def register():
"""
User register
"""
reqParams = request.get_json()
email = reqParams['email'] if 'email' in reqParams else None
username = reqParams['username'] if 'username' in reqParams else None
password = reqParams['password'] if 'password' in reqParams else None
# check if email exists
user = Users.check_email_exists(Users, email)
if not user:
user = Users(email=email, username=username, password=password)
else:
return jsonify(common.returnFalseMsg('', 'Email exists'))
result = Users.add(Users, user)
if user.id:
returnUser = {
'id': user.id,
'username': user.username,
'email': user.email,
'login_time': user.login_time
}
return jsonify(common.returnTrueMsg(returnUser, "Register success."))
else:
return jsonify(common.returnFalseMsg('', 'Register fail.'))
def register():
"""
用户注册
:return: json
"""
email = request.form.get('email')
username = request.form.get('username')
password = request.form.get('password')
user = Users(
email=email,
username=username,
password=Users.set_password(Users,password)
)
user.save()
if user.id:
returnUser = {
'id': str(user.id),
'username': user.username,
'email': user.email,
'login_time': user.login_time
}
return jsonify(common.trueReturn(returnUser, "用户注册成功"))
else:
return jsonify(common.falseReturn('', '用户注册失败'))
def getUser(userId):
user = Users.get(Users, userId)
if user is None:
return jsonify(Common.falseReturn(Common, None, '找不到数据'))
else:
return jsonify(Common.trueReturn(Common, Users.output(Users,
user)))
def register():
"""
用户注册
:return: json
"""
email = request.form.get('email')
username = request.form.get('username')
password = request.form.get('password')
# 最后一条记录及其ID
lastUserRecord = Users.query.order_by('-id').first()
if (lastUserRecord is None):
newRecordId = 1
else:
newRecordId = lastUserRecord.id + 1
user = Users(id=newRecordId, email=email, username=username, password=Users.set_password(Users, password))
Users.add(Users, user)
userInfo = Users.get(Users, user.id)
if userInfo:
returnUser = {
'id': userInfo.id,
'username': userInfo.username,
'email': userInfo.email,
'login_time': userInfo.login_time
}
return jsonify(common.trueReturn(returnUser, "用户注册成功"))
else:
return jsonify(common.falseReturn('', '用户注册失败'))
def book_detail(book_id):
auth = Auth.identify(Auth, request)
if auth['status']:
r = db.find_one({"book_id": book_id}, {"_id": 0})
Users.add_view_history(auth, r)
Users.rate_to_book(auth, book_id, 0.1)
return jsonify(common.trueReturn(r, 'success'))
else:
return auth
def deleteUser(userId):
user = Users.get(Users, userId)
if user is None:
return jsonify(Common.falseReturn(Common, None, '找不到要删除的数据'))
else:
deleteRow = Users.delete(Users, userId)
user = Users.get(Users, userId)
if user is None:
return getUsers()
else:
return jsonify(Common.falseReturn(Common, None, '删除失败'))
def authenticate(self, username, password):
userInfo = Users.query.filter_by(username=username).first()
if userInfo is None:
self.error_handler('找不到用户')
else:
if (Users.check_password(Users, userInfo.password, password)):
login_time = int(time.time())
userInfo.login_time = login_time
Users.update(Users)
return userInfo
else:
self.error_handler('密码不正确')
def lease():
auth = Auth.identify(Auth, request)
if auth['status']:
duration = int(request.json.get('duration'))
book_name = request.json.get('book_name')
current_time = int(time.time() * 1000)
end_time = 2592000000 * duration + current_time
book_id = Book.get_bookId_by_bookName(book_name)
book = db.find_one({"book_name": book_name}, {"_id": 0})
user_info = Users.find_by_username(auth['data'])[0]
if 'lease_history' in user_info:
lease_history_list = []
for i in user_info['lease_history']:
if i['end_time'] > current_time and i['valid']:
lease_history_list.append(i['book']['book_id'])
else:
pass
if book_id in lease_history_list:
return jsonify(common.falseReturn('您正在借此书', '失败'))
else:
result = udb.find_one({"username":
auth['data']})['lease_history']
book_obj = {
"book": book,
"lease_time": current_time,
"end_time": end_time,
"valid": True
}
result.insert(0, book_obj)
udb.update_one({"username": auth['data']},
{"$set": {
"lease_history": result
}})
Users.rate_to_book(auth, book_id, 2)
return jsonify(common.trueReturn(result, 'success'))
else:
result = []
book_obj = {
"book": book,
"lease_time": current_time,
"end_time": end_time,
"valid": True
}
result.append(book_obj)
udb.update_one({"username": auth['data']},
{"$set": {
"lease_history": result
}})
Users.rate_to_book(auth, book_id, 2)
return jsonify(common.trueReturn(result, 'success'))
else:
return auth
def user_detail():
auth = Auth.identify(Auth, request)
if auth['status']:
result = db.find_one({"username": auth['data']}, {"_id": 0})
if request.method == 'POST':
return jsonify(common.trueReturn(result, 'success'))
elif request.method == 'PATCH':
for i in request.json:
if request.json[i]:
Users.update_user(auth['data'], i, request.json[i])
return jsonify(common.trueReturn('1', 'success'))
else:
return auth
def login():
username = request.json.get('username')
password = request.json.get('password')
if (not username or not password):
return jsonify(common.falseReturn('', '用户名和密码不能为空'))
else:
user_info = Users.find_by_username(username)
if user_info.count() != 0 and Users.check_password(
Users, user_info[0]['password'], password):
login_tiem = int(time.time())
token = Auth.authenticate(Auth, username, login_tiem)
return jsonify(common.trueReturn('成功', token))
else:
return jsonify(common.falseReturn('失败', '用户名或密码错误'))
def addUser():
user_name = request.form.get('user_name')
user_password = request.form.get('user_password')
user_nickname = request.form.get('user_nickname')
user_email = request.form.get('user_email')
user = Users(user_name=user_name,
user_password=user_password,
user_nickname=user_nickname,
user_email=user_email)
result = Users.add(Users, user)
if user.user_id:
return getUser(user.user_id)
else:
return jsonify(Common.falseReturn(Common, None, result))
def identify(self, request):
"""
用户鉴权
:param request:
:return:
"""
auth_header = request.headers.get('Authorization')
if auth_header:
auth_token_arr = auth_header.split(' ')
if not auth_token_arr or auth_token_arr[0] != 'JWT' or len(auth_token_arr) != 2:
result = common.false_return('', '验证错误')
else:
auth_toke = auth_token_arr[1]
payload = self.decode_auth_token(auth_toke)
if not isinstance(payload, str):
user = Users.get(Users, payload['data']['id'])
if user is None:
result = common.false_return('', '用户不存在')
else:
if user.login_time == payload['data']['login_time']:
result = common.true_return(user.id, '请求成功')
else:
result = common.false_return('', 'token已更改,请重新登录')
else:
result = common.false_return('', payload)
else:
result = common.false_return('', '无认证token')
return result
def decorated_function(*args, **kwargs):
auth_header = request.headers.get('Authorization')
if (auth_header):
auth_tokenArr = auth_header.split(" ")
if (not auth_tokenArr or auth_tokenArr[0] != 'JWT'
or len(auth_tokenArr) != 2):
result = common.returnFalseMsg(
'', 'Please check HTTP Header format.')
else:
auth_token = auth_tokenArr[1]
payload = Auth.decode_auth_token(auth_token)
if not isinstance(payload, str):
user = Users.get(Users, payload['data']['id'])
if (user is None):
result = common.returnFalseMsg(
'', 'Cannot find the user.')
else:
if (user.login_time == payload['data']['login_time']):
return f(user.id, *args, **kwargs)
else:
result = common.returnFalseMsg(
'', 'Token has changed, please login again.')
else:
result = common.returnFalseMsg('', payload)
else:
result = common.returnFalseMsg('',
'Please provide the auth-token.')
return jsonify(result), 401
def test_is_user_already_exist(self):
datas = [
{
"username": "******",
"password": "******",
"phonenumber": "094653438",
"address": "Malang"
},
{
"username": "******",
"password": "******",
"phonenumber": "097563782",
"address": "Jakarta"
}
]
# insert data
for data in datas:
user = UserModel(data['username'], data['password'], data['phonenumber'], data['address'])
db.session.add(user)
db.session.commit()
username = "******"
assert UserModel.is_exists(username) == True
def identify(self, request):
"""
用户鉴权
:param request:
:return: list
"""
auth_header = request.headers.get('Authorization')
if auth_header:
auth_tokenArr = auth_header.split(' ')
if (not auth_tokenArr or auth_tokenArr[0] != 'JWT'
or len(auth_tokenArr) != 2):
result = common.falseReturn('', '请传递正确的验证头信息')
else:
auth_token = auth_tokenArr[1]
payload = self.decode_auth_token(auth_token)
if not isinstance(payload, str):
u = Users().get(payload['data']['id'])
if not u:
result = common.falseReturn('', '找不到该用户信息')
else:
if u.login_time == payload['data']['login_time']:
result = common.trueReturn(u.id, '请求成功')
else:
result = common.falseReturn(
'', 'token信息更改,请重新登录获取')
else:
result = common.falseReturn('', payload)
else:
result = common.falseReturn('', '没有提供认证token')
return result
def identify(self, request):
"""
用户鉴权
:return: list
"""
auth_header = request.headers.get('Authorization')
if auth_header:
auth_token_arr = auth_header.split(" ")
if not auth_token_arr or auth_token_arr[0] != 'JWT' or len(
auth_token_arr) != 2:
result = common.falseReturn('', '请传递正确的验证头信息')
else:
auth_token = auth_token_arr[1]
payload = self.decode_auth_token(auth_token)
if not isinstance(payload, str):
user = Users.get(Users, payload['data']['id'])
if user is None:
result = common.falseReturn('', '找不到该用户信息')
else:
if user.login_time == payload['data']['login_time']:
result = common.trueReturn(user.id, '请求成功')
else:
result = common.falseReturn('', 'Token已更改,请重新登录获取')
else:
result = common.falseReturn('', payload)
else:
result = common.falseReturn('', '没有提供认证token')
return result
def identify(self, request):
"""
用户鉴权
:return: list
"""
# 前段Authorization 这个字段里面需要协商token
# head: 里面写上key Authorization value:JWT token
# 例子:JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1ODY5NTQzNDUsImlhdCI6MTU4NDM2MjMzNSwiaXNzIjoia2VuIiwiZGF0YSI6eyJpZCI6NiwibG9naW5fdGltZSI6MTU4NDM2MjMzNX19.lZesm6Ekxi3SURLQhgp95QTMIJ_k112zR4jj54RoZbU
auth_header = request.headers.get('Authorization')
if (auth_header):
auth_tokenArr = auth_header.split(" ")
if (not auth_tokenArr or auth_tokenArr[0] != 'JWT'
or len(auth_tokenArr) != 2):
result = common.falseReturn('', '请传递正确的验证头信息')
else:
auth_token = auth_tokenArr[1]
payload = self.decode_auth_token(auth_token)
# 从cookie中获取了payload
if not isinstance(payload, str):
user = Users.get(Users, payload['data']['id'])
if (user is None):
result = common.falseReturn('', '找不到该用户信息')
else: # user 是数据库中的数据,
# 下面判断数据库中的login_time跟cookie中传过来的是不是一样的.
if (user.login_time == payload['data']['login_time']):
result = common.trueReturn(user.id, '请求成功')
else:
result = common.falseReturn('', 'Token已更改,请重新登录获取')
else:
result = common.falseReturn('', payload)
else:
result = common.falseReturn('', '没有提供认证token')
return result
def updateUser(userId):
user = Users.get(Users, userId)
if user is None:
return jsonify(Common.falseReturn(Common, None, '找不到要修改的数据'))
else:
user_name = request.form.get('user_name')
user_password = request.form.get('user_password')
user_nickname = request.form.get('user_nickname')
user_email = request.form.get('user_email')
user.user_name = user_name
user.user_password = user_password
user.user_nickname = user_nickname
user.user_email = user_email
result = Users.update(Users)
return getUser(user.user_id)
def authenticate(self, username, password):
"""
用户登录,登录成功返回token,写将登录时间写入数据库;登录失败返回失败原因
:param password:
:return: json
"""
userInfo = Users.objects(username=username).first()
if (userInfo is None):
return jsonify(common.falseReturn('', '找不到用户'))
else:
if (Users.check_password(Users, userInfo.password, password)):
login_time = int(time.time())
userInfo.update(login_time=login_time)
token = self.encode_auth_token(str(userInfo.id), login_time)
return jsonify(common.trueReturn(token.decode(), '登录成功'))
else:
return jsonify(common.falseReturn('', '密码不正确'))
def authenticate(self, email, password):
"""
User Login & Authentication
"""
userInfo = Users.query.filter_by(email=email).first()
if (userInfo is None):
return jsonify(common.returnFalseMsg('', 'Cannot find the user.'))
else:
if (Users.check_password(Users, userInfo.password, userInfo.salt,
password)):
login_time = int(time.time())
userInfo.login_time = login_time
Users.update(Users)
token = self.encode_auth_token(userInfo.id, login_time)
return jsonify(
common.returnTrueMsg(token.decode(), 'Login success.'))
else:
return jsonify(common.returnFalseMsg('', 'Wrong password.'))
def reagister():
"""
用户注册
:return:json
"""
username = request.form.get('username')
password = request.form.get('password')
if len(username) < 5:
return jsonify(common.falseReturn('fail', '用户名过短'))
if len(password) < 5:
return jsonify(common.falseReturn('fail', '密码过短'))
user_info = Users.find_by_username(username)
if user_info.count() == 0:
user = Users(username, Users.set_password(Users, password))
result = Users.add_user(user)
return jsonify(common.trueReturn('成功', '注册成功'))
else:
return jsonify(common.falseReturn('失败', '用户名重复'))
def authenticate(self, username, password):
"""
用户登录,成功返回token,失败返回原因,把登录时间写进数据库
:param username:
:param password:
:return: json
"""
u = Users.query.filter_by(username=username).first()
if not u:
return jsonify(common.falseReturn('', '找不到用户'))
else:
if Users().check_password(u.password, password):
login_time = int(time.time())
u.login_time = login_time
Users.update(u)
token = self.encode_auth_token(u.id, login_time)
return common.trueReturn(token.decode(), '登录成功')
else:
return common.falseReturn('', '密码错误')
def register():
"""
用户注册
:return: json
"""
email = request.form.get('email')
user_name = request.form.get('user_name')
password = request.form.get('password')
user = Users(email=email, user_name=user_name, password=password)
result = user.add(user)
if user.id:
returnUser = {
'id': user.id,
'user_name': user.user_name,
'email': user.email
}
return jsonify(common.trueReturn(returnUser, "用户注册成功"))
else:
return jsonify(common.falseReturn('', '用户注册失败'))
def authenticate(self, username, password):
"""
用户登录,登录成功返回token,将登录时间写入数据库;登录失败返回失败原因
:param username:
:param password:
:return: json
"""
user_info = Users.query.filter_by(username=username).first()
if user_info is None:
return jsonify(common.false_return('', '用户不存在'))
else:
if Users.check_password(Users, user_info.password, password):
login_time = int(time.time())
user_info.login_time = login_time
Users.update(Users)
token = self.encode_auth_token(user_info.id, login_time)
print(token)
return jsonify(common.true_return(token.decode(), '登录成功'))
else:
return jsonify(common.false_return('', '密码不正确'))
def authenticate(self, username, password):
"""
用户登录,登录成功返回token,写将登录时间写入数据库;登录失败返回失败原因
:param password:
:return: json
"""
# 这个去数据库中先搜索是不是存在.
userInfo = Users.query.filter_by(username=username).first()
if (userInfo is None):
return jsonify(common.falseReturn('', '找不到用户'))
else:
if (Users.check_password(Users, userInfo.password, password)):
login_time = int(time.time())
userInfo.login_time = login_time
# 更新了userInfo, 就是更新当前搜索到的用户的login_time.记录到数据库中.
Users.update(Users)
token = self.encode_auth_token(userInfo.id, login_time)
return jsonify(common.trueReturn(token.decode(), '登录成功'))
else:
return jsonify(common.falseReturn('', '密码不正确'))
def register():
"""
用户注册
:return: json
"""
email = request.form.get('email')
username = request.form.get('username')
password = request.form.get('password')
user = Users(email=email,
username=username,
password=Users.set_password(Users, password))
result = Users.add(Users, user)
if user.id:
return_user = {
'id': user.id,
'username': user.username,
'email': user.email,
'login_time': user.login_time
}
return jsonify(common.true_return(return_user, '用户注册成功'))
else:
return jsonify(common.false_return('', '用户注册失败'))
def get_info(uid):
"""
Get User Info
"""
user = Users.get(Users, uid)
returnUser = {
'id': user.id,
'username': user.username,
'email': user.email,
'login_time': user.login_time
}
result = common.returnTrueMsg(returnUser, "Request success.")
return jsonify(result)
def identify(self, request):
"""
用户鉴权
:return: list
"""
auth_header = request.headers.get('Authorization')
payload = self.decode_auth_token(auth_header)
user = Users.find_by_username(payload['data']['username'])
if user.count() == 0:
result = common.falseReturn('', '找不到该用户信息')
else:
result = common.trueReturn(user[0]['username'], '请求成功')
print(result)
return result
def get():
"""
获取用户信息
:return: json
"""
user = Users.get(Users, current_identity.id)
ret = {
'id': user.id,
'username': user.username,
'email': user.email,
'login_time': user.login_time
}
result = common.trueReturn(ret, '请求成功')
return jsonify(result)
def get():
"""
获取用户信息
:return: json
"""
result = Auth.identify(Auth, request)
if (result['status'] and result['data']):
user = Users.get(Users, result['data'])
returnUser = {
'id': user.id,
'username': user.username,
'email': user.email,
'login_time': user.login_time
}
result = common.trueReturn(returnUser, "请求成功")
return jsonify(result)
def register():
"""
用户注册
:return: json
"""
email = request.form.get('email')
username = request.form.get('username').strip()
password = request.form.get('password').strip()
if username is None or username == "" or username == "null":
return jsonify(common.falseReturn('', '账号不能为空!'))
if password is None or password == "" or password == "null":
return jsonify(common.falseReturn('', '密码不能为空!'))
if not (username.isalnum()) or is_Chinese(username):
return jsonify(common.falseReturn('', '账号只能是字母或数字组成!'))
if not (password.isalnum()) or is_Chinese(username):
return jsonify(common.falseReturn('', '密码只能是字母或数字组成!'))
# 最后一条记录及其ID
lastUserRecord = Users.query.order_by('-id').first()
if (lastUserRecord is None):
newRecordId = 1
else:
newRecordId = lastUserRecord.id + 1
user = Users(id=None,
email=email,
username=username,
password=Users.set_password(Users, password))
if (Users.getUsername(Users, user.username)):
return jsonify(common.falseReturn('', '用户已存在'))
else:
Users.add(Users, user)
userInfo = Users.get(Users, user.id)
if userInfo:
returnUser = {
'id': userInfo.id,
'username': userInfo.username,
'email': userInfo.email,
'login_time': userInfo.login_time
}
return jsonify(common.trueReturn(returnUser, "用户注册成功"))
else:
return jsonify(common.falseReturn('', '用户注册失败'))
