| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 |
- # coding=utf-8
- from django.contrib.auth import get_user_model, authenticate
- from rest_framework import serializers
- from rest_framework_jwt.serializers import JSONWebTokenSerializer
- from rest_framework_jwt.settings import api_settings
- from utils import get_remote_addr
- from apps.system.models import SysLog
- from .models import Department
- User = get_user_model()
- jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
- jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
- class AdminUserJWTSerializer(JSONWebTokenSerializer):
- def validate(self, attrs):
- credentials = {
- self.username_field: attrs.get(self.username_field),
- 'password': attrs.get('password')
- }
- if all(credentials.values()):
- user = authenticate(**credentials)
- if user:
- if not user.is_active:
- msg = u'禁用帐户,禁止登录'
- SysLog.objects.addnew(user, SysLog.INSERT,u'禁用帐户[%s]尝试登录管理系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
- raise serializers.ValidationError(msg)
- if not user.is_administrator():
- msg = u'非管理员账号,禁止登录'
- SysLog.objects.addnew(user, SysLog.INSERT,u'非管理员账号[%s]尝试登录管理系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
- raise serializers.ValidationError(msg)
- payload = jwt_payload_handler(user)
- SysLog.objects.addnew(user, SysLog.INSERT, u'[%s]登录管理系统,IP[%s]' % (user.username,get_remote_addr(self.request)))
- return {
- 'token': jwt_encode_handler(payload),
- 'user_id': user.id,
- 'username': user.username
- }
- else:
- msg = u'账号或者密码错误!'
- SysLog.objects.addnew(None, SysLog.INSERT, u'登录管理系统失败[%s][%s],IP[%s]' % (attrs[self.username_field], attrs['password'], get_remote_addr(self.request)))
- raise serializers.ValidationError(msg)
- else:
- msg = u'必须包含“{username field}”和“password'
- msg = msg.format(username_field=self.username_field)
- raise serializers.ValidationError(msg)
- class StaffUserJWTSerializer(JSONWebTokenSerializer):
- def validate(self, attrs):
- credentials = {
- self.username_field: attrs.get(self.username_field),
- 'password': attrs.get('password')
- }
- if all(credentials.values()):
- user = authenticate(**credentials)
- if user:
- if not user.is_active:
- msg = u'禁用帐户,禁止登录'
- SysLog.objects.addnew(user, SysLog.INSERT,u'禁用帐户[%s]尝试登录答题系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
- raise serializers.ValidationError(msg)
- if not user.is_staff():
- msg = u'非工作账号,禁止登录'
- SysLog.objects.addnew(user, SysLog.INSERT,u'非工作账号[%s]尝试登录答题系统,IP[%s]' % (user.username, get_remote_addr(self.request)))
- raise serializers.ValidationError(msg)
- payload = jwt_payload_handler(user)
- SysLog.objects.addnew(user, SysLog.INSERT, u'[%s]登录答题系统,IP[%s]' % (user.username,get_remote_addr(self.request)))
- return {
- 'token': jwt_encode_handler(payload),
- 'user_id': user.id,
- 'username': user.username
- }
- else:
- msg = u'账号或者密码错误!'
- SysLog.objects.addnew(None, SysLog.INSERT, u'登录答题系统失败[%s][%s],IP[%s]' % (attrs[self.username_field], attrs['password'], get_remote_addr(self.request)))
- raise serializers.ValidationError(msg)
- else:
- msg = u'必须包含“{username field}”和“password'
- msg = msg.format(username_field=self.username_field)
- raise serializers.ValidationError(msg)
- class DepartmentSerializer(serializers.ModelSerializer):
- class Meta:
- model = Department
- fields = '__all__'
- def create(self, validated_data):
- instance = super(DepartmentSerializer, self).create(validated_data)
- return instance
- def update(self, instance, validated_data):
- instance = super(DepartmentSerializer, self).update(instance, validated_data)
- return instance
|
