def list_users(app: App) -> list:
return [
{
'username': username,
'url': app.reverse_url('get_user', user_id=user_id)
} for user_id, username in USERS.items()
]
def get_user(app: App, user_id: int) -> dict:
if user_id not in USERS:
raise exceptions.NotFound()
return {
'username': USERS[user_id],
'url': app.reverse_url('get_user', user_id=user_id)
}
async def check(self, app: App, article: Article, username: FormParam,
password: FormParam, ref: FormParam, session: Session):
"""
检查用户名和密码是否正确
:param app:
:param article:
:ex article:
```json
{"title": "xxx"}
```
:type article: form
:param username: 用户名
:ex username: `test`
:param password: 密码
:ex password: `12345`
:param ref: 从哪里跳过来的
:param session:
:return: 返回网页
"""
# article由于没有经过format会带有多余的信息
if username == settings["USERNAME"] and password == settings[
"PASSWORD"]:
session["login"] = f'{username}:{password}'
if ref == "edit" and hasattr(article, "id"):
article = await Article.load(id=article.id)
if ref:
return app.render_template(f"{ref}.html",
success="",
**article.to_dict())
else:
return redirect(app.reverse_url("view:welcome:index"))
else:
return app.render_template("login.html", **article.to_dict())
async def delete(app: App, article: Article, service: ArticleService,
session: Session):
if not session.get("login"):
return app.render_template("login.html",
ref="delete",
id=article.id)
await service.delete(article)
return redirect(app.reverse_url("view:welcome:index"))
def metadata(self, app: App) -> Metadata:
"""
Admin metadata.
"""
return Metadata({
"resources": {
resource.name: {
"name": resource.name,
"verbose_name": resource.verbose_name,
"columns": resource.columns,
"order": resource.order,
}
for resource in self.resources.values()
},
"admin": app.reverse_url("admin:main"),
"schema": app.reverse_url("serve_schema"),
})
async def create_article(app: App, data: http.RequestData,
password: http.Header) -> http.JSONResponse:
# if not is_auth(password):
# raise exceptions.BadRequest()
if not data['title']:
raise exceptions.BadRequest()
article_id = repo.add_article({'title': data['title']})
url = app.reverse_url('get_article', article_id=article_id)
headers = {'Location': url}
return http.JSONResponse({}, status_code=201, headers=headers)
async def update(self, app: App, article: Article, session: Session):
"""
编辑之后更新文章内容
:param app:
:param article: 文章对象
:type article: form
:param session:
:return: 如果登录了,跳转到首页,否则,跳转到登录页
"""
if not session.get("login"):
return app.render_template("login.html", ref="edit", **article)
await self.service.update(article)
return redirect(app.reverse_url("view:welcome:index"))
async def delete(self, app: App, id: http.QueryParam, session: Session):
"""
删除文章接口
:param app:
:param id: 要删除的文章id
:ex id: `19911111111111`
:param session:
:return: 如果登录了,跳转到首页,否则跳转到登录页。
"""
article = Article(id=id)
if not session.get("login"):
return app.render_template("login.html",
ref="delete",
id=article.id)
await self.service.delete(article)
return redirect(app.reverse_url("view:welcome:index"))
def login(self,
app: App,
session: Session,
host: http.Host,
port: http.Port,
scheme: http.Scheme,
ticket: str = None):
"""
This route has two purposes. First, it is used by the user
to login. Second, it is used by the CAS to respond with the
`ticket` after the user logs in successfully.
When the user accesses this url, they are redirected to the CAS
to login. If the login was successful, the CAS will respond to this
route with the ticket in the url. The ticket is then validated.
If validation was successful the logged in username is saved in
the user's session under the key `CAS_USERNAME_SESSION_KEY` and
the user's attributes are saved under the key
'CAS_USERNAME_ATTRIBUTE_KEY'
"""
login_url = f"{scheme}://{host}:{port}{app.reverse_url('view:cas:login')}"
cas_token_session_key = settings['CAS_TOKEN_SESSION_KEY']
redirect_url = create_cas_login_url(settings['CAS_SERVER'],
settings['CAS_LOGIN_ROUTE'],
login_url)
if ticket:
session[cas_token_session_key] = ticket
if validate(ticket, login_url, session):
if 'CAS_AFTER_LOGIN_SESSION_URL' in session:
redirect_url = session.pop('CAS_AFTER_LOGIN_SESSION_URL')
else:
redirect_url = app.reverse_url(settings['CAS_AFTER_LOGIN'])
else:
del session[cas_token_session_key]
logger.debug('Redirecting to: {0}'.format(redirect_url))
return redirect(redirect_url)
