DigitalMgnt
/
tfse-admin-api-v0.2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

登录接口

This commit is contained in:
王思川 2022-01-11 17:36:31 +08:00
parent 16bad00175
commit c30430a3f3
5 changed files with 100 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
common/security/APIAuth.py
View File

@ -1,6 +1,7 @@
import functools import functools
from flask import request from flask import request
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
from common.db import find_data from common.db import find_data
@ -36,13 +37,13 @@ def api_verification_code(func):
try: try:
email = request.json['email'] email = request.json['email']
verification_code = request.json['verification_code'] vcode = request.json['vcode']
res = find_data(v_client, v_database, v_collection, {"email": email}) res = find_data(v_client, v_database, v_collection, {"email": email})
if len(res) == 0: if len(res) == 0:
return {"info": "验证码错误"}, 401 return {"info": "验证码错误"}, 401
if res[0]['verification_code'] == verification_code: if res[0]['vcode'] == vcode:
pass pass
else: else:
return {"info": "验证码错误"}, 401 return {"info": "验证码错误"}, 401
@ -52,3 +53,19 @@ def api_verification_code(func):
return func(*args, **kwargs) return func(*args, **kwargs)
return internal return internal
def create_token(param):
"""
创建token
Parameters:
param: 传入参数用于创建token
Returns:
token: 用户访问令牌
"""
secret_key = ""
token_expiration = 14400
s = Serializer(secret_key, expires_in=token_expiration)
token = '' + s.dumps(param).decode('ascii')
return token

3
user/User.py
View File

@ -68,4 +68,5 @@ class UserOperation(User):
""" """
用户登录 用户登录
""" """
login_process(self.email, self.pwd) return login_process(self.email, self.pwd)

53
user/process.py
View File

@ -3,9 +3,11 @@ import time
import random import random
import requests import requests
from werkzeug.security import generate_password_hash from werkzeug.security import generate_password_hash, check_password_hash
from common.db import insert_data, find_data, update_data_upsert from common.db import insert_data, find_data, update_data_upsert
from common.scripts import read_json_file
from common.security.APIAuth import create_token
from user.scripts import check_mail_fmt, check_pwd_fmt from user.scripts import check_mail_fmt, check_pwd_fmt
from common.security.rsa import decrypt_data from common.security.rsa import decrypt_data
@ -103,7 +105,54 @@ def create_user_process(email, name, pwd, role, duty):
def login_process(email, pwd): def login_process(email, pwd):
pass user_info = find_data('tfse_admin', '用户', '用户信息', {"email": email})
def check_email():
if user_info is []:
return "不存在该邮箱"
if not check_mail_fmt(email):
return "邮箱格式错误"
return True
def check_pwd():
hash_pwd = user_info[0]['pwd']
try:
if not check_password_hash(hash_pwd, decrypt_data(encrypt_msg=pwd)):
return "密码错误"
except Exception:
return "密码错误"
return True
def check_menus():
role = user_info[0]['role']
duty = user_info[0]['duty']
duties = read_json_file('/user/static/menus.json')
if role == 'admin':
return duties[role]
elif role == 'member':
return duties[role][duty]
else:
return duties[role]
def gen_res_data():
res_data = dict()
res_data['token'] = create_token({"UID": user_info[0]['UID']})
res_data['menus'] = check_menus()
return res_data
def main_process():
res = check_email()
if res is not True:
return res
res = check_pwd()
if res is not True:
return res
return gen_res_data()
return main_process()
def send_vcode_to_user_process(email): def send_vcode_to_user_process(email):

21
user/routes.py
View File

@ -1,7 +1,7 @@
from flask import Blueprint, request from flask import Blueprint, request
from common.security.APIAuth import api_secret from common.security.APIAuth import api_secret, api_verification_code
from user.User import UserManage from user.User import UserManage, UserOperation
user_route = Blueprint('user', __name__) user_route = Blueprint('user', __name__)
@ -38,3 +38,20 @@ def send_vcode_to_user_route():
return {"info": "验证邮件已发送"}, 200 return {"info": "验证邮件已发送"}, 200
else: else:
return {"info": res}, 200 return {"info": res}, 200
@user_route.route('/login', methods=['POST'])
@api_secret
@api_verification_code
def login_route():
"""
登录
"""
uo = UserOperation()
uo.email = request.json['email']
uo.pwd = request.json['pwd']
res = uo.login()
if type(res) == dict:
return {"info": "登录成功", "result": res}, 200
else:
return {"info": res}, 200

9
user/static/menus.json Normal file
View File

@ -0,0 +1,9 @@
{
"admin": ["Board", "Manage", "Model", "Test", "Setting"],
"member": {
"developer": ["Board", "Manage", "Model", "Test"],
"analysts": ["Board", "Manage", "Model"],
"manager": ["Board", "Manage", "Model"]
},
"guest": ["Board"]
}