Beispiel #1
0
def login():
    form = UserController.LoginForm(request.form)
    msg = ''
    role = UserRole.Student
    if request.method == 'POST':
        ajax = False
        if request_wants_json():
            ajax = True
            data = get_data_from_ajax()
            form.username.data = unicode(data.get('username', None))
            form.password.data = unicode(data.get('password', None))
            role = data.get('role', None)
            role = int(role) if role is not None else UserRole.Student
        if ajax or form.validate_on_submit():
            username = form.username.data
            password = hashutil.hash_md5(form.password.data)
            userindex = UserController.get_userindex_byname(username)
            role = UserRole.get(role)
            if userindex is None:
                # userindex = UserController.create_userindex(username, password, role)
                # token = UserController.generate_token(username)
                # return return_data(None, {'token': token, 'detail': False},
                #                    msg="register success for %s" % userindex.Username)
                abort(403, "该用户不存在,请先注册!")
            else:
                if password == userindex.Password:
                    if role != userindex.Role:
                        abort(
                            403, u"该用户登陆时选择了不同的身份(应该为:%s)" %
                            UserRoleMapping.get(userindex.Role, u"学生"))

                    # enter index page
                    # session['user'] = userindex.username
                    msg = 'You were successfully login in for user:%s !' % username
                    flash(msg)
                    # if request_wants_json():
                    #     return jsonify(jsonutil.json_wrapper({}, 0, msg))
                    token = UserController.generate_token(username)

                    detail = False if userindex.UserID == '' else True
                    return return_data(None, {
                        'token': token,
                        'detail': detail
                    },
                                       msg="login success for %s" %
                                       userindex.Username)
                else:
                    msg = u"密码错误!"
                    flash(msg)
            pass
        else:
            msg = u'用户名或者密码不符合要求(最小3位最长20位)'
            flash(msg)
    else:
        msg = u'请登陆'
        flash(msg)

    if request_wants_json():
        abort(401, msg)

    return render_template('login.html', form=form, info=msg)
Beispiel #2
0
    username = unicode(username)
    userindex = UserController.get_userindex_byname(username)
    if userindex is not None:
        abort(403, u"该用户(%s)已经注册过" % username)

    password = hashutil.hash_md5(unicode(password))
    try:
        role = int(role) if role is not None else UserRole.Student
    except ValueError, e:
        abort(403, u"Role 必须为整数")

    if role not in [0, 1]:
        abort(403, u"Role 必须为 0 或 1")

    userindex = UserController.create_userindex(username, password, role)
    token = UserController.generate_token(username)
    return return_data(None, {
        'token': token,
        'detail': False
    },
                       msg="register success for %s" % userindex.Username)


@app.route('/user/detail', methods=['GET', 'POST'])
@allow_cross_domain
@check_auth
def finish_userdetail_info(userindex):
    data = get_data_from_ajax()
    userid = data.get("UserID", None)
    if userid is None:
        userid = data.get("IDNo", None)