def verif_reset_token(token):
s = Serializer(app.config['SECRET_KEY'])
try:
user_id = s.load(token)['user_id']
except:
return None
return User.query.get(user_id)
def verify_reset_token(token):
s = Serializer(current_app.config['SECRET KEY'], expire_sec)
try:
user_id = s.load(token)['user_id']
except:
return None
return User.query.get(user_id)
def verify_auth_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except:
return None
return User.query.get(data['id'])
def varify_reset_token(token):
s = Serializer(app.config['SECRET_KEY'])
try:
user_id = s.load(tolen)['user_id']
except: # in case that the token had been expires
return None
return User.query.get(user_id)
def get(self, request, token):
serializer = Serializer(settings.SECRET_KEY, 3600)
try:
result = serializer.load(token)
except SignatureExpired:
return HttpResponse('邮箱验证已经过期')
user_id = result.get('confirm')
try:
user = User.objects.get(id=user_id)
except User.DoesnotExit:
return HttpResponse('用户不存在')
user.is_active = True
user.save()
return redirect(reversed('goods:index'))
def verfiy_reset_token(token):
s = Serializer(app.secret_key)
try:
user_id = s.load(token)
except:
return None
return User.query.get(user_id)
def verify_reset_token(token):
s = Serializer(current_app.config["SECRET_KEY"])
try:
user_id = s.load(token)["user_id"]
except:
return None
return User.query.get(user_id)
def verify_auth_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except:
return None
return User.query.get(data['id'])
def verify_reset_token(token):
s = Serializer('current_app.config[SECRET_KEY]')
try:
user_id = s.load(token)['user_id']
except:
return None
return User.query.get(user_id)
def verify_reset_token(token):
from run import app
s = Serializer(app.secret_key)
try:
reader_id = s.load(token)['id']
except:
return None
return Reader.query.get(reader_id)
def verify_token(token, loading_key):
""" Checks if the Email token is still valid to reset user password """
serializer = TimedJSONWebSignatureSerializer(
current_app.config["SECRET_KEY"])
try:
user_id = serializer.load(token)[loading_key]
except:
return None
return UserModel.query.get(user_id)
def check_access_token(access_token):
"""openid反序列化"""
serializer = Serializer(settings.SECRET_KEY,
constants.ACCESS_TOKEN_EXPIRES)
try:
data = serializer.load(access_token)
except BadData:
return None
else:
return data.get('openid')
def reset_password(self, token, new_password):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except:
return False
if data.get('reset') != self.id:
return False
self.password = new_password
db.session.add(self)
return True
def reset_password(token, new_password):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token.encode('utf-8'))
except:
return False
uid = data.get('id')
with db.auto_commit():
user = User.query.get(uid)
user.password = new_password
return True
def confirm(self, token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except:
return False
if data.get('confirm') != self.id:
return False
self.confirmed = True
db.session.add(self)
return True
def verify_auth_token(token):
s = Serializer(config['SECRET_KEY'])
try:
data = s.load(token)
except SignatureExpired:
return None
except BadSignature:
return None
user = User.query.get
return user
def check_sms_access_token(access_token):
serializer = TJSerializer(
secret_key=settings.SECRET_KEY,
expires_in=constants.SET_PASSWORD_TOKEN_EXPIRES)
try:
data = serializer.load(access_token)
except BadData:
return None
else:
mobile = data.get('mobile')
return mobile
def confirm(self, token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except:
return False
if data.get('confrim') != self.id:
return False
self.confirmed = True
db.session.add(self)
return True
def validate_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except (BadSignature, SignatureExpired):
return False
user = User.query.get(data['id'])
if user is None:
return False
g.current_user = user
return True
def get(self, request, token):
serializer = Serializer(settings.SECRET_KEY, 3600)
try:
info = serializer.load(token)
user_id = info['confirm']
user = User.objects.get(id=user_id)
user.is_active = 1
user.save()
return redirect(reverse('user:login'))
except SignatureExpired as e:
return HttpResponse('连接已过期')
def get(self, request, info):
tser = Tser(settings.SECRET_KEY)
try:
obj = tser.load(info)
id = obj['userid']
user = get_object_or_404(models.Account, pk=id)
user.activation = 1
user.save()
return render(request, 'login.html', {'a': 'chengg'})
except SignatureExpired as e:
return HttpResponse('过期了')
def reset_password(token, new_password):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token.encode('utf-8'))
except:
return False
user = User.query.get(data.get('reset'))
if user is None:
return False
user.password = new_password
db.session.add(user)
return True
def check_access_token(access_token_openid):
"""反解、反序列access_token_openid"""
# 创建序列化器对象:序列化和反序列化的对象的参数必须是一模一样
serializer = Serializer(settings.SECRET_KEY, expires_in=constants.ACCESS_TOKEN_EXPIRES)
# 反序列化openid密文
try:
data = serializer.load(access_token_openid)
except BadData: # openid密文过期
return None
else:
# 返回openid明文
return data.get('openid')
def verify_my_access(token):
s = Serializer(Config.secret_key_for_access_tokens)
try:
data = s.load(token)
except SignatureExpired:
return "Signature Expired"
except BadSignature:
return "Bad user"
token = AccessToken.query.get(data[id])
if not token:
return "No tokens"
return token.user
def validate_token(token):
"""
验证令牌
"""
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except (BadSignature, SignatureExpired):
return False
user = User.query.get(data['id']) # 使用令牌中的ID来查询用户对象
if user is None:
return False
g.current_user = user # 将用户对象存储到g上
return True
def check_open_id(openid_sign):
"""
对原始openid进行解密
:param openid_sign: 要解密的openid
:return: 原始openid
"""
# 1. 创建Serializer 实例对象 (密钥, 过期时间:秒)
serializer = Serializer(secret_key=settings.SECRET_KEY, expires_in=600)
# 2. 对象数据进行解密 loads(要解密)
try:
data = serializer.load(openid_sign) # 输入 反序列化: 字典转模型
return data.get('openid')
except BadData:
return None
def check_activate_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except:
return False
user = User.query.get(data.get('id'))
if user is None:
# 不存在此用户
return False
if not user.confirmed:
# 账户没有激活是才激活
user.confirmed = True
db.session.add(user)
return True
def validate_token(user, token, operation):
s = Ser(current_app.config['SECRET_KEY'])
try:
data = s.load(token)
except (SignatureExpired, BadSignature):
return False
if operation != data.get('operation') or user.id != data.get('id'):
return False
if operation == Operations.CONFIRM:
user.confirmed = True
else:
return False
db.session.commit()
return True
def change_email(self, token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(current_app.config['SECRET_KEY'])
except:
return False
if data.get('change_email') != self.id:
return False
new_email = data.get('new_email')
if not new_email:
return False
if self.query.filter_by(email=new_email).first() is not None:
return False
self.email = new_email
self.avatar_hash = self.gravatar_hash()
db.session.add(self)
return True
def get(self, request, token):
'''进行用户激活'''
#进行解密, 获取要激活的用户信息
serializer = Serializer(settings.SECRET_KEY, 3600)
try:
info = serializer.load(token)
#获取待激活用户的id
user_id = info['confirm']
#根据id获取用户信息
user = User.objects.get(id=user_id)
user.is_active = 1
user.save()
#跳转到登录页面
return redirect(reverse('user:login'))
except SignatureExpired as e:
#激活链接已过期
return HttpResponse('激活链接已过期')
def confirm(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.load(token) # data == {'ID': User.id}
except BadSignature:
return render_template('errors/bad_token.html')
id = data.get('confirm')
user = User.search({'_id': ObjectId(id)})
if user is None:
flash('The confirmation link is invalid or has expired.',
category='danger')
if user.get('is_confirmed'):
flash('Your account has already been confirmed.', category='danger')
time.sleep(2)
return redirect(url_for('main.index'))
User.update_doc({'_id': ObjectId(id)}, {'is_confirmed': True})
flash('You have confirmed your account successfully, Thank you!',
category='success')
time.sleep(2)
return redirect(url_for('main.index'))
class auth:
def __init__(self, expire):
self.expire = expire
self.auth = TimedJSONWebSignatureSerializer(app.secret_key, expire)
def encode(self, username, usertype):
epochnow = time.time()
temp = str(
self.auth.dumps({
"token_type": "auth",
"username": username,
"issued": epochnow,
"usertype": usertype
}))[2:-1]
return temp
def check(self, token):
try:
return self.auth.loads(token)
except:
return False
def get_expire(self, token):
try:
this = self.auth.loads(token)["issued"] + float(
self.expire) - epochnow()
return this
except:
return 0
def check_user_acl(self, token):
try:
this = self.auth.load(token)
return this["userttype"]
except:
return False
def confirm(self,token): s=Serializer(current_app['SECRET_KEY']) try: data = s.load(token) except Exception, e: return False
