十一、实现QQ登陆（第三方的登陆）（用户部分）

1、开发者通过以下几个步骤，即可接入互联开放平台：注册开发者→创建应用→通过审核并获取接口权限
2、QQ登录OAuth2.0总体处理流程
Step1：申请接入，获取appid和apikey；
Step2：开发应用，并设置协作者帐号进行测试联调；
Step3：放置QQ登录按钮；
Step4：通过用户登录验证和授权，获取Access Token；
Step5：通过Access Token获取用户的OpenID；
Step6：调用OpenAPI，来请求访问或修改用户授权的资源。

1、注册开发者和创建应用

<1>若想实现QQ登录，需要成为QQ互联的开发者，审核通过才可实现。注册方法可参考链接

<2>成为QQ互联开发者后，还需创建应用，即获取本项目对应与QQ互联的应用ID，创建应用的方法参考链接

<3>QQ登录开发文档，开发文档参考链接

2、创建oauth子应用

<1>使用终端在meiduo_mall/meiduo_mall/apps/创建新的应用oauth

python ../../manage.py startapp oauth

<2>在dev配置文件中注册应用

3、创建返回QQ登录网址的视图

<1>QQ登录SDK使用
进入虚拟环境中，安装QQLoginTool

pip install QQLoginTool

QQ登录SDK使用
安装：进入虚拟环境中，pip install QQLoginTool
导入：from QQLoginTool.QQtool import OAuthQQ
使用：
1、初始化OAuthQQ对象
oauth = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI, state=next)
2、获取QQ登录扫码页面，扫码后得到Authorization Code
login_url = oauth.get_qq_url()
3、通过Authorization Code获取Access Token
access_token = oauth.get_access_token(code)
4、通过Access Token获取OpenID
openid = oauth.get_open_id(access_token)

<2>准备配置信息：

# QQ登录参数
QQ_CLIENT_ID = '101474184'
QQ_CLIENT_SECRET = 'c6ce949e04e12ecc909ae6a8b09b637c'
QQ_REDIRECT_URI = 'http://www.meiduo.site:8080/oauth_callback.html'

<3>后端实现qq登陆页面跳转

返回QQ登录网址的视图

from django.conf import settings
from django.shortcuts import render
from QQLoginTool.QQtool import OAuthQQ
from rest_framework.response import Response
from rest_framework.views import APIViewclass OauthQQloginView(APIView):"""构建ｑｑ的跳转链接"""def get(self,request):# 1、获取前端定义好的字符串数据state = request.query_params.get("next",None)# 2、判断前端是否传递字符串数据if not state:state = '/'# 3、创建ｑｑ对象qq = OAuthQQ(client_id=settings.QQ_CLIENT_ID, client_secret=settings.QQ_CLIENT_SECRET, redirect_uri=settings.QQ_REDIRECT_URI,state=state)# 4、构建跳转链接login_url = qq.get_qq_url()# 5、返回结果return Response({"login_url": login_url})

注册路由

注册子路由（在apps/oauth/路径下创建urls模块）

from django.conf.urls import url
from oauth import viewsurlpatterns = url(r"^qq/authorization/$", views.OauthQQloginView.as_view())

注册主路由（meiduo_mall/meiduo_mall/urls）

from django.conf.urls import url, include
import oauth.urls
urlpatterns = [url(r'^oauth/', include(oauth.urls)),
]

4、获取用户openid并判断openid是否绑定用户

<1>创建模型类

在meiduo_mall/meiduo_mall/utils/models.py文件中创建模型类基类，用于增加数据新建时间和更新时间。

from django.db import modelsclass BaseModel(models.Model):# 为模型类补充字段create_time = models.DateTimeField(auto_now_add=True)update_time = models.DateTimeField(auto_now=True)class Meta:# 抽象模型类，迁移文件此模型类不生成basemodel表abstract = True

在oauth/models.py中定义QQ身份（openid）与用户模型类User的关联关系

from django.db import models
from meiduo_mall.utils.models import BaseModelclass OAuthUser(BaseModel):# on_delete （删除时，会将关联信息一并删除）user = models.ForeignKey('users.User', on_delete=models.CASCADE)openid = models.CharField(db_index=True, max_length=64)class Meta:db_table = 'tb_oauth'verbose_name = 'QQ用户'verbose_name_plural = verbose_name

<2>通过前端传来的code获取用户openid

from django.conf import settings
from QQLoginTool.QQtool import OAuthQQ
from rest_framework.response import Response
from rest_framework.views import APIView
from rest_framework_jwt.settings import api_settingsfrom oauth.models import OAuthUser
from itsdangerous import TimedJSONWebSignatureSerializer as TJSSclass OauthView(APIView):def get(self, request):# 1、获取前端的传来code值code = request.query_params.get("code", None)# 2、判断前端是否传来了code值if not code:return Response({"error":"缺失code值"},status=400)# 3、通过code值获取access_tokenstate = '/'qq = OAuthQQ(client_secret=settings.QQ_CLIENT_SECRET,client_id= settings.QQ_CLIENT_ID, redirect_uri=settings.QQ_REDIRECT_URI, state=state)access_token = qq.get_access_token(code)# 4、通过access_token获取openidopenid = qq.get_open_id(access_token)# 5、判断openid是否绑定每多用户try:qq_user = OAuthUser.objects.get('openid')except:tjss = TJSS(settings.SECRET_KEY,300)openid = tjss.dumps({"openid":openid}).decode()# 6、未绑定，跳转到绑定页面return Response({'access_token': openid})else:# 7、绑定过# 生成jwt_tokenuser = qq_user.userjwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLERjwt_encode_handler = api_settings.JWT_ENCODE_HANDLERpayload = jwt_payload_handler(user)token = jwt_encode_handler(payload)return Response({"token": token,"username": user.username,"user_id": user.id,})

<3>注册子路由（apps/oauth/urls）

urlpatterns = [url(r"^qq/user/$", views.OauthView.as_view())]

5、OpenID的绑定美多商城用户

<1>在apps/oauth/下创建serializers.py文件，创建OauthSerializer序列化器

import re
from django.conf import settings
from django_redis import get_redis_connection
from rest_framework import serializers
from rest_framework_jwt.settings import api_settings
from oauth.models import OAuthUser
from users.models import User
from itsdangerous import TimedJSONWebSignatureSerializer as TJSS# 创建序列化器
class OauthSerializer(serializers.ModelSerializer):# 显示指明字段加密令牌access_token = serializers.CharField(write_only=True)sms_code = serializers.CharField(max_length=6, min_length=6, write_only=True)token = serializers.CharField(read_only=True)user_id = serializers.IntegerField(read_only=True)# 在用户模型类中mobile字段设置手机号不可以重复，在此序列化器中需要对该字段过滤条件重写mobile = serializers.CharField(max_length=11)class Meta:model = User  # idfields = ('password', 'mobile', 'username', 'sms_code', 'token', 'access_token', 'user_id')extra_kwargs = {'username': {'read_only': True},'password': {'write_only': True}}# 验证手机号格式def validate_mobile(self, value):if not re.match(r'^1[3-9]\d{9}$', value):raise serializers.ValidationError('手机号格式不正确')return valuedef validate(self, attrs):# 1、验证access_token# 解密tjss = TJSS(settings.SECRET_KEY, 300)try:# 对令牌解密            data = tjss.loads(attrs['access_token'])except:raise serializers.ValidationError('access_token无效')# 获取openidopenid = data.get('openid')# attrs添加属性attrs['openid'] = openid# 2、验证短信验证码# 获取reids中真实短信conn = get_redis_connection('smscodes')rel_sms_code = conn.get('smscode_%s' % attrs['mobile'])# 判断短信是否超过有效期if not rel_sms_code:raise serializers.ValidationError('短信验证码失效')# 比对用户输入的短信和redis中真实短信if attrs['sms_code'] != rel_sms_code.decode():raise serializers.ValidationError('短信验证不一致')# 3、判断手机号是否注册过try:user = User.objects.get(mobile=attrs['mobile'])except:# 未注册，就注册为新用户return attrselse:# 注册过，就查找用户进行绑定if not user.check_password(attrs['password']):raise serializers.ValidationError("密码错误")attrs['user'] = userprint(attrs)return attrsdef create(self,validated_data):# 判断用户user = validated_data.get('user',None)if user is None:# 创建用户user = User.objects.create_user(username=validated_data['mobile'], password=validated_data['password'], mobile=validated_data['mobile'])# 绑定操作OAuthUser.objects.create(user=user, openid=validated_data['openid'])# 生成加密后的token值jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLERjwt_encode_handler = api_settings.JWT_ENCODE_HANDLERpayload = jwt_payload_handler(user)token = jwt_encode_handler(payload)# user添加token属性user.token = tokenuser.user_id = user.idreturn user

<2>修改apps/oauth/views.py中的OauthView视图类，添加绑定openid的post视图函数

 def post(self,request):# 1、获取前端数据data = request.data# 2、验证数据ser = OauthSerializer(data=data)ser.is_valid()print(ser.errors)# 3、绑定保存数据ser.save()# 4、返回结果return Response(ser.data)