DigitalMgnt
/
tfse-admin-api-v0.2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
tfse-admin-api-v0.2/user/user_auth.py

75 lines
2.0 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import functools
from flask import request
from itsdangerous import Serializer
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer, SignatureExpired, BadSignature
from user.user_db import FIND_DATA
TOKEN_KEY = "P0eHym@&CbaLzWkq"
TOKEN_EXPIRE = 60*60*8
def create_token(param):
"""
创建token
Parameters:
param: 传入参数用于创建token
Returns:
token: 用户访问令牌
"""
s = Serializer(TOKEN_KEY, expires_in=TOKEN_EXPIRE)
token = '' + s.dumps(param).decode('ascii')
return token
def verify_token(func):
"""
校验token
Returns:
返回token被解析后的值
"""
@functools.wraps(func)
def internal(*args, **kwargs):
try:
s = Serializer(TOKEN_KEY)
session_id = s.loads(request.headers.get('token'))
records = FIND_DATA("用户", "token记录", {"session_id": session_id})
if not records:
return {"info": "提示: 账号已在别处登录"}, 401
uid = records[0]['UID']
except TypeError:
return {"info": "缺少token"}, 401
except KeyError:
return {"info": "异常token"}, 401
except BadSignature:
return {"info": "错误token"}, 401
except SignatureExpired:
return {"info": "过期token"}, 401
return func(*args, **kwargs, uid=uid)
return internal
def authority_scope(scope):
def decorate(func):
@functools.wraps(func)
def internal(*args, ** kwargs):
records = FIND_DATA("用户", "用户信息", {"UID": kwargs['uid']})
if not records:
return {"info": "提示: 账户不存在"}, 401
if records[0]['status'] != "normal":
return {"info": "提示: 账户已被禁用"}, 401
if records[0]['role'] not in scope:
return {"info": "提示: 没有此项操作权限"}, 401
return func(*args, ** kwargs)
return internal
return decorate
Reference in New Issue View Git Blame Copy Permalink