Exemple #1
0
def info():
    """获取用户信息
    ---
    tags:
    - 用户
    responses:
      200:
        description: 获取成功
        schema:
          type: object
          properties:
            code:
                type: int
            data:
                type: array
                $ref: '#/definitions/Module'
            message:
                type: string
        examples:
          code: 0
          data: [{}, {}]
          message: 'success'
    """
    token = request.args.get('token')
    data = verify_token(token)
    if not data:
        return fail(401)
    user = Admin.query.get_or_404(data['user_id'])
    if not user:
        return fail(401)
    res = {'data': {'name': user.name, 'avatar': user.avatar}}
    return success(res)
Exemple #2
0
def login():
    """帐密登录
    ---
    tags:
    - 登录
    parameters:
    - in: body
      name: body
      required: true
      schema:
        $ref: '#/parameters/user_login'
    responses:
      200:
        examples:
          code: 0
          data: {'token': 'abcdefgh'}
          message: 'success'
      401:
        examples:
          code: 1
          message: 'fail'
    # 登录验证成功后生成一个token存在redis中,设置了有效期,并返回
    # :return: Flask Response
    """
    try:
        data = json.loads(request.data)
    except:
        return fail(401)
    user = Admin.query.filter_by(username=data['username']).first()
    if user and user.verify_password(data['password']):
        token = generate_token(user.id).decode()
        res = {'data': {'token': token}}
        cache.setex(user.id, current_app.config['EXPIRE_TIME'], token)
        return success(res)
    return fail(401)
Exemple #3
0
def delete_user(id):
    """删除用户
    ---
    tags:
    - 用户
    security:
    - api_key: []
    responses:
      200:
        description: 获取成功
        schema:
          type: object
          properties:
            code:
                type: int
            data:
                type: array
                $ref: '#/definitions/Module'
            message:
                type: string
        examples:
          code: 0
          data: [{}, {}]
          message: 'success'
    """
    user = Admin.query.get_or_404(id)
    if user:
        user.delete()
        return success()
    return fail(400)
Exemple #4
0
def delete_operation_log():
    """删除操作日志,可批量删除
    ---
    tags:
    - 系统
    security:
    - api_key: []
    responses:
      200:
        description: 删除成功
        schema:
          type: object
          properties:
            code:
                type: int
            message:
                type: string
        examples:
          code: 0
          message: 'success'
    """
    data = json.loads(request.data)
    try:
        for item in data:
            log = OperationLog.query.get_or_404(item['id'])
            db.session.delete(log)
        db.session.commit()
        return success()
    except Exception:
        return fail(400)
Exemple #5
0
def expression_offical_add() -> ApiResult:
    """ 添加体验官
    ---
    tags:
    - 前台API
    parameters:
    - in: body
      name: body
      required: true
      schema:
        $ref: '#/parameters/add_expression_offical'
    responses:
      200:
        description: 添加成功
        examples:
          code: 0
          message: 'success'
    """

    data = request.form
    try:
        ExpressionOffical.create(**dict(data))
    except:
        return fail()
    return success()
Exemple #6
0
def github_login():
    """github oauth登录
        ---
        tags:
        - 登录
        parameters:
        - in: url
          name: code
          required: true
        responses:
          200:
            examples:
              code: 0
              data: {'token': 'abcdefgh'}
              message: 'success'
          401:
            examples:
              code: 1
              message: 'fail'
        # 使用code和secret前往github获取到一个token,使用token能获取到用户信息,这里直接使用
        # :return: Flask Response
        """
    code = request.args.get('code')
    if not code:
        return fail(401)
    params = {
        'code': code,
        'client_id': GITHUB_CLIENTID,
        'client_secret': GITHUB_CLIENTSECRET
    }
    res = requests.get(GITHUB_OAUTH_URL, params=params)
    # res.text: access_token=5fb2fde682eeae364bf72eed9e84cc1fa5ba9e1a&scope=user%3Aemail&token_type=bearer
    token = res.text.split('&')[0]
    res = requests.get(GITHUB_USER_URL + token)
    user = json.loads(res.content)
    user = Admin.query.filter_by(username=user['login']).first()
    if not user:
        return fail(401)
    token = generate_token(user.id).decode()
    res = {'data': {'token': token}}
    cache.setex(user.id, current_app.config['EXPIRE_TIME'], token)
    return success(res)
Exemple #7
0
def upload():
    """上传文件
    ---
    tags:
    - 资讯
    security:
    - api_key: []
    responses:
      200:
        description: 获取成功
        schema:
          type: object
          properties:
            code:
                type: int
            data:
                type: array
                $ref: '#/definitions/Module'
            message:
                type: string
        examples:
          code: 0
          data: [{}, {}]
          message: 'success'
    """
    file = request.files['file']
    if file:
        now = time.time()
        date = time.strftime('%Y%m%d', time.localtime(now))
        filename = str(int(now)) + file.filename
        if not allowed_file(filename):
            return fail(415)
        if not CH_REGEX.search(filename):
            filename = secure_filename(filename)
        UPLOAD_PATH = os.path.join(current_app.config['UPLOAD_FOLDER'], date)
        os.makedirs(UPLOAD_PATH, exist_ok=True)
        filepath = os.path.join(UPLOAD_PATH, filename)
        file.save(filepath)

        res = {'data': {'filename': filename, 'fileurl': filepath}}
        return success(res)
    return fail(400)
Exemple #8
0
def upload_avatar():
    """上传头像
    ---
    tags:
    - 用户
    security:
    - api_key: []
    responses:
      200:
        description: 获取成功
        schema:
          type: object
          properties:
            code:
                type: int
            data:
                type: array
                $ref: '#/definitions/Module'
            message:
                type: string
        examples:
          code: 0
          data: [{}, {}]
          message: 'success'
    """
    file = request.files['avatar']
    if file:
        now = time.time()
        filename = str(int(now)) + file.filename
        if not allowed_file(filename):
            return fail(415)
        if not CH_REGEX.search(filename):
            filename = secure_filename(filename)
        filepath = os.path.join(current_app.config['UPLOAD_FOLDER'], filename)
        file.save(filepath)

        res = {'data': {'filename': filename, 'fileurl': filepath}}
        return success(res)
    return fail(400)
Exemple #9
0
def verify_user(response):
    """
    对这个蓝图下的请求进行权限验证,同时增加操作日志
    :param response:  Flask Response Object
    :return: response
    """
    from .user import verify_token
    if request.path in ALLOWED_PATHS or request.method == 'OPTIONS':
        return response
    elif 'Authorization' in request.headers:
        data = verify_token(request.headers['Authorization'])
        if data:
            add_operation_log(data, request)
            return response
    return fail(200, 50014).to_response()
Exemple #10
0
def delete_article(id):
    """删除资讯
    ---
    tags:
    - 资讯
    security:
    - api_key: []
    responses:
      200:
        description: 删除成功
        examples:
          code: 0
          data: [{}, {}]
          message: 'success'
    """
    article = Article.query.get_or_404(id)
    if article:
        article.delete()
        return success()
    return fail(400)