注册码生成以及用户注册

2025-11-17 18:03:13 +08:00
parent 6e332f248f
commit 32ff920921
11 changed files with 413 additions and 9 deletions
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -13,6 +13,7 @@ from django.conf import settings

 from .es_client import get_user_by_username
 from .crypto import get_public_key_spki_b64, rsa_oaep_decrypt_b64, aes_gcm_decrypt_b64, verify_password
+from elastic.es_connect import get_registration_code, get_user_by_username as es_get_user_by_username, get_all_users as es_get_all_users, write_user_data


@require_http_methods(["GET"])
@@ -157,4 +158,54 @@ def logout(request):
    except Exception:
        pass

-    return resp
+    return resp
+
+@require_http_methods(["GET"])
+@ensure_csrf_cookie
+def register_page(request):
+    return render(request, "accounts/register.html")
+
+@require_http_methods(["POST"])
+@csrf_protect
+def register_submit(request):
+    try:
+        payload = json.loads(request.body.decode("utf-8"))
+    except json.JSONDecodeError:
+        return HttpResponseBadRequest("Invalid JSON")
+    code = (payload.get("code") or "").strip()
+    email = (payload.get("email") or "").strip()
+    username = (payload.get("username") or "").strip()
+    password = (payload.get("password") or "")
+    if not code or not email or not username or not password:
+        return HttpResponseBadRequest("Missing fields")
+    rc = get_registration_code(code)
+    if not rc:
+        return JsonResponse({"ok": False, "message": "注册码无效"}, status=400)
+    try:
+        exp = rc.get("expires_at")
+        now = __import__("datetime").datetime.now(__import__("datetime").timezone.utc)
+        if hasattr(exp, 'isoformat'):
+            exp_dt = exp
+        else:
+            exp_dt = __import__("datetime").datetime.fromisoformat(str(exp))
+        if exp_dt <= now:
+            return JsonResponse({"ok": False, "message": "注册码已过期"}, status=400)
+    except Exception:
+        pass
+    existing = es_get_user_by_username(username)
+    if existing:
+        return JsonResponse({"ok": False, "message": "用户名已存在"}, status=409)
+    users = es_get_all_users()
+    next_id = (max([int(u.get("user_id", 0)) for u in users]) + 1) if users else 1
+    ok = write_user_data({
+        "user_id": next_id,
+        "username": username,
+        "password": password,
+        "permission": 1,
+        "email": email,
+        "key": rc.get("keys") or [],
+        "manage_key": rc.get("manage_keys") or [],
+    })
+    if not ok:
+        return JsonResponse({"ok": False, "message": "注册失败"}, status=500)
+    return JsonResponse({"ok": True, "redirect_url": "/accounts/login/"})