600
def
get
(
self
,
request
):
if
not
request
.
user
:
return
Response
({
'error'
:
'unauthorized'
})
remote_addr
=
request
.
META
.
get
(
'REMOTE_ADDR'
,
''
)
remote_addr
=
base64
.
b16encode
(
remote_addr
)
.
replace
(
'='
,
''
)
token
=
cache
.
get
(
'
%
s_
%
s'
%
(
request
.
user
.
id
,
remote_addr
))
if
not
token
:
token
=
token_gen
(
request
.
user
)
cache
.
set
(
token
,
request
.
user
.
id
,
self
.
expiration
)
cache
.
set
(
'
%
s_
%
s'
%
(
request
.
user
.
id
,
remote_addr
),
token
,
self
.
expiration
)
return
Response
({
'token'
:
token
})
class
UserProfile
(
APIView
):
permission_classes
=
(
IsValidUser
,)
def
get
(
self
,
request
):
return
Response
(
request
.
user
.
to_json
())
class
UserAuthApi
(
APIView
):
permission_classes
=
()
expiration
=
settings
.
CONFIG
.
TOKEN_EXPIRATION
or
3600
...
...
@@ -106,6 +132,7 @@ class UserAuthApi(APIView):
cache
.
set
(
'
%
s_
%
s'
%
(
user
.
id
,
remote_addr
),
token
,
self
.
expiration
)
write_login_log_async
.
delay
(
user
.
username
,
name
=
user
.
name
,
terminal
=
terminal
,
login_ip
=
remote_addr
,
login_type
=
login_type
)
return
Response
({
'token'
:
token
,
'id'
:
user
.
id
,
'username'
:
user
.
username
,
'name'
:
user
.
name
})
return
Response
({
'token'
:
token
,
'id'
:
user
.
id
,
'username'
:
user
.
username
,
'name'
:
user
.
name
,
'is_active'
:
user
.
is_active
})
else
:
return
Response
({
'msg'
:
'Invalid password or public key or user is not active or expired'
},
status
=
401
)
This diff is collapsed.
Click to expand it.
apps/users/backends.py
View file @
d9642216
...
...
@@ -52,7 +52,7 @@ class TerminalAuthentication(authentication.BaseAuthentication):
class
AccessTokenAuthentication
(
authentication
.
BaseAuthentication
):
keyword
=
'
Token
'
keyword
=
'
Bearer
'
model
=
User
expiration
=
settings
.
CONFIG
.
TOKEN_EXPIRATION
or
3600
...
...
This diff is collapsed.
Click to expand it.
apps/users/models.py
View file @
d9642216
# ~*~ coding: utf-8 ~*~
from
__future__
import
unicode_literals
from
collections
import
OrderedDict
from
django.conf
import
settings
from
django.contrib.auth
import
logout
from
django.contrib.auth.hashers
import
make_password
from
django.contrib.auth.models
import
AbstractUser
from
django.core
import
signing
from
django.db
import
models
,
IntegrityError
from
django.db.models.signals
import
post_save
from
django.dispatch
import
receiver
from
django.utils.translation
import
ugettext_lazy
as
_
from
django.utils
import
timezone
from
django.shortcuts
import
reverse
...
...
@@ -202,6 +199,22 @@ class User(AbstractUser):
def
generate_reset_token
(
self
):
return
signer
.
sign_t
({
'reset'
:
self
.
id
,
'email'
:
self
.
email
},
expires_in
=
3600
)
def
to_json
(
self
):
return
OrderedDict
({
'id'
:
self
.
id
,
'username'
:
self
.
username
,
'name'
:
self
.
name
,
'email'
:
self
.
email
,
'is_active'
:
self
.
is_active
,
'is_superuser'
:
self
.
is_superuser
,
'role'
:
self
.
get_role_display
(),
'groups'
:
[
group
.
name
for
group
in
self
.
groups
.
all
()],
'wechat'
:
self
.
wechat
,
'phone'
:
self
.
phone
,
'comment'
:
self
.
comment
,
'date_expired'
:
self
.
date_expired
.
strftime
(
'
%
Y-
%
m-
%
d
%
H:
%
M:
%
S'
)
})
@classmethod
def
validate_reset_token
(
cls
,
token
):
try
:
...
...
This diff is collapsed.
Click to expand it.
apps/users/urls/api_urls.py
View file @
d9642216
...
...
@@ -16,15 +16,11 @@ router.register(r'v1/user-groups', api.UserGroupViewSet, 'user-group')
urlpatterns
=
[
# url(r'^v1/users/$', api.UserListUpdateApi.as_view(), name='user-bulk-update-api
'),
url
(
r'^v1/users/
token/$'
,
api
.
UserAuthApi
.
as_view
(),
name
=
'user-token
'
),
url
(
r'^v1/users/token/$'
,
api
.
UserToken
.
as_view
(),
name
=
'user-token
'
),
url
(
r'^v1/users/
profile/$'
,
api
.
UserProfile
.
as_view
(),
name
=
'user-profile
'
),
url
(
r'^v1/users/(?P<pk>\d+)/reset-password/$'
,
api
.
UserResetPasswordApi
.
as_view
(),
name
=
'user-reset-password'
),
url
(
r'^v1/users/(?P<pk>\d+)/reset-pk/$'
,
api
.
UserResetPKApi
.
as_view
(),
name
=
'user-reset-pk'
),
url
(
r'^v1/users/(?P<pk>\d+)/update-pk/$'
,
api
.
UserUpdatePKApi
.
as_view
(),
name
=
'user-update-pk'
),
# url(r'^v1/user-groups/$', api.GroupListUpdateApi.as_view(), name='user-group-bulk-update-api'),
# url(r'^v1/user-groups/(?P<pk>\d+)/$', api.GroupDetailApi.as_view(), name='user-group-detail-api'),
# url(r'^v1/user-groups/(?P<pk>\d+)/user/(?P<uid>\d+)/$',
# api.DeleteUserFromGroupApi.as_view(), name='delete-user-from-group-api'),
url
(
r'^v1/users/(?P<pk>\d+)/groups/$'
,
api
.
UserUpdateGroupApi
.
as_view
(),
name
=
'user-update-group'
),
url
(
r'^v1/user-groups/(?P<pk>\d+)/users/$'
,
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment