heymlz/hossein-por-shop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

otp hash

Browse Source
This commit is contained in:
Parsa Nazer
2024-12-15 21:09:34 +03:30
parent fe8c391fb1
commit 4bb7f25228
4 changed files with 46 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/account/admin.py
+1 -1
View File
@@ -6,4 +6,4 @@ from unfold.admin import ModelAdmin
@admin.register(User)
class UserAdmin(ModelAdmin):
list_display = ['phone', 'email', 'is_superuser']
readonly_fields = ['password', 'last_login', 'otp_expiry']
readonly_fields = ['password', 'last_login', 'otp_expiry', 'otp_hash']
backend/account/migrations/0007_remove_user_otp_user_otp_hash_alter_user_otp_expiry.py
+27
View File
@@ -0,0 +1,27 @@
# Generated by Django 5.1.2 on 2024-12-15 17:24
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('account', '0006_useraddressmodel'),
]
operations = [
migrations.RemoveField(
model_name='user',
name='otp',
),
migrations.AddField(
model_name='user',
name='otp_hash',
field=models.CharField(blank=True, max_length=64, null=True),
),
migrations.AlterField(
model_name='user',
name='otp_expiry',
field=models.DateTimeField(blank=True, null=True),
),
]
backend/account/models.py
+16 -11
View File
@@ -5,7 +5,7 @@ import random
from datetime import datetime, timedelta
from django.utils import timezone
from rest_framework_simplejwt.token_blacklist.models import BlacklistedToken, OutstandingToken
import hashlib
class UserManager(BaseUserManager):
def create_user(self, phone, password=None):
if not phone:
@@ -40,8 +40,8 @@ class User(AbstractBaseUser, PermissionsMixin):
is_active = models.BooleanField(default=True)
is_staff = models.BooleanField(default=False)
date_joined = models.DateTimeField(auto_now_add=True, verbose_name='تاریخ ثبتنام')
otp = models.CharField(max_length=6, blank=True, null=True, verbose_name='تاریخ ثبتنام')
otp_expiry = models.DateTimeField(blank=True, null=True, verbose_name='تاریخ تمام شدن otp')
otp_hash = models.CharField(max_length=64, null=True, blank=True, verbose_name='کد یک بار مصرف')
otp_expiry = models.DateTimeField(null=True, blank=True, verbose_name='تاریخ تمام شدن کد یک بار مصرف')
objects = UserManager()
USERNAME_FIELD = 'phone'
@@ -57,19 +57,24 @@ class User(AbstractBaseUser, PermissionsMixin):
def _hash_otp(self, otp):
return hashlib.sha256(otp.encode()).hexdigest()
def set_otp(self):
self.otp = str(random.randint(100000, 999999))
self.otp_expiry = timezone.now() + timedelta(minutes=5)
raw_otp = str(random.randint(100000, 999999))
self.otp_hash = self._hash_otp(raw_otp)
self.otp_expiry = timezone.now() + timedelta(minutes=5)
self.save()
return raw_otp
def clear_otp(self):
self.otp = None
self.otp_hash = None
self.otp_expiry = None
self.save()
def verify_otp(self, otp_code):
if self.otp == otp_code and self.otp_expiry > timezone.now():
return True
if self.otp_hash and self.otp_expiry > timezone.now():
return self.otp_hash == self._hash_otp(otp_code)
return False
@@ -89,13 +94,13 @@ class User(AbstractBaseUser, PermissionsMixin):
if self.first_name and self.last_name:
return f'{self.first_name} {self.last_name}'
else:
return self.email
return self.phone
def get_name(self):
if self.first_name and self.last_name:
return f'{self.first_name} {self.last_name}'
else:
return self.email
return self.phone
class UserAddressModel(models.Model):
backend/account/views.py
+2 -2
View File
@@ -28,8 +28,8 @@ class SendOTPView(APIView):
user, created = User.objects.get_or_create(phone=phone)
print(created)
print(user.phone)
user.set_otp()
message = f"کد یک بار مصرف : {user.otp}"
otp = user.set_otp()
message = f"کد یک بار مصرف : {otp}"
print(message)
# send otp
return Response({'detail': 'OTP sent successfully'}, status=status.HTTP_200_OK)