Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
d9642216
Commit
d9642216
authored
Dec 16, 2016
by
ibuler
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update api
parent
0e4804b5
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
48 additions
and
12 deletions
+48
-12
api.py
apps/users/api.py
+28
-1
backends.py
apps/users/backends.py
+1
-1
models.py
apps/users/models.py
+17
-4
api_urls.py
apps/users/urls/api_urls.py
+2
-6
No files found.
apps/users/api.py
View file @
d9642216
# ~*~ coding: utf-8 ~*~
#
import
base64
from
django.core.cache
import
cache
from
django.conf
import
settings
...
...
@@ -84,6 +85,31 @@ class UserGroupUpdateUserApi(generics.RetrieveUpdateAPIView):
permission_classes
=
(
IsSuperUser
,)
class
UserToken
(
APIView
):
permission_classes
=
(
IsValidUser
,)
expiration
=
settings
.
CONFIG
.
TOKEN_EXPIRATION
or
3600
def
get
(
self
,
request
):
if
not
request
.
user
:
return
Response
({
'error'
:
'unauthorized'
})
remote_addr
=
request
.
META
.
get
(
'REMOTE_ADDR'
,
''
)
remote_addr
=
base64
.
b16encode
(
remote_addr
)
.
replace
(
'='
,
''
)
token
=
cache
.
get
(
'
%
s_
%
s'
%
(
request
.
user
.
id
,
remote_addr
))
if
not
token
:
token
=
token_gen
(
request
.
user
)
cache
.
set
(
token
,
request
.
user
.
id
,
self
.
expiration
)
cache
.
set
(
'
%
s_
%
s'
%
(
request
.
user
.
id
,
remote_addr
),
token
,
self
.
expiration
)
return
Response
({
'token'
:
token
})
class
UserProfile
(
APIView
):
permission_classes
=
(
IsValidUser
,)
def
get
(
self
,
request
):
return
Response
(
request
.
user
.
to_json
())
class
UserAuthApi
(
APIView
):
permission_classes
=
()
expiration
=
settings
.
CONFIG
.
TOKEN_EXPIRATION
or
3600
...
...
@@ -106,6 +132,7 @@ class UserAuthApi(APIView):
cache
.
set
(
'
%
s_
%
s'
%
(
user
.
id
,
remote_addr
),
token
,
self
.
expiration
)
write_login_log_async
.
delay
(
user
.
username
,
name
=
user
.
name
,
terminal
=
terminal
,
login_ip
=
remote_addr
,
login_type
=
login_type
)
return
Response
({
'token'
:
token
,
'id'
:
user
.
id
,
'username'
:
user
.
username
,
'name'
:
user
.
name
})
return
Response
({
'token'
:
token
,
'id'
:
user
.
id
,
'username'
:
user
.
username
,
'name'
:
user
.
name
,
'is_active'
:
user
.
is_active
})
else
:
return
Response
({
'msg'
:
'Invalid password or public key or user is not active or expired'
},
status
=
401
)
apps/users/backends.py
View file @
d9642216
...
...
@@ -52,7 +52,7 @@ class TerminalAuthentication(authentication.BaseAuthentication):
class
AccessTokenAuthentication
(
authentication
.
BaseAuthentication
):
keyword
=
'
Token
'
keyword
=
'
Bearer
'
model
=
User
expiration
=
settings
.
CONFIG
.
TOKEN_EXPIRATION
or
3600
...
...
apps/users/models.py
View file @
d9642216
# ~*~ coding: utf-8 ~*~
from
__future__
import
unicode_literals
from
collections
import
OrderedDict
from
django.conf
import
settings
from
django.contrib.auth
import
logout
from
django.contrib.auth.hashers
import
make_password
from
django.contrib.auth.models
import
AbstractUser
from
django.core
import
signing
from
django.db
import
models
,
IntegrityError
from
django.db.models.signals
import
post_save
from
django.dispatch
import
receiver
from
django.utils.translation
import
ugettext_lazy
as
_
from
django.utils
import
timezone
from
django.shortcuts
import
reverse
...
...
@@ -202,6 +199,22 @@ class User(AbstractUser):
def
generate_reset_token
(
self
):
return
signer
.
sign_t
({
'reset'
:
self
.
id
,
'email'
:
self
.
email
},
expires_in
=
3600
)
def
to_json
(
self
):
return
OrderedDict
({
'id'
:
self
.
id
,
'username'
:
self
.
username
,
'name'
:
self
.
name
,
'email'
:
self
.
email
,
'is_active'
:
self
.
is_active
,
'is_superuser'
:
self
.
is_superuser
,
'role'
:
self
.
get_role_display
(),
'groups'
:
[
group
.
name
for
group
in
self
.
groups
.
all
()],
'wechat'
:
self
.
wechat
,
'phone'
:
self
.
phone
,
'comment'
:
self
.
comment
,
'date_expired'
:
self
.
date_expired
.
strftime
(
'
%
Y-
%
m-
%
d
%
H:
%
M:
%
S'
)
})
@classmethod
def
validate_reset_token
(
cls
,
token
):
try
:
...
...
apps/users/urls/api_urls.py
View file @
d9642216
...
...
@@ -16,15 +16,11 @@ router.register(r'v1/user-groups', api.UserGroupViewSet, 'user-group')
urlpatterns
=
[
# url(r'^v1/users/$', api.UserListUpdateApi.as_view(), name='user-bulk-update-api
'),
url
(
r'^v1/users/
token/$'
,
api
.
UserAuthApi
.
as_view
(),
name
=
'user-token
'
),
url
(
r'^v1/users/token/$'
,
api
.
UserToken
.
as_view
(),
name
=
'user-token
'
),
url
(
r'^v1/users/
profile/$'
,
api
.
UserProfile
.
as_view
(),
name
=
'user-profile
'
),
url
(
r'^v1/users/(?P<pk>\d+)/reset-password/$'
,
api
.
UserResetPasswordApi
.
as_view
(),
name
=
'user-reset-password'
),
url
(
r'^v1/users/(?P<pk>\d+)/reset-pk/$'
,
api
.
UserResetPKApi
.
as_view
(),
name
=
'user-reset-pk'
),
url
(
r'^v1/users/(?P<pk>\d+)/update-pk/$'
,
api
.
UserUpdatePKApi
.
as_view
(),
name
=
'user-update-pk'
),
# url(r'^v1/user-groups/$', api.GroupListUpdateApi.as_view(), name='user-group-bulk-update-api'),
# url(r'^v1/user-groups/(?P<pk>\d+)/$', api.GroupDetailApi.as_view(), name='user-group-detail-api'),
# url(r'^v1/user-groups/(?P<pk>\d+)/user/(?P<uid>\d+)/$',
# api.DeleteUserFromGroupApi.as_view(), name='delete-user-from-group-api'),
url
(
r'^v1/users/(?P<pk>\d+)/groups/$'
,
api
.
UserUpdateGroupApi
.
as_view
(),
name
=
'user-update-group'
),
url
(
r'^v1/user-groups/(?P<pk>\d+)/users/$'
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment