feat: 添加企业微信，钉钉扫码登录

apps/authentication/api/__init__.py

@@ -7,3 +7,6 @@ from .mfa import *
 from .access_key import *
 from .login_confirm import *
 from .sso import *
+from .wecom import *
+from .dingtalk import *
+from .password import *

apps/authentication/api/dingtalk.py

@@ -0,0 +1,35 @@
+from rest_framework.views import APIView
+from rest_framework.request import Request
+from rest_framework.response import Response
+
+from users.permissions import IsAuthPasswdTimeValid
+from users.models import User
+from common.utils import get_logger
+from common.permissions import IsOrgAdmin
+from common.mixins.api import RoleUserMixin, RoleAdminMixin
+from authentication import errors
+
+logger = get_logger(__file__)
+
+
+class DingTalkQRUnBindBase(APIView):
+    user: User
+
+    def post(self, request: Request, **kwargs):
+        user = self.user
+
+        if not user.dingtalk_id:
+            raise errors.DingTalkNotBound
+
+        user.dingtalk_id = ''
+        user.save()
+        return Response()
+
+
+class DingTalkQRUnBindForUserApi(RoleUserMixin, DingTalkQRUnBindBase):
+    permission_classes = (IsAuthPasswdTimeValid,)
+
+
+class DingTalkQRUnBindForAdminApi(RoleAdminMixin, DingTalkQRUnBindBase):
+    user_id_url_kwarg = 'user_id'
+    permission_classes = (IsOrgAdmin,)

apps/authentication/api/password.py

@@ -0,0 +1,26 @@
+from rest_framework.generics import CreateAPIView
+from rest_framework.response import Response
+
+from authentication.serializers import PasswordVerifySerializer
+from common.permissions import IsValidUser
+from authentication.mixins import authenticate
+from authentication.errors import PasswdInvalid
+from authentication.mixins import AuthMixin
+
+
+class UserPasswordVerifyApi(AuthMixin, CreateAPIView):
+    permission_classes = (IsValidUser,)
+    serializer_class = PasswordVerifySerializer
+
+    def create(self, request, *args, **kwargs):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        password = serializer.validated_data['password']
+        user = self.request.user
+
+        user = authenticate(request=request, username=user.username, password=password)
+        if not user:
+            raise PasswdInvalid
+
+        self.set_passwd_verify_on_session(user)
+        return Response()

apps/authentication/api/wecom.py

@@ -0,0 +1,35 @@
+from rest_framework.views import APIView
+from rest_framework.request import Request
+from rest_framework.response import Response
+
+from users.permissions import IsAuthPasswdTimeValid
+from users.models import User
+from common.utils import get_logger
+from common.permissions import IsOrgAdmin
+from common.mixins.api import RoleUserMixin, RoleAdminMixin
+from authentication import errors
+
+logger = get_logger(__file__)
+
+
+class WeComQRUnBindBase(APIView):
+    user: User
+
+    def post(self, request: Request, **kwargs):
+        user = self.user
+
+        if not user.wecom_id:
+            raise errors.WeComNotBound
+
+        user.wecom_id = ''
+        user.save()
+        return Response()
+
+
+class WeComQRUnBindForUserApi(RoleUserMixin, WeComQRUnBindBase):
+    permission_classes = (IsAuthPasswdTimeValid,)
+
+
+class WeComQRUnBindForAdminApi(RoleAdminMixin, WeComQRUnBindBase):
+    user_id_url_kwarg = 'user_id'
+    permission_classes = (IsOrgAdmin,)