...

apps/api/admin/urls.py

@@ -9,9 +9,4 @@ urlpatterns = [
     url(r'^token/obtain/$', AdminUserLoginView.as_view()),
     url(r'^token_refresh/$', AdminUserRefreshTokenView.as_view()),
     url(r'^token_verify/$', AdminUserVerifyTokenView.as_view()),
-
-    url(r'^user/', include('apps.admin.user.urls')),
-    url(r'^tenant/', include('apps.admin.tenant.urls')),
-    url(r'^wechatapp/', include('apps.admin.wechatapplet.urls')),
-    url(r'^wechattp/', include('apps.admin.wechattp.urls')),
 ]

apps/api/admin/views.py

@@ -4,7 +4,7 @@ from django.contrib.auth import get_user_model
 from rest_framework_jwt.views import ObtainJSONWebToken, VerifyJSONWebToken, RefreshJSONWebToken
 from rest_framework.serializers import ValidationError
 from utils import response_error, response_ok
-from .serializers import AdminUserJWTSerializer
+from apps.staff.serializers import AdminUserJWTSerializer
 
 User = get_user_model()
 

apps/api/staff/urls.py

@@ -6,12 +6,7 @@ from .views import *
 
 urlpatterns = [
     url(r'^$', index),
-    url(r'^token/obtain/$', AdminUserLoginView.as_view()),
-    url(r'^token_refresh/$', AdminUserRefreshTokenView.as_view()),
-    url(r'^token_verify/$', AdminUserVerifyTokenView.as_view()),
-
-    url(r'^user/', include('apps.admin.user.urls')),
-    url(r'^tenant/', include('apps.admin.tenant.urls')),
-    url(r'^wechatapp/', include('apps.admin.wechatapplet.urls')),
-    url(r'^wechattp/', include('apps.admin.wechattp.urls')),
+    url(r'^token/obtain/$', StaffUserLoginView.as_view()),
+    url(r'^token_refresh/$', StaffUserRefreshTokenView.as_view()),
+    url(r'^token_verify/$', StaffUserVerifyTokenView.as_view()),
 ]

apps/api/staff/views.py

@@ -4,12 +4,12 @@ from django.contrib.auth import get_user_model
 from rest_framework_jwt.views import ObtainJSONWebToken, VerifyJSONWebToken, RefreshJSONWebToken
 from rest_framework.serializers import ValidationError
 from utils import response_error, response_ok
-from .serializers import AdminUserJWTSerializer
+from apps.staff.serializers import StaffUserJWTSerializer
 
 User = get_user_model()
 
-class AdminUserLoginView(ObtainJSONWebToken):
-    serializer_class = AdminUserJWTSerializer
+class StaffUserLoginView(ObtainJSONWebToken):
+    serializer_class = StaffUserJWTSerializer
 
     def post(self, request, *args, **kwargs):
         try:
@@ -21,7 +21,7 @@ class AdminUserLoginView(ObtainJSONWebToken):
             return response_error(e.detail['error'][0])
 
 
-class AdminUserVerifyTokenView(VerifyJSONWebToken):
+class StaffUserVerifyTokenView(VerifyJSONWebToken):
     def post(self, request, *args, **kwargs):
         try:
             ser = self.serializer_class(data=request.data)
@@ -31,7 +31,7 @@ class AdminUserVerifyTokenView(VerifyJSONWebToken):
             return response_error(u'登录状态失效，请重新登录[' + e.detail['error'][0] + ']')
 
 
-class AdminUserRefreshTokenView(RefreshJSONWebToken):
+class StaffUserRefreshTokenView(RefreshJSONWebToken):
     def post(self, request, *args, **kwargs):
         try:
             ser = self.serializer_class(data=request.data)

apps/staff/serializers.py

@@ -1,9 +1,95 @@
 # coding=utf-8
+from django.contrib.auth import get_user_model, authenticate
 
 from rest_framework import serializers
+from rest_framework_jwt.serializers import JSONWebTokenSerializer
+from rest_framework_jwt.settings import api_settings
 
+from utils import get_remote_addr
+
+from apps.system.models import SysLog
 from .models import Department
 
+User = get_user_model()
+jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
+jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
+
+class AdminUserJWTSerializer(JSONWebTokenSerializer):
+    def validate(self, attrs):
+        credentials = {
+            self.username_field: attrs.get(self.username_field),
+            'password': attrs.get('password')
+        }
+
+        if all(credentials.values()):
+            user = authenticate(**credentials)
+
+            if user:
+                if not user.is_active:
+                    msg = u'禁用帐户，禁止登录'
+                    SysLog.objects.addnew(user, SysLog.INSERT,u'禁用帐户[%s]尝试登录管理系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
+                    raise serializers.ValidationError(msg)
+
+                if not user.is_administrator():
+                    msg = u'非管理员账号，禁止登录'
+                    SysLog.objects.addnew(user, SysLog.INSERT,u'非管理员账号[%s]尝试登录管理系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
+                    raise serializers.ValidationError(msg)
+
+                payload = jwt_payload_handler(user)
+                SysLog.objects.addnew(user, SysLog.INSERT, u'[%s]登录管理系统,IP[%s]' % (user.username,get_remote_addr(self.request)))
+
+                return {
+                    'token': jwt_encode_handler(payload),
+                    'user_id': user.id,
+                    'username': user.username
+                }
+            else:
+                msg = u'账号或者密码错误!'
+                SysLog.objects.addnew(None, SysLog.INSERT, u'登录管理系统失败[%s][%s],IP[%s]' % (attrs[self.username_field], attrs['password'], get_remote_addr(self.request)))
+                raise serializers.ValidationError(msg)
+        else:
+            msg = u'必须包含“{username field}”和“password'
+            msg = msg.format(username_field=self.username_field)
+            raise serializers.ValidationError(msg)
+
+class StaffUserJWTSerializer(JSONWebTokenSerializer):
+    def validate(self, attrs):
+        credentials = {
+            self.username_field: attrs.get(self.username_field),
+            'password': attrs.get('password')
+        }
+
+        if all(credentials.values()):
+            user = authenticate(**credentials)
+
+            if user:
+                if not user.is_active:
+                    msg = u'禁用帐户，禁止登录'
+                    SysLog.objects.addnew(user, SysLog.INSERT,u'禁用帐户[%s]尝试登录答题系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
+                    raise serializers.ValidationError(msg)
+
+                if not user.is_staff():
+                    msg = u'非工作账号，禁止登录'
+                    SysLog.objects.addnew(user, SysLog.INSERT,u'非工作账号[%s]尝试登录答题系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
+                    raise serializers.ValidationError(msg)
+
+                payload = jwt_payload_handler(user)
+                SysLog.objects.addnew(user, SysLog.INSERT, u'[%s]登录答题系统,IP[%s]' % (user.username,get_remote_addr(self.request)))
+
+                return {
+                    'token': jwt_encode_handler(payload),
+                    'user_id': user.id,
+                    'username': user.username
+                }
+            else:
+                msg = u'账号或者密码错误!'
+                SysLog.objects.addnew(None, SysLog.INSERT, u'登录答题系统失败[%s][%s],IP[%s]' % (attrs[self.username_field], attrs['password'], get_remote_addr(self.request)))
+                raise serializers.ValidationError(msg)
+        else:
+            msg = u'必须包含“{username field}”和“password'
+            msg = msg.format(username_field=self.username_field)
+            raise serializers.ValidationError(msg)
+
 class DepartmentSerializer(serializers.ModelSerializer):
 
     class Meta: