zhangyuheng/MrDoc
1
0
Fork 0
forked from mirror/MrDoc
Code Pull Requests Activity

调整API跳转登录的错误返回方式并添加错误页

Browse Source
This commit is contained in:
HuYang 2020-12-30 11:12:24 +08:00
parent 5710229f8a
commit 8230b3879a
2 changed files with 42 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
app_api/views.py
View File

@ -17,6 +17,7 @@ from django.shortcuts import render,redirect
# MrDoc 基于用户的Token访问API模块 # MrDoc 基于用户的Token访问API模块
# 用户通过该url获取服务器时间戳便于接口访问 # 用户通过该url获取服务器时间戳便于接口访问
# url范例http://127.0.0.1:8000/api/get_timestamp/
def get_timestamp(request): def get_timestamp(request):
now_time = str(int(time.time())) now_time = str(int(time.time()))
return JsonResponse({'status':True,'data':now_time}) return JsonResponse({'status':True,'data':now_time})
@ -38,19 +39,19 @@ def oauth0(request):
# 1 、验证timestamp的时效性 # 1 、验证timestamp的时效性
nowtime = int (time.time()) nowtime = int (time.time())
# 时间戳失效时间默认为3600可以改短如30严格点5秒如果使用5秒请求前需要通过get_timestamp获取服务器时间戳否则因为和服务器时间差导致无法验证通过 # 时间戳失效时间默认为3600可以改短如30严格点5秒如果使用5秒请求前需要通过get_timestamp获取服务器时间戳否则因为和服务器时间差导致无法验证通过
if (nowtime - int(timestamp)) > 3600 : if (nowtime - int(timestamp)) > 3600 :
return JsonResponse({'status':False,'data':nowtime,'errormsg':"out of time"}) raise ValueError('链接已失效,请从合法路径访问,或联系管理员!')
# 2、获取userid的Token # 2、获取userid的Token
user = User.objects.get(username=username) user = User.objects.get(username=username)
if user is None: if user is None:
return JsonResponse({'status':False,'data':nowtime,'errormsg':'user error'}) raise ValueError('请求用户出错!')
ID = user.id ID = user.id
State = user.is_active State = user.is_active
if State == 1 and ID is not None: if State == 1 and ID is not None:
usertoken = UserToken.objects.get(user_id=ID) usertoken = UserToken.objects.get(user_id=ID)
token = usertoken.token token = usertoken.token
else: else:
return JsonResponse({'status':False,'data':nowtime,'errormsg':'user deny'}) raise ValueError('非法用户!')
# 3、 验证hash的正确性 # 3、 验证hash的正确性
final_str = str(randstr) + str(timestamp) + str(username) + token final_str = str(randstr) + str(timestamp) + str(username) + token
@ -61,14 +62,18 @@ def oauth0(request):
from urllib.parse import unquote from urllib.parse import unquote
newurl = unquote(redirecturl) newurl = unquote(redirecturl)
return redirect(newurl) return redirect(newurl)
else: else:
return JsonResponse({'status':False,'data':nowtime,'errmsg':'hash error!'}) raise ValueError('验证失败,可能是用户名或Token不正确!详情请联系管理员!')
else: else:
return JsonResponse({'status':False,'data':'Some keywords is empty!'}) raise ValueError('关键字验证失败,请联系管理员!部分关键字为空')
except ValueError as e:
errormsg = e
return render(request, 'app_api/api404.html', locals())
except : except :
return JsonResponse({'status':False,'data':'Something wrong here!!'}) errormsg = "API接口运行出错"
return render(request, 'app_api/api404.html', locals())
else: else:
return JsonResponse({'status':False,'data':'Nothing Here'}) return JsonResponse({'status':False,'data':'Nothing Here'})

28
template/app_api/api404.html Normal file
View File

@ -0,0 +1,28 @@
{% load static %}
{% load i18n %}
<!DOCTYPE html>
<html lang="zh-cn">
<head>
<meta charset="UTF-8">
<title>{% trans "页面未找到" %} - {% if site_name != None %}{{site_name}} {% else %}{% trans "觅道文档MrDoc" %}{% endif %}</title>
<link href="{% static 'layui/css/layui.css' %}" rel="stylesheet">
<link href="{% static 'mrdoc/mrdoc.css' %}" rel="stylesheet">
<link rel="icon" href="{% static 'search/mrdoc_logo_300.png' %}" sizes="192x192" />
</head>
<body class="layui-container">
<!-- 页头 -->
{% include 'app_doc/head_base.html' %}
<!-- 页头结束 -->
<div class="layui-main">
<div style="text-align: center;margin-top: 40px;">
<br/><br/><br/><h2>
<strong>{{ errormsg }}</strong>
</h2><br/><br/><br/><br/>
<p><a href="{% url 'pro_list' %}" >{% trans "返回首页" %}</a></p>
</div>
</div>
<script src="https://cdn.bootcss.com/jquery/3.1.1/jquery.min.js"></script>
<script src="{% static 'layui/layui.all.js' %}"></script>
</body>
</html>