def verify_account(): """验证账户密码""" ip = request.remote_addr account = request.form.get('account') password = request.form.get('password') admin = Admin.query.filter( Admin.account == account, Admin.password == common.my_md5(password)).first() # 验证数据 if admin: # 证明验证成功 session['admin'] = admin.to_dict_() # 写入session状态 resp = make_response(redirect('/')) # 构建响应 if request.form.get('remember') == 'True': # 用户需要记住密码 deadline = Token.set_deadline({'days': 7}) # 过期时间为7天 token = Token(admin.account, deadline=deadline) # 将账户与cookie期限加密 resp.set_cookie('token', token.encryption_to_string(), expires=deadline) # cookie加入响应 # send('message', message=f"登入者帐号{account}已成功登入ip:{ip}", to=config.recipient) # 发送邮件通知 Log(f"登入者帐号{account}已成功登入" f"ip:{ip}").direct_commit_() # 记录日志 return resp else: flash('账号密码错误') # send("message", message=f"登入者帐号密码输入错误.ip:{ip}", to=config.recipient) Log(f"登入者帐号密码输入错误.ip:{ip}\n尝试帐号:{account}\n尝试密码:{password}" ).direct_commit_() return render_template('login.html')