def add_session(form): if not assert_keys_in_form_exist(form, ['email', 'password']): return msg.error_msg("Please check the inputs.") sessions = SessionModel() users = UserModel() (email, password) = (form['email'], form['password']) users_founded = users.get_user(email=email, password=encrypt(password), enable=True) if users_founded == None: return msg.error_msg("Failed to validate user information.") if len(users_founded) == 0: return msg.error_msg("Invalid email address or password.") uid = users_founded[0]['user_id'] new_session_id = sessions.create_session_id() start_time = datetime.utcnow() res = sessions.start_session(new_session_id, uid, start_time) if res == None: return msg.error_msg("Failed to start a new session.") return msg.success_msg({ "sessionID": new_session_id, "uid": uid, "startTime": str(start_time), "userName": users_founded[0]['name'] })
def get_user_info(form): users = UserModel() sessions = SessionModel() if not assert_keys_in_form_exist(form, ['sessionID']): return msg.error_msg("Invalid Session ID.") session_id = form['sessionID'] session = sessions.get_session(session_id) if len(session) == 0: return msg.error_msg("Unable to find the session.") (sessionid, uid, start_time, end_time) = session[0].values() user = users.get_user(uid=uid) if len(user) == 0: return msg.error_msg("Unable to find the user") (uid, name, email, phone, password, major, degree, enable) = user[0].values() return msg.success_msg({ "uid": uid, "name": name, "email": email, "phone": phone, "major": major, "degree": degree })
def __init__(self, auth_header): self.auth_header = auth_header s = URLSafeSerializer(secret_key=settings.TOKEN_SECRET_KEY) try: self.auth_key = s.loads(self.auth_header['X-AUTH-KEY']) # self.user_key = self.auth_header['X-AUTH-USER'] user = User() user.id = self.auth_key user.get_user() self.is_authorized_user = user.id == self.auth_key # users auth key is valid except BadSignature: self.is_authorized_user = False except BadPayload: self.is_authorized_user = False except: print sys.exc_info()[0] self.is_authorized_user = False
def add_user(form): users = UserModel() if not assert_keys_in_form_exist( form, ['name', 'email', 'phone', 'password', 'major', 'degree']): return msg.error_msg("Please check your requests.") name = form['name'] email = form['email'] phone = form['phone'] password = form['password'] major = form['major'] degree = form['degree'] if name.strip() == "": return msg.error_msg("Username cannot be empty.") if password.strip() == "": return msg.error_msg("Password cannot be empty.") if len(password) < 6: return msg.error_msg("Password cannot less than 6 character.") if len(name) > 255: return msg.error_msg("Username cannot exceed 255 characters.") if len(password) > 255: return msg.error_msg("Password cannot exceed 255 characters.") findUser = users.get_user(email=email, enable=True) if findUser is None: return msg.error_msg("Failed to find user.") print('findUser', findUser) print(len(findUser)) if len(findUser) != 0: return msg.error_msg("User already exists. (Email already in use)") args = { "Name": name, "Email": email, "Phone": phone, "Password": encrypt(password), "Major": major, "Degree": degree, "Enable": True } res = users.add_user(args) if res is None: return msg.error_msg("Failed to add user.") return msg.success_msg({"msg": "User added successfully."})
def authorize_user(self, request): x_auth_key = request.headers['X-AUTH-KEY'] serializer = URLSafeSerializer(secret_key=settings.TOKEN_SECRET_KEY) try: user = User() user.id = serializer.loads(x_auth_key) self.is_authorized_user = user.get_user() self.user_id = user.id return self.is_authorized_user except BadSignature: return False except BadPayload: return False except: print sys.exc_info()[0] return False
def get_user_info(form): if not assert_keys_in_form_exist(form, ['sessionID']): return msg.error_msg("Invalid request.") session_id = form['sessionID'] session = Session.get_session(session_id) if len(session) == 0: return msg.error_msg("Unable to find the session.") (sessionid, uid, start_time, end_time) = session[0].values() user = User.get_user(uid=uid) if len(user) == 0: return msg.error_msg("Unable to find the user") (uid, name, email, phone, password, enable) = user[0].values() return msg.success_msg({"uid": uid, "name": name, "email": email, "phone": phone})
def login(request): name = request.params['name'] password = request.params['password'] user_db = User() user = user_db.get_user(name) if user is None: return {'status': 'nok', 'data': '该用户不存在!'} m = hashlib.md5() m.update(password) passwordStr = m.hexdigest() print passwordStr if passwordStr == user['password']: print 'before session' request.session['name'] = name roles = user['roles'] print 'ok' return {'status': 'ok', 'roles': roles} else: return {'status': 'nok', 'data': '密码错误!'}
def delete_user(form): users = UserModel() sessions = SessionModel() if not assert_keys_in_form_exist(form, ['sessionID', 'password']): return msg.error_msg("Please check the inputs.") password = form['password'] session_id = form['sessionID'] # Get User according to sessionID session = sessions.get_session(session_id) if len(session) == 0: return msg.error_msg("Unable to find the session.") (sessionid, uid, start_time, end_time) = session[0].values() if end_time is not None: return msg.error_msg("Expired SessionID") # Verify password if password.strip() == "": return msg.error_msg("Password cannot be empty.") findUser = users.get_user(uid=uid, password=encrypt(password), enable=True) if findUser is None: return msg.error_msg("Failed to find user.") if len(findUser) == 0: return msg.error_msg("Wrong password.") # Delete User ret = users.delete_user(uid) if ret is None: return msg.error_msg("Failed to delete user.") # Revoke all sessions sessions.end_session(uid=uid) return msg.success_msg({"uid": uid, "sessionID": session_id})
def add_user(form): if not assert_keys_in_form_exist(form, ['name', 'email', 'phone', 'password']): return msg.error_msg("Invalid request.") name = form['name'] email = form['email'] phone = form['phone'] password = form['password'] if password.strip() == "": return msg.error_msg("Password cannot be empty.") if len(name) > 255: return msg.error_msg("Username cannot exceed 255 characters.") if len(password) > 255: return msg.error_msg("Password cannot exceed 255 characters.") findUser = User.get_user(email=email, enable=True) if findUser is None: return msg.error_msg("Failed to find user.") if len(findUser) != 0: return msg.error_msg("User already exists.") args = { "Name": name, "Email": email, "Phone": phone, "Password": encrypt(password), "Enable": True } res = User.add_user(args) if res is None: return msg.error_msg("Failed to add user.") return msg.success_msg({"msg": "User added successfully."})
def add_session(form): if not assert_keys_in_form_exist(form, ['email', 'password']): return msg.error_msg("Invalid request.") (email, password) = (form['email'], form['password']) users_founded = User.get_user(email=email, password=encrypt(password), enable=True) if users_founded is None: return msg.error_msg("Failed to validate user information.") if len(users_founded) == 0: return msg.error_msg("Invalid email address or password.") uid = users_founded[0]['user_id'] new_session_id = Session.create_session_id() start_time = datetime.utcnow() res = Session.start_session(new_session_id, uid, start_time) if res is None: return msg.error_msg("Failed to start a new session.") return msg.success_msg({"sessionID": new_session_id, "uid": uid, "startTime": str(start_time)})
def get_group_user(user_id): user = User() user.id = user_id user.get_user() return user
def get_user_by_email(email): user = User() user.email = email user.get_user() return user
def get_user_by_id(user_id): user = User() user.id = user_id user.get_user() return user