def get_token():
form = ClientForm().validate_for_api()
promise = {
ClientTypeEnum.USER_EMAIL: manager.user_model.verify,
ClientTypeEnum.USER_MINA: manager.user_model.verify_mina
}
user = promise[ClientTypeEnum(form.type.data)](form.account.data,
form.secret.data)
access_token, refresh_token = get_tokens(user)
return json_res(access_token=access_token, refresh_token=refresh_token)
def login():
form = LoginForm().validate_for_api()
user = manager.user_model.verify(form.username.data, form.password.data)
# 此处不能用装饰器记录日志
Log.create_log(
message=f'{user.username}登陆成功获取了令牌',
user_id=user.id, user_name=user.username,
status_code=200, method='post', path='/cms/user/login',
authority='无', commit=True
)
access_token, refresh_token = get_tokens(user)
return json_res(access_token=access_token, refresh_token=refresh_token)
def login():
form = LoginForm().validate_for_api()
user = manager.user_model.verify(form.username.data, form.password.data)
# 用户未登录,此处不能用装饰器记录日志
Log.create_log(
message=f"{user.username}登陆成功获取了令牌",
user_id=user.id,
username=user.username,
status_code=200,
method="post",
path="/cms/user/login",
permission="",
commit=True,
)
access_token, refresh_token = get_tokens(user)
return {"access_token": access_token, "refresh_token": refresh_token}
def login_mini():
form = LoginMiniForm().validate_for_api()
appid = current_app.config.get('APP_ID')
secret = current_app.config.get('APP_SECRET')
code = form.code.data
url = 'https://api.weixin.qq.com/sns/jscode2session?appid=' + appid + '&secret=' + secret + '&js_code=' + code + \
'&grant_type=authorization_code'
res = requests.get(url)
if 'openid' not in res.json().keys():
return Failed('小程序用户异常')
openid = res.json()['openid']
user = manager.user_model.query.filter_by(openid=openid).first_or_404()
# 此处不能用装饰器记录日志
Log.create_log(
message=f'{user.username}小程序登陆成功获取了令牌',
user_id=user.id, user_name=user.username,
status_code=200, method='post', path='/cms/user/login/mini',
authority='无', commit=True
)
access_token, refresh_token = get_tokens(user)
return json_res(access_token=access_token, refresh_token=refresh_token)
def login():
form = LoginForm().validate_for_api()
# 校对验证码
if current_app.config.get("LOGIN_CAPTCHA"):
tag = request.headers.get("tag")
secret_key = current_app.config.get("SECRET_KEY")
serializer = JWSSerializer(secret_key)
if form.captcha.data != serializer.loads(tag):
raise Failed("验证码校验失败")
user = manager.user_model.verify(form.username.data, form.password.data)
# 用户未登录,此处不能用装饰器记录日志
Log.create_log(
message=f"{user.username}登录成功获取了令牌",
user_id=user.id,
username=user.username,
status_code=200,
method="post",
path="/cms/user/login",
permission="",
commit=True,
)
access_token, refresh_token = get_tokens(user)
return {"access_token": access_token, "refresh_token": refresh_token}
