github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-10-31 13:52:04 +00:00
Code Issues Projects Releases Wiki Activity
Files
81219e1e7c5a79b86dc75eb59f9ce63a752bdd62
jumpserver/apps/authentication/api/token.py
fit2bot 031077c298 perf: password 等使用 rsa 加密传输 (#8188) 
* perf: 修改 model fields 路径

* stash it

* pref: 统一加密方式,密码字段采用 rsa 加密

* pref: 临时密码使用 rsa

* perf: 去掉 debug msg

* perf: 去掉 Debug

* perf: 去掉 debug

* perf: 抽出来

Co-authored-by: ibuler <ibuler@qq.com>
2022-05-07 16:20:12 +08:00

48 lines
1.6 KiB
Python
Raw Blame History

# -*- coding: utf-8 -*-
#
from rest_framework.permissions import AllowAny
from rest_framework.response import Response
from rest_framework.generics import CreateAPIView
from common.utils import get_logger
from .. import serializers, errors
from ..mixins import AuthMixin
logger = get_logger(__name__)
__all__ = ['TokenCreateApi']
class TokenCreateApi(AuthMixin, CreateAPIView):
permission_classes = (AllowAny,)
serializer_class = serializers.BearerTokenSerializer
def create_session_if_need(self):
if self.request.session.is_empty():
self.request.session.create()
self.request.session.set_expiry(600)
def create(self, request, *args, **kwargs):
self.create_session_if_need()
# 如果认证没有过,检查账号密码
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
try:
user = self.get_user_or_auth(serializer.validated_data)
self.check_user_mfa_if_need(user)
self.check_user_login_confirm_if_need(user)
self.send_auth_signal(success=True, user=user)
resp = super().create(request, *args, **kwargs)
self.clear_auth_mark()
return resp
except errors.AuthFailedError as e:
return Response(e.as_data(), status=400)
except errors.NeedMoreInfoError as e:
return Response(e.as_data(), status=200)
except errors.MFAUnsetError:
return Response({'error': 'MFA unset, please set first'}, status=400)
except Exception as e:
return Response({"error": str(e)}, status=400)
Reference in New Issue View Git Blame Copy Permalink