diff --git a/seahub/dingtalk/settings.py b/seahub/dingtalk/settings.py index 3d806defce..89eef07e75 100644 --- a/seahub/dingtalk/settings.py +++ b/seahub/dingtalk/settings.py @@ -26,3 +26,5 @@ DINGTALK_DEPARTMENT_USER_SIZE = 100 # for dingtalk message DINGTALK_MESSAGE_SEND_TO_CONVERSATION_URL = getattr(settings, 'DINGTALK_MESSAGE_SEND_TO_CONVERSATION_URL', 'https://oapi.dingtalk.com/topapi/message/corpconversation/asyncsend_v2') + +DINGTALK_GET_DETAILED_USER_INFO_URL = getattr(settings, 'DINGTALK_GET_DETAILED_USER_INFO_URL', 'https://oapi.dingtalk.com/user/get') diff --git a/seahub/dingtalk/utils.py b/seahub/dingtalk/utils.py index d803f8cb3f..c588a592fa 100644 --- a/seahub/dingtalk/utils.py +++ b/seahub/dingtalk/utils.py @@ -7,10 +7,11 @@ from seahub.utils import normalize_cache_key from seahub.dingtalk.settings import DINGTALK_DEPARTMENT_APP_KEY, \ DINGTALK_DEPARTMENT_APP_SECRET, \ DINGTALK_DEPARTMENT_GET_ACCESS_TOKEN_URL, \ - DINGTALK_GET_USERID_BY_UNIONID + DINGTALK_GET_USERID_BY_UNIONID, DINGTALK_GET_DETAILED_USER_INFO_URL logger = logging.getLogger(__name__) + def dingtalk_get_access_token(): cache_key = normalize_cache_key('DINGTALK_ACCESS_TOKEN') @@ -23,7 +24,7 @@ def dingtalk_get_access_token(): 'appsecret': DINGTALK_DEPARTMENT_APP_SECRET, } resp_json = requests.get(DINGTALK_DEPARTMENT_GET_ACCESS_TOKEN_URL, - params=data).json() + params=data).json() access_token = resp_json.get('access_token', '') if not access_token: @@ -38,6 +39,7 @@ def dingtalk_get_access_token(): return access_token + def dingtalk_get_userid_by_unionid(union_id): cache_key = normalize_cache_key('DINGTALK_UNION_ID_%s' % union_id) @@ -61,3 +63,13 @@ def dingtalk_get_userid_by_unionid(union_id): cache.set(cache_key, user_id) return user_id + + +def dingtalk_get_detailed_user_info(union_id): + + access_token = dingtalk_get_access_token() + data = { + 'access_token': access_token, + 'userid': dingtalk_get_userid_by_unionid(union_id), + } + return requests.get(DINGTALK_GET_DETAILED_USER_INFO_URL, params=data).json() diff --git a/seahub/dingtalk/views.py b/seahub/dingtalk/views.py index 3d20126e66..ed0cf9fdd2 100644 --- a/seahub/dingtalk/views.py +++ b/seahub/dingtalk/views.py @@ -22,6 +22,7 @@ from seahub.utils.auth import gen_user_virtual_id from seahub.base.accounts import User from seahub.auth.models import SocialAuthUser from seahub.auth.decorators import login_required +from seahub.dingtalk.utils import dingtalk_get_detailed_user_info from seahub.dingtalk.settings import ENABLE_DINGTALK, \ DINGTALK_QR_CONNECT_APP_ID, DINGTALK_QR_CONNECT_APP_SECRET, \ @@ -31,6 +32,7 @@ from seahub.dingtalk.settings import ENABLE_DINGTALK, \ logger = logging.getLogger(__name__) + def dingtalk_login(request): if not ENABLE_DINGTALK: @@ -50,6 +52,7 @@ def dingtalk_login(request): url = DINGTALK_QR_CONNECT_AUTHORIZATION_URL + '?' + urllib.parse.urlencode(data) return HttpResponseRedirect(url) + def dingtalk_callback(request): if not ENABLE_DINGTALK: @@ -114,14 +117,21 @@ def dingtalk_callback(request): profile.nickname = name.strip() profile.save() + user_detail_info = dingtalk_get_detailed_user_info(user_info['unionid']) + contact_email = user_detail_info.get('email', '') + if contact_email: + profile.contact_email = contact_email + profile.save() + # generate auth token for Seafile client api_token = get_api_token(request) # redirect user to home page - response = HttpResponseRedirect(request.session['dingtalk_login_redirect']) + response = HttpResponseRedirect(request.session.get('dingtalk_login_redirect', '/')) response.set_cookie('seahub_auth', email + '@' + api_token.key) return response + @login_required def dingtalk_connect(request): @@ -142,6 +152,7 @@ def dingtalk_connect(request): url = DINGTALK_QR_CONNECT_AUTHORIZATION_URL + '?' + urllib.parse.urlencode(data) return HttpResponseRedirect(url) + @login_required def dingtalk_connect_callback(request): @@ -176,15 +187,14 @@ def dingtalk_connect_callback(request): return render_error(request, _('Error, please contact administrator.')) username = request.user.username - dingtalk_user_id = user_info['unionid'] + dingtalk_union_id = user_info['unionid'] - auth_user = SocialAuthUser.objects.get_by_provider_and_uid('dingtalk', - dingtalk_user_id) + auth_user = SocialAuthUser.objects.get_by_provider_and_uid('dingtalk', dingtalk_union_id) if auth_user: - logger.error('dingtalk account already exists %s' % dingtalk_user_id) + logger.error('dingtalk account already exists %s' % dingtalk_union_id) return render_error(request, '出错了,此钉钉账号已被绑定') - SocialAuthUser.objects.add(username, 'dingtalk', dingtalk_user_id) + SocialAuthUser.objects.add(username, 'dingtalk', dingtalk_union_id) # update user's profile name = user_info['nick'] if 'nick' in user_info else '' @@ -197,9 +207,16 @@ def dingtalk_connect_callback(request): profile.nickname = name.strip() profile.save() + user_detail_info = dingtalk_get_detailed_user_info(user_info['unionid']) + contact_email = user_detail_info.get('email', '') + if contact_email: + profile.contact_email = contact_email + profile.save() + response = HttpResponseRedirect(request.session['dingtalk_connect_redirect']) return response + @login_required def dingtalk_disconnect(request):