Django mailbox and send module itsdangerous

Use itsdangerous module

installation

pip install itsdangerous

encryption:

# 导入itsdangerous中要用到的加密类
from itsdangerous import TimedJSONWebSignatureSerializer as TS
# 导入配置文件
from django.conf import settings

# 创建一个itsdangerous模块中加密类的对象，settings.SECRET_KEY为配置文件中的密钥，expires_in为设置过期时间（单位为s）
ts_obj = TS(settings.SECRET_KEY,expires_in=600) # 过期时间600秒

# data为需要被加密的信息
data = {
	'user_id': instance.id,
	'email': instance.email
}

token = ts_obj.dumps(data) # 利用dumps方法进行加密，加密后是bytes类型的数据
token = token.decode() # 将bytes类型数据转换成字符串类型

Decryption:

ts_obj = TS(settings.SECRET_KEY,expires_in=600)

token = token.encode() # 将str转换成bytes

data = ts_obj.loads(token) # token为加密内容，data为解密后的内容

Django Send E-mail

The basic logic:

• Itsdangerous module using encrypted user information in the link, generating a token
• Links in messages sent splicing a variable parameter, which is the token
• Django related method calls to send mail, sending e-mail

configuration settings file

# 固定写法
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
# smtp服务器地址
EMAIL_HOST = 'smtp.126.com'
# 固定端口号
EMAIL_PORT = 25
#发送邮件的邮箱
EMAIL_HOST_USER = '[email protected]'
#在邮箱中设置的客户端授权密码
EMAIL_HOST_PASSWORD = 'shanghui123'
#收件人看到的发件人，尖括号中的必须与上面的user一致
EMAIL_FROM = '一刀999<[email protected]>'

In serializers.py write code file to send mail:

from itsdangerous import TimedJSONWebSignatureSerializer as TS
from django.conf import settings
from django.core.mail import send_mail

class EmailSerlizer(serializers.ModelSerializer):
    class Meta:
        model = models.User
        fields = ('id', 'email',)

    def validate(self, attrs):
        return attrs

    def update(self, instance, validated_data):
        '''
        
        :param instance: 视图传递过来的实例对象，通过get_object获取的实例对象
        :param validated_data:
        :return:
        '''
        instance.email = validated_data['email']
        instance.save()
        
        # todo 生成激活链接
        
        # 创建一个itsdangerous模块中加密类的对象，settings.SECRET_KEY为配置文件中的密钥，expires_in为设置过期时间（单位为s）
        ts_obj = TS(settings.SECRET_KEY,expires_in=600) # 过期时间600秒
        data = {
            'user_id': instance.id,
            'email': instance.email
        }
        token = ts_obj.dumps(data) # 利用dumps方法进行加密，加密后是bytes类型的数据
        token = token.decode() # 将bytes类型数据转换成字符串类型
        url = 'http://127.0.0.1:8000/users/varifyemail/?token='+token

        # todo 发送邮件
        
        subject = '新的传奇' # 邮件主题
        message = '点击链接激活邮箱：'+'<a href=' + url + '>点击链接</a>'  # 邮件内容
        sender = settings.EMAIL_FROM # 邮件发送者
        receiver = ['[email protected]',] # 接收邮件的邮箱

        send_mail(subject, message, sender, receiver) # 发送邮件

        return instance

In views.py file code:

from rest_framework.permissions import IsAuthenticated
from rest_framework.generics import UpdateAPIView

class EmailView(UpdateAPIView):
    serializer_class = serializers.EmailSerlizer
    permission_classes = (IsAuthenticated,)

    def get_object(self):
        return self.request.user

In urls.py file code:

urlpatterns = [
    url(r'^email/$', views.EmailView.as_view()),
]

Activate the user's mailbox

The basic logic:

• After the user receives the message, click on the link, jump to the corresponding view class for processing
• A view which will decrypt the user's information and the corresponding user query
• If the user exists, the user will be the corresponding value in the field active_email to True, it indicates that the user mailbox has been activated
• Returns the successful activation page or activation fails page

In urls.py file code:

Here's a link to the path and fill in when sending mail to the above agreement:

from django.conf.urls import url
from . import views
urlpatterns = [
    url(r'^varifyemail/$',views.EmailVarify.as_view()),
]

In views.py file code:

Here we will first decode the token to then be verified by the verification put into a state corresponding to the active state mailbox.

class EmailVarify(APIView):

    def get(self, request):
        # todo 获取网站中的内容
        print('这是一个通过邮箱里面的链接进入的路口', request.query_params.get('token'))
        token = request.query_params.get('token')

        # todo 校验token是否为空
        if not token:
            return Response({'err_msg': '缺少token参数'}, status=400)

        # todo 对token进行解码
        ts_obj = TS(settings.SECRET_KEY)
        token = token.encode()
        data = ts_obj.loads(token)

        # todo 在后端进行校验,判断有没有这个用户
        username = models.User.objects.filter(username=data['username'],email=data['email'])

        if username:
            # todo 修改邮箱是否激活的内容（邮箱状态设为激活）
            username.update(active_email=True)
            return Response('邮箱激活成功')
        else:
            return Response('激活失败')