def verify_account():
"""验证账户密码"""
ip = request.remote_addr
account = request.form.get('account')
password = request.form.get('password')
admin = Admin.query.filter(
Admin.account == account,
Admin.password == common.my_md5(password)).first() # 验证数据
if admin: # 证明验证成功
session['admin'] = admin.to_dict_() # 写入session状态
resp = make_response(redirect('/')) # 构建响应
if request.form.get('remember') == 'True': # 用户需要记住密码
deadline = Token.set_deadline({'days': 7}) # 过期时间为7天
token = Token(admin.account, deadline=deadline) # 将账户与cookie期限加密
resp.set_cookie('token',
token.encryption_to_string(),
expires=deadline) # cookie加入响应
# send('message', message=f"登入者帐号{account}已成功登入ip:{ip}", to=config.recipient) # 发送邮件通知
Log(f"登入者帐号{account}已成功登入" f"ip:{ip}").direct_commit_() # 记录日志
return resp
else:
flash('账号密码错误')
# send("message", message=f"登入者帐号密码输入错误.ip:{ip}", to=config.recipient)
Log(f"登入者帐号密码输入错误.ip:{ip}\n尝试帐号:{account}\n尝试密码:{password}"
).direct_commit_()
return render_template('login.html')
def fetch_by_datesince(date, server=None, limit=1000, offset=0, count=False):
q = Log.filter('time_edit >= ', date)
if server:
q = q.filter('server = ', server)
if count:
return q.count(limit)
return q.fetch(limit, offset)
def fetch_by_guid(guid, server=None, limit=1000, offset=0, count=False):
# todo impl cache
q = Log.filter('guid = ', guid)
if server:
q = q.filter('server = ', server)
if count:
return q.count(limit)
return q.fetch(limit, offset)
def fetch_by_all(ip, nick, guid, server, limit=1000, offset=0, count=False):
q = Log.filter('ip = ', ip).filter('nick = ', nick).filter('server = ', server).filter('guid = ', guid)
if count:
return q.count(limit)
return q.fetch(limit, offset)
