From 46c1b7741d14897f691c379d74002eeeef9a90be Mon Sep 17 00:00:00 2001
From: Andrey <andrey.korolev@skillbox.ru>
Date: Mon, 14 May 2018 13:30:51 +0300
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=BD=D0=B0=20=D0=BC=D0=BE=D0=B4=D0=B5=D0=BB=D1=8C=20?=
 =?UTF-8?q?=D1=82=D0=BE=D0=BA=D0=B5=D0=BD=D0=BE=D0=B2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 access/management/commands/set_tokens.py      | 24 +++++++------
 .../migrations/0015_auto_20180514_1329.py     | 35 +++++++++++++++++++
 progress/models.py                            | 18 ++++++++++
 progress/views.py                             | 24 +++++++------
 4 files changed, 79 insertions(+), 22 deletions(-)
 create mode 100644 progress/migrations/0015_auto_20180514_1329.py

diff --git a/access/management/commands/set_tokens.py b/access/management/commands/set_tokens.py
index 3b148d0..d79824a 100644
--- a/access/management/commands/set_tokens.py
+++ b/access/management/commands/set_tokens.py
@@ -2,6 +2,9 @@ import csv
 import jwt
 from django.conf import settings
 from django.core.management.base import BaseCommand
+from django.db import IntegrityError
+
+from progress.models import OpenToken
 
 
 class Command(BaseCommand):
@@ -29,14 +32,13 @@ class Command(BaseCommand):
                 fw = csv.writer(out_f)
                 fr = csv.reader(f, delimiter=';')
                 for row in fr:
-                    email = row[0]
-                    course_token = row[1]
-                    period = row[2]
-                    payload = {
-                        'period': period,
-                        'course_token': course_token,
-                        'email': email.lower(),
-                    }
-                    token = jwt.encode(payload, settings.COURSE_PROGRESS_SECRET_KEY, algorithm='HS256').decode("utf-8")
-                    url = "https://go.skillbox.ru/api/v1/progress/progress_token/?token=%s" % str(token)
-                    fw.writerow([email.lower(), url])
+                    try:
+                        token = OpenToken.objects.create(
+                            email=row[0].lower(),
+                            course_token=row[1],
+                            period_days=row[2],
+                        )
+                        url = "https://go.skillbox.ru/api/v1/progress/progress_token/?token=%s" % str(token.token)
+                        fw.writerow([token.email.lower(), url])
+                    except IntegrityError:
+                        pass
diff --git a/progress/migrations/0015_auto_20180514_1329.py b/progress/migrations/0015_auto_20180514_1329.py
new file mode 100644
index 0000000..4813924
--- /dev/null
+++ b/progress/migrations/0015_auto_20180514_1329.py
@@ -0,0 +1,35 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.6 on 2018-05-14 13:29
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('progress', '0014_auto_20180507_1412'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='OpenToken',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('token', models.UUIDField(default=uuid.uuid4, editable=False, verbose_name='Токен')),
+                ('email', models.CharField(max_length=255, verbose_name='email пользователя')),
+                ('course_token', models.UUIDField(editable=False, verbose_name='Токен курса')),
+                ('period_days', models.SmallIntegerField(default=3, verbose_name='Период (в днях)')),
+                ('date', models.DateTimeField(auto_now_add=True, verbose_name='Дата создания')),
+            ],
+            options={
+                'verbose_name': 'Токен на открытие курса',
+                'verbose_name_plural': 'Токены на открытие курса',
+            },
+        ),
+        migrations.AlterUniqueTogether(
+            name='opentoken',
+            unique_together=set([('email', 'course_token')]),
+        ),
+    ]
diff --git a/progress/models.py b/progress/models.py
index f8c3f63..fcb4704 100644
--- a/progress/models.py
+++ b/progress/models.py
@@ -1,3 +1,5 @@
+import uuid
+
 from django.conf import settings
 from django.contrib.postgres.fields import ArrayField
 from django.db import models
@@ -7,6 +9,22 @@ from django.utils import timezone
 from lms.tools import get_empty_list
 
 
+class OpenToken(models.Model):
+    token = models.UUIDField(verbose_name="Токен", editable=False, default=uuid.uuid4,)
+    email = models.CharField(max_length=255, verbose_name="email пользователя")
+    course_token = models.UUIDField(verbose_name="Токен курса", editable=False)
+    period_days = models.SmallIntegerField(verbose_name="Период (в днях)", default=3)
+    date = models.DateTimeField(auto_now_add=True, verbose_name="Дата создания")
+
+    def __str__(self):
+        return "Токен для пользователя %s от %s" % (self.email, self.date)
+
+    class Meta:
+        verbose_name = 'Токен на открытие курса'
+        verbose_name_plural = 'Токены на открытие курса'
+        unique_together = (("email", "course_token"),)
+
+
 class Progress(models.Model):
     teacher = models.ForeignKey(to=settings.AUTH_USER_MODEL, verbose_name="Преподователь по умолчанию",
                                 related_name='teacher_progress')
diff --git a/progress/views.py b/progress/views.py
index 2ed2805..95dc50f 100644
--- a/progress/views.py
+++ b/progress/views.py
@@ -23,7 +23,7 @@ from django.db.models.functions import Cast
 from django.db.models.fields import DateField
 from access.serializers import UserProgressSearchSerializer
 from courses.models import Course, Lesson
-from progress.models import ProgressLesson, Progress
+from progress.models import ProgressLesson, Progress, OpenToken
 from progress.serializers import ProgressAnalyticSerializer, ProgressLessonSerializer, \
     SecureProgressSerializer
 from courses.api import CourseProgressApi, CourseParamsApi
@@ -602,19 +602,21 @@ class ProgressToken(APIView):
         if token is None:
             return Response("bad request", 400)
 
-        payload = jwt.decode(token, settings.COURSE_PROGRESS_SECRET_KEY, algorithms=['HS256'])
+        try:
+            open_token = OpenToken.objects.get(token=token)
+        except OpenToken.DoesNotExist:
+            return Response('Токен не найден', status=404)
 
         try:
-            user = get_user_model().objects.get(email=payload['email'].lower())
+            user = get_user_model().objects.get(email=open_token.email.lower())
         except get_user_model().DoesNotExist:
-            user = get_user_model().objects.create_student(email=payload['email'].lower())
-
-        user.is_active = True
-        user.save()
+            user = get_user_model().objects.create_student(email=open_token.email.lower())
+            user.is_active = True
+            user.save()
 
         try:
-            course = Course.objects.get(token=payload['course_token'])
-        except get_user_model().DoesNotExist:
+            course = Course.objects.get(token=open_token.course_token)
+        except Course.DoesNotExist:
             return Response("Course doesn't exist", status=404)
 
         teacher = get_user_model().objects.get(out_key=course.get_teacher())
@@ -622,9 +624,9 @@ class ProgressToken(APIView):
         try:
             p = Progress.objects.create(
                 user=user,
-                course_token=payload['course_token'],
+                course_token=open_token.course_token,
                 teacher=teacher,
-                exp_date=timezone.now() + relativedelta(days=int(payload['period'])),
+                exp_date=timezone.now() + relativedelta(days=open_token.period_days),
             )
             ProgressLesson.objects.create(
                 progress=p,