用户 增加 在线状态 最后刷新时间

apps/api/admin/urls.py

@@ -10,6 +10,8 @@ urlpatterns = [
     url(r'^token_refresh/$', AdminUserRefreshTokenView.as_view()),
     url(r'^token_verify/$', AdminUserVerifyTokenView.as_view()),
 
+    url(r'^logout/$', LogoutView.as_view()),
+
     url(r'^department/', include('apps.api.admin.department.urls')),
     url(r'^user/', include('apps.api.admin.user.urls')),
     url(r'^subject/', include('apps.api.admin.subject.urls')),

apps/api/admin/views.py

@@ -3,7 +3,9 @@
 from django.contrib.auth import get_user_model
 from rest_framework_jwt.views import ObtainJSONWebToken, VerifyJSONWebToken, RefreshJSONWebToken
 from rest_framework.serializers import ValidationError
+from rest_framework.views import APIView
 from utils import response_error, response_ok
+from utils.permission import IsAdministrator
 from utils.empower import checkLicence
 from apps.staff.serializers import AdminUserJWTSerializer
 from utils.exceptions import CustomError
@@ -45,3 +47,10 @@ class AdminUserRefreshTokenView(RefreshJSONWebToken):
                 return response_ok({'token': ser.validated_data['token']})
         except ValidationError as e:
             return response_error(u'登录状态失效，请重新登录[' + e.detail['error'][0] + ']')
+
+class LogoutView(APIView):
+    permission_classes = [IsAdministrator, ]
+
+    def get(self, request):
+        User.objects.filter(pk=request.user.pk).update(status=User.OFFLINE)
+        return response_ok()

apps/api/staff/urls.py

@@ -11,6 +11,8 @@ urlpatterns = [
     url(r'^token_verify/$', StaffUserVerifyTokenView.as_view()),
     url(r'^change_password/$', ChangePasswordView.as_view()),
 
+    url(r'^logout/$', LogoutView.as_view()),
+
     url(r'^practise/', include('apps.api.staff.practise.urls')),
     url(r'^mock/', include('apps.api.staff.mock.urls')),
     url(r'^errorbook/', include('apps.api.staff.errorbook.urls')),

apps/api/staff/views.py

@@ -59,3 +59,10 @@ class ChangePasswordView(APIView):
             request.user.save()
             SysLog.objects.addnew(self.request.user, SysLog.UPDATE, u'修改账户密码')
         return response_ok()
+
+class LogoutView(APIView):
+    permission_classes = [IsStaff, ]
+
+    def get(self, request):
+        User.objects.filter(pk=request.user.pk).update(status=User.OFFLINE)
+        return response_ok()

apps/staff/models.py

@@ -135,6 +135,13 @@ class User(AbstractBaseUser, PermissionsMixin):
     ADMINSTRATOR = 1
     STAFF = 2
 
+    OFFLINE = 0
+    ONLINE = 1
+    STATUS_CHOICES = (
+        (OFFLINE, u'离线'),
+        (ONLINE, u'在线'),
+    )
+
     type = models.PositiveSmallIntegerField(verbose_name=u"类型")
     department = models.ForeignKey(Department, verbose_name=u"所属部门", null=True, blank=True, on_delete=models.PROTECT)
     username = models.CharField(verbose_name=u'帐号', max_length=30, unique=True, db_index=True)
@@ -142,6 +149,9 @@ class User(AbstractBaseUser, PermissionsMixin):
     is_active = models.BooleanField(verbose_name=u'激活', default=True)
     date_joined = models.DateTimeField(verbose_name=u'注册时间', default=timezone.now, editable=False)
 
+    last_refresh = models.DateTimeField(verbose_name=u'刷新时间', null=True, editable=False)
+    status = models.PositiveSmallIntegerField(choices=STATUS_CHOICES, verbose_name=u"状态", default=OFFLINE)
+
     objects = UserManager()
 
     USERNAME_FIELD = 'username'

apps/staff/serializers.py

@@ -37,6 +37,8 @@ class AdminUserJWTSerializer(JSONWebTokenSerializer):
                     SysLog.objects.addnew(user, SysLog.INSERT,u'非管理员账号[%s]尝试登录管理系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
                     raise serializers.ValidationError(msg)
 
+                User.objects.filter(pk=user.pk).update(status=User.ONLINE)
+
                 payload = jwt_payload_handler(user)
                 SysLog.objects.addnew(user, SysLog.INSERT, u'[%s]登录管理系统,IP[%s]' % (user.username,get_remote_addr(self.request)))
 
@@ -76,6 +78,8 @@ class StaffUserJWTSerializer(JSONWebTokenSerializer):
                     SysLog.objects.addnew(user, SysLog.INSERT,u'非工作账号[%s]尝试登录答题系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
                     raise serializers.ValidationError(msg)
 
+                User.objects.filter(pk=user.pk).update(status=User.ONLINE)
+
                 payload = jwt_payload_handler(user)
                 SysLog.objects.addnew(user, SysLog.INSERT, u'[%s]登录答题系统,IP[%s]' % (user.username,get_remote_addr(self.request)))
 

uis/layuiadmin/modules/common.js

@@ -23,23 +23,25 @@ layui.define(function(exports){
   //退出
   admin.events.logout = function(){
     //执行退出接口
-      /*
+      
     admin.req({
-      url: '/account/logout/'
+      url: '/admin/logout/'
       ,type: 'get'
       ,data: {}
       ,done: function(res){ //这里要说明一下：done 是只有 response 的 code 正常才会执行。而 succese 则是只要 http 为 200 就会执行
 
         //清空本地记录的 token，并跳转到登入页
         admin.exit(function(){
-          location.href = '/views/account/login.html';
+          location.href = '/admin/login/login.html';
         });
       }
     });
-    */
+    
+	/*
     admin.exit(function(){
         location.href = '/admin/login/login.html';
       });
+	*/
   };
 
 

utils/permission.py

@@ -1,15 +1,22 @@
 # coding=utf-8
 
 from rest_framework import permissions
+from django.utils import timezone
+
+from apps.staff.models import User
 
 class IsStaff(permissions.BasePermission):
     def has_permission(self, request, view):
         if not request.user or not request.user.is_authenticated:
             return False
+
+        User.objects.filter(pk=request.user.pk).select_for_update().update(last_refresh=timezone.now())
         return request.user.is_staff()
 
 class IsAdministrator(permissions.BasePermission):
     def has_permission(self, request, view):
         if not request.user or not request.user.is_authenticated:
             return False
+
+        User.objects.filter(pk=request.user.pk).select_for_update().update(last_refresh=timezone.now())
         return request.user.is_administrator()