def get_current_user(self):
"""用户验证
如果存在 cookie 则根据用户 cookie 获取用户信息并返回,
否则返回 None
"""
uid = self.get_secure_cookie("uid")
if not uid:
return None
else:
user = ""
try:
user = User.get(User.id == uid)
except DoesNotExist:
self.clear_cookie("uid")
return user
def post(self, *args, **kwargs):
username = self.get_argument('username', '')
password = self.get_argument('password', '')
#用户和名密码不可为空
if (not username) or (not password):
self.write("<script>alert('用户名或者密码不能为空');history.back();</script>")
else:
try:
t_user = User.get(username=username)
if get_password(password) == t_user.password:
self.set_secure_cookie('uid', str(t_user.id))
self.redirect(self.get_argument('next', '/'))
else:
self.write(
"<script>alert('用户名或密码错误');history.back();</script>")
except DoesNotExist:
self.write(
"<script>alert('您输入的用户名不存在');history.back();</script>")
def index():
if request.method == 'POST':
# 取表单数据查询用户登陆权限
user_name = request.form.get('username')
password = request.form.get('password')
user = User.get(user_name) # 从用户数据中查找用户记录
if user is None:
flash("用户名不存在")
else:
if user.verify_password(password): # 校验密码
login_user(
user, remember=True,
duration=timedelta(minutes=5)) # 创建用户 Session,超时为5分钟
return render_template('dashboard.html', user_name=user_name)
else:
flash("用户名或密码有误")
return render_template('login.html')
else:
return render_template('login.html')