....

apps/WechatApplet/models.py

@@ -0,0 +1,64 @@
+# coding=utf-8
+
+import time
+import os
+from django.conf import settings
+from django.db import models
+from django.utils import timezone
+from util.wx.wechat import WeChat
+from util.exceptions import CustomError
+
+
+class WechatApplet(models.Model):
+    authorizer_appid = models.CharField(max_length=512, verbose_name=u'小程序appid')
+    secret = models.CharField(max_length=512, verbose_name=u'小程序秘钥', null=True)
+
+    authorizer_refresh_token = models.CharField(max_length=512, verbose_name=u'刷新令牌', null=True)
+    authorizer_access_token = models.CharField(max_length=512, verbose_name=u'令牌', null=True)
+    access_token_gtime = models.DateTimeField(verbose_name=u"获取令牌时间", null=True)
+    expires_in = models.IntegerField(verbose_name=u'令牌有效期', null=True)
+
+    agent_num = models.CharField(max_length=512, verbose_name=u'商户号', default="")
+    agent_key = models.CharField(max_length=512, verbose_name=u'商户密钥', default="")
+
+    class Meta:
+        db_table = "wechat_applet"
+        ordering = ['-id']
+        index_together = ()
+        verbose_name = u"小程序"
+        default_permissions = ()
+        permissions = []
+
+    @staticmethod
+    def getByAppid(appid):
+        instance = WechatApplet.objects.filter(authorizer_appid=appid).first()
+        if not instance:
+            raise CustomError(u'未找到相应的小程序！')
+        return instance
+
+    def getAccessToken(self):
+        if self.authorizer_access_token:
+            last_time = time.mktime(self.access_token_gtime.timetuple()) + self.expires_in
+            now = time.mktime(timezone.now().timetuple())
+            if last_time > now:
+                return self.authorizer_access_token
+        gtime = timezone.now()
+        res = WeChat.getAccessToken(self.authorizer_appid, self.secret)
+        self.refreshAccessToken(gtime, res['access_token'], res['expires_in'])
+        return self.authorizer_access_token
+
+    def refreshAccessToken(self, gtime, access_token, expires_in, refresh_token=''):
+        self.authorizer_access_token = access_token
+        self.access_token_gtime = gtime
+        self.expires_in = expires_in
+        self.authorizer_refresh_token = refresh_token
+        self.save()
+
+    def generateActivityCode(self, customer_id, activity_id):
+        filename = "{}{}_{}.png".format("activiytCode/", activity_id, customer_id)
+        full_filename = "{}/{}".format(settings.MEDIA_ROOT, filename)
+        if os.path.exists(full_filename):
+            return filename
+        page = 'pages/index/index'
+        filename = WeChat.getActivityCode(self.getAccessToken(), page, customer_id, activity_id)
+        return filename

apps/activity/models.py

@@ -126,9 +126,9 @@ class Pay(models.Model):
         return instance
 
     @staticmethod
-    def wechatPay(branch, customer, amount, openid):
+    def wechatPay(app, branch, customer, amount, openid):
         instance = Pay._addnew(branch, customer, amount)
-        return instance, instance._wechatUnifiedOrder(openid)
+        return instance, instance._wechatUnifiedOrder(app, openid)
 
     @staticmethod
     def _addnew(branch, customer, amount):
@@ -146,8 +146,8 @@ class Pay(models.Model):
         )
         return instance
 
-    def _wechatUnifiedOrder(self, openid):
-        wechatpay = WechatPay(settings.APPID, settings.AGENT_NUM, settings.AGENT_KEY)
+    def _wechatUnifiedOrder(self, app, openid):
+        wechatpay = WechatPay(app.authorizer_appid, app.agent_num, app.agent_key)
         wechatpay.unifiedOrder(self.no, self.precreate_amount, openid)
         data = wechatpay.getAppString()
         return data
@@ -162,10 +162,10 @@ class Order(models.Model):
         (FINISH, u'已完成'),
         (FAIL, u'失败'),
     )
-    branch = models.ForeignKey(Branch, verbose_name=u"门店", on_delete=models.PROTECT)
+    branch = models.ForeignKey(Branch, verbose_name=u"门店", on_delete=models.PROTECT, editable=False)
     activity = models.ForeignKey(Activity, verbose_name=u"活动", on_delete=models.PROTECT)
-    pay = models.ForeignKey(Pay, verbose_name='支付信息', on_delete=models.PROTECT, null=True, editable=False)
-    member = models.ForeignKey(Customer, verbose_name=u"会员", on_delete=models.PROTECT)
+    pay = models.ForeignKey(Pay, verbose_name='支付信息', on_delete=models.PROTECT, null=True)
+    member = models.ForeignKey(Customer, verbose_name=u"会员", on_delete=models.PROTECT, editable=False)
     amount = models.FloatField(verbose_name=u"费用", default=0)
     status = models.PositiveSmallIntegerField(choices=STATUS_CHOICES, verbose_name=u"状态", default=DEFAULT, editable=False)
     model = models.CharField(max_length=200, verbose_name=u"车型", null=True, blank=True)
@@ -180,22 +180,22 @@ class Order(models.Model):
         ordering = ['-id']
         verbose_name = u"订单管理"
 
-    def payOrder(self, openid):
+    def payOrder(self, openid, app):
         # 如果订单上的金额不等于活动金额 (比如下单没有支付，后来活动金额修改，现在活动金额不等于订单上活动金额) 还按下单时保存到额金额支付
         if self.status != Order.DEFAULT:
             raise CustomError(u'订单非代付款状态，禁止付款')
         if self.pay:
             pay_no = self.pay.no
             # 先查询订单状态
-            checkRexponse = WeChatResponse(settings.APPID, settings.AGENT_NUM, settings.AGENT_KEY)
+            checkRexponse = WeChatResponse(app.authorizer_appid, app.agent_num, app.agent_key)
             total_fee = checkRexponse.orderquery(pay_no)
             if int(total_fee) == int(self.amount):
-                wechatpay = WechatPay(settings.APPID, settings.AGENT_NUM, settings.AGENT_KEY)
+                wechatpay = WechatPay(app.authorizer_appid, app.agent_num, app.agent_key)
                 data = wechatpay.unifiedOrder(openid, pay_no, self.amount)
                 return data
             self.pay.payClosed()
 
-        pay, data = Pay.wechatPay(self.branch, self.member, self.amount, openid)
+        pay, data = Pay.wechatPay(app, self.branch, self.member, self.amount, openid)
         self.pay = pay
         self.save()
         return data

apps/api/views.py

@@ -13,6 +13,7 @@ from util.wechatpay import WechatPayNotify
 from util.wx.wechat import WeChat
 
 from apps.activity.models import Pay
+from apps.WechatApplet.models import WechatApplet
 from apps.foundation.models import BizLog
 
 
@@ -21,10 +22,10 @@ class WechatNotifyView(APIView):
     def dispatch(self, request, *args, **kwargs):
         param = request.body
         appid = kwargs['appid']
+        app = WechatApplet.getByAppid(appid)
         # param = request.body.decode('utf-8')
-        notify = WechatPayNotify(param, settings.AGENT_KEY)
+        notify = WechatPayNotify(param, app.agent_key)
         try:
-            WeChat.checkAppid(appid)
             data = notify.handle()
             if not data:
                 raise CustomError(u'错误的请求！')

apps/customer/activity/serializers.py

@@ -8,4 +8,4 @@ class ActivitySerializer(serializers.ModelSerializer):
 
     class Meta:
         model = Activity
-        fields = '__all__'
+        fields = ('branch_address', 'branch_name', 'branch_tel', 'describe', 'title', 'amount', )

apps/customer/activity/views.py

@@ -2,7 +2,9 @@
 
 from rest_framework import generics
 
-from util import response_ok
+from django.conf import settings
+
+from util import response_ok, response_error
 from util.wx.wechat import WeChat
 from util.exceptions import CustomError
 
@@ -12,15 +14,13 @@ from apps.activity.models import Activity
 
 class ActivityDetailView(generics.RetrieveAPIView):
     # permission_classes = [IsCustomerUser, ]
-    queryset = Activity.objects.filter(enabled=True, delete=False)
+    queryset = Activity.objects.filter(enabled=True, delete=False, check_status=settings.PASS)
     serializer_class = ActivitySerializer
 
     def retrieve(self, request, *args, **kwargs):
-        id = request.GET.get('id')
-        appid = request.GET.get('appid')
-        WeChat.checkAppid(appid)
+        activity_id = request.GET.get('activity_id')
 
-        instance = self.queryset.filter(id=id).first()
+        instance = self.queryset.filter(id=activity_id).first()
         if not instance:
             raise CustomError(u'未找到相应活动信息！')
         serializer = self.get_serializer(instance)

apps/customer/order/serializers.py

@@ -1,14 +1,24 @@
 # coding=utf-8
-
+from apps.exceptions import CustomError
 from rest_framework import serializers
 from apps.activity.models import Order
 
 
 class ActivityOrderSerializer(serializers.ModelSerializer):
+    number = serializers.SerializerMethodField()
+    create_time = serializers.DateTimeField(format='%m-%d %H:%M', read_only=True)
 
     class Meta:
         model = Order
-        fields = ('id', 'number', 'create_time', )
+        fields = ('number', 'create_time', )
+
+    def get_number(self, obj):
+        if obj.number:
+            l = len(obj.number)
+            if l < 4:
+                return ''
+            return obj.number[:2] + '***' + obj.number[l - 2:l]
+        return ''
 
 
 class OrderSerializer(serializers.ModelSerializer):
@@ -18,9 +28,17 @@ class OrderSerializer(serializers.ModelSerializer):
         fields = '__all__'
 
     def validate(self, attrs):
-        attrs['customer'] = self.context['request'].customer
+        attrs['member'] = self.context['request'].customer
         if 'activity' in attrs:
             attrs['activity'].checkStatus()
+            required_signs = attrs['activity'].required_signs.split(',')
+            for item in required_signs:
+                if (item == u'姓名') and ('name' not in attrs):
+                    raise CustomError(u'请输入姓名')
+                if (item == u'车牌号') and ('number' not in attrs):
+                    raise CustomError(u'请输入车牌号')
+                if (item == u'车型') and ('model' not in attrs):
+                    raise CustomError(u'请输入车型')
         return attrs
 
     def create(self, validated_data):

apps/customer/order/views.py

@@ -17,8 +17,8 @@ from util.exceptions import CustomError
 
 from apps.foundation.models import BizLog
 from apps.customer.order.serializers import OrderSerializer, ActivityOrderSerializer
-from apps.activity.models import Activity, Order
-from apps.activity.models import Pay
+from apps.activity.models import Activity, Order, Pay
+from apps.WechatApplet.models import WechatApplet
 from apps.activity.filters import OrderFilter
 
 
@@ -49,8 +49,8 @@ class OrderViewSet(ModelViewSet):
                     if not openid:
                         raise CustomError(u'未获取openid！')
                     appid = request.POST.get('appid', None)
-                    WeChat.checkAppid(appid)
-                    pay, query_string = Pay.wechatPay(instance.branch, instance.member, instance.amount, openid)
+                    app = WechatApplet.getByAppid(appid)
+                    pay, query_string = Pay.wechatPay(app, instance.branch, instance.member, instance.amount, openid)
                     instance.pay = pay
                     BizLog.objects.addnew(request.customer.user, BizLog.INSERT, u'添加商品订单，id=%d' % instance.id, validated_data)
                     if query_string:
@@ -69,14 +69,14 @@ class OrderViewSet(ModelViewSet):
         try:
             if not openid:
                 raise CustomError(u'未获取openid！')
-            WeChat.checkAppid(appid)
+            app = WechatApplet.getByAppid(appid)
             order = Order.objects.filter(id=pk).first()
             if not order:
                 raise CustomError(u'未找到相应的订单')
             order.activity.checkStatus()
             # 要不要设置一个时间  时间过了订单不能再支付  提示订单已过期  请重新下单 然后把订单状态改成失败
             with transaction.atomic():
-                data = order.payOrder(openid)
+                data = order.payOrder(openid, app)
                 BizLog.objects.addnew(request.customer.user, BizLog.INSERT, u'支付订单，id=%d' % order.id, request.data)
             return response_ok(data)
         except CustomError as e:
@@ -95,9 +95,7 @@ class ActivityOrderListView(generics.ListAPIView):
 
     def filter_queryset(self, queryset):
         activity_id = self.request.GET.get('activity_id')
-        appid = self.request.GET.get('appid')
         activity = Activity.getById(activity_id)
-        WeChat.checkAppid(appid)
 
         queryset = queryset.filter(activity=activity)
         f = OrderFilter(self.request.GET, queryset=queryset)

apps/customer/serializers.py

@@ -43,6 +43,7 @@ class WechatLoginSerializer(serializers.Serializer):
                 'tel': customer_wechat.customer.tel or '',
                 'face': customer_wechat.customer.face or '',
                 'activity_id': activity_id,
+                'customer_id': customer_wechat.customer.id,
             }
 
         else:
@@ -69,6 +70,7 @@ class WechatBindSerializer(serializers.Serializer):
                 'tel': customer.tel or '',
                 'face': customer.face or '',
                 'gender': customer.gender or 0,
+                'customer_id': customer.id,
             }
 
         else:

apps/customer/tool.py

@@ -8,6 +8,7 @@ from util.wx.WXBizDataCrypt import WXBizDataCrypt
 from apps.exceptions import CustomError
 
 from apps.activity.models import Activity
+from apps.WechatApplet.models import WechatApplet
 from apps.customer.models import Customer, CustomerWechat
 
 User = get_user_model()
@@ -16,7 +17,8 @@ User = get_user_model()
 class WechatHandel(object):
     @staticmethod
     def login(code, appid, activity_id):
-        WeChat.checkAppid(appid)
+        app = WechatApplet.getByAppid(appid)
+        # 还有过期的活动还显示不？
         if activity_id:
             activity = Activity.objects.filter(id=activity_id, enabled=True, delete=False).first()
             if not activity:
@@ -24,7 +26,7 @@ class WechatHandel(object):
         else:
             activity = Activity.objects.filter().order_by('-create_time').first()
 
-        res = WeChat.code2Session(appid, settings.SECRET, code)
+        res = WeChat.code2Session(appid, app.secret, code)
         instance = CustomerWechat.objects.filter(openid=res['openid'], branch=activity.branch).first()
         if not instance:
             instance = CustomerWechat.objects.create(
@@ -39,7 +41,7 @@ class WechatHandel(object):
 
     @staticmethod
     def bindWechat(appid, openid, phoneEncryptedData, phoneIv, activity_id):
-        WeChat.checkAppid(appid)
+        app = WechatApplet.getByAppid(appid)
         activity = Activity.objects.filter(id=activity_id, enabled=True, delete=False).first()
         if not activity:
             raise CustomError(u'未找到相应的活动')
@@ -48,7 +50,7 @@ class WechatHandel(object):
         if not customer_wechat:
             raise CustomError(u'未找到相应的微信客户！')
 
-        pc = WXBizDataCrypt(settings.APPID, customer_wechat.session_key)
+        pc = WXBizDataCrypt(appid, customer_wechat.session_key)
         phon_data = pc.decrypt(phoneEncryptedData, phoneIv)
 
         tel = phon_data['purePhoneNumber']

carwin_activity/settings.py

@@ -11,7 +11,7 @@ For the full list of settings and their values, see
 https://docs.djangoproject.com/en/1.9/ref/settings/
 """
 
-import os
+import os, datetime
 
 # 软件版本
 VERSION = '1.0.0'
@@ -46,13 +46,17 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
 
-    #'rest_framework',
+    'corsheaders',
+    'rest_framework',
+    'rest_framework_jwt',
+    'django_filters',
 
     'apps.account',
     'apps.dashboard',
     'apps.foundation',
     'apps.activity',
     'apps.customer',
+    'apps.WechatApplet',
 ]
 
 MIDDLEWARE_CLASSES = [
@@ -66,8 +70,73 @@ MIDDLEWARE_CLASSES = [
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
+CORS_ALLOW_CREDENTIALS = True  # 允许携带cookie
+CORS_ORIGIN_ALLOW_ALL = True
+CORS_ALLOW_METHODS = (
+    'DELETE',
+    'GET',
+    'OPTIONS',
+    'PATCH',
+    'POST',
+    'PUT',
+    'VIEW',
+)
+CORS_ALLOW_HEADERS = (
+    'XMLHttpRequest',
+    'X_FILENAME',
+    'accept-encoding',
+    'authorization',
+    'content-type',
+    'dnt',
+    'origin',
+    'token',
+    'user-agent',
+    'x-csrftoken',
+    'x-requested-with',
+    'Pragma',
+)
+
+JWT_AUTH = {
+    'JWT_EXPIRATION_DELTA': datetime.timedelta(days=30),
+    'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=360),
+    'JWT_ALLOW_REFRESH': True,
+}
+
 REST_FRAMEWORK = {
-    'DEFAULT_FILTER_BACKENDS': ('django_filters.rest_framework.DjangoFilterBackend',)
+    'DEFAULT_PERMISSION_CLASSES': (
+        'rest_framework.permissions.AllowAny',
+    ),
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
+        #'rest_framework.authentication.SessionAuthentication',
+        #'rest_framework.authentication.BasicAuthentication',
+    ),
+    'DEFAULT_PARSER_CLASSES': (
+        'rest_framework.parsers.JSONParser',
+        'rest_framework.parsers.FormParser',
+        'rest_framework.parsers.MultiPartParser'
+    ),
+    'DEFAULT_RENDERER_CLASSES': (
+        'rest_framework.renderers.JSONRenderer',
+        # 'rest_framework.renderers.BrowsableAPIRenderer',
+    ),
+    'DEFAULT_FILTER_BACKENDS': (
+        'django_filters.rest_framework.DjangoFilterBackend',
+    ),
+    #'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
+    'DEFAULT_PAGINATION_CLASS': 'util.pagination.CustomPagination',
+    #'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler',
+    'EXCEPTION_HANDLER': 'util.handler.custom_exception_handler',
+    'PAGE_SIZE': 10,
+    'DATETIME_FORMAT': "%Y-%m-%d %H:%M:%S",
+    'NON_FIELD_ERRORS_KEY': "error",  # 序列化器错误KEY名称
+}
+
+REST_FRAMEWORK_EXTENSIONS = {
+    # 缓存时间
+    'DEFAULT_CACHE_RESPONSE_TIMEOUT': 60 * 60 * 24,  # 单位s，一天
+    # 缓存存储
+    'DEFAULT_USE_CACHE': 'default',
 }
 
 ROOT_URLCONF = 'carwin_activity.urls'
@@ -77,6 +146,7 @@ LOGIN_URL = "/login/"
 LOGOUT_URL = "/"
 LOGIN_REDIRECT_URL = "/"
 AUTH_USER_MODEL = "account.User"
+AUTHENTICATION_BACKENDS = ['django.contrib.auth.backends.AllowAllUsersModelBackend']
 SESSION_EXPIRE_AT_BROWSER_CLOSE = True
 
 TEMPLATES = [
@@ -148,10 +218,6 @@ MEDIA_ROOT = os.path.join(BASE_DIR, "uis/media/")
 TMP_URL = '/tmp/'
 TMP_ROOT = os.path.join(BASE_DIR, "tmp/")
 
-APPID = 'wx5f9d20a43269d37d'  # 小程序appid
-SECRET = '9626af6e3bb977a211e025cb9f68b062'            # 小程序秘钥
-AGENT_NUM = ''         # 商户号
-AGENT_KEY = ''         # 商户密钥
 
 # 导入本地设置
 try:

util/permission.py

@@ -5,17 +5,14 @@ from rest_framework import permissions
 from apps.customer.models import Customer
 from apps.account.models import User
 from apps.activity.models import Activity
-
-from util.wx.wechat import WeChat
-from util.exceptions import CustomError
-from util import response_error
+from apps.WechatApplet.models import WechatApplet
 
 
 class IsCustomerUser(permissions.BasePermission):
     def has_permission(self, request, view):
         if not request.user or not request.user.is_authenticated:
             return False
-        if not request.user.type != User.CUSTOMER:
+        if not request.user.type or request.user.type != User.CUSTOMER:
             return False
 
         appid = request.GET.get('appid', None)
@@ -26,7 +23,7 @@ class IsCustomerUser(permissions.BasePermission):
             activity_id = request.POST.get('activity_id')
 
         try:
-            WeChat.checkAppid(appid)
+            WechatApplet.getByAppid(appid)
             activity = Activity.getById(activity_id)
         except:
             return False

util/wx/wechat.py

@@ -9,13 +9,6 @@ from django.utils import timezone
 
 class WeChat(object):
 
-    @staticmethod
-    def checkAppid(appid):
-        if not appid:
-            raise CustomError(u'未找到相应的小程序！')
-        if appid != settings.APPID:
-            raise CustomError(u'未找到相应的小程序！')
-
     @staticmethod
     def getPreAuthCode(component_appid, component_access_token):
         """
@@ -247,11 +240,8 @@ class WeChat(object):
             'page': page,
             'data': data
         }
-        print(9999999,param)
         result = requests.post(url, data=json.dumps(param))
-        print('-------------------------')
         result = result.json()
-        print(result)
 
         #result = requests.post(url, data=json.dumps(param))
         #result = result.json()
@@ -280,6 +270,22 @@ class WeChat(object):
             destination.write(result.content)
         return filename
 
+    @staticmethod
+    def getActivityCode(access_token, page, customer_id, activity_id):
+        '''获取活动二维码'''
+        url = 'https://api.weixin.qq.com/wxa/getwxacodeunlimit?access_token={}'.format(access_token)
+        data = {"scene": "customer_id={}&activity_id={}".format(customer_id, activity_id),
+                "line_color": {"r": 43, "g": 162, "b": 69},  # 自定义颜色
+                "is_hyaline": True,}
+        result = requests.post(url, json=data)
+        upload_path = PathAndRename("activiytCode/")
+        filename = "{}{}_{}.png".format(upload_path.path, activity_id, customer_id)
+        filename = filename.lower()
+        full_filename = "%s%s" % (settings.MEDIA_ROOT, filename)
+        with open(full_filename, 'wb') as destination:
+            destination.write(result.content)
+        return filename
+
     @staticmethod
     def getCommodityCode(access_token, page, commodity_id, company_no):
         '''获取商品二维码'''