def ifull(self): return { "id": str(self.uuid), "username": self.username, "is_active": self.is_active, "updated": utc_rfc3339_string(self.updated), "created": utc_rfc3339_string(self.created), }
def ifull(self): return { "id": str(self.uuid), "name": self.name, "summary": self.summary, "description": self.description, "updated": utc_rfc3339_string(self.updated), "created": utc_rfc3339_string(self.created), }
def ibase(self): return { "id": self.id, "name": self.name, "summary": self.summary, "body": self.body, "body_markup": self.body_markup, 'created': utc_rfc3339_string(self.created), 'updated': utc_rfc3339_string(self.updated), }
def ibase(self): return { "id": self.id, "name": self.name, "home_url": self.home_url, "summary": self.summary, "body": self.body, "body_markup": self.body_markup, "last_sync": utc_rfc3339_string(self.last_sync), 'created': utc_rfc3339_string(self.created), 'updated': utc_rfc3339_string(self.updated), }
def isimple(self): return { "id": self.id, "name": self.name, "home_url": self.home_url, "summary": self.summary, "last_sync": utc_rfc3339_string(self.last_sync) }
def ilist_public(self): return { 'id': self.id, 'platform': self.platform.name, 'title': self.title, 'logo': self.logo if self.logo else settings.DEFAULT_JOB_LOGO, 'abstract': self.abstract, 'price': self.price, 'city': [x.name for x in self.city], 'status': self.status, 'ext_data': self.ext_data, 'view_count': self.view_count, 'vote_up': self.vote_up, 'vote_down': self.vote_down, 'release_date': utc_rfc3339_string(self.release_date), 'expire_date': utc_rfc3339_string(self.expire_date), 'updated': utc_rfc3339_string(self.updated), 'created': utc_rfc3339_string(self.created), }
def ilist_public(self): return { 'id': self.id, 'platform': self.platform.isimple, 'title': self.title, 'abstract': self.abstract, 'price': self.price, 'city': self.city, 'categories': [x.isimple for x in self.categories], 'roles': [x.isimple for x in self.roles], 'skills': [x.isimple for x in self.skills], 'status': self.status, 'view_count': self.view_count, 'vote_up': self.vote_up, 'vote_down': self.vote_down, 'release_date': utc_rfc3339_string(self.release_date), 'expire_date': utc_rfc3339_string(self.expire_date), 'created': utc_rfc3339_string(self.created), 'updated': utc_rfc3339_string(self.updated), }
def test_get_success(self): """正确 """ role_name = "my-role" role_summary = "my summary" role = Role(name=role_name, summary=role_summary) self.db.add(role) self.db.commit() resp = self.api_get(f"/role/{role.uuid}") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_role_id.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) data = body["data"] self.assertEqual(data["summary"], role_summary) self.assertEqual(data["created"], utc_rfc3339_string(role.created)) self.assertEqual(data["updated"], utc_rfc3339_string(role.updated))
def test_get_success(self): """获取详情正确 """ name = "my-permission" summary = "my summary" perm = Permission(name=name, summary=summary) self.db.add(perm) self.db.commit() resp = self.api_get(f"/permission/{perm.uuid}") body = get_body_json(resp) self.assertEqual(resp.code, 200) self.validate_default_success(body) spec = self.rs.get_permission_id.op_spec["responses"]["200"]["schema"] api.validate_object(spec, body) data = body["data"] self.assertEqual(data["summary"], summary) self.assertEqual(data["created"], utc_rfc3339_string(perm.created)) self.assertEqual(data["updated"], utc_rfc3339_string(perm.updated))
def post(self): """ 应用通过 refresh_token 获取新的 access_token """ body = self.get_body_json() app_id = body["app_id"] refresh_token = body["refresh_token"] app = self.get_app(app_id) session = self.db.query(AppSession).filter_by( refresh_token=refresh_token).first() if not session: self.fail("invalid-refresh-token") return if session.is_expired: self.fail("is-expired") return app = session.app user = app.user if not app.is_active: self.fail("app-inactive") return # TODO: 有可能用户已经被禁用(忘记删除 session) if not user.is_active: self.fail("user-inactive") return clean_session(self.db, user) # 验证成功 expires_in = datetime.datetime.utcnow() + datetime.timedelta( seconds=int(settings.APP_ACCESS_TOKEN_AGE)) # TODO: 如果用户的 refresh_token 还未过期(至少到下一次需要刷新时),无需新建 if session.expires_in < expires_in: session = AppSession(app) self.db.add(session) self.db.commit() self.success( data={ "uid": str(user.uuid), "access_token": gen_token(user, expires_in), "expires_in": utc_rfc3339_string(expires_in), "refresh_token": session.refresh_token, })
def post(self): """直接获取 Token 比如用户已经通过微信等第三方认证,需要系统分配一个 token, 此时用户没有密码,我们以 openid 等信息创建一个用户账户。 直接创建 token 返回即可。 注意:需要 admin 权限 """ body = self.get_body_json() username = body["username"] user = self.db.query(User).filter_by(username=username).first() # 错误用户名 if not user: self.fail("username-incorrect") return # 账号已被禁用 if not user.is_active: self.fail("user-inactive") return # 验证成功 expires_in = datetime.datetime.utcnow() + datetime.timedelta( seconds=int(settings.USER_ACCESS_TOKEN_AGE)) clean_session(self.db, user) session = UserSession(user) self.db.add(session) self.db.commit() self.success( data={ "uid": str(user.uuid), "access_token": gen_token(user, expires_in), "expires_in": utc_rfc3339_string(expires_in), "refresh_token": session.refresh_token, })
def post(self): """App “登录” """ body = self.get_body_json() app_id = body["app_id"] app = self.get_app(app_id) app_secret = body["app_secret"] # 错误的 api_secret if not app.validate_secret(app_secret): self.fail("incorrect-app-id-or-secret") return # App 已被禁用 if not app.is_active: self.fail("app-inactive") return user = app.user # 用户被禁用 if not user.is_active: self.fail("user-inactive") return # 验证成功 expires_in = datetime.datetime.utcnow() + datetime.timedelta( seconds=int(settings.APP_ACCESS_TOKEN_AGE)) clean_session(self.db, user) session = AppSession(app) self.db.add(session) self.db.commit() self.success( data={ "uid": str(user.uuid), "access_token": gen_token(user, expires_in), "expires_in": utc_rfc3339_string(expires_in), "refresh_token": session.refresh_token, })
def post(self): """用户登录""" body = self.get_body_json() username = body["username"] password = body["password"] user = self.db.query(User).filter_by(username=username).first() # 错误用户名 if not user: self.fail("username-or-password-incorrect") return # 错误密码 if not user.validate_password(password): self.fail("username-or-password-incorrect") return # 账号已被禁用 if not user.is_active: self.fail("user-inactive") return # 验证成功 expires_in = datetime.datetime.utcnow() + datetime.timedelta( seconds=int(settings.USER_ACCESS_TOKEN_AGE)) clean_session(self.db, user) session = UserSession(user) self.db.add(session) self.db.commit() self.success( data={ "uid": str(user.uuid), "access_token": gen_token(user, expires_in), "expires_in": utc_rfc3339_string(expires_in), "refresh_token": session.refresh_token, })