[Update] 修改tickets

2026-01-04 23:24:19 +00:00 · 2019-11-08 20:17:25 +08:00
parent bd323d608e
commit 9e4874834f
12 changed files with 169 additions and 120 deletions
--- a/apps/authentication/api/login_confirm.py
+++ b/apps/authentication/api/login_confirm.py
@@ -10,7 +10,7 @@ from common.utils import get_logger, get_object_or_none
 from common.permissions import IsOrgAdmin
 from ..models import LoginConfirmSetting
 from ..serializers import LoginConfirmSettingSerializer
-from .. import errors
+from .. import errors, mixins

 __all__ = ['LoginConfirmSettingUpdateApi', 'LoginConfirmTicketStatusApi']
 logger = get_logger(__name__)
@@ -31,7 +31,7 @@ class LoginConfirmSettingUpdateApi(UpdateAPIView):
        return s


-class LoginConfirmTicketStatusApi(APIView):
+class LoginConfirmTicketStatusApi(mixins.AuthMixin, APIView):
    permission_classes = ()

    def get_ticket(self):
@@ -45,24 +45,9 @@ class LoginConfirmTicketStatusApi(APIView):
        return ticket

    def get(self, request, *args, **kwargs):
-        ticket_id = self.request.session.get("auth_ticket_id")
-        ticket = self.get_ticket()
        try:
-            if not ticket:
-                raise errors.LoginConfirmOtherError(ticket_id, _("not found"))
-            if ticket.status == 'open':
-                raise errors.LoginConfirmWaitError(ticket_id)
-            elif ticket.action == ticket.ACTION_APPROVE:
-                self.request.session["auth_confirm"] = "1"
-                return Response({"msg": "ok"})
-            elif ticket.action == ticket.ACTION_REJECT:
-                raise errors.LoginConfirmOtherError(
-                    ticket_id, ticket.get_action_display()
-                )
-            else:
-                raise errors.LoginConfirmOtherError(
-                    ticket_id, ticket.get_status_display()
-                )
+            self.check_user_login_confirm()
+            return Response({"msg": "ok"})
        except errors.NeedMoreInfoError as e:
            return Response(e.as_data(), status=200)

--- a/apps/authentication/api/token.py
+++ b/apps/authentication/api/token.py
@@ -28,7 +28,7 @@ class TokenCreateApi(AuthMixin, CreateAPIView):
        self.create_session_if_need()
        # 如果认证没有过，检查账号密码
        try:
-            user = self.check_user_auth()
+            user = self.check_user_auth_if_need()
            self.check_user_mfa_if_need(user)
            self.check_user_login_confirm_if_need(user)
            self.send_auth_signal(success=True, user=user)