用户登录、在线检查 更改到v0.21版本
This commit is contained in:
parent
ba3a7f2ded
commit
d06cf544e2
|
@ -172,6 +172,18 @@ class MongoHelper:
|
||||||
collection = self.client[param1][param2]
|
collection = self.client[param1][param2]
|
||||||
collection.update_one(param3, {"$set": param4})
|
collection.update_one(param3, {"$set": param4})
|
||||||
|
|
||||||
|
def delete_single_data(self, param1, param2, param3):
|
||||||
|
"""
|
||||||
|
根据查询条件删除一条文档
|
||||||
|
param1: str 数据库
|
||||||
|
param2: str 数据集
|
||||||
|
param3: obj 查询条件
|
||||||
|
return: None
|
||||||
|
"""
|
||||||
|
collection = self.client[param1][param2]
|
||||||
|
collection.delete_one(param3)
|
||||||
|
return True
|
||||||
|
|
||||||
def find_file(self, param1, param2, param3):
|
def find_file(self, param1, param2, param3):
|
||||||
"""
|
"""
|
||||||
读取一个文件
|
读取一个文件
|
||||||
|
|
|
@ -4,6 +4,7 @@ from flask import request
|
||||||
from itsdangerous import Serializer
|
from itsdangerous import Serializer
|
||||||
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer, SignatureExpired, BadSignature
|
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer, SignatureExpired, BadSignature
|
||||||
|
|
||||||
|
from DBHelper.MongoHelper import MongoHelper
|
||||||
from user.user_db import FIND_DATA
|
from user.user_db import FIND_DATA
|
||||||
|
|
||||||
TOKEN_KEY = "P0eHym@&CbaLzWkq"
|
TOKEN_KEY = "P0eHym@&CbaLzWkq"
|
||||||
|
@ -26,23 +27,40 @@ def create_token(param):
|
||||||
def verify_token(func):
|
def verify_token(func):
|
||||||
"""
|
"""
|
||||||
校验token
|
校验token
|
||||||
Returns:
|
return:
|
||||||
返回token被解析后的值
|
type:str
|
||||||
|
desc: token被解析后的值
|
||||||
"""
|
"""
|
||||||
@functools.wraps(func)
|
@functools.wraps(func)
|
||||||
def internal(*args, **kwargs):
|
def internal(*args, **kwargs):
|
||||||
try:
|
try:
|
||||||
|
# step 1.1
|
||||||
|
# 解析请求头传送的token
|
||||||
s = Serializer(TOKEN_KEY)
|
s = Serializer(TOKEN_KEY)
|
||||||
session_id = s.loads(request.headers.get('token'))
|
session_id = s.loads(request.headers.get('token'))
|
||||||
|
|
||||||
records = FIND_DATA("用户", "token记录", {"session_id": session_id})
|
# step 1.2
|
||||||
if not records:
|
# 请求头中没有token参数 返回错误提示
|
||||||
|
if session_id is None:
|
||||||
|
return {"info": "缺少token"}, 401
|
||||||
|
|
||||||
|
# step 2.1
|
||||||
|
# token解析成功 从token记录中查询session_id对应的uid
|
||||||
|
db = MongoHelper("tfse_v0.21")
|
||||||
|
uid = db.find_single_column(
|
||||||
|
"管理端",
|
||||||
|
"token记录",
|
||||||
|
{"session_id": session_id},
|
||||||
|
"UID"
|
||||||
|
)
|
||||||
|
|
||||||
|
# step 2.2
|
||||||
|
# 根据session_id没有找到对应的uid 返回错误提示
|
||||||
|
if not uid:
|
||||||
return {"info": "提示: 账号已在别处登录"}, 401
|
return {"info": "提示: 账号已在别处登录"}, 401
|
||||||
|
|
||||||
uid = records[0]['UID']
|
|
||||||
|
|
||||||
except TypeError:
|
except TypeError:
|
||||||
return {"info": "缺少token"}, 401
|
return {"info": "异常token"}, 401
|
||||||
except KeyError:
|
except KeyError:
|
||||||
return {"info": "异常token"}, 401
|
return {"info": "异常token"}, 401
|
||||||
except BadSignature:
|
except BadSignature:
|
||||||
|
|
|
@ -6,7 +6,7 @@ import random
|
||||||
import requests
|
import requests
|
||||||
from werkzeug.security import generate_password_hash, check_password_hash
|
from werkzeug.security import generate_password_hash, check_password_hash
|
||||||
|
|
||||||
|
from DBHelper.MongoHelper import MongoHelper
|
||||||
from user.user_auth import create_token
|
from user.user_auth import create_token
|
||||||
from user.user_utils import check_mail_fmt, check_pwd_fmt, decrypt_data
|
from user.user_utils import check_mail_fmt, check_pwd_fmt, decrypt_data
|
||||||
from user.user_db import INSERT_DATA, FIND_DATA, UPSERT_DATA, DELETE_DATA, FIND_DATA_PAGE, UPDATE_INFO
|
from user.user_db import INSERT_DATA, FIND_DATA, UPSERT_DATA, DELETE_DATA, FIND_DATA_PAGE, UPDATE_INFO
|
||||||
|
@ -99,7 +99,14 @@ def create_user_impl(email, name, pwd, role):
|
||||||
|
|
||||||
|
|
||||||
def login_impl(email, pwd, vcode):
|
def login_impl(email, pwd, vcode):
|
||||||
user_info = FIND_DATA('用户', '用户信息', {"email": email})
|
db = MongoHelper("tfse_v0.21")
|
||||||
|
|
||||||
|
user_info = db.find_single_data(
|
||||||
|
"管理端",
|
||||||
|
"用户",
|
||||||
|
{"email": email},
|
||||||
|
["UID", "name", "pwd", "status", "role"]
|
||||||
|
)
|
||||||
|
|
||||||
def check_email():
|
def check_email():
|
||||||
if not user_info:
|
if not user_info:
|
||||||
|
@ -109,28 +116,37 @@ def login_impl(email, pwd, vcode):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def check_disable():
|
def check_disable():
|
||||||
if user_info[0]['status'] != 'normal':
|
if user_info['status'] != 'normal':
|
||||||
return "账户已禁用"
|
return "账户已禁用"
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def check_vcode():
|
def check_vcode():
|
||||||
records = FIND_DATA("用户", "验证记录", {"email": email})
|
record = db.find_single_data(
|
||||||
|
"管理端",
|
||||||
|
"用户",
|
||||||
|
{"email": email},
|
||||||
|
["vcode", "timestamp"]
|
||||||
|
)
|
||||||
|
|
||||||
if len(records) == 0:
|
if not record:
|
||||||
return "无验证信息"
|
return "无验证信息"
|
||||||
|
|
||||||
if records[0]['vcode'] != vcode:
|
if record['vcode'] != vcode:
|
||||||
return "验证码错误"
|
return "验证码错误"
|
||||||
|
|
||||||
if time.time() - records[0]['timestamp'] > 300:
|
if time.time() - record['timestamp'] > 300:
|
||||||
return "验证码过期"
|
return "验证码过期"
|
||||||
|
|
||||||
DELETE_DATA("用户", "验证记录", {"email": email})
|
db.delete_single_data(
|
||||||
|
"管理端",
|
||||||
|
"邮箱验证码记录",
|
||||||
|
{"email": email}
|
||||||
|
)
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def check_pwd():
|
def check_pwd():
|
||||||
hash_pwd = user_info[0]['pwd']
|
hash_pwd = user_info['pwd']
|
||||||
try:
|
try:
|
||||||
if not check_password_hash(hash_pwd, decrypt_data(encrypt_msg=pwd)):
|
if not check_password_hash(hash_pwd, decrypt_data(encrypt_msg=pwd)):
|
||||||
return "密码错误"
|
return "密码错误"
|
||||||
|
@ -139,7 +155,7 @@ def login_impl(email, pwd, vcode):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def make_menus():
|
def make_menus():
|
||||||
role = user_info[0]['role']
|
role = user_info['role']
|
||||||
|
|
||||||
with open(os.path.abspath(os.path.dirname(__file__)+'/static/menus.json'), "r", encoding='utf-8') as f:
|
with open(os.path.abspath(os.path.dirname(__file__)+'/static/menus.json'), "r", encoding='utf-8') as f:
|
||||||
duties = json.load(f)
|
duties = json.load(f)
|
||||||
|
@ -151,17 +167,24 @@ def login_impl(email, pwd, vcode):
|
||||||
session_id = ''
|
session_id = ''
|
||||||
for i in range(4):
|
for i in range(4):
|
||||||
session_id += random.choice(choices)
|
session_id += random.choice(choices)
|
||||||
UPSERT_DATA("用户", "token记录", {"UID": user_info[0]['UID']}, {"session_id": session_id})
|
|
||||||
|
db.update_single_data(
|
||||||
|
"管理端",
|
||||||
|
"token记录",
|
||||||
|
{"UID": user_info['UID']},
|
||||||
|
{"session_id": session_id}
|
||||||
|
)
|
||||||
|
|
||||||
return session_id
|
return session_id
|
||||||
|
|
||||||
def make_result_data():
|
def make_login_return_data():
|
||||||
res_data = dict()
|
return_data = dict()
|
||||||
res_data['name'] = user_info[0]["name"]
|
return_data['name'] = user_info["name"]
|
||||||
res_data['token'] = create_token(make_session_id())
|
return_data['token'] = create_token(make_session_id())
|
||||||
res_data['menus'] = make_menus()
|
return_data['menus'] = make_menus()
|
||||||
return res_data
|
return return_data
|
||||||
|
|
||||||
def start_impl():
|
def __main__():
|
||||||
result = check_email()
|
result = check_email()
|
||||||
if result is not True:
|
if result is not True:
|
||||||
return result
|
return result
|
||||||
|
@ -178,9 +201,9 @@ def login_impl(email, pwd, vcode):
|
||||||
if result is not True:
|
if result is not True:
|
||||||
return result
|
return result
|
||||||
|
|
||||||
return make_result_data()
|
return make_login_return_data()
|
||||||
|
|
||||||
return start_impl()
|
return __main__()
|
||||||
|
|
||||||
|
|
||||||
def send_vcode_to_user_impl(email):
|
def send_vcode_to_user_impl(email):
|
||||||
|
|
|
@ -6,6 +6,15 @@ from user.user_auth import verify_token, authority_scope
|
||||||
user_route = Blueprint('user', __name__)
|
user_route = Blueprint('user', __name__)
|
||||||
|
|
||||||
|
|
||||||
|
@user_route.route('/online_check', methods=['GET'])
|
||||||
|
@verify_token
|
||||||
|
def online_check_route(**kwargs):
|
||||||
|
"""
|
||||||
|
在线检查,检查token是否有效
|
||||||
|
"""
|
||||||
|
return {"info": "正常"}, 200
|
||||||
|
|
||||||
|
|
||||||
@user_route.route('/send_vcode_to_user', methods=['POST'])
|
@user_route.route('/send_vcode_to_user', methods=['POST'])
|
||||||
def send_vcode_to_user_route():
|
def send_vcode_to_user_route():
|
||||||
"""
|
"""
|
||||||
|
@ -37,15 +46,6 @@ def login_route():
|
||||||
return {"info": result}, 200
|
return {"info": result}, 200
|
||||||
|
|
||||||
|
|
||||||
@user_route.route('/online_check', methods=['GET'])
|
|
||||||
@verify_token
|
|
||||||
def online_check_route(**kwargs):
|
|
||||||
"""
|
|
||||||
在线检查,检查token是否有效
|
|
||||||
"""
|
|
||||||
return {"info": "正常"}, 200
|
|
||||||
|
|
||||||
|
|
||||||
@user_route.route('/create_user', methods=['POST'])
|
@user_route.route('/create_user', methods=['POST'])
|
||||||
@verify_token
|
@verify_token
|
||||||
@authority_scope(['admin'])
|
@authority_scope(['admin'])
|
||||||
|
|
Loading…
Reference in New Issue