Example #1
0
 def verify_auth_token(token):
     s = Serializer(SysConfig.SecretKey())
     try:
         data = s.loads(token)
     except SignatureExpired:
         print("token过期了")
         return SysConfig.ReturnCode("TOKEN_EXPIRED")
     except BadSignature:
         print("无效的token")
         return SysConfig.ReturnCode("TOKEN_ERROR")
     user = User.query.get(data['ID'])
     return user
Example #2
0
 def wrapper(*args, **kwargs):
     parser.add_argument('UserID', location='headers')
     args = parser.parse_args()
     print("UserID认证:", {args["UserID"]})
     if not args["UserID"]:
         return SysConfig.ReturnCode("USERID_NEED")
     check_user = User.query.get(args["UserID"])
     if not check_user:
         return SysConfig.ReturnCode("USER_NOT_EXIST")
     if check_user.RoleID != 1:
         return SysConfig.ReturnCode("USER_NOT_PERMISSION")
     return func(*args, **kwargs)
Example #3
0
 def delete(self, *args, **kwargs):
     parser.add_argument("ArticleID")
     args = parser.parse_args()
     check_article = Article.query.get(args["ArticleID"])
     if not check_article:
         return SysConfig.ReturnCode("ARTICLE_NOT_EXIST")
     db.session.delete(check_article)
     try:
         db.session.commit()
         return SysConfig.ReturnCode("DELETE_SUCCESS")
     except Exception as e:
         db.session.rollback()
         return {"code": 204, "message": f"删除失败!{str(e)}"}
Example #4
0
 def post(self):
     parser.add_argument("Password", help="用户密码")
     args = parser.parse_args()
     check_user = User.query.filter_by(UserName=args["UserName"]).first()
     if not check_user:
         return SysConfig.ReturnCode("USER_NOT_EXIST")
     if not check_user.verify_password(args["Password"]):
         return SysConfig.ReturnCode("USER_PASSWORD_ERROR")
     token = check_user.generate_auth_token()
     return {
         "code": 200,
         "Token": token.decode('ascii'),
         "UserID": check_user.ID
     }
Example #5
0
 def post(self):
     print("开始添加用户")
     parser.add_argument("Password", help="密码")
     args = parser.parse_args()
     if args["UserName"] == None or args["UserName"] == "":
         return SysConfig.ReturnCode("USER_NAME_EMPTY")
     if args["Password"] == None or args["Password"] == "":
         return SysConfig.ReturnCode("USER_PASSWORD_EMPTY")
     check_user = User.query.filter_by(UserName=args["UserName"]).first()
     if check_user:
         return SysConfig.ReturnCode("USER_EXIST")
     check_user = User()
     check_user.UserName = args["UserName"]
     check_user.password = args["Password"]
     db.session.add(check_user)
     db.session.commit()
     return SysConfig.ReturnCode("SIGN_UP_SUCCESS")
Example #6
0
 def put(self, *args, **kwargs):
     parser.add_argument("ArticleID")
     parser.add_argument("Title")
     parser.add_argument("Text")
     args = parser.parse_args()
     check_article = Article.query.get(args["ArticleID"])
     if not check_article:
         return SysConfig.ReturnCode("ARTICLE_NOT_EXIST")
     check_article.Title = args["Title"]
     check_article.Text = args["Text"]
     check_article.UpdateTime = datetime.now()
     try:
         db.session.commit()
         return SysConfig.ReturnCode("CHANGE_SUCCESS")
     except Exception as e:
         db.session.rollback()
         return {"code": 204, "message": f"添加失败!{str(e)}"}
Example #7
0
 def wrapper(*args, **kwargs):
     parser.add_argument('Token', location='headers')
     args = parser.parse_args()
     print("token认证:", {args["Token"]})
     if not args["Token"]:
         return SysConfig.ReturnCode("TOKEN_NEED")
     check_user = User.verify_auth_token(args["Token"])
     if type(check_user) == type({}):
         return check_user
     return func(*args, **kwargs)
Example #8
0
 def get(self, *args, **kwargs):
     parser.add_argument("ArticleID")
     args = parser.parse_args()
     # 下面注释了无需链表的查询
     # article = Article.query.get(args['ArticleID'])
     article = db.session.query(
         Article.Title, Article.Text, Article.UserID, Article.CreateTime,
         Article.UpdateTime,
         User.UserName).outerjoin(User, Article.UserID == User.ID).filter(
             Article.ID == args['ArticleID']).first()
     if not article:
         return SysConfig.ReturnCode("ARTICLE_NOT_EXIST")
     article_schema = ArticleSchema()
     return article_schema.dump(article)
Example #9
0
 def generate_auth_token(self, expiration=600):
     s = Serializer(SysConfig.SecretKey(), expires_in=expiration)
     return s.dumps({'ID': self.ID})