def post(self):
data = parser.parse_args()
username = data['username']
# Searching user by username
current_user = UserModel.find_by_username(username)
# user does not exists
if not current_user:
return {'message': f'User {username} doesn\'t exist'}
# user exists, comparing password and hash
if UserModel.verify_hash(data['password'], current_user.password):
# generating access token and refresh token
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
return {
'message': f'Logged in as {username}',
'access_token': access_token,
'refresh_token': refresh_token
}
else:
return {'message': "Wrong credentials"}
def login():
model = UserModel()
form = forms.LoginForm(request.form)
if request.method == "GET":
return render_template('webui/login.html', form=form)
if request.method == "POST":
if not form.validate():
return render_template('webui/login.html',
login_description="フォームを正しく入力してください。",
form=form)
user, code = model.user_login(form.username.data, form.password.data)
if code == ResultCode.Success and user:
login_user(user)
return redirect(
request.args.get('next') or url_for("webui.device_list"))
else:
return render_template('webui/login.html',
login_description="ユーザIDまたはパスワードが違います。",
form=form)
return render_template('webui/login.html', form=form)
def user_register():
form = forms.UserRegisterForm(request.form)
if request.method == "GET":
return render_template('webui/user_register.html', form=form)
if request.method == "POST":
if not form.validate():
return render_template('webui/user_register.html',
register_description="フォームを正しく入力してください。",
form=form)
username = form.username.data
password = form.password.data
model = UserModel()
if model.user_isExist(username)[0]:
return render_template('webui/user_register.html',
register_description="既に同じ名前のユーザが存在します。",
form=form)
msg, code = model.user_register(username, password)
if code == ResultCode.Success:
return render_template('webui/success_user_register.html')
else:
return render_template('webui/user_register.html',
register_description="ユーザ登録に失敗しました: %s" %
msg,
form=form)
def api_userid_isExist(username):
model = UserModel()
msg, code = model.user_isExist(username)
if code == ResultCode.Success:
return jsonify(_makeResponseMessage(msg))
else:
return jsonify(_makeErrorMessage(code))
def load_user(user_hash):
model = UserModel()
username = model.getUsername(user_hash)
if username is None:
return FlaskUser(user_hash, "名無し")
else:
return FlaskUser(user_hash, username)
def api_user_list():
model = UserModel()
page = request.args.get('page', None)
msg, code = model.user_list(page)
if code == ResultCode.Success:
return jsonify(_makeResponseMessage(msg))
else:
return jsonify(_makeErrorMessage(code))
def api_admin_user_delete(username):
if Util.DebugMode is False:
return jsonify(_makeErrorMessage(0))
model = UserModel()
if not model.user_isExist(username)[0]:
return jsonify(_makeErrorMessage(ResultCode.ValueError))
msg, code = model.user_delete(username)
if code == ResultCode.Success:
return jsonify(_makeResponseMessage(msg))
else:
return jsonify(_makeErrorMessage(code))
def mutate(self, info, username, name, last_name):
user = UserModel(username=username, name=name, last_name=last_name)
db.session.add(user)
db.session.commit()
return UserMutation(user=user)
def login():
login_form = LoginForm()
context = {'login_form': login_form}
if login_form.validate_on_submit():
username = login_form.username.data
password = login_form.password.data
user_doc = get_user(username)
if len(user_doc) > 0:
password_from_db = user_doc[0][1]
if check_password_hash(password_from_db, password):
user_data = UserData(username, password)
user = UserModel(user_data)
login_user(user)
flash('Bienvenido de nuevo')
redirect(url_for('hello'))
else:
flash('La informacion no coincide')
else:
flash('Usuario no encontrado')
return redirect(url_for('index'))
return render_template('login.html', **context)
def signup():
signup_form = LoginForm()
context = {'signup_form': signup_form}
if signup_form.validate_on_submit():
username = signup_form.username.data
password = signup_form.password.data
user_doc = get_user(username)
if len(user_doc) == 0:
password_hash = generate_password_hash(password)
user_data = UserData(username, password_hash)
user_put(user_data)
user = UserModel(user_data)
login_user(user)
flash('Bienvenido')
return redirect(url_for('hello'))
else:
flash('El usuario ya existe')
return render_template('signup.html', **context)
def init(u, p):
# 初始化数据库
db.init_app(app)
db.create_all(app=app)
# 新建用户
new_user = UserModel(name=u, password_hash=UserModel.set_password(p))
db.session.add(new_user)
db.session.commit()
click.echo('Success.')
def api_login():
username = request.args.get('username', None)
password = request.args.get('password', None)
if username is None or password is None:
return jsonify(_makeErrorMessage(ResultCode.FormatError))
if len(username) > Util.MaxUsernameLength or len(
password) > Util.MaxUserPassLength:
return jsonify(_makeErrorMessage(ResultCode.FormatError))
model = UserModel()
user, code = model.user_login(username, password)
if code == ResultCode.Success and user:
login_user(user)
msg = "login successful"
return jsonify(_makeResponseMessage(msg))
else:
return jsonify(_makeErrorMessage(ResultCode.GenericError))
def post(self):
data = parser.parse_args()
username = data['username']
# Checking that user is already exist or not
if UserModel.find_by_username(username):
return {'message': f'User {username} already exists'}
# create new user
new_user = UserModel(username=username,
password=UserModel.generate_hash(
data['password']))
try:
# Saving user in DB and Generating Access and Refresh token
new_user.save_to_db()
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
return {
'message': f'User {username} was created',
'access_token': access_token,
'refresh_token': refresh_token
}
except:
return {'message': 'Something went wrong'}, 500
def api_user_register():
username = request.args.get('username', None)
password = request.args.get('password', None)
if username is None or password is None:
return jsonify(_makeErrorMessage(ResultCode.FormatError))
if len(username) > Util.MaxUsernameLength or len(
password) > Util.MaxUserPassLength:
return jsonify(_makeErrorMessage(ResultCode.FormatError))
model = UserModel()
# get first element, because user_isExist returns "True/False, code".
if model.user_isExist(username)[0]:
return jsonify(_makeErrorMessage(ResultCode.ValueError))
msg, code = model.user_register(username, password)
if msg is None:
return jsonify(_makeErrorMessage(code))
return jsonify(_makeResponseMessage(msg))
def update(self, username: str, user: UserModel) -> UserModel:
"""Atualiza um usuário pelo username.
Parameters
----------
username: username (identificador) do usuário.
user: Informações do usuário.
"""
user_db = self.find_one(username)
user.id_ = user_db.id_
with self.session.transaction:
self.session.merge(user)
self.session.flush()
return user
def register():
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
print("用户", username)
log().logger.info(f"当前注册用户:{username}")
if username == '' or password == '':
return jsonify({'msg': '用户名或密码不能为空'})
else:
res = UserModel.query.filter(
UserModel.username == username).first()
print("####", res)
if res:
return jsonify({"msg": "用户已存在"})
else:
usermodel = UserModel(username=username, password=password)
db.session.add(usermodel)
db.session.commit()
session['user'] = username
return jsonify({"code": 1})
return render_template("register.html")
def register(self, data):
username = data['username']
password = data['password']
is_admin = data['is_admin']
if UserModel.query.filter_by(username=username).first():
return {'message': 'User {} already exists'.format(username)}
new_user = UserModel(username=data['username'],
password=sha256.hash(password),
is_admin=data['is_admin'])
try:
db.session.add(new_user)
db.session.commit()
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
return {
'message': 'User {} was created'.format(username),
'access_token': access_token,
'refresh_token': refresh_token
}
except:
return {'message': 'Something went wrong'}, 500
def delete(self):
"""
delete all user api
"""
return UserModel.delete_all()
def get(self):
"""
return all user api
"""
return UserModel.return_all()
