标签:username code 短信 get python self 接口 mobile token
腾讯云短信开发
前期准备工作:
使用腾讯短信
https://cloud.tencent.com,微信扫码登录
搜索短信:https://console.cloud.tencent.com/smsv2
创建短信签名:公众号注册,提交等待审核
创建短信正文模版
等待审核
代码开发:
给手机发送短信---》第三方平台, 腾讯云短信--》
# API和SDK 有sdk优先用sdk
sdk:
3.0版本,云操作得sdk,不仅仅有发送短信,还有云功能的其他功能
2.0版本,简单,只有发送短信功能
安装sdk
方式一:pip install tencentcloud-sdk-python
方式二:源码安装:
下载源码 https://gitee.com/tencentcloud/tencentcloud-sdk-python
切到路径下执行 python setup.py install
发送短信测试
封装发送短信
libs下:
send_sms_v3
__init__.py
settings.py
sms.py
__init__.py
from .sms import get_code,send_sms
settings.py
SECRET_ID = ''
SECRET_KEY = ''
APP_ID = ''
SIGN_NAME = ''
TEMPLATE_ID = ''
sms.py
生成 n 位数字验证码的函数
import random
from tencentcloud.common import credential
from tencentcloud.common.exception.tencent_cloud_sdk_exception import TencentCloudSDKException
from tencentcloud.sms.v20210111 import sms_client, models
from tencentcloud.common.profile.client_profile import ClientProfile
from tencentcloud.common.profile.http_profile import HttpProfile
from . import settings
import json
def get_code(number=4):
code = ''
for i in range(number):
code += str(random.randint(0, 9)) # python 是强类型语言,不同类型运算不允许
return code
# 发送短信函数
def send_sms(code, mobile):
try:
cred = credential.Credential(settings.SECRET_ID, settings.SECRET_KEY)
httpProfile = HttpProfile()
httpProfile.reqMethod = "POST" # post请求(默认为post请求)
httpProfile.reqTimeout = 30 # 请求超时时间,单位为秒(默认60秒)
httpProfile.endpoint = "sms.tencentcloudapi.com" # 指定接入地域域名(默认就近接入)
clientProfile = ClientProfile()
clientProfile.signMethod = "TC3-HMAC-SHA256" # 指定签名算法
clientProfile.language = "en-US"
clientProfile.httpProfile = httpProfile
client = sms_client.SmsClient(cred, "ap-guangzhou", clientProfile)
req = models.SendSmsRequest()
req.SmsSdkAppId = settings.APP_ID
req.SignName = settings.SIGN_NAME
req.TemplateId = settings.TEMPLATE_ID
# 模板参数: 模板参数的个数需要与 TemplateId 对应模板的变量个数保持一致,,若无模板参数,则设置为空
req.TemplateParamSet = [code, '1']
# 下发手机号码,采用 E.164 标准,+[国家或地区码][手机号]
# 示例如:+8613711112222, 其中前面有一个+号 ,86为国家码,13711112222为手机号,最多不要超过200个手机号
req.PhoneNumberSet = ["+86" + mobile, ]
# 用户的 session 内容(无需要可忽略): 可以携带用户侧 ID 等上下文信息,server 会原样返回
req.SessionContext = ""
# 短信码号扩展号(无需要可忽略): 默认未开通,如需开通请联系 [腾讯云短信小助手]
req.ExtendCode = ""
# 国际/港澳台短信 senderid(无需要可忽略): 国内短信填空,默认未开通,如需开通请联系 [腾讯云短信小助手]
req.SenderId = ""
resp = client.SendSms(req)
# 输出json格式的字符串回包
res = json.loads(resp.to_json_string(indent=2))
if res.get('SendStatusSet')[0].get('Code') == 'Ok':
return True
else:
return False
except TencentCloudSDKException as err:
print(err)
return False
短信验证码接口
from libs.send_sms import get_code, send_sms as send_sms_ss
from threading import Thread
class UserView(GenericViewSet):
serializer_class = UserLoginSerializer
queryset = User.objects.all().filter(is_active=True)
@action(methods=['POST'], detail=False)
def send_sms(self, request):
try:
mobile = request.data['mobile']
# 生成验证码
code = get_code()
# 开启线程
# t = Thread(target=send_sms_ss, args=[code, mobile])
# t.start()
# return APIResponse(msg='短信已发送')
res = send_sms_ss(code, mobile) # 同步发送,后期可以改成异步 后期学了celery可以加入异步 目前咱们可以使用 多线程
if res:
return APIResponse(msg='发送成功')
else:
return APIResponse(code=101, msg='发送失败')
except Exception as e:
raise APIException(str(e))
短信登录接口
前端---》{mobile:12222,code:8888}--->post---》
视图类的方法中的逻辑
1 取出手机号和验证码
2 校验验证码是否正确(发送验证码接口,存储验证码)
session:根本不用
全局变量:不好,可能会取不到,集群环境中
缓存:django 自带缓存
from django.core.cache import cache
cache.set()
cache.get()
3 根据手机号查询用户,如果能查到
4 签发token
5 返回给前端
序列化类
from .models import User
from rest_framework import serializers
import re
from rest_framework.exceptions import APIException, ValidationError
from rest_framework_jwt.settings import api_settings
from django.core.cache import cache
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
class BaseUserSerializer:
def validate(self, attrs):
'''
把这个逻辑放在序列化类中
1 取出前端传入的用户名和密码
2 通过用户名和密码去数据库查询用户
3 如果能查到,签发token
4 返回给前端登录成功
'''
# attrs 是前端传入的数据,经过, 字段自己校验和局部钩子校验后的数据 {username:lqz,password:123}
user = self._get_user(attrs)
token = self._get_token(user)
# 把用户名,和token放到user的context中
self.context['token'] = token
self.context['username'] = user.username
return attrs
# 在类内部,隐藏属性和方法 __开头
# 在公司约定俗成,不用__ 使用_,表示不想给外部用,但是实在想用, 根据名字直接用
def _get_user(self, attrs):
raise Exception('你必须重写它')
def _get_token(self, user):
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
return token
# 这个序列化类用来校验字段----不做序列化,也不做反序列化
class UserLoginSerializer(BaseUserSerializer,serializers.ModelSerializer):
# 重写一下uername 把原来的校验规则去掉
username = serializers.CharField()
class Meta:
model = User
# username 映射过来,是唯一的,字段自己的校验就过不了 所以要重写这个字段
fields = ['username', 'password'] # 这个序列化类用来校验字段==不做序列化,不做反序列化
def _get_user(self, attrs):
username = attrs.get('username')
password = attrs.get('password')
if re.match(r'^1[3-9][0-9]{9}$', username):
user = User.objects.filter(mobile=username).first()
elif re.match(r'^[a-zA-Z0-9_.-]+@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)*\.[a-zA-Z0-9]{2,6}$', username):
user = User.objects.filter(email=username).first()
else:
user = User.objects.filter(username=username).first()
if user and user.check_password(password):
return user
else:
# 用户不存在或密码错误, 这里的代码,还是在全局钩子中执行,全局钩子校验失败要抛异常,所以在这抛异常
raise APIException('用户不存在或密码错误')
from django.core.cache import cache
class UserMobileLoginSerializer(BaseUserSerializer,serializers.ModelSerializer):
code = serializers.CharField()
mobile = serializers.CharField()
class Meta:
model = User
fields = ['mobile', 'code'] # code不是表字段 需要重写 mobile 有唯一约束,需要重写
def _get_user(self, attrs):
code = attrs.get('code')
mobile = attrs.get('mobile')
# 从缓存中取出
old_code = cache.get('sms_code_%s' % mobile)
# if old_code and old_code == code:
if code == str(8888): # 这地方把验证码写死了
# 根据手机号,查到用户
user = User.objects.filter(mobile=mobile).first()
if user:
return user
else:
raise APIException('用户不存在')
else:
raise APIException('验证码验证失败')
视图类
from rest_framework.viewsets import GenericViewSet
from rest_framework.decorators import action
from .models import User
from utils.common_response import APIResponse
from rest_framework.viewsets import ViewSetMixin
from rest_framework.generics import GenericAPIView
from .serializer import UserLoginSerializer
from libs.send_sms_v3 import get_code, send_sms as send_sms_ss
from threading import Thread
from .serializer import UserMobileLoginSerializer
from django.core.cache import cache
class UserView(GenericViewSet):
# class UerView(ViewSetMixin,GenericAPIView)
serializer_class = UserLoginSerializer
queryset = User.objects.all().filter(is_active=True)
@action(methods=['GET'], detail=False) # 保证这个接口的安全(短信轰炸机==) 解析除了好多网站的发送短信接口,用多线程
def check_mobile(self, request, *args, **kwargs):
try:
# 从地址栏中取出手机号 query_params : queryDict
mobile = request.query_params['mobile']
User.objects.get(mobile=mobile)
except Exception as e:
raise e
# return APIResponse(code=777,msg='手机号不存在')
return APIResponse(msg='手机号存在')
@action(methods=['POST'], detail=False)
def login_mul(self, request, *args, **kwargs):
# '''
# 把这个逻辑放在序列化类中
# 1 取出前端传入的用户名和密码
# 2 通过用户名和密码去数据库查询用户
# 3 如果能查到,签发token
# 4 返回给前端登录成功
# '''
# # 实例化 序列化类对象时,可以传入context字典 context是视图类和序列化类沟通的桥梁
# # 序列化类全局钩子,放入的
# # 有了序列化类对象,通过对象.context 就可以拿到值
# ser = self.get_serializer(data=request.data)
# ser.is_valid(raise_exception=True) # 执行这句话,会走字段自己的校验,局部钩子,全局钩子
# token = ser.context.get('token') # ser.context 是什么先不捉急
# username = ser.context.get('username')
# return APIResponse(token=token, username=username) # {code:100,msg:成功,token:aaaa,usernmae:lqz}
return self._login(request, *args, **kwargs)
@action(methods=['POST'], detail=False)
def send_sms(self, request):
try:
mobile = request.data['mobile']
# 生成验证码
code = get_code()
cache.set('sms_code_%s' % mobile, code)
t = Thread(target=send_sms_ss, args=[str(8888), mobile]) # 这个地方把验证码写死了 实际是code str(8888)
t.start()
return APIResponse(msg='短信已发送')
# res = send_sms_ss(code, mobile) # 同步发送,后期可以改成异步 后期学了celery可以加入异步 目前咱们可以使用 多线程
# if res:
# return APIResponse(msg='发送成功')
# else:
# return APIResponse(code=101, msg='发送失败')
except Exception as e:
raise APIException(str(e))
# 重写
def get_serializer_class(self):
# 如果访问login_sms方法 使用的序列化类是
# 如果是其他,还是要之前的
if self.action == 'login_sms':
return UserMobileLoginSerializer
else:
return super().get_serializer_class()
# @action(methods=['POST'], detail=False)
# def login_sms(self, request, *args, **kwargs):
# return self._login(request, *args, **kwargs)
# ser = self.get_serializer(data=request.data)
# # ser=UserMobileLoginSerializer(data=request.data)
# ser.is_valid(raise_exception=True)
# token = ser.context.get('token')
# username = ser.context.get('username')
# return APIResponse(token=token, username=username)
def _login(self, request, *args, **kwargs):
ser = self.get_serializer(data=request.data)
ser.is_valid(raise_exception=True)
token = ser.context.get('token')
username = ser.context.get('username')
return APIResponse(token=token, username=username)
@action(methods=['POST'], detail=False)
def login_sms(self, request, *args, **kwargs):
'''
1 取出前端传入的code
2 从缓存中取出 code校验 校验通过
3 根据手机号: 取出用户
4 签发token ---》返回给前端
'''
'''
逻辑写在序列化类中
1 实例化得到序列化类的对象
2 执行序列化类的.is_valid--->所有逻辑 写在序列化类中
3 从序列化类中取出token username
4 返回给前端
'''
# # ser = UserMobileLoginSerializer(instance=request.data)
# ser = self.get_serializer(instance=request.data)
# ser.is_valid(raise_exception=True)
# token = ser.context.get('token')
# username = ser.context.get('username')
# return APIResponse(token=token, username=username)
return self._login(request, *args, **kwargs)
短信注册接口
# 前端 ----》{mobile:11111,code:8888,password:222}--->post
# 后端 视图类
路由
# http://127.0.0.1:8000/api/v1/user/register/ post请求
router.register('register', views.RegisterUserView, 'register')
序列化类
class RegisterSerializer(serializers.ModelSerializer):
code = serializers.CharField(max_length=4, write_only=True)
class Meta:
model = User
fields = ['mobile', 'code', 'password']
extra_kwargs = {
'password': {'write_only': True}
}
def validate(self, attrs): # 全局钩子
'''
1 取出前端传入的code 校验code是否正确
2 把username设置成手机号(可以随机生成)用户名如果不传 存库进不去
3 code 不是数据库的字段 从attr中剔除
'''
mobile = attrs.get('mobile')
code = attrs.get('code')
old_code = cache.get('sms_code_%s' % mobile)
if old_code and old_code == code:
# 根据手机号,查到用户
attrs['username'] = mobile
attrs.pop('code')
else:
raise APIException('验证码验证失败')
return attrs
def create(self, validated_data): # 一定要重写create 因为密码是名文 如果不重写 存入到数据库的也是明文
# validated_data = {username:111111,mobile:22222,password:222}
# 创建用户
user = User.objects.create_user(**validated_data)
# 不要忘了 return
return user
视图类
class RegisterUserView(GenericViewSet, CreateModelMixin):
queryset = User.objects.all()
serializer_class = RegisterSerializer
def create(self, request, *args, **kwargs):
# 使用父类的,会触发序列化,一定要让code 只读只写
super().create(request, *args, **kwargs)
# 另一种写法 不用序列化
# serializer = self.get_serializer(data=request.data)
# serializer.is_valid(raise_exception=True)
# self.perform_create(serializer)
return APIResponse(msg='注册成功')
标签:username,
code,
短信,
get,
python,
self,
接口,
mobile,
token
From: https://www.cnblogs.com/xm15/p/17185707.html