From c30430a3f3afbb221b459816b8e7e118358e45d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=8E=8B=E6=80=9D=E5=B7=9D?= <sichanwong0527@gmail.com>
Date: Tue, 11 Jan 2022 17:36:31 +0800
Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=BD=95=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 common/security/APIAuth.py | 21 +++++++++++++--
 user/User.py               |  3 ++-
 user/process.py            | 53 ++++++++++++++++++++++++++++++++++++--
 user/routes.py             | 21 +++++++++++++--
 user/static/menus.json     |  9 +++++++
 5 files changed, 100 insertions(+), 7 deletions(-)
 create mode 100644 user/static/menus.json

diff --git a/common/security/APIAuth.py b/common/security/APIAuth.py
index 5603791..6654d56 100644
--- a/common/security/APIAuth.py
+++ b/common/security/APIAuth.py
@@ -1,6 +1,7 @@
 import functools
 
 from flask import request
+from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
 
 from common.db import find_data
 
@@ -36,13 +37,13 @@ def api_verification_code(func):
 
         try:
             email = request.json['email']
-            verification_code = request.json['verification_code']
+            vcode = request.json['vcode']
             res = find_data(v_client, v_database, v_collection, {"email": email})
 
             if len(res) == 0:
                 return {"info": "验证码错误"}, 401
 
-            if res[0]['verification_code'] == verification_code:
+            if res[0]['vcode'] == vcode:
                 pass
             else:
                 return {"info": "验证码错误"}, 401
@@ -52,3 +53,19 @@ def api_verification_code(func):
 
         return func(*args, **kwargs)
     return internal
+
+
+def create_token(param):
+    """
+    创建token
+    Parameters:
+        param: 传入参数，用于创建token
+    Returns:
+        token: 用户访问令牌
+    """
+    secret_key = ""
+    token_expiration = 14400
+
+    s = Serializer(secret_key, expires_in=token_expiration)
+    token = '' + s.dumps(param).decode('ascii')
+    return token
diff --git a/user/User.py b/user/User.py
index 5cb6804..820a993 100644
--- a/user/User.py
+++ b/user/User.py
@@ -68,4 +68,5 @@ class UserOperation(User):
         """
         用户登录
         """
-        login_process(self.email, self.pwd)
+        return login_process(self.email, self.pwd)
+
diff --git a/user/process.py b/user/process.py
index 6c9fb49..46b91d5 100644
--- a/user/process.py
+++ b/user/process.py
@@ -3,9 +3,11 @@ import time
 import random
 
 import requests
-from werkzeug.security import generate_password_hash
+from werkzeug.security import generate_password_hash, check_password_hash
 
 from common.db import insert_data, find_data, update_data_upsert
+from common.scripts import read_json_file
+from common.security.APIAuth import create_token
 from user.scripts import check_mail_fmt, check_pwd_fmt
 from common.security.rsa import decrypt_data
 
@@ -103,7 +105,54 @@ def create_user_process(email, name, pwd, role, duty):
 
 
 def login_process(email, pwd):
-    pass
+    user_info = find_data('tfse_admin', '用户', '用户信息', {"email": email})
+
+    def check_email():
+        if user_info is []:
+            return "不存在该邮箱"
+        if not check_mail_fmt(email):
+            return "邮箱格式错误"
+        return True
+
+    def check_pwd():
+        hash_pwd = user_info[0]['pwd']
+        try:
+            if not check_password_hash(hash_pwd, decrypt_data(encrypt_msg=pwd)):
+                return "密码错误"
+        except Exception:
+            return "密码错误"
+
+        return True
+
+    def check_menus():
+        role = user_info[0]['role']
+        duty = user_info[0]['duty']
+        duties = read_json_file('/user/static/menus.json')
+        if role == 'admin':
+            return duties[role]
+        elif role == 'member':
+            return duties[role][duty]
+        else:
+            return duties[role]
+
+    def gen_res_data():
+        res_data = dict()
+        res_data['token'] = create_token({"UID": user_info[0]['UID']})
+        res_data['menus'] = check_menus()
+        return res_data
+
+    def main_process():
+        res = check_email()
+        if res is not True:
+            return res
+
+        res = check_pwd()
+        if res is not True:
+            return res
+
+        return gen_res_data()
+
+    return main_process()
 
 
 def send_vcode_to_user_process(email):
diff --git a/user/routes.py b/user/routes.py
index a06ca76..7443fb0 100644
--- a/user/routes.py
+++ b/user/routes.py
@@ -1,7 +1,7 @@
 from flask import Blueprint, request
 
-from common.security.APIAuth import api_secret
-from user.User import UserManage
+from common.security.APIAuth import api_secret, api_verification_code
+from user.User import UserManage, UserOperation
 
 user_route = Blueprint('user', __name__)
 
@@ -38,3 +38,20 @@ def send_vcode_to_user_route():
         return {"info": "验证邮件已发送"}, 200
     else:
         return {"info": res}, 200
+
+
+@user_route.route('/login', methods=['POST'])
+@api_secret
+@api_verification_code
+def login_route():
+    """
+    登录
+    """
+    uo = UserOperation()
+    uo.email = request.json['email']
+    uo.pwd = request.json['pwd']
+    res = uo.login()
+    if type(res) == dict:
+        return {"info": "登录成功", "result": res}, 200
+    else:
+        return {"info": res}, 200
diff --git a/user/static/menus.json b/user/static/menus.json
new file mode 100644
index 0000000..d4d3efa
--- /dev/null
+++ b/user/static/menus.json
@@ -0,0 +1,9 @@
+{
+  "admin": ["Board", "Manage", "Model", "Test", "Setting"],
+  "member": {
+    "developer": ["Board", "Manage", "Model", "Test"],
+    "analysts": ["Board", "Manage", "Model"],
+    "manager": ["Board", "Manage", "Model"]
+  },
+  "guest": ["Board"]
+}
\ No newline at end of file