add login route, remove ambiguous migrations
This commit is contained in:
parent
b29204ff34
commit
e73c1622c9
|
@ -1,104 +0,0 @@
|
||||||
# Generated by Django 4.2.1 on 2023-05-15 14:41
|
|
||||||
|
|
||||||
import django.core.validators
|
|
||||||
from django.db import migrations, models
|
|
||||||
import django.db.models.deletion
|
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
|
||||||
|
|
||||||
dependencies = [
|
|
||||||
('pairent_app', '0005_user'),
|
|
||||||
]
|
|
||||||
|
|
||||||
operations = [
|
|
||||||
migrations.AlterModelOptions(
|
|
||||||
name='user',
|
|
||||||
options={'verbose_name': 'Пользователь', 'verbose_name_plural': 'Пользователи'},
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='about_me',
|
|
||||||
field=models.CharField(max_length=1000, verbose_name='Поле "О Себе"'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='city',
|
|
||||||
field=models.CharField(max_length=1000, null=True, verbose_name='Город пользователя'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='comparison_apartments',
|
|
||||||
field=models.CharField(max_length=100, verbose_name='Квартиры для сравнения (CSV)'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='date_of_birth',
|
|
||||||
field=models.DateField(verbose_name='Дата рождения пользователя'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='discord',
|
|
||||||
field=models.CharField(max_length=1000, null=True, verbose_name='Дискорд ник пользователя'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='email',
|
|
||||||
field=models.CharField(max_length=1000, null=True, verbose_name='Почтовый ящик пользователя в формате user@example.com'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='favorites_apartments',
|
|
||||||
field=models.CharField(max_length=100, verbose_name='Избранные квартиры (CSV)'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='gender',
|
|
||||||
field=models.CharField(max_length=1, verbose_name='Пол пользователя (f,m,n,?)'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='name',
|
|
||||||
field=models.CharField(max_length=256, verbose_name='ФИО Пользователя'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='openid_addr',
|
|
||||||
field=models.CharField(max_length=1000, verbose_name='Адрес Open ID Connect (login@provider.com, для ВВГУ - login@vvsu.ru)'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='phone',
|
|
||||||
field=models.CharField(max_length=30, null=True, verbose_name='Телефон пользователя в международном формате (+00000000)'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='role',
|
|
||||||
field=models.CharField(max_length=1, verbose_name='Роль пользователя (s - student, a - admin, m - moderator)'),
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='telegram',
|
|
||||||
field=models.CharField(max_length=1000, null=True, verbose_name='Телеграм пользователя'),
|
|
||||||
),
|
|
||||||
migrations.CreateModel(
|
|
||||||
name='PsychTestAnswers',
|
|
||||||
fields=[
|
|
||||||
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
|
|
||||||
('first_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на первый вопрос')),
|
|
||||||
('second_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на второй вопрос')),
|
|
||||||
('third_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на третий вопрос')),
|
|
||||||
('fourth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на четвертый вопрос')),
|
|
||||||
('fifth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на пятый вопрос')),
|
|
||||||
('sixth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на шестой вопрос')),
|
|
||||||
('seventh_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на седьмой вопрос')),
|
|
||||||
('eighth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на восьмой вопрос')),
|
|
||||||
('nineth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на девятый вопрос')),
|
|
||||||
('tenth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на десятый вопрос')),
|
|
||||||
('eleventh_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на одиннадцатый вопрос')),
|
|
||||||
('twelfth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на двенадцатый вопрос')),
|
|
||||||
('thirteenth_question', models.IntegerField(validators=[django.core.validators.MaxValueValidator(5)], verbose_name='Ответ на тринадцатый вопрос')),
|
|
||||||
('users', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='pairent_app.user', verbose_name='Пользователь')),
|
|
||||||
],
|
|
||||||
),
|
|
||||||
]
|
|
|
@ -1,22 +0,0 @@
|
||||||
# Generated by Django 4.2.1 on 2023-05-15 15:23
|
|
||||||
|
|
||||||
from django.db import migrations
|
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
|
||||||
|
|
||||||
dependencies = [
|
|
||||||
('pairent_app', '0006_alter_user_options_alter_user_about_me_and_more'),
|
|
||||||
]
|
|
||||||
|
|
||||||
operations = [
|
|
||||||
migrations.AlterModelOptions(
|
|
||||||
name='psychtestanswers',
|
|
||||||
options={'verbose_name': 'Ответ на психологический тест', 'verbose_name_plural': 'Ответы на психологический тест'},
|
|
||||||
),
|
|
||||||
migrations.RenameField(
|
|
||||||
model_name='psychtestanswers',
|
|
||||||
old_name='users',
|
|
||||||
new_name='user',
|
|
||||||
),
|
|
||||||
]
|
|
|
@ -172,11 +172,48 @@ def VVSUAuthProxy(req: Request):
|
||||||
|
|
||||||
return resp;
|
return resp;
|
||||||
|
|
||||||
|
def regiserUser(oid, provider_id, name, date_of_birth):
|
||||||
|
user = User(
|
||||||
|
favorites_apartments='',
|
||||||
|
comparison_apartments='',
|
||||||
|
name=name,
|
||||||
|
date_of_birth=date_of_birth,
|
||||||
|
about_me='',
|
||||||
|
gender='?',
|
||||||
|
phone='+00000',
|
||||||
|
# email=,
|
||||||
|
# telegram=,
|
||||||
|
# discord=,
|
||||||
|
# city=,
|
||||||
|
role='s',
|
||||||
|
# photo_provider=,
|
||||||
|
openid_addr=oid,
|
||||||
|
openid_id=provider_id,
|
||||||
|
)
|
||||||
|
|
||||||
|
def get_oauth_token(remote, data):
|
||||||
|
return requests.post(remote + '/oauth2/token', data,
|
||||||
|
headers={
|
||||||
|
'Origin': 'https://pairent.vvsu.ru',
|
||||||
|
'Referer': 'https://pairent.vvsu.ru'
|
||||||
|
}).json();
|
||||||
|
|
||||||
|
def get_oauth_data(remote, key):
|
||||||
|
return requests.get(remote + '/userinfo', headers={
|
||||||
|
'Origin': 'https://pairent.vvsu.ru',
|
||||||
|
'Authorization': 'Bearer ' + key,
|
||||||
|
'User-Agent': 'curl/8.1'
|
||||||
|
}).json();
|
||||||
|
|
||||||
class UserLogin(APIView):
|
class UserLogin(APIView):
|
||||||
# TODO: Remove csrf exempt when index.html is loaded through django
|
# TODO: Remove csrf exempt when index.html is loaded through django
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
def post(self, req: HttpRequest):
|
def post(self, req: HttpRequest):
|
||||||
|
|
||||||
|
if (req.session.has_key('auth_data')):
|
||||||
|
# TODO: Return user object instead of error
|
||||||
|
return JsonResponse({'error': 'already authenticated'})
|
||||||
|
|
||||||
if (req.content_type != 'application/json'):
|
if (req.content_type != 'application/json'):
|
||||||
res = HttpResponse({'error': 'bad content type'});
|
res = HttpResponse({'error': 'bad content type'});
|
||||||
res.status_code = 400;
|
res.status_code = 400;
|
||||||
|
@ -187,31 +224,46 @@ class UserLogin(APIView):
|
||||||
if not ('code' in data and 'code_verifier' in data):
|
if not ('code' in data and 'code_verifier' in data):
|
||||||
res = JsonResponse({'error': 'no code'});
|
res = JsonResponse({'error': 'no code'});
|
||||||
res.status_code = 400;
|
res.status_code = 400;
|
||||||
|
return res;
|
||||||
|
|
||||||
|
# auth_data = get_oauth_token('https://vvsu.ru/connect', {
|
||||||
|
# 'grant_type': 'authorization_code',
|
||||||
|
# 'redirect_uri': 'https://pairent.vvsu.ru/sign-in/',
|
||||||
|
# 'code': data['code'],
|
||||||
|
# 'code_verifier': data['code_verifier'],
|
||||||
|
# 'client_id': 'it-hub-client',
|
||||||
|
# 'client_secret': 'U8y@uPVee6Q^*729esHTo4Vd'
|
||||||
|
# });
|
||||||
|
|
||||||
|
auth_data = {'access_token': '5kHvrjy91LJgJLKitejBBG24c7JiX45tEstKVHRpfHc._WQDwQ2F13aytbGFjlGnjXJeUWcDD1V3om3cRW0IujM', 'expires_in': 3600, 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6InB1YmxpYzpoeWRyYS5vcGVuaWQuaWQtdG9rZW4iLCJ0eXAiOiJKV1QifQ.eyJhY3IiOiIwIiwiYXRfaGFzaCI6IjRMR1dRekxVaXFodUVTYjU0QWFIM0EiLCJhdWQiOlsiaXQtaHViLWNsaWVudCJdLCJhdXRoX3RpbWUiOjE2ODQyMzc4MDksImNhbGxiYWNrX3VybCI6IiIsImV4cCI6MTY4NDI0MTQ1NSwiZmFtaWx5X25hbWUiOiLQn9GD0YHRgtC-0LLQsNC70L7QsiIsImdpdmVuX25hbWUiOiLQndC40LrQuNGC0LAiLCJpYXQiOjE2ODQyMzc4NTUsImlkIjoiMDk2Qzc4Q0QtNDk0My00RDU3LUJDNkQtNUNERTEyRjY4NkUzIiwiaXNzIjoiaHR0cHM6Ly93d3cudnZzdS5ydS9jb25uZWN0LyIsImp0aSI6IjEzMTBhNzcwLWFhZWUtNGExYS1hMTc1LWM3MzY3ZWM0ZjVhNyIsImxvZ2luIjoiaHR0cHM6Ly9vcGVuaWQudnZzdS5ydS9ibGVrX18iLCJvcGVuaWQiOiJodHRwczovL29wZW5pZC52dnN1LnJ1L2JsZWtfXyIsInBpY3R1cmUiOiJodHRwczovL3d3dy52dnN1LnJ1L29pc2twL3Bob3RvL3B0aC5hc3A_SUQ9MDk2Qzc4Q0QtNDk0My00RDU3LUJDNkQtNUNERTEyRjY4NkUzXHUwMDI2IiwicHJvZmlsZV91cmwiOm51bGwsInJhdCI6MTY4NDIzNzc5Nywic2lkIjoiOTYyYzg0OGYtZThkNS00ZDJjLWEwZmEtYjI5YmU3YjBlODAxIiwic3ViIjoiaHR0cHM6Ly9vcGVuaWQudnZzdS5ydS9ibGVrX18iLCJzdXJuYW1lIjoi0J_Rg9GB0YLQvtCy0LDQu9C-0LIiLCJ0aXRsZSI6ItCh0YLRg9C00LXQvdGCIiwidnZzdV9JZEVtcGwiOm51bGwsInZ2c3VfSWRTdHVkIjoiMTk3MDgwIiwidnZzdV9JZFVzZXIiOjE5MDQ4OSwidnZzdV9sb2dpbiI6ImJsZWtfXyJ9.A4BiOxpOqnesSiTGRdcTsC-lGhSABswivpUovD9EOdYmqKW753VlLcXQxfBPcfmq8Fdf7RmVvXTXPXYqkX7AKxQT-yUUm7XtJHCb85g2YfL64cjTP2sFYD6wPIU9nzXbCrsgKqKubY3p16Dn9VyrBCXE9N6jdbuNOFbWMLPLPlp7U5fx2SzVGaBMUONlTf8KiLkcisQoN4c_rPGqdi38gzhLf7WGEiKLOldXH1q-s_kPeObFvcdbsFrrnDPnJtdqBx8SF02wqJsrZlBiB9Hl-d6sSJYLZZWumFhS-qscfwRlTEZKqC-hWF5c9R8CUYewk89JxRvCcKrHZvPMip9j9vJF1_OjkSrC5EkGaprl765FgVPEBJqXj9LjGRkTOYfYUFAAMia_HhjtinQFp6XJ-Rh3JrmIfLAQ7DEUSOldMQ1xUw9GeHo_0sIsnjaM6lVx6M_SiDTWihxNu58DiI8tmvkdw7in95OJRoJZ30EhR3SGYsK3b51qdYK1aieufJHX40bN_S1gc84pisTg58z-zC5kGsjsZNv6gRSTO4oOpZMK1FMjv7HyasSMWEu-J052X4Qxquj4pWglpiGQNt3-E0jZUUjqmZ0-7AYiyEC_3IItBqWrve-LTXRF5faIZB5v3F3urY6Qjgn93m_AoK1oujfNAPk8WOLTv419CuC2fAc', 'scope': 'openid vvsu_IdUser vvsu_IdEmpl vvsu_IdStud vvsu_login given_name family_name', 'token_type': 'bearer'}
|
||||||
|
|
||||||
|
user = None;
|
||||||
|
new_user = False;
|
||||||
|
|
||||||
|
print(auth_data);
|
||||||
|
|
||||||
|
return JsonResponse(get_oauth_data('https://vvsu.ru/connect', auth_data['access_token']));
|
||||||
|
|
||||||
|
req.session['auth_data'] = vvsu_data;
|
||||||
|
|
||||||
|
if ('error' in vvsu_data):
|
||||||
|
res = JsonResponse(vvsu_data);
|
||||||
|
res.status_code = cb.status_code;
|
||||||
return res
|
return res
|
||||||
|
|
||||||
|
vvsu_data['vvsu_login'] += '@vvsu.ru';
|
||||||
|
try:
|
||||||
|
user = User.objects.get(openid_addr=vvsu_data['vvsu_login']);
|
||||||
|
except User.DoesNotExist:
|
||||||
|
registerUser(vvsu_data['vvsu_login'], cb.id, f'{cb.given_name} {cb.family_name}');
|
||||||
|
user = User.objects.get(openid_addr=vvsu_data['vvsu_login']);
|
||||||
|
new_user = True;
|
||||||
|
|
||||||
print(data);
|
return JsonResponse({
|
||||||
|
'user_data': user,
|
||||||
cb = requests.post('https://vvsu.ru/connect/oauth2/token', {
|
'new_user': new_user
|
||||||
'grant_type': 'authorization_code',
|
|
||||||
'redirect_uri': 'https://pairent.vvsu.ru/sign-in/',
|
|
||||||
'code': data['code'],
|
|
||||||
'code_verifier': data['code_verifier'],
|
|
||||||
'client_id': 'it-hub-client',
|
|
||||||
'client_secret': 'U8y@uPVee6Q^*729esHTo4Vd'
|
|
||||||
}, headers={
|
|
||||||
'Origin': 'https://pairent.vvsu.ru',
|
|
||||||
'Referer': 'https://pairent.vvsu.ru'
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
resp = HttpResponse(cb.content);
|
|
||||||
resp.headers['Content-Type'] = cb.headers['Content-Type'];
|
|
||||||
|
|
||||||
return resp;
|
|
||||||
|
|
||||||
class UserGet(APIView):
|
class UserGet(APIView):
|
||||||
def get(self, req: HttpRequest):
|
def get(self, req: HttpRequest):
|
||||||
if not ('id' in req.GET.keys() or 'login' in req.GET.keys()):
|
if not ('id' in req.GET.keys() or 'login' in req.GET.keys()):
|
||||||
|
|
Loading…
Reference in New Issue