def login():
user_form = UserForm(request.form)
if user_form.validate():
user_service = UserService(user_form.data)
result = user_service.login()
return Response.successByMessage(em='登陆成功', data=result)
else:
return Response.errorByMessage(em='参数校验失败')
def confirm_email(token):
try:
email = UserService.verify_email_token(token)
except:
flash('The confirmation link is invalid or has expired.', 'danger')
user = UserService.get_by_email(email['email'])
if user['confirmed']:
flash('Account already confirmed. Please login.', 'success')
else:
UserService.update_confirmed_user(email['email'])
flash('You have confirmed your account. Thanks!', 'success')
return redirect(url_for('admin.signin'))
def get(self):
# get meta data
meta = RequestParams.pagination()
# get data from repository by service
users = UserService.getAllData(page_position=meta['PagePosition'],
page_size=meta['PageSize'])
# data serialization
data = UserService.serialization(users['Data'], many=True)
# json response
response = Response.json(data, users['Meta'])
return response, 200
def signin():
if request.method == 'GET':
return render_template('admin/signin.html')
email = request.form.get('email')
password = request.form.get('password')
user = UserService.get_by_email(email)
if user is not None and UserService.check_password(user['id'], password):
login_admin(user['id'])
return redirect(url_for('admin.show_posts'))
return render_template('admin/signin.html')
def post(self):
# get payload
payload = User.parser.parse_args()
# check user
user = UserService.getDataByUsername(payload['username'])
if user and safe_str_cmp(user.password, payload['password']):
access_token = create_access_token(identity=user.id, fresh=True)
refresh_token = create_refresh_token(user.id)
return {
'access_token': access_token,
'refresh_token': refresh_token
}, 200
return {'message': 'invalid credentials'}, 401
def signup():
form = SignupForm()
if 'admin_uid' in session:
return render_template('admin/index.html', form=form)
if request.method == 'GET':
return render_template('admin/signup.html', form=form)
username = form.username.data
password = form.password.data
email = form.email.data
user = UserService.add_user(username, password, email)
token = UserService.generate_email_token(user['email'])
confirm_url = url_for('admin.confirm_email', token=token, external=True)
html = render_template('admin/email.html', confirm_url=confirm_url)
subject = "Please confirm your email"
sender = 'bababa'
send_email(subject, sender, user['email'], html)
return render_template('admin/signin.html', form=form)
def wrapper(*args, **kwargs):
user_id = session['admin_uid']
if user_id:
token = UserService.generate_auth_token(user_id)
user = UserService.verify_auth_token(token)
return method(*args, **kwargs)
def get_my_profile(user_id):
user = UserService.get(user_id)
if not user:
pass
# return jsonify({ 'resource': "hello, world!" })
return render_template('admin/user.html', user=user)
def get_auth_token():
user_id = session['admin_uid']
token = UserService.generate_auth_token(user_id)
session['token'] = token
return jsonify({'token': token.decode('ascii')})
def wrapper(*args, **kwargs):
user_id = session['admin_uid']
if user_id:
token = UserService.generate_auth_token(user_id)
user = UserService.verify_auth_token(token)
return method(*args, **kwargs)