feat(account): add verify ticket api

apps/account/models.py

@@ -1,12 +1,15 @@
 import abc
 import hashlib
+from importlib import import_module
 from typing import Union
 
 from django.conf import settings
+from django.contrib.auth import SESSION_KEY
 from django.contrib.auth.base_user import AbstractBaseUser
 from django.contrib.auth.hashers import make_password
 from django.contrib.auth.models import AbstractUser, AnonymousUser, PermissionsMixin
 from django.contrib.auth.models import UserManager as _UserManager
+from django.contrib.sessions.backends.cache import SessionStore
 from django.core.cache import cache
 from django.db import models
 from django.utils import timezone
@@ -120,6 +123,25 @@ def check_oauth_code(cls, code: str) -> (bool, Union[models.Model, None]):
         except cls.DoesNotExist:  # pylint: disable=E1101
             return False, None
 
+    @classmethod
+    def check_ticket(cls, ticket: str) -> (bool, Union[models.Model, None]):
+        """
+        Check Ticket
+        """
+
+        engine = import_module(settings.SESSION_ENGINE)
+        session: SessionStore = engine.SessionStore(session_key=ticket)
+        if not session.load():
+            return False, None
+        user_id = session.get(SESSION_KEY)
+        if not user_id:
+            return False, None
+        try:
+            user = cls.objects.get(pk=user_id)
+            return True, user
+        except cls.DoesNotExist:
+            return False, None
+
     def reset_password(self, password: str, is_raw: bool = False) -> None:
         """
         Reset User Password

apps/account/serializers.py

@@ -116,6 +116,14 @@ class VerifyCodeRequestSerializer(Serializer):
     code = serializers.CharField(label=gettext_lazy("Code"))
 
 
+class VerifyTicketRequestSerializer(Serializer):
+    """
+    Verify Ticket
+    """
+
+    ticket = serializers.CharField(label=gettext_lazy("Ticket"))
+
+
 class WeChatLoginReqSerializer(Serializer):
     """
     WeChat Login

apps/account/views.py

@@ -37,6 +37,7 @@
     UserInfoSerializer,
     UserRegistrySerializer,
     VerifyCodeRequestSerializer,
+    VerifyTicketRequestSerializer,
     WeChatLoginReqSerializer,
 )
 from core.auth import ApplicationAuthenticate
@@ -188,6 +189,23 @@ async def verify_code(self, request, *args, **kwargs):
             return Response(await UserInfoSerializer(instance=user).adata)
         raise WrongToken()
 
+    @action(methods=["POST"], detail=False, authentication_classes=[ApplicationAuthenticate])
+    async def verify_ticket(self, request, *args, **kwargs):
+        """
+        verify ticket
+        """
+
+        # validate request
+        request_serializer = VerifyTicketRequestSerializer(data=request.data)
+        request_serializer.is_valid(raise_exception=True)
+        request_data = request_serializer.validated_data
+
+        # load user
+        is_success, user = await database_sync_to_async(USER_MODEL.check_ticket)(request_data["ticket"])
+        if is_success:
+            return Response(await UserInfoSerializer(instance=user).adata)
+        raise WrongToken()
+
     @action(methods=["GET"], detail=False, authentication_classes=[SessionAuthenticate])
     async def wechat_config(self, request, *args, **kwargs):
         """