From e73c1622c978c24e130f093146fb6d947db87ef7 Mon Sep 17 00:00:00 2001 From: b1ek Date: Tue, 16 May 2023 22:55:05 +1000 Subject: [PATCH] add login route, remove ambiguous migrations --- ...er_options_alter_user_about_me_and_more.py | 104 ------------------ ...alter_psychtestanswers_options_and_more.py | 22 ---- pairent_backend/pairent_app/views.py | 92 ++++++++++++---- 3 files changed, 72 insertions(+), 146 deletions(-) delete mode 100644 pairent_backend/pairent_app/migrations/0006_alter_user_options_alter_user_about_me_and_more.py delete mode 100644 pairent_backend/pairent_app/migrations/0007_alter_psychtestanswers_options_and_more.py diff --git a/pairent_backend/pairent_app/migrations/0006_alter_user_options_alter_user_about_me_and_more.py b/pairent_backend/pairent_app/migrations/0006_alter_user_options_alter_user_about_me_and_more.py deleted file mode 100644 index 67bf6f4..0000000 --- a/pairent_backend/pairent_app/migrations/0006_alter_user_options_alter_user_about_me_and_more.py +++ /dev/null @@ -1,104 +0,0 @@ -# Generated by Django 4.2.1 on 2023-05-15 14:41 - -import django.core.validators -from django.db import migrations, models -import django.db.models.deletion - - -class Migration(migrations.Migration): - - dependencies = [ - ('pairent_app', '0005_user'), - ] - - operations = [ - migrations.AlterModelOptions( - name='user', - options={'verbose_name': 'Пользователь', 'verbose_name_plural': 'Пользователи'}, - ), - migrations.AlterField( - model_name='user', - name='about_me', - field=models.CharField(max_length=1000, verbose_name='Поле "О Себе"'), - ), - migrations.AlterField( - model_name='user', - name='city', - field=models.CharField(max_length=1000, null=True, verbose_name='Город пользователя'), - ), - migrations.AlterField( - model_name='user', - name='comparison_apartments', - field=models.CharField(max_length=100, verbose_name='Квартиры для сравнения (CSV)'), - ), - migrations.AlterField( - model_name='user', - name='date_of_birth', - field=models.DateField(verbose_name='Дата рождения пользователя'), - ), - migrations.AlterField( - model_name='user', - name='discord', - field=models.CharField(max_length=1000, null=True, verbose_name='Дискорд ник пользователя'), - ), - migrations.AlterField( - model_name='user', - name='email', - field=models.CharField(max_length=1000, null=True, verbose_name='Почтовый ящик пользователя в формате user@example.com'), - ), - migrations.AlterField( - model_name='user', - name='favorites_apartments', - field=models.CharField(max_length=100, verbose_name='Избранные квартиры (CSV)'), - ), - migrations.AlterField( - model_name='user', - name='gender', - field=models.CharField(max_length=1, verbose_name='Пол пользователя (f,m,n,?)'), - ), - migrations.AlterField( - model_name='user', - name='name', - field=models.CharField(max_length=256, verbose_name='ФИО Пользователя'), - ), - migrations.AlterField( - model_name='user', - name='openid_addr', - field=models.CharField(max_length=1000, verbose_name='Адрес Open ID Connect (login@provider.com, для ВВГУ - login@vvsu.ru)'), - ), - migrations.AlterField( - model_name='user', - name='phone', - field=models.CharField(max_length=30, null=True, verbose_name='Телефон пользователя в международном формате (+00000000)'), - ), - migrations.AlterField( - model_name='user', - name='role', - field=models.CharField(max_length=1, verbose_name='Роль пользователя (s - student, a - admin, m - moderator)'), - ), - migrations.AlterField( - model_name='user', - name='telegram', - field=models.CharField(max_length=1000, null=True, verbose_name='Телеграм пользователя'), - ), - migrations.CreateModel( - name='PsychTestAnswers', - fields=[ - ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('first_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на первый вопрос')), - ('second_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на второй вопрос')), - ('third_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на третий вопрос')), - ('fourth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на четвертый вопрос')), - ('fifth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на пятый вопрос')), - ('sixth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на шестой вопрос')), - ('seventh_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на седьмой вопрос')), - ('eighth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на восьмой вопрос')), - ('nineth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на девятый вопрос')), - ('tenth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на десятый вопрос')), - ('eleventh_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на одиннадцатый вопрос')), - ('twelfth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на двенадцатый вопрос')), - ('thirteenth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на тринадцатый вопрос')), - ('users', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='pairent_app.user', verbose_name='Пользователь')), - ], - ), - ] diff --git a/pairent_backend/pairent_app/migrations/0007_alter_psychtestanswers_options_and_more.py b/pairent_backend/pairent_app/migrations/0007_alter_psychtestanswers_options_and_more.py deleted file mode 100644 index 167cf7a..0000000 --- a/pairent_backend/pairent_app/migrations/0007_alter_psychtestanswers_options_and_more.py +++ /dev/null @@ -1,22 +0,0 @@ -# Generated by Django 4.2.1 on 2023-05-15 15:23 - -from django.db import migrations - - -class Migration(migrations.Migration): - - dependencies = [ - ('pairent_app', '0006_alter_user_options_alter_user_about_me_and_more'), - ] - - operations = [ - migrations.AlterModelOptions( - name='psychtestanswers', - options={'verbose_name': 'Ответ на психологический тест', 'verbose_name_plural': 'Ответы на психологический тест'}, - ), - migrations.RenameField( - model_name='psychtestanswers', - old_name='users', - new_name='user', - ), - ] diff --git a/pairent_backend/pairent_app/views.py b/pairent_backend/pairent_app/views.py index 227f118..608b5be 100644 --- a/pairent_backend/pairent_app/views.py +++ b/pairent_backend/pairent_app/views.py @@ -172,11 +172,48 @@ def VVSUAuthProxy(req: Request): return resp; +def regiserUser(oid, provider_id, name, date_of_birth): + user = User( + favorites_apartments='', + comparison_apartments='', + name=name, + date_of_birth=date_of_birth, + about_me='', + gender='?', + phone='+00000', + # email=, + # telegram=, + # discord=, + # city=, + role='s', + # photo_provider=, + openid_addr=oid, + openid_id=provider_id, + ) + +def get_oauth_token(remote, data): + return requests.post(remote + '/oauth2/token', data, + headers={ + 'Origin': 'https://pairent.vvsu.ru', + 'Referer': 'https://pairent.vvsu.ru' + }).json(); + +def get_oauth_data(remote, key): + return requests.get(remote + '/userinfo', headers={ + 'Origin': 'https://pairent.vvsu.ru', + 'Authorization': 'Bearer ' + key, + 'User-Agent': 'curl/8.1' + }).json(); + class UserLogin(APIView): # TODO: Remove csrf exempt when index.html is loaded through django @csrf_exempt def post(self, req: HttpRequest): + if (req.session.has_key('auth_data')): + # TODO: Return user object instead of error + return JsonResponse({'error': 'already authenticated'}) + if (req.content_type != 'application/json'): res = HttpResponse({'error': 'bad content type'}); res.status_code = 400; @@ -187,31 +224,46 @@ class UserLogin(APIView): if not ('code' in data and 'code_verifier' in data): res = JsonResponse({'error': 'no code'}); res.status_code = 400; + return res; + + # auth_data = get_oauth_token('https://vvsu.ru/connect', { + # 'grant_type': 'authorization_code', + # 'redirect_uri': 'https://pairent.vvsu.ru/sign-in/', + # 'code': data['code'], + # 'code_verifier': data['code_verifier'], + # 'client_id': 'it-hub-client', + # 'client_secret': 'U8y@uPVee6Q^*729esHTo4Vd' + # }); + + auth_data = {'access_token': '5kHvrjy91LJgJLKitejBBG24c7JiX45tEstKVHRpfHc._WQDwQ2F13aytbGFjlGnjXJeUWcDD1V3om3cRW0IujM', 'expires_in': 3600, 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6InB1YmxpYzpoeWRyYS5vcGVuaWQuaWQtdG9rZW4iLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiIwIiwiYXRfaGFzaCI6IjRMR1dRekxVaXFodUVTYjU0QWFIM0EiLCJhdWQiOlsiaXQtaHViLWNsaWVudCJdLCJhdXRoX3RpbWUiOjE2ODQyMzc4MDksImNhbGxiYWNrX3VybCI6IiIsImV4cCI6MTY4NDI0MTQ1NSwiZmFtaWx5X25hbWUiOiLQn9GD0YHRgtC-0LLQsNC70L7QsiIsImdpdmVuX25hbWUiOiLQndC40LrQuNGC0LAiLCJpYXQiOjE2ODQyMzc4NTUsImlkIjoiMDk2Qzc4Q0QtNDk0My00RDU3LUJDNkQtNUNERTEyRjY4NkUzIiwiaXNzIjoiaHR0cHM6Ly93d3cudnZzdS5ydS9jb25uZWN0LyIsImp0aSI6IjEzMTBhNzcwLWFhZWUtNGExYS1hMTc1LWM3MzY3ZWM0ZjVhNyIsImxvZ2luIjoiaHR0cHM6Ly9vcGVuaWQudnZzdS5ydS9ibGVrX18iLCJvcGVuaWQiOiJodHRwczovL29wZW5pZC52dnN1LnJ1L2JsZWtfXyIsInBpY3R1cmUiOiJodHRwczovL3d3dy52dnN1LnJ1L29pc2twL3Bob3RvL3B0aC5hc3A_SUQ9MDk2Qzc4Q0QtNDk0My00RDU3LUJDNkQtNUNERTEyRjY4NkUzXHUwMDI2IiwicHJvZmlsZV91cmwiOm51bGwsInJhdCI6MTY4NDIzNzc5Nywic2lkIjoiOTYyYzg0OGYtZThkNS00ZDJjLWEwZmEtYjI5YmU3YjBlODAxIiwic3ViIjoiaHR0cHM6Ly9vcGVuaWQudnZzdS5ydS9ibGVrX18iLCJzdXJuYW1lIjoi0J_Rg9GB0YLQvtCy0LDQu9C-0LIiLCJ0aXRsZSI6ItCh0YLRg9C00LXQvdGCIiwidnZzdV9JZEVtcGwiOm51bGwsInZ2c3VfSWRTdHVkIjoiMTk3MDgwIiwidnZzdV9JZFVzZXIiOjE5MDQ4OSwidnZzdV9sb2dpbiI6ImJsZWtfXyJ9.A4BiOxpOqnesSiTGRdcTsC-lGhSABswivpUovD9EOdYmqKW753VlLcXQxfBPcfmq8Fdf7RmVvXTXPXYqkX7AKxQT-yUUm7XtJHCb85g2YfL64cjTP2sFYD6wPIU9nzXbCrsgKqKubY3p16Dn9VyrBCXE9N6jdbuNOFbWMLPLPlp7U5fx2SzVGaBMUONlTf8KiLkcisQoN4c_rPGqdi38gzhLf7WGEiKLOldXH1q-s_kPeObFvcdbsFrrnDPnJtdqBx8SF02wqJsrZlBiB9Hl-d6sSJYLZZWumFhS-qscfwRlTEZKqC-hWF5c9R8CUYewk89JxRvCcKrHZvPMip9j9vJF1_OjkSrC5EkGaprl765FgVPEBJqXj9LjGRkTOYfYUFAAMia_HhjtinQFp6XJ-Rh3JrmIfLAQ7DEUSOldMQ1xUw9GeHo_0sIsnjaM6lVx6M_SiDTWihxNu58DiI8tmvkdw7in95OJRoJZ30EhR3SGYsK3b51qdYK1aieufJHX40bN_S1gc84pisTg58z-zC5kGsjsZNv6gRSTO4oOpZMK1FMjv7HyasSMWEu-J052X4Qxquj4pWglpiGQNt3-E0jZUUjqmZ0-7AYiyEC_3IItBqWrve-LTXRF5faIZB5v3F3urY6Qjgn93m_AoK1oujfNAPk8WOLTv419CuC2fAc', 'scope': 'openid vvsu_IdUser vvsu_IdEmpl vvsu_IdStud vvsu_login given_name family_name', 'token_type': 'bearer'} + + user = None; + new_user = False; + + print(auth_data); + + return JsonResponse(get_oauth_data('https://vvsu.ru/connect', auth_data['access_token'])); + + req.session['auth_data'] = vvsu_data; + + if ('error' in vvsu_data): + res = JsonResponse(vvsu_data); + res.status_code = cb.status_code; return res + vvsu_data['vvsu_login'] += '@vvsu.ru'; + try: + user = User.objects.get(openid_addr=vvsu_data['vvsu_login']); + except User.DoesNotExist: + registerUser(vvsu_data['vvsu_login'], cb.id, f'{cb.given_name} {cb.family_name}'); + user = User.objects.get(openid_addr=vvsu_data['vvsu_login']); + new_user = True; - print(data); - - cb = requests.post('https://vvsu.ru/connect/oauth2/token', { - 'grant_type': 'authorization_code', - 'redirect_uri': 'https://pairent.vvsu.ru/sign-in/', - 'code': data['code'], - 'code_verifier': data['code_verifier'], - 'client_id': 'it-hub-client', - 'client_secret': 'U8y@uPVee6Q^*729esHTo4Vd' - }, headers={ - 'Origin': 'https://pairent.vvsu.ru', - 'Referer': 'https://pairent.vvsu.ru' + return JsonResponse({ + 'user_data': user, + 'new_user': new_user }); - - - - resp = HttpResponse(cb.content); - resp.headers['Content-Type'] = cb.headers['Content-Type']; - - return resp; - class UserGet(APIView): def get(self, req: HttpRequest): if not ('id' in req.GET.keys() or 'login' in req.GET.keys()):