def GetURL(apiUrl: str): cfg = Tencent.TRTC() userSig = Signature.UserSig(cfg['UserID']) random = str(Util.Time()) return 'https://console.tim.qq.com/v4/' + apiUrl + '?sdkappid=' + str( cfg['SDKAppID'] ) + '&identifier=' + str( cfg['UserID'] ) + '&usersig=' + userSig + '&random=' + random + '&contenttype=json'
def Login(self): uname = self.Post('uname') passwd = self.Post('passwd') # 验证用户名 if not Safety.IsRight('uname',uname) and not Safety.IsRight('tel',uname) and not Safety.IsRight('email',uname): return self.GetJSON({'code':4000, 'msg':'请输入用户名/手机/邮箱'}) # 密码长度 if not Safety.IsRight('passwd',passwd) : return self.GetJSON({'code':4000, 'msg':'请输入6~16位密码'}) # 查询 model = UserM() model.Table('user AS a') model.LeftJoin('user_info AS b', 'a.id=b.uid') model.LeftJoin('sys_perm AS c', 'a.id=c.uid') model.LeftJoin('sys_role AS d', 'c.role=d.id') model.Where( '(a.uname=%s OR a.tel=%s OR a.email=%s) AND a.password=%s', uname, uname, uname, Hash.Md5(passwd) ) model.Columns('a.id', 'a.state', 'b.position', 'b.nickname', 'b.name', 'b.gender', 'b.birthday', 'b.img', 'c.perm', 'd.perm as role_perm') data = model.FindFirst() # 是否存在 if not data : return self.GetJSON({'code':4000, 'msg':'帐号或密码错误!'}) # 是否禁用 if data['state']!='1' : return self.GetJSON({'code':4000, 'msg':'该用户已被禁用!'}) # 权限 perm = data['role_perm'] if data['perm'] : perm=data['perm'] if not perm : return self.GetJSON({'code':4000, 'msg':'该用户不允许登录!'}) redis = Redis() key = Env.admin_token_prefix+'_perm_'+str(data['id']) redis.Set(key, perm) redis.Expire(key, Env.admin_token_time) redis.Close() # 登录时间 model.Table('user') model.Set({'ltime': Util.Time()}) model.Where('id=%s', data['id']) model.Update() # 返回 return self.GetJSON({ 'code': 0, 'msg': '成功', 'token': AdminToken.Create({'uid':str(data['id']), 'uname':uname}), 'uinfo': { 'uid': data['id'], 'uname': uname, 'position': data['position'], 'nickname': data['nickname'], 'name': data['name'], 'gender': data['gender'], 'img': Env.base_url+data['img'] if data['img']!='' else '', } })
def RoomDismiss(roomId: str): # 参数 Trtc.Init() Signature.Action = 'DismissRoomByStrRoomId' # 数据 time = Util.Time() data = { 'SdkAppId': str(Trtc.SdkAppId), 'RoomId': roomId, } # 请求头 header = Signature.V3Header(data) return Curl.PostJson(Signature.ApiUrl, data, header)
def VerifyUserSig(userId: int, userSig: str): # 解码 base64 = Base64.UrlDecode(userSig) # 解压 un_sig = Base64.UnCompress(base64) data = Util.JsonDecode(bytes.decode(un_sig)) # 配置 cfg = Tencent.TRTC() if str(cfg['SDKAppID']) != data['TLS.sdkappid']: return 0 if str(userId) != data['TLS.identifier']: return 0 # 是否过期 now_time = Util.Time() out_time = int(data['TLS.time']) + int(data['TLS.expire']) if now_time > out_time: return 0 return out_time - now_time
def UserSig(userId: any, expire: int = 0): # 配置 cfg = Tencent.TRTC() if expire == 0: expire = cfg['ExpireTime'] # 参数 param = { 'TLS.ver': '2.0', 'TLS.identifier': str(userId), 'TLS.sdkappid': str(cfg['SDKAppID']), 'TLS.expire': str(expire), 'TLS.time': str(Util.Time()), } # 签名 param['TLS.sig'] = Signature.__hmacsha256(param, cfg['SecretKey']) # 压缩 data = Base64.Compress(Util.JsonEncode(param)) return Base64.UrlEncode(data)
def Perm(self): # 验证 token = self.Post('token') msg = AdminToken.Verify(token, request.path) if msg != '': return self.GetJSON({'code': 4001, 'msg': msg}) # 参数 id = self.Post('id') perm = self.Post('perm') if not id: return self.GetJSON({'code': 4000, 'msg': '参数错误!'}) # 数据 m = SysRoleM() m.Set({'perm': perm, 'utime': Util.Time()}) m.Where('id=%s', id) if m.Update(): return self.GetJSON({'code': 0, 'msg': '成功'}) else: return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def V3Header(data: dict = {}): # 数据 json = Util.JsonEncode(data) if len(data) > 0 else '{}' HashedRequestPayload = Hash.Sha256(json) # 请求串 CanonicalRequest = Signature.RequestMethod+"\n"\ + Signature.CanonicalURI+"\n"\ + Signature.CanonicalQueryString+"\n"\ + 'content-type:'+Signature.ContentType+"\n"+'host:'+Signature.Host+"\n"+"\n"\ + Signature.SignedHeaders+"\n"\ + HashedRequestPayload # 字符串 timeStamp = str(Util.Time()) date = datetime.utcfromtimestamp(float(timeStamp)).strftime("%Y-%m-%d") CredentialScope = date + '/' + Signature.Service + '/tc3_request' HashedCanonicalRequest = Hash.Sha256(CanonicalRequest) StringToSign = Signature.Algorithm+"\n"\ + timeStamp+"\n"\ + CredentialScope+"\n"\ + HashedCanonicalRequest # 计算签名 cfg = Tencent.CAPI() SecretDate = Hash.HmacSha256(date, str.encode("TC3" + cfg['SecretKey'])) SecretService = Hash.HmacSha256(Signature.Service, SecretDate) SecretSigning = Hash.HmacSha256('tc3_request', SecretService) Sign = Hash.HexEncode(Hash.HmacSha256(StringToSign, SecretSigning)) # Authorization Authorization = Signature.Algorithm+' '\ + 'Credential='+cfg['SecretId']+'/'+CredentialScope+', '\ + 'SignedHeaders='+Signature.SignedHeaders+', '\ + 'Signature='+Sign # 请求头 header = { 'Authorization': Authorization, 'Content-Type': Signature.ContentType, 'Host': Signature.Host, 'X-TC-Action': Signature.Action, 'X-TC-Version': Signature.Version, 'X-TC-Timestamp': timeStamp, 'X-TC-Region': Signature.Region, } return header
def Add(self): # 验证 token = self.Post('token') msg = AdminToken.Verify(token, request.path) if msg != '': return self.GetJSON({'code': 4001, 'msg': msg}) # 参数 data = self.Post('data') if not data: return self.GetJSON({'code': 4000, 'msg': '参数错误!'}) param = Util.JsonDecode(data) name = Util.Trim(param['name']) if 'name' in param.keys() else '' if name == '': return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'}) # 数据 m = SysRoleM() m.Values({'name': name, 'ctime': Util.Time()}) if m.Insert(): return self.GetJSON({'code': 0, 'msg': '成功'}) else: return self.GetJSON({'code': 5000, 'msg': '添加失败!'})
def Edit(self): # 验证 token = self.Post('token') msg = AdminToken.Verify(token, request.path) if msg != '': return self.GetJSON({'code': 4001, 'msg': msg}) # 参数 id = self.Post('id') data = self.Post('data') if not id or not data: return self.GetJSON({'code': 4000, 'msg': '参数错误!'}) param = Util.JsonDecode(data) name = Util.Trim(param['name']) if 'name' in param.keys() else '' if name == '': return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'}) # 数据 m = SysRoleM() m.Set({'name': name, 'utime': Util.Time()}) m.Where('id=%s', id) if m.Update(): return self.GetJSON({'code': 0, 'msg': '成功'}) else: return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def Edit(self): # 验证 token = self.Post('token') msg = AdminToken.Verify(token, request.path) if msg != '': return self.GetJSON({'code': 4001, 'msg': msg}) # 参数 id = self.Post('id') data = self.Post('data') if not id or not data: return self.GetJSON({'code': 4000, 'msg': '参数错误!'}) param = Util.JsonDecode(data) title = Util.Trim(param['title']) if 'title' in param.keys() else '' if title == '': return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'}) # 数据 m = ApiMenu() m.Set({ 'fid': Util.Trim(param['fid']) if 'fid' in param.keys() else 0, 'title': title, 'url': Util.Trim(param['url']) if 'url' in param.keys() else '', 'ico': Util.Trim(param['ico']) if 'ico' in param.keys() else '', 'sort': Util.Trim(param['sort']) if 'sort' in param.keys() else 0, 'controller': Util.Trim(param['controller']) if 'controller' in param.keys() else '', 'utime': Util.Time(), }) m.Where('id=%s', id) if m.Update(): return self.GetJSON({'code': 0, 'msg': '成功'}) else: return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def Add(self): # 验证 token = self.Post('token') msg = AdminToken.Verify(token, request.path) if msg != '': return self.GetJSON({'code': 4001, 'msg': msg}) # 参数 data = self.Post('data') if not data: return self.GetJSON({'code': 4000, 'msg': '参数错误!'}) param = Util.JsonDecode(data) title = Util.Trim(param['title']) if 'title' in param.keys() else '' if title == '': return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'}) # 数据 m = ApiMenu() m.Values({ 'fid': Util.Trim(param['fid']) if 'fid' in param.keys() else 0, 'title': title, 'url': Util.Trim(param['url']) if 'url' in param.keys() else '', 'ico': Util.Trim(param['ico']) if 'ico' in param.keys() else '', 'sort': Util.Trim(param['sort']) if 'sort' in param.keys() else 0, 'controller': Util.Trim(param['controller']) if 'controller' in param.keys() else '', 'ctime': Util.Time(), }) if m.Insert(): return self.GetJSON({'code': 0, 'msg': '成功'}) else: return self.GetJSON({'code': 5000, 'msg': '添加失败!'})