otp hash
This commit is contained in:
Parsa Nazer
@@ -6,4 +6,4 @@ from unfold.admin import ModelAdmin
|
|||||||
@admin.register(User)
|
@admin.register(User)
|
||||||
class UserAdmin(ModelAdmin):
|
class UserAdmin(ModelAdmin):
|
||||||
list_display = ['phone', 'email', 'is_superuser']
|
list_display = ['phone', 'email', 'is_superuser']
|
||||||
readonly_fields = ['password', 'last_login', 'otp_expiry']
|
readonly_fields = ['password', 'last_login', 'otp_expiry', 'otp_hash']
|
||||||
+27
@@ -0,0 +1,27 @@
|
|||||||
|
# Generated by Django 5.1.2 on 2024-12-15 17:24
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('account', '0006_useraddressmodel'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.RemoveField(
|
||||||
|
model_name='user',
|
||||||
|
name='otp',
|
||||||
|
),
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='user',
|
||||||
|
name='otp_hash',
|
||||||
|
field=models.CharField(blank=True, max_length=64, null=True),
|
||||||
|
),
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name='user',
|
||||||
|
name='otp_expiry',
|
||||||
|
field=models.DateTimeField(blank=True, null=True),
|
||||||
|
),
|
||||||
|
]
|
||||||
+16
-11
@@ -5,7 +5,7 @@ import random
|
|||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
from rest_framework_simplejwt.token_blacklist.models import BlacklistedToken, OutstandingToken
|
from rest_framework_simplejwt.token_blacklist.models import BlacklistedToken, OutstandingToken
|
||||||
|
import hashlib
|
||||||
class UserManager(BaseUserManager):
|
class UserManager(BaseUserManager):
|
||||||
def create_user(self, phone, password=None):
|
def create_user(self, phone, password=None):
|
||||||
if not phone:
|
if not phone:
|
||||||
@@ -40,8 +40,8 @@ class User(AbstractBaseUser, PermissionsMixin):
|
|||||||
is_active = models.BooleanField(default=True)
|
is_active = models.BooleanField(default=True)
|
||||||
is_staff = models.BooleanField(default=False)
|
is_staff = models.BooleanField(default=False)
|
||||||
date_joined = models.DateTimeField(auto_now_add=True, verbose_name='تاریخ ثبتنام')
|
date_joined = models.DateTimeField(auto_now_add=True, verbose_name='تاریخ ثبتنام')
|
||||||
otp = models.CharField(max_length=6, blank=True, null=True, verbose_name='تاریخ ثبتنام')
|
otp_hash = models.CharField(max_length=64, null=True, blank=True, verbose_name='کد یک بار مصرف')
|
||||||
otp_expiry = models.DateTimeField(blank=True, null=True, verbose_name='تاریخ تمام شدن otp')
|
otp_expiry = models.DateTimeField(null=True, blank=True, verbose_name='تاریخ تمام شدن کد یک بار مصرف')
|
||||||
objects = UserManager()
|
objects = UserManager()
|
||||||
|
|
||||||
USERNAME_FIELD = 'phone'
|
USERNAME_FIELD = 'phone'
|
||||||
@@ -57,19 +57,24 @@ class User(AbstractBaseUser, PermissionsMixin):
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
def _hash_otp(self, otp):
|
||||||
|
return hashlib.sha256(otp.encode()).hexdigest()
|
||||||
|
|
||||||
def set_otp(self):
|
def set_otp(self):
|
||||||
self.otp = str(random.randint(100000, 999999))
|
raw_otp = str(random.randint(100000, 999999))
|
||||||
self.otp_expiry = timezone.now() + timedelta(minutes=5)
|
self.otp_hash = self._hash_otp(raw_otp)
|
||||||
|
self.otp_expiry = timezone.now() + timedelta(minutes=5)
|
||||||
self.save()
|
self.save()
|
||||||
|
return raw_otp
|
||||||
|
|
||||||
def clear_otp(self):
|
def clear_otp(self):
|
||||||
self.otp = None
|
self.otp_hash = None
|
||||||
self.otp_expiry = None
|
self.otp_expiry = None
|
||||||
self.save()
|
self.save()
|
||||||
|
|
||||||
def verify_otp(self, otp_code):
|
def verify_otp(self, otp_code):
|
||||||
if self.otp == otp_code and self.otp_expiry > timezone.now():
|
if self.otp_hash and self.otp_expiry > timezone.now():
|
||||||
return True
|
return self.otp_hash == self._hash_otp(otp_code)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
@@ -89,13 +94,13 @@ class User(AbstractBaseUser, PermissionsMixin):
|
|||||||
if self.first_name and self.last_name:
|
if self.first_name and self.last_name:
|
||||||
return f'{self.first_name} {self.last_name}'
|
return f'{self.first_name} {self.last_name}'
|
||||||
else:
|
else:
|
||||||
return self.email
|
return self.phone
|
||||||
|
|
||||||
def get_name(self):
|
def get_name(self):
|
||||||
if self.first_name and self.last_name:
|
if self.first_name and self.last_name:
|
||||||
return f'{self.first_name} {self.last_name}'
|
return f'{self.first_name} {self.last_name}'
|
||||||
else:
|
else:
|
||||||
return self.email
|
return self.phone
|
||||||
|
|
||||||
|
|
||||||
class UserAddressModel(models.Model):
|
class UserAddressModel(models.Model):
|
||||||
|
|||||||
@@ -28,8 +28,8 @@ class SendOTPView(APIView):
|
|||||||
user, created = User.objects.get_or_create(phone=phone)
|
user, created = User.objects.get_or_create(phone=phone)
|
||||||
print(created)
|
print(created)
|
||||||
print(user.phone)
|
print(user.phone)
|
||||||
user.set_otp()
|
otp = user.set_otp()
|
||||||
message = f"کد یک بار مصرف : {user.otp}"
|
message = f"کد یک بار مصرف : {otp}"
|
||||||
print(message)
|
print(message)
|
||||||
# send otp
|
# send otp
|
||||||
return Response({'detail': 'OTP sent successfully'}, status=status.HTTP_200_OK)
|
return Response({'detail': 'OTP sent successfully'}, status=status.HTTP_200_OK)
|
||||||
|
|||||||
Reference in New Issue
Block a user