[Update] 基本完成登陆审核

2025-09-15 23:08:20 +00:00 · 2019-10-31 18:23:43 +08:00
parent 23b777b23b
commit dc3a9561c2
19 changed files with 532 additions and 242 deletions
--- a/apps/authentication/api/init.py
+++ b/apps/authentication/api/init.py
@@ -5,3 +5,4 @@ from .auth import *
 from .token import *
 from .mfa import *
 from .access_key import *
+from .login_confirm import *
--- a/apps/authentication/api/login_confirm.py
+++ b/apps/authentication/api/login_confirm.py
@@ -0,0 +1,25 @@
+# -*- coding: utf-8 -*-
+#
+from rest_framework.generics import UpdateAPIView
+from django.shortcuts import get_object_or_404
+
+from common.permissions import IsOrgAdmin
+from ..models import LoginConfirmSetting
+from ..serializers import LoginConfirmSettingSerializer
+
+__all__ = ['LoginConfirmSettingUpdateApi']
+
+
+class LoginConfirmSettingUpdateApi(UpdateAPIView):
+    permission_classes = (IsOrgAdmin,)
+    serializer_class = LoginConfirmSettingSerializer
+
+    def get_object(self):
+        from users.models import User
+        user_id = self.kwargs.get('user_id')
+        user = get_object_or_404(User, pk=user_id)
+        defaults = {'user': user}
+        s, created = LoginConfirmSetting.objects.get_or_create(
+            defaults, user=user,
+        )
+        return s
--- a/apps/authentication/migrations/0003_loginconfirmsetting.py
+++ b/apps/authentication/migrations/0003_loginconfirmsetting.py
@@ -0,0 +1,32 @@
+# Generated by Django 2.2.5 on 2019-10-31 10:23
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('authentication', '0002_auto_20190729_1423'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='LoginConfirmSetting',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
+                ('created_by', models.CharField(blank=True, max_length=32, null=True, verbose_name='Created by')),
+                ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')),
+                ('date_updated', models.DateTimeField(auto_now=True, verbose_name='Date updated')),
+                ('is_active', models.BooleanField(default=True, verbose_name='Is active')),
+                ('reviewers', models.ManyToManyField(blank=True, related_name='review_login_confirm_settings', to=settings.AUTH_USER_MODEL, verbose_name='Reviewers')),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='login_confirm_setting', to=settings.AUTH_USER_MODEL, verbose_name='User')),
+            ],
+            options={
+                'abstract': False,
+            },
+        ),
+    ]
--- a/apps/authentication/models.py
+++ b/apps/authentication/models.py
@@ -1,7 +1,7 @@
 import uuid
 from django.db import models
 from django.utils import timezone
-from django.utils.translation import ugettext_lazy as _
+from django.utils.translation import ugettext_lazy as _, ugettext as __
 from rest_framework.authtoken.models import Token
 from django.conf import settings

@@ -40,8 +40,8 @@ class PrivateToken(Token):


 class LoginConfirmSetting(CommonModelMixin):
-    user = models.OneToOneField('users.User', on_delete=models.CASCADE, verbose_name=_("User"), related_name=_("login_confirmation_setting"))
-    reviewers = models.ManyToManyField('users.User', verbose_name=_("Reviewers"), related_name=_("review_login_confirmation_settings"))
+    user = models.OneToOneField('users.User', on_delete=models.CASCADE, verbose_name=_("User"), related_name="login_confirm_setting")
+    reviewers = models.ManyToManyField('users.User', verbose_name=_("Reviewers"), related_name="review_login_confirm_settings", blank=True)
    is_active = models.BooleanField(default=True, verbose_name=_("Is active"))

    @classmethod
@@ -50,7 +50,7 @@ class LoginConfirmSetting(CommonModelMixin):

    def create_confirm_order(self, request=None):
        from orders.models import LoginConfirmOrder
-        title = _('User login confirm: {}'.format(self.user))
+        title = _('User login confirm: {}').format(self.user)
        if request:
            remote_addr = get_request_ip(request)
            city = get_ip_city(remote_addr)
--- a/apps/authentication/serializers.py
+++ b/apps/authentication/serializers.py
@@ -4,17 +4,16 @@ from django.core.cache import cache
 from rest_framework import serializers

 from users.models import User
-from .models import AccessKey
+from .models import AccessKey, LoginConfirmSetting


 __all__ = [
    'AccessKeySerializer', 'OtpVerifySerializer', 'BearerTokenSerializer',
-    'MFAChallengeSerializer',
+    'MFAChallengeSerializer', 'LoginConfirmSettingSerializer',
 ]


 class AccessKeySerializer(serializers.ModelSerializer):
-
    class Meta:
        model = AccessKey
        fields = ['id', 'secret', 'is_active', 'date_created']
@@ -87,3 +86,9 @@ class MFAChallengeSerializer(BearerTokenMixin, serializers.Serializer):
        username = self.context["username"]
        return self.create_response(username)

+
+class LoginConfirmSettingSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = LoginConfirmSetting
+        fields = ['id', 'user', 'reviewers', 'date_created', 'date_updated']
+        read_only_fields = ['date_created', 'date_updated']
--- a/apps/authentication/templates/authentication/login_wait_confirm.html
+++ b/apps/authentication/templates/authentication/login_wait_confirm.html
@@ -61,9 +61,6 @@
        <div class="col-md-6">
            {% include '_copyright.html' %}
        </div>
-        <div class="col-md-6 text-right">
-            <small>2014-2019</small>
-        </div>
    </div>
 </div>
 </body>
--- a/apps/authentication/urls/api_urls.py
+++ b/apps/authentication/urls/api_urls.py
@@ -19,7 +19,8 @@ urlpatterns = [
         api.UserConnectionTokenApi.as_view(), name='connection-token'),
    path('otp/auth/', api.UserOtpAuthApi.as_view(), name='user-otp-auth'),
    path('otp/verify/', api.UserOtpVerifyApi.as_view(), name='user-otp-verify'),
-    path('order/auth/', api.UserOrderAcceptAuthApi.as_view(), name='user-order-auth')
+    path('order/auth/', api.UserOrderAcceptAuthApi.as_view(), name='user-order-auth'),
+    path('login-confirm-settings/<uuid:user_id>/', api.LoginConfirmSettingUpdateApi.as_view(), name='login-confirm-setting-update')
 ]

 urlpatterns += router.urls
--- a/apps/authentication/views/login.py
+++ b/apps/authentication/views/login.py
@@ -179,7 +179,7 @@ class UserLoginGuardView(RedirectView):
        if user.otp_enabled and user.otp_secret_key and \
                not self.request.session.get('auth_otp'):
            return reverse('authentication:login-otp')
-        confirm_setting = LoginConfirmSetting.get_user_confirm_setting(user)
+        confirm_setting = user.get_login_confirm_setting()
        if confirm_setting and not self.request.session.get('auth_confirm'):
            order = confirm_setting.create_confirm_order(self.request)
            self.request.session['auth_order_id'] = str(order.id)