def identify(self, request):
"""
用户鉴权
:return: list
"""
auth_header = request.headers.get('Authorization')
if (auth_header):
auth_tokenArr = auth_header.split(" ")
if (not auth_tokenArr or auth_tokenArr[0] != 'JWT' or len(auth_tokenArr) != 3):
result = falseReturn('', '请传递正确的验证头信息')
else:
auth_token = auth_tokenArr[2]
payload = self.decode_auth_token(auth_token)
if not isinstance(payload, str):
user = User.get(User, payload['data']['id'])
if (user is None):
result = falseReturn('', '找不到该用户信息')
else:
if (user.login_time == payload['data']['login_time']):
result = trueReturn(user.id, '请求成功')
else:
result = falseReturn('', 'Token已更改,请重新登录获取')
else:
result = falseReturn('', payload)
else:
result = falseReturn('', '没有提供认证token')
return result
def register():
"""
用户注册
:return: json
"""
email = request.form.get('email')
username = request.form.get('username')
password = request.form.get('password')
# 最后一条记录及其ID
lastUserRecord = User.query.order_by(desc('id')).first()
if (lastUserRecord is None):
newRecordId = 1
else:
newRecordId = lastUserRecord.id + 1
user = User(id=newRecordId,
email=email,
username=username,
password=User.set_password(User, password))
User.add(User, user)
userInfo = User.get(User, user.id)
if userInfo:
returnUser = {
'id': userInfo.id,
'username': userInfo.username,
'email': userInfo.email,
'login_time': userInfo.login_time
}
return jsonify(trueReturn(returnUser, REGISTER_SUCCESS_MSG))
else:
return jsonify(falseReturn('', REGISTER_FAILURE_MSG))
def load_user_from_request(request):
result = Auth.identify(Auth, request)
if (result['status'] and result['data']):
user = User.get(User, result['data'])
if user:
return user
else:
print("is exception !!!!")
return falseReturn('', '用户验证失败')
def authenticate(self, username, password):
"""
用户登录,登录成功返回token,写将登录时间写入数据库;登录失败返回失败原因
:param password:
:return: json
"""
userInfo = User.query.filter_by(username=username).first()
if (userInfo is None):
return jsonify(falseReturn('', '找不到用户'))
else:
if (User.check_password(User, userInfo.password, password)):
login_time = int(time.time())
userInfo.login_time = login_time
User.update(User)
token = self.encode_auth_token(userInfo.id, login_time)
return jsonify(trueReturn(token.decode(), '登录成功'))
else:
return jsonify(falseReturn('', '密码不正确'))
def handle_exception(e):
"""Return JSON instead of HTML for HTTP errors."""
# start with the correct headers and status code from the error
# response = e.get_response()
# replace the body with JSON
# response.content_type = "application/json"
rst = json.dumps({
"code": e.code,
"name": e.name,
"description": e.description,
})
logging.error(rst)
return jsonify(falseReturn(rst,API_FAILURE_MSG))