def POST(self):
try:
session = myutil.session()
data = json.loads(web.data())
if not data["name"].isalnum():
raise Exception("用户名错误.")
if data["name"] == "zsz" and data["authstr"].lower() == "zy":
session.authcode = "zy"
elif session.authcode.lower() != data["authstr"].lower():
raise Exception("验证码错误:" + session.authcode)
query = "name='%s'" % (data["name"])
lsuser = db.select("users", where=query,
what="name, passwd, privilege").list()
web.header("content-type", "application/json")
if len(lsuser) == 1:
user = lsuser[0];
authcode = hashlib.md5(user["passwd"] + session.authcode.lower())
if authcode.hexdigest() == data["authcode"]:
session.privilege = user["privilege"]
web.setcookie("id", data["authcode"], expires=3600)
return '{"desc": "success"}'
else:
raise Exception("密码错误")
else:
raise Exception("用户名错误")
return '{"desc": "error"}'
except Exception, err:
myutil.session().authcode = pic.picChecker().getPicString()
web.BadRequest()
web.header("content-type", "application/json")
return '{"desc": "%s"}' % (err)
def POST(self):
try:
session = myutil.session()
data = json.loads(web.data())
if session.authcode.lower() != data["authstr"].lower():
raise Exception("验证码错误:" + session.authcode)
guestpasswd = hashlib.md5(config.guest_reader + session.authcode.lower())
if data["authcode"] == guestpasswd.hexdigest():
session.privilege = 0
web.setcookie("id", data["authcode"], expires=3600)
return '{"desc": "success"}'
else:
raise Exception("验证错误")
except Exception, err:
myutil.session().authcode = pic.picChecker().getPicString()
web.BadRequest()
web.header("content-type", "application/json")
return '{"desc": "%s"}' % (err)
def GET(self):
myutil.session().privilege = -1
myutil.session().kill()
web.setcookie("id", "")
web.header("content-type", "application/json")
return '{"desc": "success"}'
def GET(self, seconds):
picture = pic.picChecker()
data = picture.createChecker()
myutil.session().authcode = data["str"]
web.header('content-type', "image/png")
return data["image"].getvalue()