2026-05-29 15:58:00 +08:00
|
|
|
import re
|
|
|
|
|
|
|
|
|
|
from django.db import transaction, IntegrityError
|
|
|
|
|
from rest_framework import status
|
|
|
|
|
from rest_framework.decorators import api_view, permission_classes, throttle_classes
|
|
|
|
|
from rest_framework.permissions import AllowAny
|
|
|
|
|
from rest_framework.response import Response
|
|
|
|
|
from rest_framework import serializers as drf_serializers
|
|
|
|
|
from drf_spectacular.utils import extend_schema, inline_serializer
|
|
|
|
|
|
|
|
|
|
from config.exceptions import AppError
|
2026-06-03 17:34:47 +08:00
|
|
|
from apps.user.models import User, Department
|
2026-05-29 15:58:00 +08:00
|
|
|
from apps.user.throttling import RegisterIpThrottle
|
|
|
|
|
from apps.user.audit import log_register
|
2026-06-03 17:34:47 +08:00
|
|
|
from apps.user.auth import (
|
|
|
|
|
get_tokens_for_user, build_user_response, ALLOWED_ROLE_TYPES,
|
|
|
|
|
resolve_or_create_institution,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
DEFAULT_PASSWORD_PREFIX = 'Pass'
|
2026-05-29 15:58:00 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@extend_schema(
|
2026-06-03 17:34:47 +08:00
|
|
|
summary='U2 管理员代注册',
|
|
|
|
|
description='CMS 管理员为他人注册账号,无需验证码。默认密码为 Pass+手机号(如 Pass13800001001),用户可自行修改。'
|
|
|
|
|
'机构不存在会自动创建。',
|
2026-05-29 15:58:00 +08:00
|
|
|
request=inline_serializer('RegisterRequest', fields={
|
|
|
|
|
'phone': drf_serializers.CharField(help_text='手机号'),
|
|
|
|
|
'real_name': drf_serializers.CharField(help_text='真实姓名'),
|
|
|
|
|
'role_type': drf_serializers.ChoiceField(
|
|
|
|
|
choices=['student', 'doctor', 'teacher'],
|
|
|
|
|
required=False, default='student', help_text='角色类型'),
|
2026-06-03 17:34:47 +08:00
|
|
|
'institution_code': drf_serializers.CharField(help_text='机构编码(必填,唯一标识)'),
|
|
|
|
|
'institution_name': drf_serializers.CharField(help_text='机构名称(必填)'),
|
2026-05-29 15:58:00 +08:00
|
|
|
'department_name': drf_serializers.CharField(required=False, help_text='科室名称'),
|
|
|
|
|
}),
|
|
|
|
|
responses={201: inline_serializer('RegisterResponse', fields={
|
|
|
|
|
'message': drf_serializers.CharField(),
|
|
|
|
|
'user': drf_serializers.DictField(help_text='用户基本信息'),
|
|
|
|
|
'tokens': drf_serializers.DictField(help_text='access + refresh'),
|
|
|
|
|
})},
|
|
|
|
|
tags=['认证'],
|
|
|
|
|
)
|
|
|
|
|
@api_view(['POST'])
|
2026-06-03 17:34:47 +08:00
|
|
|
@permission_classes([AllowAny]) # TODO: 上线前改为管理员权限
|
2026-05-29 15:58:00 +08:00
|
|
|
@throttle_classes([RegisterIpThrottle])
|
|
|
|
|
def register(request):
|
2026-06-03 17:34:47 +08:00
|
|
|
"""U2 管理员代注册(手机号 + 密码,无需验证码)"""
|
2026-05-29 15:58:00 +08:00
|
|
|
data = request.data
|
|
|
|
|
|
|
|
|
|
phone = str(data.get('phone', ''))
|
|
|
|
|
real_name = str(data.get('real_name', ''))
|
|
|
|
|
role_type = str(data.get('role_type', 'student'))
|
2026-06-03 17:34:47 +08:00
|
|
|
institution_code = str(data.get('institution_code', '')).strip()
|
|
|
|
|
institution_name = str(data.get('institution_name', '')).strip()
|
2026-05-29 15:58:00 +08:00
|
|
|
department_name = data.get('department_name') or ''
|
|
|
|
|
|
|
|
|
|
# ── 入参校验 ──────────────────────────────────────────────────────────────
|
|
|
|
|
|
|
|
|
|
if not re.match(r'^1[3-9]\d{9}$', phone):
|
|
|
|
|
raise AppError('SMS_INVALID_PHONE', '手机号格式不合法')
|
|
|
|
|
|
|
|
|
|
if not real_name or len(real_name) < 2 or len(real_name) > 20:
|
|
|
|
|
raise AppError('USER_INVALID_NAME', '姓名长度应在 2-20 字符之间')
|
|
|
|
|
|
|
|
|
|
if role_type not in ALLOWED_ROLE_TYPES:
|
|
|
|
|
raise AppError('AUTH_INVALID_ROLE', '角色类型无效,仅允许 student / doctor / teacher')
|
|
|
|
|
|
2026-06-03 17:34:47 +08:00
|
|
|
if not institution_code:
|
|
|
|
|
raise AppError('USER_INSTITUTION_CODE_REQUIRED', '机构编码不能为空')
|
2026-05-29 15:58:00 +08:00
|
|
|
|
2026-06-03 17:34:47 +08:00
|
|
|
if not institution_name:
|
|
|
|
|
raise AppError('USER_INSTITUTION_REQUIRED', '机构名称不能为空')
|
2026-05-29 15:58:00 +08:00
|
|
|
|
2026-06-03 17:34:47 +08:00
|
|
|
password = f'{DEFAULT_PASSWORD_PREFIX}{phone}'
|
2026-05-29 15:58:00 +08:00
|
|
|
|
|
|
|
|
# ── 机构 / 科室解析 ──────────────────────────────────────────────────────
|
|
|
|
|
|
2026-06-03 17:34:47 +08:00
|
|
|
institution = resolve_or_create_institution(institution_code, institution_name)
|
2026-05-29 15:58:00 +08:00
|
|
|
|
|
|
|
|
department = None
|
|
|
|
|
if department_name:
|
2026-06-03 17:34:47 +08:00
|
|
|
qs = Department.objects.filter(name=department_name, institution=institution)
|
2026-05-29 15:58:00 +08:00
|
|
|
cnt = qs.count()
|
|
|
|
|
if cnt == 0:
|
|
|
|
|
raise AppError('USER_DEPARTMENT_NOT_FOUND', f'科室"{department_name}"不存在')
|
|
|
|
|
if cnt > 1:
|
|
|
|
|
raise AppError('USER_DEPARTMENT_AMBIGUOUS',
|
2026-06-03 17:34:47 +08:00
|
|
|
f'科室"{department_name}"不唯一')
|
2026-05-29 15:58:00 +08:00
|
|
|
department = qs.first()
|
|
|
|
|
|
|
|
|
|
# ── 事务内创建用户 ────────────────────────────────────────────────────────
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
with transaction.atomic():
|
|
|
|
|
if User.objects.filter(phone=phone).exists():
|
|
|
|
|
raise AppError('AUTH_PHONE_REGISTERED', '该手机号已注册')
|
|
|
|
|
|
|
|
|
|
user = User.objects.create_user(
|
|
|
|
|
username=phone,
|
|
|
|
|
password=password,
|
|
|
|
|
phone=phone,
|
|
|
|
|
real_name=real_name,
|
|
|
|
|
role_type=role_type,
|
|
|
|
|
institution=institution,
|
|
|
|
|
department=department,
|
|
|
|
|
status=1,
|
|
|
|
|
)
|
|
|
|
|
except AppError:
|
|
|
|
|
raise
|
|
|
|
|
except IntegrityError:
|
|
|
|
|
raise AppError('AUTH_PHONE_REGISTERED', '该手机号已注册')
|
|
|
|
|
|
|
|
|
|
# ── 善后 ──────────────────────────────────────────────────────────────────
|
|
|
|
|
|
|
|
|
|
tokens = get_tokens_for_user(user)
|
|
|
|
|
log_register(user.id, phone)
|
|
|
|
|
|
|
|
|
|
return Response({
|
|
|
|
|
'message': '注册成功',
|
|
|
|
|
'user': build_user_response(user),
|
|
|
|
|
'tokens': tokens,
|
|
|
|
|
}, status=status.HTTP_201_CREATED)
|
