def get_current_user(self):
        access_token = self.get_access_token()
        logging.debug("get access token: {0}".format(access_token))
        if access_token:
            if access_token.startswith("2.0@"):
                try:
                    user, data = User.verify_auth_token(access_token)
                    if user is None:
                        self.logger.debug("非法会话: %s" % data)
                        raise ApiException(1004, "非法会话,用户不存在", status_code=401)

                    if not user.is_active():
                        raise ApiException(1005, "账号被禁止登录", status_code=401)

                    return user

                except jwt.ExpiredSignatureError:
                    raise ApiException(1002, "会话已过期,请重新登录", status_code=401)

                except jwt.InvalidTokenError:
                    raise ApiException(1003, "非法会话,请重新登录", status_code=403)
            else:
                user_info = self.get_session(access_token)
                user_info['id'] = user_info['userId']

                return storage(user_info)

        return None
Exemple #2
0
    def get_current_user(self):
        access_token = self.get_access_token()
        if access_token:
            try:
                user, data = User.verify_auth_token(access_token)
                if user is None:
                    self.logger.debug("非法会话: %s" % data)
                    raise HTTPError(403, "用户不存在")

                if not user.is_active():
                    raise HTTPError(403, "用户不允许登录")

                return user

            except jwt.ExpiredSignatureError:
                raise HTTPError(403, "会话过期")

            except jwt.InvalidTokenError:
                raise HTTPError(403, "会话无效")

        return None