def create_user():
i = ctx.request.input(phone='',password='',code='')
phone = i.phone.strip()
password = i.password.strip()
code = i.code.strip()
verify = VerifyCode.find_first('where num=?', phone)
logging.info('the code %s and verify %s' %(code,verify))
if not verify or verify.code!=code:
raise APIError('register:failed','verify code','verify code is not correct.','-1')
if time.time() - verify.created_at > 90:
raise APIValueError('code',errcode='-3')
if not phone or not _RE_PHONE.match(phone):
raise APIValueError('phone',errcode='-1')
if not password:
raise APIValueError('password', errcode='-1')
verify.delete()
user = User.find_first('where phone=?',phone)
if user and user.valid==True:
raise APIError('register:failed','phone','phone is already in use.')
if user:
token = Token.find_first('where id=?', user.id)
if not token:
token_string = next_id()
token = Token(id = user.id, token1=token_string, token2 = token_string)
token.insert()
else:
token.token1 = next_id()
logging.info('the update token is %s' % token.token1)
token.update()
user.password = password
user.update()
user.token = token.token1
else:
user = User(phone=phone, valid=False, password=password)
user.insert()
token_string = next_id()
token = Token(id = user.id, token1=token_string, token2 = token_string)
token.insert()
user.token = token.token1
user.pop('id')
user.pop('password')
user.pop('created_at')
user.errcode='0'
return user
def user_interceptor(next):
logging.info('try to bind user from token')
i = ctx.request.input(token='',phone='')
token = i.token.strip()
phone = i.phone.strip()
logging.info('the token %s and phone %s'% (token,phone))
ctx.request.user = None
if not phone or not _RE_PHONE.match(phone):
return next()
user = User.find_first('where phone=?',phone)
if not user:
return next()
token_verify = Token.find_first('where id=?',user.id)
if token_verify.token1 != token:
return next()
logging.info('the token is %s' % token_verify)
ctx.request.user = user
return next()
