perf: 支持slack通知和认证 (#12193)

* perf: 支持slack通知和认证 * perf: 生成迁移文件 * perf: 优化获取access_token逻辑 --------- Co-authored-by: jiangweidong <weidong.jiang@fit2cloud.com>
2025-09-05 09:21:02 +00:00 · 2023-11-29 17:45:44 +08:00
parent 575562c416
commit 0fdae00722
26 changed files with 523 additions and 114 deletions
--- a/apps/authentication/views/base.py
+++ b/apps/authentication/views/base.py
@@ -2,6 +2,7 @@ from functools import lru_cache

 from django.conf import settings
 from django.db.utils import IntegrityError
+from django.contrib.auth import logout as auth_logout
 from django.utils.module_loading import import_string
 from django.utils.translation import gettext_lazy as _
 from django.views import View
@@ -9,8 +10,10 @@ from rest_framework.request import Request

 from authentication import errors
 from authentication.mixins import AuthMixin
+from authentication.notifications import OAuthBindMessage
 from common.utils import get_logger
 from common.utils.django import reverse, get_object_or_none
+from common.utils.common import get_request_ip
 from users.models import User
 from users.signal_handlers import check_only_allow_exist_user_auth
 from .mixins import FlashMessageMixin
@@ -18,9 +21,21 @@ from .mixins import FlashMessageMixin
 logger = get_logger(__file__)


-class BaseLoginCallbackView(AuthMixin, FlashMessageMixin, View):
+class IMClientMixin:
    client_type_path = ''
    client_auth_params = {}
+
+    @property
+    @lru_cache(maxsize=1)
+    def client(self):
+        if not all([self.client_type_path, self.client_auth_params]):
+            raise NotImplementedError
+        client_init = {k: getattr(settings, v) for k, v in self.client_auth_params.items()}
+        client_type = import_string(self.client_type_path)
+        return client_type(**client_init)
+
+
+class BaseLoginCallbackView(AuthMixin, FlashMessageMixin, IMClientMixin, View):
    user_type = ''
    auth_backend = None
    # 提示信息
@@ -34,15 +49,6 @@ class BaseLoginCallbackView(AuthMixin, FlashMessageMixin, View):
    def get_verify_state_failed_response(self, redirect_uri):
        raise NotImplementedError

-    @property
-    @lru_cache(maxsize=1)
-    def client(self):
-        if not all([self.client_type_path, self.client_auth_params]):
-            raise NotImplementedError
-        client_init = {k: getattr(settings, v) for k, v in self.client_auth_params.items()}
-        client_type = import_string(self.client_type_path)
-        return client_type(**client_init)
-
    def create_user_if_not_exist(self, user_id, **kwargs):
        user = None
        user_attr = self.client.get_user_detail(user_id, **kwargs)
@@ -99,3 +105,53 @@ class BaseLoginCallbackView(AuthMixin, FlashMessageMixin, View):
            response = self.get_failed_response(login_url, title=msg, msg=msg)
            return response
        return self.redirect_to_guard_view()
+
+
+class BaseBindCallbackView(FlashMessageMixin, IMClientMixin, View):
+    auth_type = ''
+    auth_type_label = ''
+
+    def verify_state(self):
+        raise NotImplementedError
+
+    def get_verify_state_failed_response(self, redirect_uri):
+        raise NotImplementedError
+
+    def get_already_bound_response(self, redirect_uri):
+        raise NotImplementedError
+
+    def get(self, request: Request):
+        code = request.GET.get('code')
+        redirect_url = request.GET.get('redirect_url')
+
+        if not self.verify_state():
+            return self.get_verify_state_failed_response(redirect_url)
+
+        user = request.user
+        source_id = getattr(user, f'{self.auth_type}_id', None)
+        if source_id:
+            response = self.get_already_bound_response(redirect_url)
+            return response
+
+        auth_user_id, __ = self.client.get_user_id_by_code(code)
+        if not auth_user_id:
+            msg = _('%s query user failed') % self.auth_type_label
+            response = self.get_failed_response(redirect_url, msg, msg)
+            return response
+
+        try:
+            setattr(user, f'{self.auth_type}_id', auth_user_id)
+            user.save()
+        except IntegrityError as e:
+            if e.args[0] == 1062:
+                msg = _('The %s is already bound to another user') % self.auth_type_label
+                response = self.get_failed_response(redirect_url, msg, msg)
+                return response
+            raise e
+
+        ip = get_request_ip(request)
+        OAuthBindMessage(user, ip, self.auth_type_label, auth_user_id).publish_async()
+        msg = _('Binding %s successfully') % self.auth_type_label
+        auth_logout(request)
+        response = self.get_success_response(redirect_url, msg, msg)
+        return response