def post(self):
try:
user_token = self.get_secure_cookie("user").decode('utf-8')
user_token = json.loads(user_token)
username = user_token['username']
except Exception as e:
methods.log(str(e))
self.render('login.html')
return
if server_features.check_announcement_power(
user_token['username']) == 0:
request_content = json.loads(self.request.body)
if request_content['content'] != '':
result = server_features.write_announcement(
request_content['content'])
self.write(json.dumps({'status_code': 0, 'content': '更新成功'}))
return
else:
self.write(
json.dumps({
'status_code': -1,
'content': '兄弟,没公告啊,别乱点啊'
}))
return
elif server_features.check_announcement_power(
user_token['username']) == 1:
self.write(json.dumps({'status_code': 1, 'content': '需要更多高能瓦斯'}))
return
def get(self):
try:
user_token = self.get_secure_cookie("user").decode('utf-8')
self.render('index.html')
except Exception as e:
methods.log(str(e))
self.render('login.html')
def refresh_power(request_content):
result = 0
for i in request_content:
result += methods.update('user_admin', {'power': i['power']},
{'user': i['username']})
if result != 0:
methods.log('部分更新完毕,', result, '条更新失败')
new_list = get_admin_list()
return new_list
def get(self):
try:
user_token = self.get_secure_cookie("user").decode('utf-8')
user_token = json.loads(user_token)
username = user_token['username']
self.render('data_search.html')
return
except Exception as e:
methods.log(str(e))
self.render('login.html')
return
def find_user_accessment(username):
power = methods.search(('power', ), 'user_admin', {'user': username})
# print(power)
# 调取用户权限,如果用户权限中访问权限为1,则返回成功
if len(power) == 0:
methods.log('压根就没找到这个用户啊')
# 没找到就写入日志
else:
if power[0][0][6] == '1':
# 判断权限
return 0
else:
return 1
def get(self):
try:
user_token = self.get_secure_cookie("user").decode('utf-8')
user_token = json.loads(user_token)
username = user_token['username']
if server_features.find_user_accessment(username) == 0:
admin_list = server_features.get_admin_list()
self.render('admin.html')
# return_dict = {'status_code':0,'content':admin_list}
else:
return_dict = {'status_code': 1, 'content': '高能瓦斯不足'}
self.write(json.dumps(return_dict))
except Exception as e:
methods.log(str(e))
self.render('login.html')
def add_admin(username, add_admin_tuple):
power = methods.search(('power', ), 'user_admin', {'user': username})[0][0]
# 搜索权限
if power[6] == '1': #这里添加其他权限,0是超级管理员
if if_user_in(add_admin_tuple[0]) == 0: #先判定表中是否存在用户
result = methods.insert(
'user_admin', ('user', 'passwd', 'power'),
(add_admin_tuple[0], add_admin_tuple[1], '0000000'))
if result == 0:
return 0
# 用户不存在,权限合适,写入成功
else:
methods.log('没写成功')
else:
return -1
# 用户存在,权限合适,无法写入
else:
return 1
def post(self):
print(self.request.body)
request_content = json.loads(self.request.body)
# 获取请求身
# print(self.request.body)
username = request_content["username"]
password = methods.get_md5(request_content['password'])
# 取得用户名和密码的md5
if server_features.find_user(username,password) == 0:
sercure_json = {'username':username,'password':password}
self.set_secure_cookie("user", json.dumps(sercure_json))
# print('a user login')
return_dict = {'status_code':0,'content':'登陆成功'}
else:
return_dict = {'status_code':1,'content':'登录失败,用户名或密码不存在'}
methods.log('有人登陆了,用户名为'+username)
# print('somebody log in, username = '+username)
self.write(json.dumps(return_dict))