def wrapper(*args, **kw):
users = readUsers()
cookie_session = request.get_cookie('session')
guest_session_id = request.get_cookie("guest")
guest_session = Session.getGuest(guest_session_id)
private = Session.getGuest_key(guest_session_id, 'privateKey')
user = None if guest_session is None or 'user' not in guest_session else guest_session['user']
user_ans = session_ans = de_session = session_id = None
try:
if user and cookie_session and private:
de_session = json.loads(deAES(users[user], cookie_session))
# 第一层验证 cookie解密
if user in users and de_session['user'] == user:
# 第二层验证 session
session_id = de_session['session_id']
session = Session.get(user, session_id)
# session 时间戳不活跃过期机制
if float(de_session['time']) + session_timeout > time.time() and \
session and session['user'] == user:
user_ans = user
session_ans = session
except Exception:
response.delete_cookie('guest')
response.delete_cookie('session')
temp = func(user=user_ans, session=session_ans, *args, **kw)
if user_ans:
de_session['time'] = time.time()
de_session['session_id'] = Session.update(user, session_id, session_ans)
encrypted = enAES(users[user], json.dumps(de_session))
response.set_cookie("session", encrypted, path='/')
return temp
def login():
users = readUsers()
user = request.forms.get("user")
password = request.forms.get("password")
guest_session_id = request.get_cookie("guest")
private = Session.getGuest_key(guest_session_id, "privateKey")
try:
de_user = deRSA(user, private)
de_password = deRSA(password, private)
print de_user, de_password
print users[de_user]
if de_user in users and users[de_user] == de_password:
session_id = Session.set(de_user, None, {"user": de_user})
encrypted = enAES(de_password, json.dumps({"user": de_user, "time": time.time(), "session_id": session_id}))
new_guest = Session.updateGuest(guest_session_id, {"user": de_user})
response.set_cookie("guest", new_guest, path="/")
response.set_cookie("session", encrypted, path="/")
return resJSON(1, "ok")
except Exception, e:
print e