Esempio n. 1
0
def adduser():
    username = request.json.get('username')
    password = request.json.get('password')
    usertype = request.json.get('usertype')
    Authorization = request.headers.get("Authorization")
    tokeninfo = Auth.put_user_role(Authorization)
    role = tokeninfo[0]
    user_id = tokeninfo[1]
    if request.method == 'POST':
        print(username, password, usertype)
        if not all([username, password, usertype]):
            return jsonify({"message": "参数不完整"}), 403
        elif int(usertype) == 1:
            return jsonify({"message": "无权限创建"}), 403
        elif role == int(usertype):
            return jsonify({"message": "无权限创建"}), 403
        elif role == 3:
            return jsonify({"message": "无权限访问"}), 403
        user = User.query.filter_by(username=username).first()
        if user:
            return jsonify({"message": "用户已经存在"}), 403
        else:
            User(username=username, password=password).save()
            check = User.query.filter(User.username == username).first()
            check.addrole(usertype)
            return jsonify({"message": "创建成功"})
Esempio n. 2
0
def upavatar():
    Authorization = request.headers.get("Authorization")
    tokeninfo = Auth.put_user_role(Authorization)
    user_id = tokeninfo[1]
    user = User.query.filter(User.id == user_id).first()
    src = get_pic()
    user.uppic(src)
    return jsonify({"message": src})
Esempio n. 3
0
def about():
    if request.method == 'GET':
        Authorization = request.headers.get("Authorization")
        tokeninfo = Auth.put_user_role(Authorization)
        s_role = tokeninfo[0]
        user_id = tokeninfo[1]
        result = UserAuthentication.Get_about(user_id, s_role)
        return jsonify({"data": result})
Esempio n. 4
0
def userlist():
    if request.method == 'GET':
        Authorization = request.headers.get("Authorization")
        tokeninfo = Auth.put_user_role(Authorization)
        role = tokeninfo[0]
        user_id = tokeninfo[1]
        if role == 1 or role == 2:
            result = UserAuthentication.Get_User_List(3)
            return jsonify({"data": result})
        else:
            return jsonify({"message": "无权限"}), 403
Esempio n. 5
0
def deluser():
    if request.method == 'POST':
        username = request.json.get('username')
        Authorization = request.headers.get("Authorization")
        tokeninfo = Auth.put_user_role(Authorization)
        user_id = tokeninfo[1]
        result = UserAuthentication.Delete_user(user_id, username)
        if result == True:
            return jsonify({"message": "用户已删除"})
        else:
            return jsonify({"message": "无权限删除"}), 403
Esempio n. 6
0
def description():
    if request.method == 'POST':
        username = request.json.get("username")
        des = request.json.get("description")
        Authorization = request.headers.get("Authorization")
        tokeninfo = Auth.put_user_role(Authorization)
        user_id = tokeninfo[1]
        user = User.query.filter(User.id == user_id).first()
        if username == user.username:
            user.updesc(des)
            return jsonify({"message": "修改成功"})
        else:
            return jsonify({"message": "修改失败"}), 403
Esempio n. 7
0
def lockuser():
    username = request.json.get('username')
    userlock = request.json.get('userlock')
    print(username, userlock)
    if request.method == 'POST':
        Authorization = request.headers.get("Authorization")
        tokeninfo = Auth.put_user_role(Authorization)
        user_id = tokeninfo[1]
        if not all([username, str(userlock)]):
            abort(401)
        result = UserAuthentication.Locked_user(user_id, username, userlock)
        if result == True:
            return jsonify({"message": "执行完成"})
        else:
            return jsonify({"message": "无权限执行"}), 404
Esempio n. 8
0
 def check_login(*args, **kwargs):
     auth_header = request.headers.get('Authorization')
     print(auth_header)
     if auth_header:
         payload = Auth.decode_auth_token(auth_header)
         if not isinstance(payload, str):
             user = User.get(id=payload['headers']['user_id'])
             if (user is None):
                 return jsonify({"error": "找不到该用户信息"}), 401
             else:
                 return func(*args, **kwargs)
         else:
             return jsonify({'error': "认证失败"}), 401
     else:
         return jsonify({'error': '401'}), 401
Esempio n. 9
0
def updatepwd():
    username = request.json.get("username")
    oldpwd = request.json.get("oldpwd")
    newpwd = request.json.get('newpwd')
    Authorization = request.headers.get("Authorization")
    tokeninfo = Auth.put_user_role(Authorization)
    user_id = tokeninfo[1]
    if request.method == 'POST':
        print(username, oldpwd, newpwd)
        if not all([username, oldpwd, newpwd]):
            return jsonify({"message": "参数不完整"}), 401
        result = UserAuthentication.Upwd_user(user_id, username, oldpwd,
                                              newpwd)
        if result == True:
            return jsonify({"message": "修改成功"})
        else:
            return jsonify({"message": "修改失败"}), 403
Esempio n. 10
0
def getusers():
    if request.method == 'POST':
        username = request.json.get("username")
        password = request.json.get("password")
        print(username, password)
        if not all([username, password]):
            abort(401)
        user = User.query.filter_by(username=username).first()
        if user:
            if user.check_password(password) & bool(1 - (user.locked)):
                token = Auth.encode_auth_token(user_id=user.id)
                return jsonify({"Authorization": token.decode()})
            elif bool(user.locked):
                return jsonify({'message': "账号已锁定"}), 401
            else:
                return jsonify({'message': "账号密码不存在"}), 401
        else:
            abort(401)
Esempio n. 11
0
def admin_upwd():
    if request.method == 'POST':
        username = request.json.get("username")
        newpwd = request.json.get('newpwd')
        oldpwd = ""
        Authorization = request.headers.get("Authorization")
        tokeninfo = Auth.put_user_role(Authorization)
        role = tokeninfo[0]
        user_id = tokeninfo[1]
        if role == 1 or role == 2:
            result = UserAuthentication.Upwd_user(user_id, username, oldpwd,
                                                  newpwd)
        else:
            abort(401)
        if result == True:
            return jsonify({"message": "修改成功"})
        else:
            return jsonify({"message": "修改失败"}), 403