Skip to content

S
sun
Commit a6d19380 authored by Davve's avatar Davve
Browse files
Options

解决登陆session问题

parent 626302b9
master dev like-pre/r01 quick-reply refactor test
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing with 134 additions and 92 deletions
api/account.py
View file @ a6d19380
......@@ -2,9 +2,9 @@
# -*- coding: utf-8 -*-
# __author__ = "chenwei"
# Date: 2018/11/16
from django.conf import settings
from utils.base import APIView
from utils.user_util import make_password
class AccountList(APIView):
......@@ -20,9 +20,14 @@ class AccountList(APIView):
def post(self, request):
ids = request.POST.get('ids', '').split()
filter = request.POST.get('type', '')
type = request.POST.get('type', '')
updates = {}
if type == 'offline':
updates['is_online'] = 0
else:
updates['is_online'] = 1
try:
self.rpc['venus/community/account/update'](filter=filter, ids=ids).unwrap()
self.rpc['venus/sun/account/batch/update'](updates=updates, ids=ids).unwrap()
except Exception as e:
raise e
return {
......@@ -34,7 +39,7 @@ class AccountUpdateOrCreateView(APIView):
def get(self, request):
id = request.GET.get('id')
try:
data = self.rpc['venus/community/account/detail'](id=id).unwrap()
data = self.rpc['venus/sun/account/get'](id=id).unwrap()
except Exception as e:
raise e
return {'data': data}
......@@ -44,9 +49,10 @@ class AccountUpdateOrCreateView(APIView):
data = {
'username': request.POST.get('username'),
'email': request.POST.get('email'),
'password': request.POST.get('password'),
'password': make_password(request.POST.get('password')),
'phone': request.POST.get('phone'),
'nick_name': request.POST.get('nick_name'),
'is_staff': True,
}
try:
self.rpc['venus/sun/account/edit'](id=id, data=data).unwrap()
......@@ -64,28 +70,16 @@ class LoginView(APIView):
:param request:
:return:
"""
map = {
'admin': {
'id': 1,
'roles': ['admin'],
'token': 'admin',
'introduction': '我是超级管理员',
'avatar': 'https://wpimg.wallstcn.com/f778738c-e4f8-4870-b634-56703b4acafe.gif',
'name': 'Super Admin'
},
'editor': {
'id': 2,
'roles': ['editor'],
'token': 'editor',
'introduction': '我是编辑',
'avatar': 'https://wpimg.wallstcn.com/f778738c-e4f8-4870-b634-56703b4acafe.gif',
'name': 'Normal Editor'
}
}
token = request.GET.get('token')
return {
'data': map[token]
}
try:
data = self.rpc['venus/sun/account/get_user_info']().unwrap()
data.update({
'avatar': settings.AVATAR
})
except Exception as e:
raise e
return {'data': data}
def post(self, request):
"""
......@@ -95,25 +89,26 @@ class LoginView(APIView):
"""
username = request.POST.get('username')
password = request.POST.get('password')
if username == settings.USERNAME and password == settings.PASSWORD:
try:
data = self.rpc['venus/sun/account/login'](username=username, password=password).unwrap()
if data['success'] or all([username == settings.USERNAME, password == settings.PASSWORD]):
data = {
'id': 1,
'roles': ['admin'],
'token': 'admin',
'introduction': '我是超级管理员',
'avatar': 'https://wpimg.wallstcn.com/f778738c-e4f8-4870-b634-56703b4acafe.gif',
'name': 'Super Admin'
'id': data['id'],
'avatar': settings.AVATAR,
'name': data['username'],
'session_key': data['session'],
'success': 1,
}
else:
data = {
'id': 2,
'roles': ['editor'],
'token': 'editor',
'introduction': '我是编辑',
'avatar': 'https://wpimg.wallstcn.com/f778738c-e4f8-4870-b634-56703b4acafe.gif',
'name': 'Normal Editor'
'id': data['id'],
'avatar': settings.AVATAR,
'name': '',
'session_key': data['session'],
'success': 0,
}
except Exception as e:
raise e
return {
'data': data
}
......@@ -121,6 +116,10 @@ class LoginView(APIView):
class LogoutView(APIView):
def post(self, request):
pass
print(request.POST)
self.rpc['venus/sun/account/logout']().unwrap()
return {
'session_key': ''
}
api/token.py
View file @ a6d19380
......@@ -3,6 +3,7 @@
# __author__ = "chenwei"
# Date: 2018/11/20
from django.middleware.csrf import get_token
from utils.base import APIView
from gm_upload.utils.qiniu_tool import QiniuTool
......
sun/settings.py
View file @ a6d19380
......@@ -125,7 +125,7 @@ STATIC_URL = '/static/'
PAGE_SIZE = 10
USER_COOKIE_NAME = 'sun_session_key'
USER_COOKIE_NAME = 'session_key'
STATIC_ROOT = os.path.join(BASE_DIR, 'static')
STATICFILES_DIRS = [
......@@ -142,3 +142,6 @@ QINIU_SCOPE = 'wanmeizhensuo'
# 超级管理员
USERNAME = 'admin'
PASSWORD = 'admin'
# 管理员头像
AVATAR = 'https://wpimg.wallstcn.com/f778738c-e4f8-4870-b634-56703b4acafe.gif'
\ No newline at end of file
utils/base.py
View file @ a6d19380
......@@ -190,19 +190,10 @@ class APIView(View):
# 请求是否来自客户端, client js请求也会带上version的
self.request_version = request.GET.get('version')
self.request_from_client = False
if self.request_version:
self.request_from_client = True
self.args_default = ClientDefaultArgs(request.GET)
if self.request_from_client:
# 判断是否是从hybrid js请求的
self.args_default.hybrid = request.GET.get('hybrid') == 'true'
self.args_get = LazyAttrDict(request.GET, self.args_GET, self.request_version)
self.args_post = LazyAttrDict(request.POST, self.args_POST, self.request_version)
self.rpc = request.rpc.origin
if getattr(request, 'doctor_user', None) is not None:
self.doctor = request.doctor_user
@handler_exception
def dispatch(self, request, *args, **kwargs):
......
utils/user_util.py
View file @ a6d19380
......@@ -6,6 +6,7 @@ import json
from django.conf import settings
from django.http import JsonResponse
from django.contrib.auth.hashers import make_password
from django.http.response import HttpResponseBadRequest
from utils.logger import auth_logger
......@@ -38,3 +39,9 @@ def require_login(request, origin=''):
target_uid=request.GET.get('_dd', '-'),
))
return login_require
def py(password):
"""生成密码hash
"""
return make_password(password, None, 'pbkdf2_sha256')
vu/src/api/login.js
View file @ a6d19380
......@@ -12,19 +12,20 @@ export function loginByUsername(username, password) {
})
}
export function logout() {
export function logout(data) {
return request({
url: '/api/account/logout',
method: 'post'
method: 'post',
data
})
}
export function getUserInfo(token) {
console.log(token)
export function getUserInfo(session_key) {
return request({
url: '/api/account/get',
method: 'get',
params: { token }
params: { session_key }
})
}
vu/src/permission.js
View file @ a6d19380
......@@ -3,7 +3,7 @@ import store from './store'
import { Message } from 'element-ui'
import NProgress from 'nprogress' // progress bar
import 'nprogress/nprogress.css'// progress bar style
import { getToken } from '@/utils/auth' // getToken from cookie
import { getSession } from '@/utils/auth' // getToken from cookie
NProgress.configure({ showSpinner: false })// NProgress Configuration
......@@ -14,11 +14,11 @@ function hasPermission(roles, permissionRoles) {
return roles.some(role => permissionRoles.indexOf(role) >= 0)
}
const whiteList = ['/login', '/auth-redirect']// no redirect whitelist
const whiteList = ['/login']// no redirect whitelist
router.beforeEach((to, from, next) => {
NProgress.start() // start progress bar
if (getToken()) { // determine if there has token
if (getSession()) { // determine if there has token
/* has token*/
if (to.path === '/login') {
next({ path: '/' })
......
vu/src/store/getters.js
View file @ a6d19380
......@@ -12,6 +12,7 @@ const getters = {
introduction: state => state.user.introduction,
status: state => state.user.status,
roles: state => state.user.roles,
session_key: state => state.user.session_key,
setting: state => state.user.setting,
permission_routers: state => state.permission.routers,
addRouters: state => state.permission.addRouters,
......
vu/src/store/modules/user.js
View file @ a6d19380
import { Message } from 'element-ui'
import { loginByUsername, logout, getUserInfo } from '@/api/login'
import { getToken, setToken, removeToken } from '@/utils/auth'
import { setSession, getSession, removeSession } from '@/utils/auth'
const user = {
state: {
......@@ -7,14 +8,15 @@ const user = {
id: '',
status: '',
code: '',
token: getToken(),
// token: getToken(),
name: '',
avatar: '',
introduction: '',
roles: [],
setting: {
articlePlatform: []
}
},
session_key: ''
},
mutations: {
......@@ -44,7 +46,10 @@ const user = {
},
SET_ID: (state, id) => {
state.id = id
}
},
SET_SESSIONID: (state, session_key) => {
state.session_key = session_key
}
},
actions: {
......@@ -54,10 +59,15 @@ const user = {
return new Promise((resolve, reject) => {
loginByUsername(username, userInfo.password).then(response => {
const data = response.data.data.data
commit('SET_TOKEN', data.token)
if (data['success']){
commit('SET_SESSIONID', data.session_key)
commit('SET_ID', data.id)
setToken(data.token)
setSession(data.session_key)
resolve()
}else{
Message.error('用户名或者密码错误啦')
resolve('/login')
}
}).catch(error => {
reject(error)
})
......@@ -66,21 +76,23 @@ const user = {
// 获取用户信息
GetUserInfo({ commit, state }) {
const session_key = state.session_key
return new Promise((resolve, reject) => {
getUserInfo(state.token).then(response => {
getUserInfo(session_key).then(response => {
if (!response.data) { // 由于mockjs 不支持自定义状态码只能这样hack
reject('error')
}
const data = response.data.data.data
data.roles = ['admin']
if (data.roles && data.roles.length > 0) { // 验证返回的roles是否是一个非空数组
commit('SET_ROLES', data.roles)
} else {
reject('getInfo: roles must be a non-null array !')
}
commit('SET_ROLES', data.roles)
commit('SET_NAME', data.name)
commit('SET_ID', data.id)
commit('SET_AVATAR', data.avatar)
commit('SET_INTRODUCTION', data.introduction)
resolve(response)
}).catch(error => {
reject(error)
......@@ -94,7 +106,7 @@ const user = {
logout(state.token).then(() => {
commit('SET_TOKEN', '')
commit('SET_ROLES', [])
removeToken()
removeSession()
resolve()
}).catch(error => {
reject(error)
......@@ -105,8 +117,8 @@ const user = {
// 前端 登出
FedLogOut({ commit }) {
return new Promise(resolve => {
commit('SET_TOKEN', '')
removeToken()
commit('SET_SESSIONID', '')
removeSession()
resolve()
})
},
......@@ -115,7 +127,7 @@ const user = {
ChangeRoles({ commit, dispatch }, role) {
return new Promise(resolve => {
commit('SET_TOKEN', role)
setToken(role)
// setToken(role)
getUserInfo(role).then(response => {
const data = response.data.data
commit('SET_ROLES', data.roles)
......
vu/src/utils/auth.js
View file @ a6d19380
import Cookies from 'js-cookie'
const TokenKey = 'Admin-Token'
const SessionKey = 'session_key'
export function getToken() {
return Cookies.get(TokenKey)
export function getSession() {
return Cookies.get(SessionKey)
}
export function setToken(token) {
return Cookies.set(TokenKey, token)
export function setSession(key) {
return Cookies.set(SessionKey, key)
}
export function removeToken() {
return Cookies.remove(TokenKey)
export function removeSession() {
return Cookies.remove(SessionKey)
}
vu/src/utils/request.js
View file @ a6d19380
......@@ -14,9 +14,9 @@ const service = axios.create({
service.interceptors.request.use(
config => {
// Do something before request is sent
if (store.getters.token) {
if (store.getters.session_key) {
// 让每个请求携带token-- ['X-Token']为自定义key 请根据实际情况自行修改
config.headers['X-Token'] = getToken()
// config.headers['X-CSRFToken'] = getToken()
}
config.data = Qs.stringify(config.data)
return config
......
vu/src/views/account/components/AccountDetail.vue
View file @ a6d19380
......@@ -10,8 +10,14 @@
<el-row>
<el-col :span="24">
<el-form-item style="margin-bottom: 40px;" prop="username">
<MDinput v-model="postForm.username" :maxlength="100" name="username" required>
<el-form-item style="margin-bottom: 40px;" prop="username" v-if="isEdit">
<MDinput v-model="postForm.username" :maxlength="100" name="username" required disabled="disabled">
账号
</MDinput>
</el-form-item>
<el-form-item style="margin-bottom: 40px;" prop="username" v-else>
<MDinput v-model="postForm.username" :maxlength="100" name="username" required >
账号
</MDinput>
</el-form-item>
......@@ -21,8 +27,14 @@
<el-row>
<el-col :span="24">
<el-form-item style="margin-bottom: 40px;" prop="password">
<MDinput v-model="postForm.password" :maxlength="100" name="password" required>
<el-form-item style="margin-bottom: 40px;" prop="password" v-if="isEdit">
<MDinput v-model="postForm.password" :maxlength="100" name="password" required disabled="disabled">
密码
</MDinput>
</el-form-item>
<el-form-item style="margin-bottom: 40px;" prop="password" v-else>
<MDinput v-model="postForm.password" :maxlength="100" name="password" required >
密码
</MDinput>
</el-form-item>
......
vu/src/views/account/list.vue
View file @ a6d19380
......@@ -26,22 +26,22 @@
</template>
</el-table-column>
<el-table-column align="center" label="密码">
<el-table-column align="center" label="邮箱">
<template slot-scope="scope">
<span>{{ scope.row.password }}</span>
<span>{{ scope.row.email }}</span>
</template>
</el-table-column>
<el-table-column align="center" label="邮箱">
<el-table-column align="center" label="下线">
<template slot-scope="scope">
<span>{{ scope.row.email }}</span>
<el-tag :type="scope.row.is_online | isOnlineFilter">{{ scope.row.is_online==1 ? '是' : '否' }}</el-tag>
</template>
</el-table-column>
</el-table>
<pagination v-show="total>0" :total="total" :page.sync="listQuery.page" :limit.sync="listQuery.limit" style="margin-left: 150px;" @pagination="getList" />
<pagination v-show="total>0" :total="total" :page="listQuery.page" :limit="listQuery.limit" style="margin-left: 150px;" @pagination="getList" />
</div>
</template>
......@@ -55,6 +55,15 @@ export default {
name: 'UserList',
components: { Pagination },
directives: { waves },
filters: {
isOnlineFilter(status) {
const statusMap = {
1: 'success',
0: 'info',
}
return statusMap[status]
}
},
data() {
return {
list: null,
......@@ -62,6 +71,7 @@ export default {
listLoading: true,
multipleSelection: [],
del_list: [],
listQuery: {
page: 0,
limit: 10,
......
vu/src/views/login/index.vue
View file @ a6d19380
......@@ -4,7 +4,7 @@
<el-form ref="loginForm" :model="loginForm" :rules="loginRules" class="login-form" auto-complete="on" label-position="left">
<div class="title-container">
<h3 class="title">更美社区后台</h3>
<h3 class="title">更美社区管理后台</h3>
</div>
<el-form-item prop="username">
......@@ -108,6 +108,7 @@ export default {
}).catch(() => {
this.loading = false
})
} else {
console.log('error submit!!')
return false
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment