def user_login(**arg): '''用户登录成功记录Cookie''' _arg = Dict(arg) _uid = str(_arg.uid) _salt = short_by_hex(_uid)[1] _hash = hashlib.md5('%s%s'%(_uid, _salt)).hexdigest() response.set_cookie('user_id', _uid, secret=SECRET, path='/', domain=COOKIE_DOMAIN) response.set_cookie('user_hash', _hash, secret=SECRET, path='/', domain=COOKIE_DOMAIN)
def wrapper(*args, **kargs): _user_id = str(BaseHandler().current_user) _user_hash = BaseHandler().current_user_hash _salt = short_by_hex(_user_id)[1] _hash = hashlib.md5('%s%s' % (_user_id, _salt)).hexdigest() if not _user_id or _user_hash != _hash: redirect('/admin/login', 302) check_user_status(_user_id) #检查用户的状态是否是正常 return f(*args, **kargs)
def wrapper(*args, **kargs): _user_id = str(BaseHandler().current_user) _user_hash = BaseHandler().current_user_hash _salt = short_by_hex(_user_id)[1] _hash = hashlib.md5('%s%s'%(_user_id, _salt)).hexdigest() if not _user_id or _user_hash != _hash: redirect('/admin/login', 302) check_user_status(_user_id) #检查用户的状态是否是正常 return f(*args, **kargs)
def change_password(cls): '''修改密码''' _oldPWD = request.POST.get('old_password', '') _newPWD = request.POST.get('password', '') _user = cls()._get_user_by_id() if _user: _salt = short_by_hex(_user['email'])[0] if hashlib.md5('%s%s' % (_oldPWD, _salt)).hexdigest() == _user['pwd']: UsersHandler().change_pwd(pwd=hashlib.md5('%s%s' % (_newPWD, _salt)).hexdigest(), email=_user['email']) cls().log_out() return json.dumps(dict(change = True, message = u'密码已更新')) return json.dumps(dict(change = False, message = u'旧密码错误')) return json.dumps(dict(change = False, message = u'无此用户'))
def change_password(cls): '''修改密码''' _oldPWD = request.POST.get('old_password', '') _newPWD = request.POST.get('password', '') _user = cls()._get_user_by_id() if _user: _salt = short_by_hex(_user['email'])[0] if hashlib.md5('%s%s' % (_oldPWD, _salt)).hexdigest() == _user['pwd']: UsersHandler().change_pwd(pwd=hashlib.md5( '%s%s' % (_newPWD, _salt)).hexdigest(), email=_user['email']) cls().log_out() return json.dumps(dict(change=True, message=u'密码已更新')) return json.dumps(dict(change=False, message=u'旧密码错误')) return json.dumps(dict(change=False, message=u'无此用户'))
def user_login(**arg): '''用户登录成功记录Cookie''' _arg = Dict(arg) _uid = str(_arg.uid) _salt = short_by_hex(_uid)[1] _hash = hashlib.md5('%s%s' % (_uid, _salt)).hexdigest() response.set_cookie('user_id', _uid, secret=SECRET, path='/', domain=COOKIE_DOMAIN) response.set_cookie('user_hash', _hash, secret=SECRET, path='/', domain=COOKIE_DOMAIN)
def register(cls): '''注册用户''' _email = request.POST.get('email', '') _password = request.POST.get('password', '') if '' == _email: return json.dumps(dict(reg = False, uid = -2, message = u'请输入Email')) if '' == _password: return json.dumps(dict(reg = False, uid = -3, message = u'请输入密码')) _user = UsersHandler().check_is_registered(email=_email) if _user: return json.dumps(dict(reg = False, uid = _user["id"], message = u'用户已经注册,请直接登陆')) _salt = short_by_hex(_email)[0] #根据email计算密码盐 _pwd = hashlib.md5('%s%s'%(_password, _salt)).hexdigest() _u_name = _email.split('@')[0] _uid = UsersHandler().insert(u_name=_u_name, email=_email, pwd=_pwd) user_login(uid = _uid) return json.dumps(dict(reg = True, uid = _uid, message = u'注册成功'))
def register(cls): '''注册用户''' _email = request.POST.get('email', '') _password = request.POST.get('password', '') if '' == _email: return json.dumps(dict(reg=False, uid=-2, message=u'请输入Email')) if '' == _password: return json.dumps(dict(reg=False, uid=-3, message=u'请输入密码')) _user = UsersHandler().check_is_registered(email=_email) if _user: return json.dumps( dict(reg=False, uid=_user["id"], message=u'用户已经注册,请直接登陆')) _salt = short_by_hex(_email)[0] #根据email计算密码盐 _pwd = hashlib.md5('%s%s' % (_password, _salt)).hexdigest() _u_name = _email.split('@')[0] _uid = UsersHandler().insert(u_name=_u_name, email=_email, pwd=_pwd) user_login(uid=_uid) return json.dumps(dict(reg=True, uid=_uid, message=u'注册成功'))
def login(cls): '''登陆''' _email = request.POST.get('email', '') _password = request.POST.get('password', '') if '' == _email: return json.dumps(dict(login = False, uid = -2, message = u'请输入Email')) if '' == _password: return json.dumps(dict(login = False, uid = -3, message = u'请输入密码')) _salt = short_by_hex(_email)[0] #根据email计算密码盐 _pwd = hashlib.md5('%s%s'%(_password, _salt)).hexdigest() _user = UsersHandler().get_pwd_by_email(email=_email) if not _user: return json.dumps(dict(login = False, uid = -1, message = u'用户不存在')) if 0 == _user['status']: return json.dumps(dict(login = False, uid = -4, message = u'请等待审核通知')) if 2 == _user['status']: return json.dumps(dict(login = False, uid = -4, message = u'异常用户')) if _pwd == _user['pwd']: user_login(uid = _user['id']) #记录登陆用户Cookie return json.dumps(dict(login = True, uid = _user['id'], message = u'登录成功')) return json.dumps(dict(login = False, uid = -5, message = u'密码错误'))
def login(cls): '''登陆''' _email = request.POST.get('email', '') _password = request.POST.get('password', '') if '' == _email: return json.dumps(dict(login=False, uid=-2, message=u'请输入Email')) if '' == _password: return json.dumps(dict(login=False, uid=-3, message=u'请输入密码')) _salt = short_by_hex(_email)[0] #根据email计算密码盐 _pwd = hashlib.md5('%s%s' % (_password, _salt)).hexdigest() _user = UsersHandler().get_pwd_by_email(email=_email) if not _user: return json.dumps(dict(login=False, uid=-1, message=u'用户不存在')) if 0 == _user['status']: return json.dumps(dict(login=False, uid=-4, message=u'请等待审核通知')) if 2 == _user['status']: return json.dumps(dict(login=False, uid=-4, message=u'异常用户')) if _pwd == _user['pwd']: user_login(uid=_user['id']) #记录登陆用户Cookie return json.dumps( dict(login=True, uid=_user['id'], message=u'登录成功')) return json.dumps(dict(login=False, uid=-5, message=u'密码错误'))