def authorization(summary, headers):
"""头部信息加密验证"""
plat = headers.get("plat", None)
sys = headers.get("sys", None)
md5 = headers.get("md5", None)
if summary and plat and sys and md5:
m_md5 = mk_md5(summary, plat, sys)
return md5 == m_md5
return None
def post(self, *args, **kwargs):
user = self.get_argument("username")
passwd = self.get_argument("passwd")
row = self.db.get("SELECT role, password FROM user where username=%s", user)
md5 = mk_md5(passwd)
if row and row.password == unicode(md5):
self.set_secure_cookie("user_speiyou", user, expires_days=1)
if row.role == "teacher":
self.render("admin/base_teacher.html", tid=user)
else:
self.render("admin/base.html")
else:
self.render("login.html", entry=Row({"msg": "Wrong login"}))
def test_refund():
header["md5"] = mk_md5(uid+claId, plat, sys)
test_api(base_data, "/api/class/refund", header)
def test_pre_payed():
header["md5"] = mk_md5(uid+claId, plat, sys)
test_api(base_data, "/api/class/available", header)
def test_payed():
header["md5"] = mk_md5(uid+claId, plat, sys)
base_data["stuName"] = '刘阳亮'
test_api(base_data, "/api/class/payed", header)
