account

src/account/cauth.py

@@ -5,9 +5,8 @@ import datetime
 import account.password_handle as ph
 from django.db.models import Q
 
-import common.error_info as ctc
-import common.models as am
-import account.lock_account as la
+import common.error_info as ce
+import common.models as cm
 
 logger = logging.getLogger(__name__)
 
@@ -18,61 +17,33 @@ class AccountManage(object):
         """
         @attention: 用户认证
         """
-        #临时收到解锁ip
-        if pwd=="clear_ip_{}".format(account) :
-            la.clear_lock(0,request.ip)
 
-        if la.is_lock_ip(request.ip):
-            raise ctc.TipException(u'密码连续输错20次，锁定ip半个小时!')
-
-        user = am.UserInfo.objects.filter(Q(name=account)).first()
+        user = cm.SysUserInfo.objects.filter(Q(name=account)).first()
         if user is not None:
-            #临时收到解锁ip
-            if pwd=="clear_account_{}".format(account) :
-                la.clear_lock(user.id,0)
             if self.user_can_authenticate(user):
-                if la.is_lock(user.id, request.ip)=="ip_lock":
-                    raise ctc.TipException(u'密码连续输错20次，锁定ip半个小时!')
-                if la.is_lock(user.id, request.ip)=="account_lock":
-                    #记录ip错误
-                    la.increase_error_count_ip(request.ip)
-                    raise ctc.TipException(u'密码连续输错5次，锁定用户10分钟!')
                 if ph.check_password(pwd, user.password):
-                    la.clear_lock_count(user.id, request.ip)
                     return user
                 else:
-                    logger.info("account, pwd %s", 'login failed')
-                    #记录ip错误
-                    la.increase_error_count_ip(request.ip)
-                    #记录用户名错误
-                    la.increase_error_count_uid(user.id)
-                    raise ctc.TipException("账号或密码错误")
+                    raise ce.TipException("账号或密码错误")
             else:
-                raise ctc.TipException("账户已停用")
+                raise ce.TipException("账户已停用")
         else:
-            #记录ip错误
-            la.increase_error_count_ip(request.ip)
-            raise ctc.TipException("账号或密码错误")
+            raise ce.TipException("账号或密码错误")
 
     def user_can_authenticate(self, user):
         """
         @attention: 账户是否已经激活
         """
-        # end_date = getattr(user, 'expiry_date', '')
-        # now = datetime.datetime.now().strftime("%Y%m%d")
-        # if end_date < now:
-        #     return False
         is_active = getattr(user, 'is_active', None)
-        return is_active == '1'
+        return is_active == 1
     
-    # --------------- 这部分是django的session系统需要的部分，必须存在，没太大作用 ------------
     def get_user(self, pk):
         """
         @attention: 由于在django系统中,每次request都是一个独立的请求，所以每次进入时第一次使用,都会调用该函数
         """
         try:
-            user = am.UserInfo.objects.get(pk=pk)
-        except am.UserInfo.DoesNotExist:
+            user = cm.SysUserInfo.objects.get(pk=pk)
+        except cm.SysUserInfo.DoesNotExist:
             return None
         return user
 

src/account/control_bankcard.py

@@ -1,97 +0,0 @@
-#coding=utf-8
-'''
-'''
-import json
-from django.db import transaction
-import common.models as cm
-import common.error_info as ce
-import common.common_functions as ccf
-import common.common_control as ccc
-
-def add_bankcard(request):
-    """
-    """
-    kwargs = request.json
-    need_params = ["name","cardno"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-
-    cvals = ccf.get_need_params(*need_params,**kwargs)
-    cvals["user_id"] = request.user.id
-    cvals["cid"] = request.user.id
-    cvals["cperson"] = request.user.realname
-    try:
-        obj = cm.BankCard.objects.create(**cvals)
-    except Exception as e:
-        raise ce.TipException(str(e))
-
-
-def update_bankcard(request):
-    """
-    """
-    kwargs = request.json
-    need_params = ["id"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-    id = kwargs.get("id")
-    need_params.extend(["name","cardno"])
-    cvals = ccf.get_need_params(*need_params,**kwargs)
-    try:
-        cm.BankCard.objects.filter(id=id).update(**cvals)
-    except Exception as e:
-        raise ce.TipException(str(e))
-
-def delete_bankcard(request):
-    """
-    """
-    kwargs = request.json
-    need_params = ["id"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-    ids = str(kwargs.get("id")).split(",")
-    cm.BankCard.objects.filter(id__in=ids).update(status=0)
-
-
-def get_bankcard_list(request):
-    """
-    """
-    kwargs = request.json
-    eset = cm.BankCard.objects.filter(status=1,user_id=request.user.id)
-    total = eset.count()
-    edata = list(eset.values())
-    return edata
-
-    
-def get_user_income(request):
-    data = {
-        "cuscount":10,
-        "transcount":12,
-        "turnover":2000.00,
-        "income":2000.00
-        }
-    return data
-
-
-def apply_cash(request):
-    """
-    """
-    kwargs = request.json
-    need_params = ["bankcard_id","cashtype","cashamount"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-
-    cvals = ccf.get_need_params(*need_params,**kwargs)
-    cvals["cid"] = request.user.id
-    cvals["cperson"] = request.user.realname
-    try:
-        obj = cm.CashRecord.objects.create(**cvals)
-    except Exception as e:
-        raise ce.TipException(str(e))
-
-
-
-

src/account/control_department.py

@@ -1,81 +0,0 @@
-#coding=utf-8
-'''
-'''
-import json
-from django.db import transaction
-import common.models as cm
-import common.error_info as ce
-import common.common_functions as ccf
-import common.common_control as ccc
-
-def add_department(request):
-    """
-    """
-    kwargs = request.json
-    need_params = ["name","permissions"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-
-    cvals = ccf.get_need_params(*need_params,**kwargs)
-    if kwargs.get("pid"):
-        cvals["pid"] = kwargs.get("pid")
-    cvals["cid"] = request.user.id
-    cvals["cperson"] = request.user.realname
-    try:
-        obj = cm.Department.objects.create(**cvals)
-    except Exception as e:
-        raise c.TipException(str(e))
-
-
-def update_department(request):
-    """
-    """
-    kwargs = request.json
-    need_params = ["id"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-    id = kwargs.get("id")
-    need_params.extend(["name","pid","permissions"])
-    cvals = ccf.get_need_params(*need_params,**kwargs)
-    if kwargs.get("pid"):
-        cvals["pid"] = kwargs.get("pid")
-    cvals["cid"] = request.user.id
-    cvals["cperson"] = request.user.realname
-    try:
-        cm.Department.objects.filter(id=id).update(**cvals)
-    except Exception as e:
-        raise c.TipException(str(e))
-
-def delete_department(request):
-    """
-    """
-    kwargs = request.json
-    need_params = ["id"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-    ids = str(kwargs.get("id")).split(",")
-    cm.Department.objects.filter(id__in=ids).update(status=0)
-
-
-def get_department_list(request):
-    """
-    """
-    kwargs = request.json
-    eset = cm.Department.objects.filter(status=1)
-    if "name" in kwargs and kwargs.get("name"):
-        eset = eset.filter(name__icontains=kwargs.get("name"))
-    total = eset.count()
-    edata = list(eset.values())
-    page = int(kwargs.get("page",1))
-    page_size = int(kwargs.get("page_size",20))
-    total,data = ccf.get_page_list(edata,page,page_size)
-    return (total,data)
-
-    
-
-
-
-

src/account/control_organization.py

@@ -1,129 +0,0 @@
-#coding=utf-8
-'''
-'''
-import json
-from django.db.models import Q
-from django.db import transaction
-import common.models as cm
-import common.common_functions as ccf
-import common.common_control as ccc
-import common.error_info as ce
-
-
-def search_organization(name):
-    """
-    """
-    qset = cm.Organization.objects.filter(name__icontains=name)
-    qdata = list(qset.values_list("name",flat=True))
-    return qdata
-
-def get_organization_tree(uid):
-    """
-    """
-    user = cm.UserInfo.objects.filter(pk=uid).first()
-    if not user:
-        raise ce.TipException(u"用户不存在")
-    uid = user.pk
-
-    total,users_info = ccc.get_sub_users(uid)
-    print users_info
-    user_ids = [x["id"] for x in users_info]
-    permissions = list(user.role.permission.all().values_list("codename",flat=True))
-
-    if user.role.platform == "portal":
-        #数据权限下用户所在的企业
-        org_ids = list(cm.UserInfo.objects.filter(id__in=user_ids).values_list("organization_id",flat=True))
-        #数据权限下的用户创建的企业
-        for uid in user_ids:
-            _user = cm.UserInfo.objects.filter(id=uid).first()
-            if "SystemManagement.Organization.Check" in permissions:
-                org_ids_created = list(cm.Organization.objects.filter(cid__in=[uid]).values_list("id",flat=True))
-                org_ids.extend(org_ids_created)
-        #orgs = cm.Organization.objects.filter(id__in=org_ids)
-        orgs = cm.Organization.objects.filter(id__in=org_ids,cid=uid).exclude(pid__in=org_ids)
-    else:
-        print 6666666666666666
-        orgs = cm.Organization.objects.filter(cid__in=user_ids)
-
-    org_ids = list(orgs.values_list("id",flat=True))
-    print org_ids,9999
-    #组装树结构
-    trees = []
-    for org in orgs:
-        if user.role.platform == "portal":
-            trees.append(ccc.get_sub_organization_tree(org.id))
-        else:
-            if not org.pid:
-                trees.append(ccc.get_sub_organization_tree(org.id))
-
-    otree = [
-        {
-            "id":1,
-            "nodes":[
-                {
-                    "id":2,
-                    "nodes":[
-                    
-                    ],
-                    "tree_label":u"成都代理运营中心"
-                } 
-            ],
-            "tree_label":u"成都运营中心"
-        } 
-    ]
-    return trees
-
-
-def add_organization(**kwargs):
-    """
-    """
-    need_params = ["name","sname"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-    need_params.extend(["pid","cid","cperson","desc"])
-    cvals = ccf.get_need_params(*need_params,**kwargs)
-    with transaction.atomic():
-        oobj = cm.Organization.objects.create(**cvals)
-
-
-def update_organization(**kwargs):
-    """
-    """
-    need_params = ["id"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-    id = kwargs.get("id")
-    uvals = {}
-    if "name" in kwargs:
-        uvals["name"] = kwargs.get("name")
-    if "sname" in kwargs:
-        uvals["sname"] = kwargs.get("sname")
-    if "desc" in kwargs:
-        uvals["desc"] = kwargs.get("desc")
-
-    with transaction.atomic():
-        oobj = cm.Organization.objects.filter(id=id).update(**uvals)
-
-
-def delete_organization(**kwargs):
-    """
-    """
-    need_params = ["id"]
-    mse = ccf.check_params(*need_params,**kwargs)
-    if mse:
-        raise ce.TipException(mse)
-    ids = str(kwargs.get("id")).split(",")
-    cm.Organization.objects.filter(id__in=ids).delete()
-    
-    #级联删除相关联数据待完善...
-
-
-def get_organization_info(*ids):
-    """
-    """
-    qset = cm.Organization.objects.filter(id__in=ids)
-    oinfo = list(qset.values("id","name","sname","desc","pid"))
-    return oinfo
-

src/account/control_user.py

@@ -82,46 +82,18 @@ def login_user(request):
     idcode = info.get('imgcode')
     captcha = cache.get(captcha_id, '')
     cache.delete(captcha_id)
-    if not username or not password:
-        raise ce.TipException(u"账户或密码不能为空!")
-    if not idcode:
-        raise ce.TipException(u"验证码不能为空!")
-    if idcode.upper() != captcha.upper():
-        raise ce.TipException(u"验证码错误!")
-
-    if utype == 0:
-        user = cm.UserInfo.objects.filter(name=username).first()
-        if user:
-            if user.password != ccf.make_password(password):
-                raise ce.TipException(u"账号或密码错误!")
-            tstr = "{}_{}_{}{}".format(user.id,0,time.time(),random.randint(100000,999999))
-            token = aescbc.encrypt(tstr)
-            return {"id":user.id,"token":token,"utype":0}
-        else:
-            raise ce.TipException(u"账号或密码错误!")
-    elif utype == 1:
-        user = cm.Goverment.objects.filter(username=username).first()
-        if user:
-            if user.password != ccf.make_password(password):
-                raise ce.TipException(u"账号或密码错误!")
-            if not user.is_active:
-                raise ce.TipException(u"该账号已停用!")
-            tstr = "{}_{}_{}{}".format(user.id,1,time.time(),random.randint(100000,999999))
-            token = aescbc.encrypt(tstr)
-            return {"id":user.id,"token":token,"utype":1}
-        else:
-            raise ce.TipException(u"账号或密码错误!")
+    #if not username or not password:
+    #    raise ce.TipException(u"账户或密码不能为空!")
+    #if not idcode:
+    #    raise ce.TipException(u"验证码不能为空!")
+    #if idcode.upper() != captcha.upper():
+    #    raise ce.TipException(u"验证码错误!")
+
+    user = auth.authenticate(request, account=username, pwd=password)
+    if user:
+        auth.login(request, user)
+        return user
     else:
-        user = cm.EnterPrise.objects.filter(username=username).first()
-        if user:
-            if user.password != ccf.make_password(password):
-                raise ce.TipException(u"账号或密码错误!")
-            if not user.is_active:
-                raise ce.TipException(u"该账号已停用!")
-            tstr = "{}_{}_{}{}".format(user.id,2,time.time(),random.randint(100000,999999))
-            token = aescbc.encrypt(tstr)
-            return {"id":user.id,"token":token,"utype":2}
-
         raise ce.TipException(u"账号或密码错误!")
 
 
@@ -190,9 +162,9 @@ def regist_user(request):
 def format_user(*ids):
     """
     """
-    eset = cm.UserInfo.objects.filter(id__in=ids,status=1)
+    eset = cm.SysUserInfo.objects.filter(id__in=ids,is_active=1)
     if not eset.exists():
-        raise ce.TipException(u"客户不存在!")
+        raise ce.TipException(u"账号不存在!")
     data = list(eset.values())
     return data
 
@@ -221,7 +193,6 @@ def get_account_info(request):
     """
     """
     id = request.user.id
-    print id,99999
     info = format_user(*[id])
     info = info[0] if info else {}
     info["p"] = ["Product.*.*"]

src/account/lock_account.py

@@ -1,126 +0,0 @@
-# coding:utf-8
-from django.core.cache import cache
-
-import common.error_info as cei
-
-MAX_ERROR_TIMES = 5
-MAX_ERROR_TIMES_IP = 20
-LOCK_IP_TMP = 'LOCK_IP_{}'
-LOCK_ACCOUNT_TMP = 'LOCK_ACCOUNT_{}'
-
-ACCOUNT_INCR_TMP = 'ACCOUNT_COUNT_{}'
-IP_INCR_TMP = 'IP_COUNT_{}'
-
-
-def is_lock(uid, ip):
-    """
-    是否锁
-    :param uid:
-    :param ip:
-    :return:
-    """
-    account_key = LOCK_ACCOUNT_TMP.format(uid)
-    ip_key = LOCK_IP_TMP.format(ip)
-
-    if cache.get(ip_key):
-        return "ip_lock"
-    if cache.get(account_key):
-        return "account_lock"
-    return False
-
-def is_lock_ip(ip):
-    """是否封禁IP
-    """
-    ip_key = LOCK_IP_TMP.format(ip)
-    if cache.get(ip_key):
-        return True
-    return False
-
-
-def increase_error_count(uid, ip):
-    """
-    5分钟内连续输错五次
-    :return:
-    """
-    ip_key = IP_INCR_TMP.format(ip)
-    ip_count = cache.get(ip_key) or 0
-
-    account_key = ACCOUNT_INCR_TMP.format(uid)
-    account_count = cache.get(account_key) or 0
-
-    if account_count + 1 >= MAX_ERROR_TIMES or ip_count + 1 >= MAX_ERROR_TIMES:
-        lock(uid, ip)
-        raise cei.TipException(u'密码连续输错五次，锁定ip和账户半个小时')
-    if not account_count:
-        cache.set(account_key, 1, 5*60)
-    else:
-        cache.incr(account_key)
-    if not ip_count:
-        cache.set(ip_count, 1, 5*60)
-    else:
-        cache.incr(ip_key)
-
-def increase_error_count_ip(ip):
-    """
-    """
-    ip_key = IP_INCR_TMP.format(ip)
-    ip_count = cache.get(ip_key) or 0
-    if ip_count + 1 >= MAX_ERROR_TIMES_IP:
-        lock(0,ip)
-        raise cei.TipException(u'密码连续输错20次，锁定ip半个小时!')
-    if not ip_count:
-        cache.set(ip_key, 1, 30*60)
-    else:
-        cache.incr(ip_key)
-
-def increase_error_count_uid(uid):
-    """
-    """
-    account_key = ACCOUNT_INCR_TMP.format(uid)
-    account_count = cache.get(account_key) or 0
-    if account_count + 1 >= MAX_ERROR_TIMES:
-        lock(uid,0)
-        raise cei.TipException(u'密码连续输错5次，锁定账户10分钟!')
-    if not account_count:
-        cache.set(account_key, 1, 10*60)
-    else:
-        cache.incr(account_key)
-
-
-
-def clear_lock_count(uid, ip):
-    """
-    清除计数，清楚锁ip，锁account的key
-    :param uid:
-    :param ip:
-    :return:
-    """
-    if uid:
-        cache.delete(ACCOUNT_INCR_TMP.format(uid))
-    if ip:
-        cache.delete(IP_INCR_TMP.format(ip))
-
-
-def lock(uid, ip):
-    """
-    锁账户，ip半个小时
-    :param uid:
-    :param ip:
-    :return:
-    """
-    clear_lock_count(uid, ip)
-    if uid:
-        key = LOCK_ACCOUNT_TMP.format(uid)
-        cache.set(key, 'lock_account', 10*60)
-    if ip:
-        key = LOCK_IP_TMP.format(ip)
-        cache.set(key, 'lock_ip', 30*60)
-
-def clear_lock(uid,ip):
-    clear_lock_count(uid, ip)
-    if uid:
-        key = LOCK_ACCOUNT_TMP.format(uid)
-        cache.delete(key)
-    if ip:
-        key = LOCK_IP_TMP.format(ip)
-        cache.delete(IP_INCR_TMP.format(ip))

src/account/urls_backstage.py

@@ -2,28 +2,15 @@
 '''
 '''
 from django.conf.urls import url
-from account import views,views_backstage
+from account import views
 
 urlpatterns = [
     # 运营
     url(r'^login$', views.LoginView.as_view()),
     url(r'^regist$', views.RegistView.as_view()),
     url(r'^logout$', views.LogoutView.as_view()),
-    url(r'^info$', views_backstage.InfoView.as_view()),
+    url(r'^info$', views.InfoView.as_view()),
     url(r'^imgcode$', views.CaptchaView.as_view()),
     url(r'^phcode$', views.GetPhoneCodeView.as_view()),
-    url(r'^user$', views_backstage.UserView.as_view()),
-    url(r'^user/info$', views_backstage.UserInfoView.as_view()),
-    url(r'^user/list$', views_backstage.UserListView.as_view()),
-    url(r'^user/unaudit$', views_backstage.UnauditUserListView.as_view()),
-    url(r'^user/bankcard$', views_backstage.UserBankCardView.as_view()),
-    url(r'^user/bankcard/list$', views_backstage.UserBankCardListView.as_view()),
-    url(r'^user/income$', views_backstage.UserIncomeView.as_view()),
-    url(r'^user/applycash$', views_backstage.UserApplyCashView.as_view()),
-    url(r'^pwd/reset$', views_backstage.ResetPwdView.as_view()),
-    url(r'^user/pwdreset$', views_backstage.ResetUserPwdView.as_view()),
-    url(r'^permission/list', views_backstage.PermissionListView.as_view()),
-    url(r'^department$', views_backstage.DepartmentView.as_view()),
-    url(r'^department/list$', views_backstage.DepartmentListView.as_view()),
 ]
 

src/account/views.py

@@ -58,7 +58,6 @@ class CaptchaView(cv.BaseView):
 class LoginView(cv.BaseView):
     def post(self, request):
         """#账号登录(管理后台)
-        @utype:1,0/1/2(管理员/政府/企业)
         @username:"root",str,账号
         @password:"root",str,密码
         @imgcode_id:"erwerkkk",图形验证码接口返回的
@@ -66,8 +65,9 @@ class LoginView(cv.BaseView):
         """
         try:
             rst = cr.login_user(request)
-            return cv.to_suc(rst)
+            return cv.to_suc()
         except Exception as e: 
+            cv.tracefail()
             return cv.to_fail(e)
 
 class LogoutView(cv.AuthView):
@@ -102,3 +102,13 @@ class RegistView(cv.BaseView):
             return cv.to_fail(e)
         return cv.to_suc()
 
+class InfoView(cv.AdminView):
+    def get(self, request):
+        '''
+        #获取全局账号信息(权限控制)
+        '''
+        try:
+            users = cr.get_account_info(request)
+            return cv.to_suc(users)
+        except Exception as e:
+            return cv.to_fail(e)

src/account/views_backstage.py

@@ -1,299 +0,0 @@
-#-*-coding:utf-8-*-
-import json
-import uuid
-from django.contrib import auth
-from django.core.cache import cache
-from django.conf import settings
-
-from common import core_views as cv
-from common.models import UserInfo
-import common.common_functions as ccf
-import common.error_info as ce
-import control_user as cu
-import control_role as crol
-import control_organization as co
-import common.common_control as ccc
-import control_permission as cp
-import control_department as cd
-import control_bankcard as cb
-
-
-class InfoView(cv.AdminView):
-    def get(self, request):
-        '''
-        #获取全局账号信息(权限控制)
-        '''
-        try:
-            users = cu.get_account_info(request)
-            return cv.to_suc(users)
-        except Exception as e:
-            return cv.to_fail(e)
-
-class UserInfoView(cv.BaseView):
-    def get(self, request):
-        """
-        #获取用户个人信息
-        @id:1,用户id
-        """
-        try:
-            data = cu.get_user_personal_info(request)
-            return cv.to_suc(data)
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-        return cv.to_suc()
-
-class UserView(cv.BaseView):
-    def get(self, request):
-        """
-        #获取用户详情
-        @id:1,用户id
-        """
-        try:
-            data = cu.get_user_info(request)
-            return cv.to_suc(data)
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-        return cv.to_suc()
-
-    def post(self, request):
-        '''
-        #新增员工
-        @realname:"肖小肖",员工名称
-        @phone:"129823"
-        @email:"129823@qq.com"
-        @department_id:1,部门id
-        @utype:1/2/3,员工类型
-        @is_active:1/0,是否启用
-        @remark:"好员工",备注
-        '''
-        qdata = request.json
-        try:
-            rst = cu.add_user(request)
-            return cv.to_suc()
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-
-    def put(self, request):
-        """
-        #修改员工
-        @id:1,员工id
-        @realname:"肖小肖",员工名称
-        @phone:"129823"
-        @email:"129823@qq.com"
-        @department_id:1,部门id
-        @utype:1/2/3,员工类型
-        @is_active:1/0,是否启用
-        @remark:"好员工",备注
-        """
-        qdata = request.json
-        try:
-            data = cu.update_user(request)
-        except Exception as e:
-            return cv.to_fail(e)
-        return cv.to_suc(data)
-
-    def delete(self, request):
-        """
-        #删除员工
-        @id:1,多个id用逗号分隔
-        """
-        qdata = request.json
-        try:
-            cu.delete_user(request)
-        except Exception as e:
-            return cv.to_fail(e)
-        return cv.to_suc()
-
-class UserListView(cv.AuthView):
-    def get(self, request):
-        """
-        #员工列表
-        @name:"用户名"
-        @department_id:1
-        @utype:1
-        @is_active:1
-        """
-        try:
-            total,res = cu.get_user_list(request)
-            return cv.to_suc({"total":total,"list":res})
-        except Exception as e:
-            return cv.to_fail(e)
-
-
-class UnauditUserListView(cv.AuthView):
-    def get(self, request):
-        """
-        #待审核员工列表
-        @name:"用户名"
-        @utype:1
-        """
-        try:
-            total,res = cu.get_unaudit_user_list(request)
-            return cv.to_suc({"total":total,"list":res})
-        except Exception as e:
-            return cv.to_fail(e)
-
-
-class PermissionListView(cv.AuthView):
-    def get(self, request):
-        """#权限列表
-        @role_id:1 角色id 可选参数 传了就只返回对应角色的权限
-        @platform:"operation" 权限归属 可选参数 传了就对权限进行平台过滤
-        """
-        qdata = request.json
-        role_id = qdata.get("role_id",None)
-        platform = qdata.get("platform",None)
-        roles = cp.get_permission_list(role_id,platform)
-
-        return cv.to_suc(roles)
-
-
-class ResetPwdView(cv.BaseView):
-    def put(self, request):
-        """
-        #重置密码(忘记密码)
-        @phone:"15982456282",手机号
-        @password:"",新密码
-        @repassword:"",确认密码
-        @phcode:"123",验证码
-        """
-        try:
-            cu.reset_password(request)
-            return cv.to_suc()
-        except Exception as e:
-            return cv.to_fail(e)
-
-
-class ResetUserPwdView(cv.AuthView):
-    def put(self, request):
-        """
-        #修改用户密码
-        @uid:10,用户id不传则默认当前用户
-        @code:"",验证码
-        @password:"",新密码
-        """
-        try:
-            cu.reset_user_password(request)
-            return cv.to_suc()
-        except Exception as e:
-            return cv.to_fail(e)
-
-
-class DepartmentView(cv.AuthView):
-    def post(self,request):
-        """
-        #新增部门
-        @name:"综管部",部门名称
-        @pid:1,上级部门
-        @permissions:["CusManage.*.*","CusManage.MyCus.*"]
-        """
-        try:
-            cd.add_department(request)
-            return cv.to_suc()
-        except Exception as e:
-            return cv.to_fail(e)
-
-    def put(self,request):
-        """
-        #修改部门
-        @id:1,部门id
-        @name:"综管部",部门名称
-        @pid:1,上级部门
-        @permissions:["CusManage.*.*","CusManage.MyCus.*"]
-        """
-        try:
-            cd.update_department(request)
-            return cv.to_suc()
-        except Exception as e:
-            return cv.to_fail(e)
-
-    def delete(self,request):
-        """
-        #删除部门
-        @id:1,部门id
-        """
-        try:
-            cd.delete_department(request)
-            return cv.to_suc()
-        except Exception as e:
-            return cv.to_fail(e)
-
-
-class DepartmentListView(cv.AuthView):
-    def get(self,request):
-        """#部门列表
-        @name:"研发",部门名称
-        """
-        try:
-            total,rst = cd.get_department_list(request)
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-        return cv.to_suc({"total":total,"list":rst})
-
-
-class UserBankCardView(cv.AuthView):
-    def post(self,request):
-        """#新增银行卡
-        @name:"建设银行",银行名称
-        @cardno:"6229000",银行卡卡号
-        """
-        try:
-            rst = cb.add_bankcard(request)
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-        return cv.to_suc()
-
-    def delete(self,request):
-        """#删除银行卡
-        @id:1,银行卡id
-        """
-        try:
-            rst = cb.delete_bankcard(request)
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-        return cv.to_suc()
-
-
-class UserBankCardListView(cv.AuthView):
-    def get(self,request):
-        """#银行卡列表
-        """
-        try:
-            rst = cb.get_bankcard_list(request)
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-        return cv.to_suc(rst)
-
-
-class UserIncomeView(cv.AuthView):
-    def get(self,request):
-        """#我的收益
-        """
-        try:
-            rst = cb.get_user_income(request)
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-        return cv.to_suc(rst)
-
-
-class UserApplyCashView(cv.AuthView):
-    def post(self,request):
-        """#申请提现
-        @bankcard_id:1,银行卡id
-        @cashtype:"bank/alipay",提现方式
-        @cashamount:1000,提现金额
-        """
-        try:
-            rst = cb.apply_cash(request)
-        except Exception as e:
-            cv.tracefail()
-            return cv.to_fail(e)
-        return cv.to_suc(rst)

src/account/views_permission.py

@@ -1,4 +0,0 @@
-#-*-coding:utf-8 -*-
-import common.core_views as cv
-
-

src/common/core_views.py

@@ -9,6 +9,8 @@ import datetime
 import hashlib
 from utils.aestool import aescbc
 
+import decimal
+import uuid
 from django import http
 from django.contrib.sessions.backends.cache import SessionStore
 from django.core.cache import cache
@@ -51,10 +53,6 @@ class CusDjangoJSONEncoder(json.JSONEncoder):
             return str(o)
         elif isinstance(o, uuid.UUID):
             return str(o)
-        elif isinstance(o, Promise):
-            return six.text_type(o)
-        elif isinstance(o, CallableBool):
-            return bool(o)
         else:
             return super(DjangoJSONEncoder, self).default(o)
 
@@ -86,20 +84,6 @@ class AdminView(View):
             handler = self.http_method_not_allowed
         return admin_handler(handler, request, True, *args, **kwargs)
 
-class YRXView(View):
-
-    @method_decorator(csrf_exempt)
-    def dispatch(self, request, *args, **kwargs):
-        """
-        @attention: as_view()方法使用该方法来分发不同http method,添加异常处理及登陆校验
-        """
-        self.http_method_names.append("options")
-        if request.method.lower() in self.http_method_names:
-            handler = getattr(self, request.method.lower(), self.http_method_not_allowed)
-        else:
-            handler = self.http_method_not_allowed
-        return yrx_handler(handler, request, True, *args, **kwargs)
-
 
 class BaseView(View):
 
@@ -116,48 +100,6 @@ class BaseView(View):
         return api_wapper(handler, request, False, *args, **kwargs)
 
 
-class UploadView(View):
-    
-    @method_decorator(csrf_exempt)
-    def dispatch(self, request, *args, **kwargs):
-        """
-        @attention: as_view()方法使用该方法来分发不同http method,添加异常处理及登陆校验
-        """
-        if request.method.lower() in self.http_method_names:
-            handler = getattr(self, request.method.lower(), self.http_method_not_allowed)
-        else:
-            handler = self.http_method_not_allowed
-
-        return upload_wapper(handler,request,True, *args, **kwargs)
-
-
-class InnerView(View):
-    
-    @method_decorator(csrf_exempt)
-    def dispatch(self, request, *args, **kwargs):
-        """
-        @attention: as_view()方法使用该方法来分发不同http method,添加异常处理及登陆校验
-        """
-        if request.method.lower() in self.http_method_names:
-            handler = getattr(self, request.method.lower(), self.http_method_not_allowed)
-            if request.META.get("HTTP_TOKEN") != "7dpHIhpweckghdoSvrXwMftcjZRIzKwJ":
-                handler = self.http_method_not_allowed
-        else:
-            handler = self.http_method_not_allowed
-
-        return api_wapper(handler, request, False, *args, **kwargs)
-
-
-def show_history(request):
-    logined_history = cache.get("logined_history", {})
-    for k, v in logined_history.iteritems():
-        logger.info("k: %s, v: %s", str(k), str(v))
-    logger.info("current session: %s", str(request.session.session_key))
-    ss = SessionStore(request.session.session_key)
-    for k, v in ss.iteritems():
-        logger.info("k: %s, v: %s", str(k), str(v))
-
-
 def api_wapper(handler, request, is_vauth, *args, **kwargs):
     """
     @attention: 调试API时使用的装饰器
@@ -219,77 +161,8 @@ def admin_handler(handler, request, is_vauth, *args, **kwargs):
     req_path = request.META["PATH_INFO"]
     ip = request.META.get("HTTP_X_REAL_IP","")
     token = request.META.get("HTTP_AUTHORIZATION")
-    if is_vauth and token:
-        dectoken = aescbc.decrypt(token)
-        name = dectoken.split("_")[0]
-        utype = dectoken.split("_")[1]
-        if str(utype) == "0":
-            user = UserInfo.objects.filter(id=name).first()
-        elif str(utype) == "1": 
-            user = cm.Goverment.objects.filter(id=name).first()
-        else:
-            user = cm.EnterPrise.objects.filter(id=name).first()
-        if not user and False:
-            #return JsonResponse({"code":403,"data":{}})
-            return HttpResponse(status=403)
-
-        setattr(request, "ip", get_ip(request))
-        setattr(request, "user", user)
-        setattr(request, "utype", utype)
-        if request.method == "OPTIONS":
-            return JsonResponse({})
-
-    body = request.body if hasattr(request, "body") else ""
-    if "x-www-form-urlencoded" in request.content_type:
-        info = http.QueryDict(body).dict()
-        if not info:
-            info = request.GET.dict()
-    elif "application/json" in request.content_type:
-        info = json.loads(body) if body else {}
-        if not info:
-            info = request.GET.dict()
-    else:
-        try:
-            info = json.loads(body) if body else {}
-            if not info:
-                info = request.GET.dict()
-        except:
-            info = {}
-
-    setattr(request, "json", info)
-
-    try:
-        ret = handler(request, *args, **kwargs)
-        return ret
-    except Exception as e:
-        return to_fail(e)
-
-def yrx_handler(handler, request, is_vauth, *args, **kwargs):
-    """
-    登录session校验
-    """
-    req_path = request.META["PATH_INFO"]
-    ip = request.META.get("HTTP_X_REAL_IP","")
-    token = request.META.get("HTTP_AUTHORIZATION")
-    if is_vauth and token:
-        dectoken = aescbc.decrypt(token)
-        name = dectoken.split("_")[0]
-        utype = dectoken.split("_")[1]
-        if str(utype) == "0":
-            user = cm.YRXUser.objects.filter(id=name).first()
-        elif str(utype) == "1": 
-            user = cm.YRXUser.objects.filter(id=name).first()
-        else:
-            user = cm.YRXUser.objects.filter(id=name).first()
-        if not user and False:
-            #return JsonResponse({"code":403,"data":{}})
-            return HttpResponse(status=403)
-
-        setattr(request, "ip", get_ip(request))
-        setattr(request, "user", user)
-        setattr(request, "utype", utype)
-        if request.method == "OPTIONS":
-            return JsonResponse({})
+    if is_vauth and not request.user.is_authenticated():
+        return HttpResponse(status=403)
 
     body = request.body if hasattr(request, "body") else ""
     if "x-www-form-urlencoded" in request.content_type:
@@ -309,7 +182,7 @@ def yrx_handler(handler, request, is_vauth, *args, **kwargs):
             info = {}
 
     setattr(request, "json", info)
-
+    setattr(request, "ip", get_ip(request))
     try:
         ret = handler(request, *args, **kwargs)
         return ret

src/common/models.py

@@ -137,6 +137,33 @@ class Stock(models.Model):
         return u"{}){}".format(self.id, self.username)
 
 
+class SysUserInfo(models.Model):
+    # 基础属性
+    name = models.CharField(u"名字", max_length=255, blank=True,null=True)
+    phone = models.CharField(u"手机号", max_length=255, blank=True,null=True)
+    password = models.CharField(u"密码", max_length=255, blank=True,null=True)
+    realname = models.CharField(u"真实名称", max_length=255, blank=True, null=True)
+    permissions = models.TextField(u"权限", blank=True,null=True)
+    is_active = models.SmallIntegerField(u"是否激活可用",default=0)
+
+    ctime = models.DateTimeField(u"创建时间", auto_now_add=True)
+    last_login = models.DateTimeField(u"创建时间", blank=True,null=True)
+
+    class Meta:
+        db_table = "sys_users"
+        verbose_name = u"系统用户信息"
+        app_label = "common"
+
+    def __str__(self):
+        return u"{}){}".format(self.id, self.name)
+
+    def is_authenticated(self):
+        return True
+
+    def is_anonymous(self):
+        return False
+
+
 class OperationLogConfig(models.Model):
     """操作日志模板配置
     """

src/settings/settings_dev.py

@@ -60,4 +60,4 @@ LOGGING = {
 }
 
 HOST = "http://www.baianxi.com"
-PROJECT_NAME = u"白安兮"
+PROJECT_NAME = u"顽主杯"