DigitalMgnt
/
tfse-admin-api-v0.2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

用户登录、在线检查 更改到v0.21版本

This commit is contained in:
王思川 2022-03-30 04:20:36 +08:00
parent ba3a7f2ded
commit d06cf544e2
4 changed files with 89 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
DBHelper/MongoHelper.py
View File

@ -172,6 +172,18 @@ class MongoHelper:
collection = self.client[param1][param2]
collection.update_one(param3, {"$set": param4})
def delete_single_data(self, param1, param2, param3):
"""
根据查询条件删除一条文档
param1: str 数据库
param2: str 数据集
param3: obj 查询条件
return: None
"""
collection = self.client[param1][param2]
collection.delete_one(param3)
return True
def find_file(self, param1, param2, param3):
"""
读取一个文件

32
user/user_auth.py
View File

@ -4,6 +4,7 @@ from flask import request
from itsdangerous import Serializer
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer, SignatureExpired, BadSignature
from DBHelper.MongoHelper import MongoHelper
from user.user_db import FIND_DATA
TOKEN_KEY = "P0eHym@&CbaLzWkq"
@ -26,23 +27,40 @@ def create_token(param):
def verify_token(func):
"""
校验token
Returns:
返回token被解析后的值
return:
type:str
desc: token被解析后的值
"""
@functools.wraps(func)
def internal(*args, **kwargs):
try:
# step 1.1
# 解析请求头传送的token
s = Serializer(TOKEN_KEY)
session_id = s.loads(request.headers.get('token'))
records = FIND_DATA("用户", "token记录", {"session_id": session_id})
if not records:
# step 1.2
# 请求头中没有token参数 返回错误提示
if session_id is None:
return {"info": "缺少token"}, 401
# step 2.1
# token解析成功 从token记录中查询session_id对应的uid
db = MongoHelper("tfse_v0.21")
uid = db.find_single_column(
"管理端",
"token记录",
{"session_id": session_id},
"UID"
)
# step 2.2
# 根据session_id没有找到对应的uid 返回错误提示
if not uid:
return {"info": "提示: 账号已在别处登录"}, 401
uid = records[0]['UID']
except TypeError:
return {"info": "缺少token"}, 401
return {"info": "异常token"}, 401
except KeyError:
return {"info": "异常token"}, 401
except BadSignature:

63
user/user_impl.py
View File

@ -6,7 +6,7 @@ import random
import requests
from werkzeug.security import generate_password_hash, check_password_hash
from DBHelper.MongoHelper import MongoHelper
from user.user_auth import create_token
from user.user_utils import check_mail_fmt, check_pwd_fmt, decrypt_data
from user.user_db import INSERT_DATA, FIND_DATA, UPSERT_DATA, DELETE_DATA, FIND_DATA_PAGE, UPDATE_INFO
@ -99,7 +99,14 @@ def create_user_impl(email, name, pwd, role):
def login_impl(email, pwd, vcode):
user_info = FIND_DATA('用户', '用户信息', {"email": email})
db = MongoHelper("tfse_v0.21")
user_info = db.find_single_data(
"管理端",
"用户",
{"email": email},
["UID", "name", "pwd", "status", "role"]
)
def check_email():
if not user_info:
@ -109,28 +116,37 @@ def login_impl(email, pwd, vcode):
return True
def check_disable():
if user_info[0]['status'] != 'normal':
if user_info['status'] != 'normal':
return "账户已禁用"
return True
def check_vcode():
records = FIND_DATA("用户", "验证记录", {"email": email})
record = db.find_single_data(
"管理端",
"用户",
{"email": email},
["vcode", "timestamp"]
)
if len(records) == 0:
if not record:
return "无验证信息"
if records[0]['vcode'] != vcode:
if record['vcode'] != vcode:
return "验证码错误"
if time.time() - records[0]['timestamp'] > 300:
if time.time() - record['timestamp'] > 300:
return "验证码过期"
DELETE_DATA("用户", "验证记录", {"email": email})
db.delete_single_data(
"管理端",
"邮箱验证码记录",
{"email": email}
)
return True
def check_pwd():
hash_pwd = user_info[0]['pwd']
hash_pwd = user_info['pwd']
try:
if not check_password_hash(hash_pwd, decrypt_data(encrypt_msg=pwd)):
return "密码错误"
@ -139,7 +155,7 @@ def login_impl(email, pwd, vcode):
return True
def make_menus():
role = user_info[0]['role']
role = user_info['role']
with open(os.path.abspath(os.path.dirname(__file__)+'/static/menus.json'), "r", encoding='utf-8') as f:
duties = json.load(f)
@ -151,17 +167,24 @@ def login_impl(email, pwd, vcode):
session_id = ''
for i in range(4):
session_id += random.choice(choices)
UPSERT_DATA("用户", "token记录", {"UID": user_info[0]['UID']}, {"session_id": session_id})
db.update_single_data(
"管理端",
"token记录",
{"UID": user_info['UID']},
{"session_id": session_id}
)
return session_id
def make_result_data():
res_data = dict()
res_data['name'] = user_info[0]["name"]
res_data['token'] = create_token(make_session_id())
res_data['menus'] = make_menus()
return res_data
def make_login_return_data():
return_data = dict()
return_data['name'] = user_info["name"]
return_data['token'] = create_token(make_session_id())
return_data['menus'] = make_menus()
return return_data
def start_impl():
def __main__():
result = check_email()
if result is not True:
return result
@ -178,9 +201,9 @@ def login_impl(email, pwd, vcode):
if result is not True:
return result
return make_result_data()
return make_login_return_data()
return start_impl()
return __main__()
def send_vcode_to_user_impl(email):

18
user/user_routes.py
View File

@ -6,6 +6,15 @@ from user.user_auth import verify_token, authority_scope
user_route = Blueprint('user', __name__)
@user_route.route('/online_check', methods=['GET'])
@verify_token
def online_check_route(**kwargs):
"""
在线检查检查token是否有效
"""
return {"info": "正常"}, 200
@user_route.route('/send_vcode_to_user', methods=['POST'])
def send_vcode_to_user_route():
"""
@ -37,15 +46,6 @@ def login_route():
return {"info": result}, 200
@user_route.route('/online_check', methods=['GET'])
@verify_token
def online_check_route(**kwargs):
"""
在线检查检查token是否有效
"""
return {"info": "正常"}, 200
@user_route.route('/create_user', methods=['POST'])
@verify_token
@authority_scope(['admin'])