pref: 优化MFA (#7153)

* perf: 优化mfa 和登录

* perf: stash

* stash

* pref: 基本完成

* perf: remove init function

* perf: 优化命名

* perf: 优化backends

* perf: 基本完成优化

* perf: 修复首页登录时没有 toastr 的问题

Co-authored-by: ibuler <ibuler@qq.com>
Co-authored-by: Jiangjie.Bai <32935519+BaiJiangJie@users.noreply.github.com>

apps/common/sdk/sms/__init__.py

@@ -1,65 +1,2 @@
-from collections import OrderedDict
-import importlib
-
-from django.utils.translation import gettext_lazy as _
-from django.db.models import TextChoices
-from django.conf import settings
-
-from common.utils import get_logger
-from common.exceptions import JMSException
-
-logger = get_logger(__file__)
-
-
-class BACKENDS(TextChoices):
-    ALIBABA = 'alibaba', _('Alibaba cloud')
-    TENCENT = 'tencent', _('Tencent cloud')
-
-
-class BaseSMSClient:
-    """
-    短信终端的基类
-    """
-
-    SIGN_AND_TMPL_SETTING_FIELD_PREFIX: str
-
-    @classmethod
-    def new_from_settings(cls):
-        raise NotImplementedError
-
-    def send_sms(self, phone_numbers: list, sign_name: str, template_code: str, template_param: dict, **kwargs):
-        raise NotImplementedError
-
-
-class SMS:
-    client: BaseSMSClient
-
-    def __init__(self, backend=None):
-        backend = backend or settings.SMS_BACKEND
-        if backend not in BACKENDS:
-            raise JMSException(
-                code='sms_provider_not_support',
-                detail=_('SMS provider not support: {}').format(backend)
-            )
-        m = importlib.import_module(f'.{backend or settings.SMS_BACKEND}', __package__)
-        self.client = m.client.new_from_settings()
-
-    def send_sms(self, phone_numbers: list, sign_name: str, template_code: str, template_param: dict, **kwargs):
-        return self.client.send_sms(
-            phone_numbers=phone_numbers,
-            sign_name=sign_name,
-            template_code=template_code,
-            template_param=template_param,
-            **kwargs
-        )
-
-    def send_verify_code(self, phone_number, code):
-        sign_name = getattr(settings, f'{self.client.SIGN_AND_TMPL_SETTING_FIELD_PREFIX}_VERIFY_SIGN_NAME')
-        template_code = getattr(settings, f'{self.client.SIGN_AND_TMPL_SETTING_FIELD_PREFIX}_VERIFY_TEMPLATE_CODE')
-
-        if not (sign_name and template_code):
-            raise JMSException(
-                code='verify_code_sign_tmpl_invalid',
-                detail=_('SMS verification code signature or template invalid')
-            )
-        return self.send_sms([phone_number], sign_name, template_code, OrderedDict(code=code))
+from .endpoint import SMS, BACKENDS
+from .utils import SendAndVerifySMSUtil

apps/common/sdk/sms/alibaba.py

@@ -9,7 +9,7 @@ from Tea.exceptions import TeaException
 
 from common.utils import get_logger
 from common.exceptions import JMSException
-from . import BaseSMSClient
+from .base import BaseSMSClient
 
 logger = get_logger(__file__)
 

apps/common/sdk/sms/base.py

@@ -0,0 +1,20 @@
+from common.utils import get_logger
+
+logger = get_logger(__file__)
+
+
+class BaseSMSClient:
+    """
+    短信终端的基类
+    """
+
+    SIGN_AND_TMPL_SETTING_FIELD_PREFIX: str
+
+    @classmethod
+    def new_from_settings(cls):
+        raise NotImplementedError
+
+    def send_sms(self, phone_numbers: list, sign_name: str, template_code: str, template_param: dict, **kwargs):
+        raise NotImplementedError
+
+

apps/common/sdk/sms/endpoint.py

@@ -0,0 +1,51 @@
+from collections import OrderedDict
+import importlib
+
+from django.utils.translation import gettext_lazy as _
+from django.db.models import TextChoices
+from django.conf import settings
+
+from common.utils import get_logger
+from common.exceptions import JMSException
+from .base import BaseSMSClient
+
+logger = get_logger(__name__)
+
+
+class BACKENDS(TextChoices):
+    ALIBABA = 'alibaba', _('Alibaba cloud')
+    TENCENT = 'tencent', _('Tencent cloud')
+
+
+class SMS:
+    client: BaseSMSClient
+
+    def __init__(self, backend=None):
+        backend = backend or settings.SMS_BACKEND
+        if backend not in BACKENDS:
+            raise JMSException(
+                code='sms_provider_not_support',
+                detail=_('SMS provider not support: {}').format(backend)
+            )
+        m = importlib.import_module(f'.{backend or settings.SMS_BACKEND}', __package__)
+        self.client = m.client.new_from_settings()
+
+    def send_sms(self, phone_numbers: list, sign_name: str, template_code: str, template_param: dict, **kwargs):
+        return self.client.send_sms(
+            phone_numbers=phone_numbers,
+            sign_name=sign_name,
+            template_code=template_code,
+            template_param=template_param,
+            **kwargs
+        )
+
+    def send_verify_code(self, phone_number, code):
+        sign_name = getattr(settings, f'{self.client.SIGN_AND_TMPL_SETTING_FIELD_PREFIX}_VERIFY_SIGN_NAME')
+        template_code = getattr(settings, f'{self.client.SIGN_AND_TMPL_SETTING_FIELD_PREFIX}_VERIFY_TEMPLATE_CODE')
+
+        if not (sign_name and template_code):
+            raise JMSException(
+                code='verify_code_sign_tmpl_invalid',
+                detail=_('SMS verification code signature or template invalid')
+            )
+        return self.send_sms([phone_number], sign_name, template_code, OrderedDict(code=code))

apps/common/sdk/sms/tencent.py

@@ -10,7 +10,8 @@ from tencentcloud.sms.v20210111 import sms_client, models
 # 导入可选配置类
 from tencentcloud.common.profile.client_profile import ClientProfile
 from tencentcloud.common.profile.http_profile import HttpProfile
-from . import BaseSMSClient
+
+from .base import BaseSMSClient
 
 logger = get_logger(__file__)
 

apps/common/sdk/sms/utils.py

@@ -0,0 +1,89 @@
+import random
+
+from django.core.cache import cache
+from django.utils.translation import gettext_lazy as _
+
+from .endpoint import SMS
+from common.utils import get_logger
+from common.exceptions import JMSException
+
+logger = get_logger(__file__)
+
+
+class CodeExpired(JMSException):
+    default_code = 'verify_code_expired'
+    default_detail = _('The verification code has expired. Please resend it')
+
+
+class CodeError(JMSException):
+    default_code = 'verify_code_error'
+    default_detail = _('The verification code is incorrect')
+
+
+class CodeSendTooFrequently(JMSException):
+    default_code = 'code_send_too_frequently'
+    default_detail = _('Please wait {} seconds before sending')
+
+    def __init__(self, ttl):
+        super().__init__(detail=self.default_detail.format(ttl))
+
+
+class SendAndVerifySMSUtil:
+    KEY_TMPL = 'auth-verify-code-{}'
+    TIMEOUT = 60
+
+    def __init__(self, phone, key_suffix=None, timeout=None):
+        self.phone = phone
+        self.code = ''
+        self.timeout = timeout or self.TIMEOUT
+        self.key_suffix = key_suffix or str(phone)
+        self.key = self.KEY_TMPL.format(key_suffix)
+
+    def gen_and_send(self):
+        """
+        生成，保存，发送
+        """
+        try:
+            code = self.generate()
+            self.send(code)
+        except JMSException:
+            self.clear()
+            raise
+
+    def generate(self):
+        code = ''.join(random.sample('0123456789', 4))
+        self.code = code
+        return code
+
+    def clear(self):
+        cache.delete(self.key)
+
+    def send(self, code):
+        """
+        发送信息的方法，如果有错误直接抛出 api 异常
+        """
+        ttl = self.ttl()
+        if ttl > 0:
+            logger.error('Send sms too frequently, delay {}'.format(ttl))
+            raise CodeSendTooFrequently(ttl)
+        sms = SMS()
+        sms.send_verify_code(self.phone, code)
+        cache.set(self.key, self.code, self.timeout)
+        logger.info(f'Send sms verify code to {self.phone}: {code}')
+
+    def verify(self, code):
+        right = cache.get(self.key)
+        if not right:
+            raise CodeExpired
+
+        if right != code:
+            raise CodeError
+
+        self.clear()
+        return True
+
+    def ttl(self):
+        return cache.ttl(self.key)
+
+    def get_code(self):
+        return cache.get(self.key)