v0.1.1

apps/user/controllers.py

@@ -8,7 +8,6 @@ from ninja import Query
 from django.db import transaction
 from django.contrib.auth import authenticate
 from django.shortcuts import get_object_or_404
-from ninja_jwt.tokens import RefreshToken
 from ninja_jwt.authentication import JWTAuth
 from ninja_jwt.controller import TokenObtainPairController
 from ninja_jwt import schema
@@ -17,37 +16,25 @@ from utils.chen_response import ChenResponse
 from apps.user.schema import UserInfoOutSchema, CreateUserSchema, CreateUserOutSchema, \
     UserRetrieveInputSchema, \
     UserRetrieveOutSchema, UpdateDeleteUserSchema, UpdateDeleteUserOutSchema, DeleteUserSchema, LogOutSchema, \
-    LogInputSchema, LogDeleteInSchema, AdminModifyPasswordSchema
+    LogInputSchema, LogDeleteInSchema, AdminModifyPasswordSchema, MyTokenObtainPairOutSchema, \
+    MyTokenObtainPairInputSchema
 from apps.user.models import TableOperationLog, Users as UserClass
 from apps.project.models import Project
 # 工具函数
 from utils.chen_crud import update, multi_delete
 from apps.user.tools.ldap_tools import load_ldap_users
-# 导入登录日志函数
-from utils.log_util.request_util import save_login_log
 
-Users: UserClass = get_user_model()  # type:ignore
+Users = get_user_model()
 
 # 定义用户登录接口，包含token刷新和生成
 @api_controller("/system", tags=['用户token控制和登录接口'])
 class UserTokenController(TokenObtainPairController):
     auto_import = True
 
-    @route.post("/login", url_name='login')
-    def obtain_token(self, user_token: schema.TokenObtainPairSerializer):
-        """新版本有特性，后期修改"""
-        # 注意TokenObtainPairSerializer是老版本，所以兼容，本质是TokenObtainPairInputSchema
-        user: UserClass = user_token._user
-        if user:
-            # 判断是否为启用状态
-            if user.status == '2':
-                return ChenResponse(status=500, code=500, message='账号已被禁用，请联系管理员...')
-            save_login_log(request=self.context.request, user=user)  # 保存登录日志
-        refresh = RefreshToken.for_user(user)
-        token = refresh.access_token  # type:ignore
-        return ChenResponse(code=200,
-                            data={'token': str(token), 'refresh': str(refresh),
-                                  'token_exp_data': datetime.fromtimestamp(token["exp"], tz=timezone.utc)})
+    @route.post("/login", response=MyTokenObtainPairOutSchema, url_name='login')
+    def obtain_token(self, user_token: MyTokenObtainPairInputSchema):
+        user_token.check_user_authentication_rule()
+        return user_token.to_response_schema()
 
     @route.get("/getInfo", response=UserInfoOutSchema, url_name="get_info", auth=JWTAuth())
     def get_user_info(self):

apps/user/schema.py

@@ -3,9 +3,13 @@ from django.contrib.auth.models import Group
 from ninja_schema import ModelSchema, model_validator, Schema
 from ninja_extra.exceptions import APIException
 from ninja_extra import status
-from datetime import datetime
-from typing import List
+from datetime import datetime, timezone
+from typing import List, Type, Dict
 from ninja import Field
+from ninja.errors import HttpError
+from ninja_jwt.schema import TokenObtainInputSchemaBase
+from ninja_jwt.tokens import RefreshToken
+from utils.log_util.request_util import save_login_log
 
 UserModel = Users
 
@@ -113,3 +117,34 @@ class AdminModifyPasswordSchema(Schema):
     newPassword: str
     newPassword_confirmation: str
     oldPassword: str
+
+# ~~~~~~~~~~~~~~~~~~~~JWT~~~~~~~~~~~~~~~~~~~~
+# 定义输出的内容，修改了输出access变为token，新增token_exp_data字段
+class MyTokenObtainPairOutSchema(Schema):
+    token: str
+    refresh: str
+    token_exp_data: datetime
+
+class MyTokenObtainPairInputSchema(TokenObtainInputSchemaBase):
+    @classmethod
+    def get_response_schema(cls) -> Type[Schema]:
+        """修改默认的返回Schema"""
+        return MyTokenObtainPairOutSchema
+
+    @classmethod
+    def get_token(cls, user) -> Dict:
+        """因为输出Schema修改，这里修改输出的token字典字段"""
+        values = {}
+        refresh = RefreshToken.for_user(user)
+        token = refresh.access_token
+        values["token"] = str(token)  # 修改在这里 # type:ignore
+        values['refresh'] = str(refresh)
+        values["token_exp_data"] = datetime.fromtimestamp(token["exp"], tz=timezone.utc)
+        return values
+
+    def authenticate(self, request, credentials: Dict):
+        super().authenticate(request, credentials)
+        if self._user:
+            save_login_log(request, self._user)
+            if self._user.status == '2':  # type:ignore
+                raise HttpError(401, "账号已被禁用，请联系管理员...")

apps/user/tools/ldap_tools.py

@@ -7,12 +7,16 @@ env = environ.Env()
 
 # 2. LDAP服务器host和port
 server_uri = env('AUTH_LDAP_SERVER_URI', default='ldap://dns.paisat.cn:389')
+dn = env('AUTH_LDAP_BIND_DN',default='CN=Administrator,CN=Users,DC=sstc,DC=ctu')
+password = env('AUTH_LDAP_BIND_PASSWORD',default='WXWX2019!!!!!!')
+base_dn = env('BASE_DN',default='OU=all,DC=sstc,DC=ctu')
+filter_str = env('FILTER_STR',default='(sAMAccountName=%(user)s)')
 
 # 3. 连接LDAP服务器进行操作
 def load_ldap_users(url=server_uri,
-                    dn="CN=Administrator,CN=Users,DC=sstc,DC=ctu",
-                    pwd="WXWX2019!!!!!!",
-                    search_dn="OU=ALL,DC=sstc,DC=ctu",
+                    dn=dn,
+                    pwd=password,
+                    search_dn=base_dn,
                     search_filter='(&(sAMAccountName=*))'):
     Users = get_user_model()
 
@@ -50,6 +54,7 @@ def load_ldap_users(url=server_uri,
                 c_user.email = user_dict['email']
                 update_flag = True
             if update_flag:
+                c_user.set_password('wxwx2018!!!')
                 c_user.save()
         else:
             user_dict['remark'] = '自动同步LDAP数据用户'