def loginWithoutPwd(self):
obj = json.loads(self.request.body)
if not checkKeys(obj, ['username']):
self.write(ERR_PARA.message)
return
user = MeUser(self.appName, obj)
userHelper = ClassHelper('develop', 'User')
userInfo = userHelper.get(self.appInfo['user'])
# library授权
if userInfo['type'] == 2:
if user['bundleId']:
log.info("Library User[%s] Auth. bundleId[%s]", user['username'], user['bundleId']);
elif user['package']:
log.info("Library User[%s] Auth. package[%s]", user['username'], user['package']);
log.info('auth app[%s]', self.appInfo['appName']);
# 普通授权失败
elif user['bundleId'] != None:
if (not self.appInfo.has_key('bundleId')) or self.appInfo['bundleId'] != user['bundleId']:
log.err('[%s] bundleId[%s] not match. LoginWithoutPwd Error.', self.appInfo['appName'],
user['bundleId'])
self.write(ERR_UNAUTHORIZED.message)
return
log.info('auth app[%s]', self.appInfo['appName']);
elif user['package']:
if (not self.appInfo.has_key('package')) or self.appInfo['package'] != user['package']:
log.err('[%s] package[%s] not match. LoginWithoutPwd Error.', self.appInfo['appName'], user['package'])
self.write(ERR_UNAUTHORIZED.message)
return
log.info('auth app[%s]', self.appInfo['appName']);
else:
log.err("loginWithoutPwd Error: Invalid. %s", self.request.body)
self.write(ERR_UNAUTHORIZED.message)
return
# 检查数量限制
# userHelper = ClassHelper(self.appDb, "User")
# userUpper = self.appInfo['userUpper']
# # userUpper=0表示无数量限制
# if userUpper>0:
# if userHelper.count() > userUpper:
# log.err('[%s] over user count limit', self.appInfo['appName']);
# self.write(ERR_USER_PERMISSION.message)
try:
user.loginWithoutPwd()
log.info('LoginWithoutPwd: %s', user['username'])
self.set_secure_cookie("u", user['username'])
user['authen'] = userInfo['authen'];
self.write(json.dumps(user, cls=MeEncoder))
# 登录日志
loginLog = MeObject(self.appName, 'LoginLog')
loginLog['username'] = user['username']
if hasattr(self, 'client_ip'):
loginLog['ip'] = self.client_ip;
loginLog.save()
except Exception, e:
log.err("LoginWithoutPwd Error: %s Error:%s", self.request.body, str(e))
self.write(str(e))
def getFile(self, fileId):
fileHelper = ClassHelper('File')
obj = fileHelper.get(fileId)
# fileUrl = "http://"+obj['bucket']+".oss-cn-beijing.aliyuncs.com/"+obj['name']
fileUrl = "http://" + self.request.host + "/1.0/file/download/" + obj[
'_id']
return fileUrl
def get(self, oid, child=False):
from helper.ClassHelper import ClassHelper
classHelper = ClassHelper(self.className)
obj = classHelper.get(oid)
# if obj == None:
# return False
# self.copySelf(obj, child)
# self.dirty.clear()
return obj
def orderCallback(oId, userId, status, order):
'''
根据支付结果更新订单的状态
:param oId:RechargeFlow Id
:param userId:用户Id
:param status: 支付是否成功,1为成功,3为等待验证
:param order:第三方平台返回订单信息,包括错误码
:return:
'''
log.debug('oId:%s, userId:%s, status:%d, order:%s', oId, userId, status,
order)
###更新充值流水记录
orderHelper = ClassHelper("RechargeFlow")
rechargeFlow = orderHelper.get(oId)
walletHelper = ClassHelper("Wallet")
walletInfo = walletHelper.find_one({"user": userId})
if status == 1: # 充值成功,更新钱包
rechargeFlow_action = {
'destClass': 'RechargeFlow',
'query': {
"_id": oId
},
'action': {
"@set": {
"status": status,
"order": order
}
}
}
if not walletInfo: # 未找到钱包直接创建
wallet = {"user": userId, 'balance': rechargeFlow['amount']}
walletInfo = walletHelper.create(wallet,
transaction=[rechargeFlow_action])
else:
wallet = {"$inc": {'balance': rechargeFlow['amount']}}
walletInfo = walletHelper.update(walletInfo['_id'],
wallet,
transaction=[rechargeFlow_action])
return walletInfo
else:
rechargeFlow = orderHelper.update(
oId, {"$set": {
"status": status,
"order": order
}})
return rechargeFlow
# 苹果支付下单
def createAppleAppOrder(self):
'''
添加充值记录
:return:
'''
try:
obj = json.loads(self.request.body)
except Exception, e:
log.err("JSON Error:[%d/%s] , error:%s", len(self.request.body), self.request.body, str(e))
self.write(ERR_INVALID.message)
return
classHelper = ClassHelper("CoinSetting")
coinSetting = classHelper.get(obj['id'])
try:
if coinSetting and coinSetting['status'] == 1:
item = {}
item['user'] = self.user['_id']
item['recharge'] = coinSetting['price']
item['amount'] = coinSetting['amount'] + coinSetting['free']
item['os'] = coinSetting['os']
item['platform'] = coinSetting['platform']
try:
item['channel'] = self.request.headers.get("X-MeCloud-Channel", None)
item['version'] = self.request.headers.get("X-MeCloud-Client", None)
except:
pass
item['orderNo'] = self.createOrderNo()
item['status'] = 0
try:
objs['subTitle'] = objs['subTitle'].format(**item)
except:
objs.pop("subTitle", None)
if objs.get('file', None) == "{avatar}":
objs['imageUrl'] = self.getFile(item['avatar'])
else:
objs.pop("title", None)
objs.pop("subTitle", None)
objs = self.filterField(objs)
self.write(json.dumps(objs, cls=MeEncoder))
else:
self.write(ERR_PATH_PERMISSION.message)
elif action == "appleRec":
classHelper = ClassHelper("RechargeFlow")
obj = classHelper.get("59fc415bd234013c71ad25b6")
data = {"receipt-data": obj['order']['certificate']}
result = self.appleVerify(buyUrl, sandboxUrl, data, 1)
self.write(result)
elif action == "info":
# userId = "5a0188ccca714319e603c9e8"
result = self.userCountTwo(objectId, int(isUser))
self.write(json.dumps(result))
elif action == "qrcode":
if not self.request.arguments.has_key(
'shareTargetId') or not self.request.arguments.has_key(
'shareType'):
self.write(ERR_PATH_PERMISSION.message)
return
shareType = int(self.get_argument("shareType"))
break
except Exception, e:
log.err("Error:%s , error:%s", self.request.body, str(e))
if objectIdError:
self.write(ERR_OBJECTID_MIS.message)
return
mainObj = obj[len(obj) - 1]
mainObj = self.sentiveCheck(className, mainObj)
classHelper = ClassHelper(className)
# 只返回了更新时间
data = classHelper.update(objectId, mainObj)
# 默认返回整个对象
self.write(json.dumps(data, cls=MeEncoder))
else:
classHelper = ClassHelper(className)
item = classHelper.get(objectId) #权限判断
if not item:
log.err("%s not exists", objectId)
self.write(ERR_NOTFOUND.message)
return
if "acl" in item:
acl = MeACL(item['acl'])
if not acl.writeAccess(self.user):
self.write(ERR_CLASS_PERMISSION.message)
return
else:
self.write(ERR_CLASS_PERMISSION.message)
return
obj = self.sentiveCheck(className, obj)
# 只返回了更新时间
data = classHelper.update(objectId, obj)
