BZ易风

导航

 

https://juejin.im/entry/56b30250df0eea0054375e1d

安装

pip install itsdangerous

 使用

from itsdangerous import TimedJSONWebSignatureSerializer as Serializer # 导入itsdangerous里面的类 实现加密
from django.conf import settings

# 创建序列化对象
# Serializer(私钥, 生命周期(秒))
# serializer = Serializer('secretkey', 3600)  # 私钥不能公开,不然就能被篡改 可以借助django里setting.py配置文件中的SECRET_KEY
serializer = Serializer(settings.SECRET_KEY, 3600)
info =  {'confirm':1}
# 通过序列化器dumps方法进行加密
data = serializer.dumps(info)  # dumps里传的是键值对 是二进制
# 编码
data = data.decode('utf-8')
print(data)

# 解密
res = serializer.loads(data)
print(res)

 实例user/views.py

from django.shortcuts import render, redirect
from django.http import HttpResponse, JsonResponse
from django.core.urlresolvers import reverse  # 反响解析
from django.views.generic import View  # 导入类试图
from django.conf import settings  # 导入配置文件 获取私钥
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer # 导入itsdangerous里面的类 实现加密

import re
from user.models import *
# Create your views here.

class RegisterView(View):
    '''注册'''
    def get(self, request):
        '''显示注册页面'''
        return render(request, 'register.html')

    def post(self, request):
        '''进行注册处理'''
        # 接受数据
        username = request.POST.get('user_name')
        password = request.POST.get('pwd')
        email = request.POST.get('email')
        allow = request.POST.get('allow')
        # 校验
        # 数据完整度
        if not all([username, password, email]):
            return render(request, 'register.html', {'errmsg': '数据不完整'})
        # 邮箱验证
        if not re.match(r'^[A-Za-z0-9\u4e00-\u9fa5]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$', email):
            return render(request, 'register.html', {'errmsg': '邮箱格式不正确'})
        # 校验协议
        if allow != 'on':
            return render(request, 'register.html', {'errmsg': '请同意协议'})
        # 校验用户是否存在
        try:
            user = User.objects.get(username=username)
        except Exception as e:
            user = None
        if user:
            # 用户已存在
            return render(request, 'register.html', {'errmsg': '用户名已存在'})

        # 进行用户注册
        # create_user() 注册用户
        user = User.objects.create_user(username, email, password)
        user.is_active = 0  # 0为未激活状态
        user.save()

        # 进行token加密
        serializer = Serializer(settings.SECRET_KEY, 3600)
        info = {'confirm':user.id}
        token = serializer.dumps(info).decode('utf-8')


        return redirect(reverse('goods:index'))

# 用户激活
from itsdangerous import SignatureExpired  # 解密信息过期错误
class ActiveView(View):
    def get(self, request, token):
        '''进行用户激活'''
        # 进行解密 获取要激活的用户信息
        serializer = Serializer(settings.SECRET_KEY, 3600)
        try:
            info = serializer.loads(token)
            # 获取待激活用户id
            user_id = info['confirm']
            
            # 根据id获取用户信息
            user = User.objects.get(id=user_id)
            user.is_active = 1
            user.save()
            
            # 跳转登录页面
            return redirect(reverse('user:login'))
        except SignatureExpired as e:
            # 激活链接已过期
            return HttpResponse('激活链接已过期')
        

 

posted on 2019-09-24 17:38  BZ易风  阅读(400)  评论(0编辑  收藏  举报