import re from django.core.cache import cache from django.db.models import Q from django.utils import timezone from rest_framework.decorators import api_view, permission_classes from rest_framework.permissions import AllowAny from rest_framework.response import Response from rest_framework import serializers as drf_serializers from drf_spectacular.utils import extend_schema, inline_serializer from config.exceptions import AppError from apps.user.models import User, Institution from apps.user.audit import log_login_success, log_login_fail, log_register from apps.user.auth import ( get_tokens_for_user, build_user_response, get_client_ip, get_user_agent, CMS_ROLE_TYPES, TRIAL_INSTITUTION_NAME, ) LOGIN_FAIL_MAX = 5 LOGIN_FAIL_LOCK_SECONDS = 15 * 60 # 15 分钟 _LOGIN_RESPONSE = inline_serializer('LoginResponse', fields={ 'message': drf_serializers.CharField(), 'user': drf_serializers.DictField(help_text='用户基本信息'), 'tokens': drf_serializers.DictField(help_text='access + refresh'), }) # ── U3 密码登录 ────────────────────────────────────────────────────────────── @extend_schema( summary='U3 密码登录(CMS 端)', description='CMS 端登录:用户名或手机号 + 密码 + 角色,三者必填。角色须为 ' 'super_admin / hospital_admin / content_admin / doctor 之一,且与账号实际角色一致。', request=inline_serializer('LoginPasswordRequest', fields={ 'account': drf_serializers.CharField(help_text='用户名或手机号'), 'password': drf_serializers.CharField(help_text='密码'), 'role': drf_serializers.ChoiceField( choices=list(CMS_ROLE_TYPES), help_text='角色:super_admin/hospital_admin/content_admin/doctor'), }), responses={200: _LOGIN_RESPONSE}, tags=['认证'], ) @api_view(['POST']) @permission_classes([AllowAny]) def login_password(request): """U3 密码登录(CMS 端:用户名/手机号 + 密码 + 角色)""" data = request.data account = str(data.get('account', '')).strip() password = str(data.get('password', '')) role = str(data.get('role', '')).strip() if not account or not password or not role: raise AppError('AUTH_BAD_CREDENTIALS', '用户名、密码、角色不能为空') if role not in CMS_ROLE_TYPES: raise AppError('AUTH_INVALID_ROLE', '角色无效,仅允许 super_admin / hospital_admin / content_admin / doctor') ip = get_client_ip(request) ua = get_user_agent(request) # 检查账号锁定 fail_key = f'login_fail:{account}' fail_count = cache.get(fail_key) if fail_count is not None and int(fail_count) >= LOGIN_FAIL_MAX: raise AppError('AUTH_ACCOUNT_LOCKED', '登录失败次数过多,请 15 分钟后再试', status_code=423) # 查找用户(用户名或手机号;不区分"未注册"和"密码错",防用户名枚举) try: user = User.objects.select_related('institution', 'department').get( Q(username=account) | Q(phone=account) ) except User.DoesNotExist: log_login_fail(account, ip=ip, reason='account_not_found') raise AppError('AUTH_BAD_CREDENTIALS', '账号、密码或角色错误') # 账号禁用检查 if user.status == 0: log_login_fail(account, ip=ip, reason='account_disabled') raise AppError('AUTH_ACCOUNT_DISABLED', '账号已被禁用,请联系管理员', status_code=403) # 校验密码 + 角色(角色不一致同样返回通用错误,避免暴露真实角色) if not user.check_password(password) or user.role_type != role: current = cache.get(fail_key) new_count = (int(current) + 1) if current is not None else 1 cache.set(fail_key, new_count, timeout=LOGIN_FAIL_LOCK_SECONDS) reason = 'wrong_password' if user.role_type == role else 'role_mismatch' log_login_fail(account, ip=ip, reason=reason) raise AppError('AUTH_BAD_CREDENTIALS', '账号、密码或角色错误') # 登录成功 cache.delete(fail_key) user.last_login_time = timezone.now() user.save(update_fields=['last_login_time']) tokens = get_tokens_for_user(user) log_login_success(user.id, user.phone, ip=ip, ua=ua) return Response({ 'message': '登录成功', 'user': build_user_response(user), 'tokens': tokens, }) # ── U4 验证码登录(自动注册)──────────────────────────────────────────────── _LOGIN_CODE_RESPONSE = inline_serializer('LoginCodeResponse', fields={ 'message': drf_serializers.CharField(), 'user': drf_serializers.DictField(help_text='用户基本信息'), 'tokens': drf_serializers.DictField(help_text='access + refresh'), 'is_new_user': drf_serializers.BooleanField(help_text='是否为新注册用户'), }) @extend_schema( summary='U4 验证码登录(移动端)', description='移动端学生登录:手机号 + 验证码 + 所选机构编码。' f'仅当所选机构为试用机构({TRIAL_INSTITUTION_NAME})时,未注册手机号首次即自动注册(角色=student);' '其它机构必须由 CMS 先录入学生,且所选机构需与录入机构一致,否则拒绝登录。机构不会自动创建。', request=inline_serializer('LoginCodeRequest', fields={ 'phone': drf_serializers.CharField(help_text='手机号'), 'code': drf_serializers.CharField(help_text='6 位短信验证码'), 'institution_code': drf_serializers.CharField(help_text='机构编码(来自机构列表接口,必填)'), }), responses={200: _LOGIN_CODE_RESPONSE, 201: _LOGIN_CODE_RESPONSE}, tags=['认证'], ) @api_view(['POST']) @permission_classes([AllowAny]) def login_code(request): """U4 验证码登录(移动端:仅试用机构可自动注册)""" data = request.data phone = str(data.get('phone', '')) code = str(data.get('code', '')) institution_code = str(data.get('institution_code', '')).strip() # ── 入参校验 ────────────────────────────────────────────────────────────── if not re.match(r'^1[3-9]\d{9}$', phone): raise AppError('SMS_INVALID_PHONE', '手机号格式不合法') if not code: raise AppError('AUTH_CODE_INVALID', '请输入验证码') if not institution_code: raise AppError('USER_INSTITUTION_CODE_REQUIRED', '机构编码不能为空') # ── 校验验证码(先校验再查用户,避免未注册用户也暴露手机号状态)─────────── cache_key = f'sms:login:{phone}' cached_code = cache.get(cache_key) if not cached_code: raise AppError('AUTH_CODE_EXPIRED', '验证码已过期或未发送') if str(cached_code) != code: raise AppError('AUTH_CODE_MISMATCH', '验证码错误') # 验证码一次性使用 cache.delete(cache_key) cache.delete(f'login_fail:{phone}') # ── 解析机构(仅按编码查询,不创建)────────────────────────────────────── try: institution = Institution.objects.get(code=institution_code) except Institution.DoesNotExist: raise AppError('USER_INSTITUTION_NOT_FOUND', '机构不存在,请重新选择') is_trial = institution.name == TRIAL_INSTITUTION_NAME # ── 查找用户 ────────────────────────────────────────────────────────────── ip = get_client_ip(request) ua = get_user_agent(request) from django.db import IntegrityError try: user = User.objects.select_related('institution', 'department').get(phone=phone) is_new = False except User.DoesNotExist: user = None is_new = False if user is None: # 仅试用机构允许首次自动注册;其它机构必须先由 CMS 录入 if not is_trial: raise AppError('AUTH_NOT_REGISTERED', '账号未录入,请联系管理员', status_code=403) try: user = User.objects.create_user( username=phone, password=None, phone=phone, role_type='student', institution=institution, status=1, ) is_new = True except IntegrityError: user = User.objects.select_related('institution', 'department').get(phone=phone) is_new = False if is_new: log_register(user.id, phone) else: if user.status == 0: raise AppError('AUTH_ACCOUNT_DISABLED', '账号已被禁用,请联系管理员', status_code=403) if not is_trial: # 移动端只有学生;非试用机构需校验角色与所选机构一致(不暴露 CMS 账号是否存在) if user.role_type != 'student': raise AppError('AUTH_NOT_REGISTERED', '账号未录入,请联系管理员', status_code=403) if user.institution_id != institution.id: raise AppError('AUTH_INSTITUTION_MISMATCH', '所选机构与账号不匹配', status_code=403) user.last_login_time = timezone.now() user.save(update_fields=['last_login_time']) tokens = get_tokens_for_user(user) log_login_success(user.id, phone, ip=ip, ua=ua) return Response({ 'message': '注册并登录成功' if is_new else '登录成功', 'user': build_user_response(user), 'tokens': tokens, 'is_new_user': is_new, }, status=201 if is_new else 200)