def post(self, *args):
args = register_parser.parse_args()
email = args['email']
password = args['password']
v_code = args['verification_code']
account = args['nickname'] # nickname 就是account(别名)
# TODO:检查account是否有重名
is_exists = DB.is_exist_user(email=email)
if is_exists:
return add_response(r_code=RET.USER_ALEADY_EXISTS)
account_exists = DB.is_exist_user(account=account)
if account_exists:
return add_response(r_code=RET.ACCOUNT_EXISTS)
# 检查验证码与缓存中的是否一样,然后插入数据库
is_correct = VerificationCode(email=email).validate_code(v_code)
if not is_correct:
return add_response(r_code=RET.VERIFY_CODE_ERROR), 401
user_id = DB.generate_user_id()
DB.create_new_user(account=account, password=password, user_id=user_id, email=email)
u = User(user_id=user_id, account=account, email=email)
FileHandler.create_directory_by_user(u) # 注册的时候给用户新建一个文件夹(空间)
token = create_token(u) # 注册完之后直接登录,生成token
TokenBase(id=str(user_id), token=token, expire_time=JWT_EXPIRETIME) # 把token存入redis
@after_this_request
def set_cookie(response):
cookie_token = u.token
response.set_cookie('token', cookie_token)
return response
return add_response({'token': u.token}, RET.OK)
def post(self, user_id, id_hash):
args = upload_parser.parse_args()
file = args['file']
filename = is_allowed_file(file.filename)
if filename is False:
return add_response(r_code=RET.FILE_ERROR), 400
# TODO:这里可以从前端传一个文件的hash过来,服务器应维持一个用户文件的hash表,这样可以进行比对;如果一样的hash就不上传,或者只存一个副本
# TODO:文件限额
file.save(os.path.join(UPLOAD_FILE_PATH + '/' + id_hash, filename))
encrypt_filename = EncryptUrlSafe.encrypt_url_safe(filename)
return add_response(r_code=RET.OK,
j_dict={
"url":
url_for('api1.files_download',
user_id_hash=id_hash,
filename=encrypt_filename)
})
def post(self, *args):
args = login_parser.parse_args()
account = args.get('account')
password = args['password']
is_correct, user_id = DB.check_password(account=account, password=password)
if is_correct:
user_obj = User(user_id=user_id, account=account)
token = create_token(user_data=user_obj)
TokenBase(id=str(user_id), token=token, expire_time=JWT_EXPIRETIME) # 把token存入redis
@after_this_request
def set_cookie(response):
cookie_token = token
response.set_cookie('token', cookie_token)
return response
logger.logger.info("Login by account successfully!")
return add_response()
return add_response(r_code=RET.PASSWORD_ERROR)
def post(self, *args):
args = login_by_email_parser.parse_args()
email = args['email']
password = args['password']
# TODO:检查邮箱格式
is_correct, user_id = DB.check_password(email=email, password=password)
account_name = DB.is_exist_user(email=email)[0].get('account') # TODO:因为改了接口,现在这里有bug
if is_correct:
user_obj = User(user_id=user_id, email=email, account=account_name) # 账户名一定存在
token = create_token(user_data=user_obj)
TokenBase(id=str(user_id), token=token, expire_time=JWT_EXPIRETIME) # 把token存入redis
@after_this_request
def set_cookie(response):
cookie_token = token
response.set_cookie('token', cookie_token)
return response
logger.logger.info("Login by email successfully!")
return add_response({'token': token}, r_code=RET.OK)
return add_response(r_code=RET.PASSWORD_ERROR), 401
def wrapper(*args, **kwargs):
auth_header = request.headers.get('Authorization')
if auth_header is None:
return add_response({}, RET.TOKEN_NULL), 401
auth_token = extra_token(auth_header)
if auth_token is None:
return add_response({}, RET.TOKEN_INVALID), 401
payload_dict = None
try:
payload_dict = decode_jwt(auth_token) # 解码后的token 是 dict
payload_keys = list(payload_dict.keys())
print(payload_dict)
fields = ['user_id', 'account', 'id_hash', 'exp',
'iat'] # payload 应该含有的字段
cmp = all(True if k in payload_keys else False
for k in fields) # 字段的对照
if not cmp:
return add_response({}, RET.TOKEN_INVALID), 401
valid = True
except GetTokenError as e:
logger.logger.error(msg="Get token error:{},trace back:{}".format(
e, traceback.format_exc()))
valid = False
ret = add_response({}, e.error_code)
except Exception as e:
logger.logger.error("Parser token error:{}".format(e))
valid = False
ret = add_response({}, RET.TOKEN_PARSER_ERROR)
if valid:
try:
# 验证token 在redis的储存情况
user_id = str(payload_dict.get('user_id'))
id_hash = payload_dict.get('id_hash')
valid = TokenBase(user_id).validate_token(auth_token)
if valid:
ret = func(*args, user_id, id_hash, **kwargs)
except RedisServiceError as e:
logger.logger.error(
msg="Get token from redis error:{},trace back:{}".format(
e, traceback.format_exc()))
ret = add_response({}, e.error_code)
except Exception as e:
logger.logger.error(
msg="Internal error:{},trace back:{}".format(
e, traceback.format_exc()))
ret = add_response({}, RET.UNKNOWN_ERROR)
return ret
def get(self, user_id, id_hash):
args = files_query_parser.parse_args()
path = args['path']
files_list = FileHandler.list_files(id_hash + path)
return add_response(r_code=RET.OK, j_dict={"files_list": files_list})
def handle_error(e):
logger.logger.error("Internal error:{},traceback:{}".format(
e, traceback.format_exc()))
return add_response(r_code=e.error_code), 500
def get(self):
args = verification_code_parser.parse_args()
email = args['email']
v_code = create_verification_code(email=email)
SendEmail.send(msg=v_code, subject="验证码", receivers=[email])
return add_response()
