def Login(self): uname = self.Post('uname') passwd = self.Post('passwd') # 验证用户名 if not Safety.IsRight('uname',uname) and not Safety.IsRight('tel',uname) and not Safety.IsRight('email',uname): return self.GetJSON({'code':4000, 'msg':'请输入用户名/手机/邮箱'}) # 密码长度 if not Safety.IsRight('passwd',passwd) : return self.GetJSON({'code':4000, 'msg':'请输入6~16位密码'}) # 查询 model = UserM() model.Table('user AS a') model.LeftJoin('user_info AS b', 'a.id=b.uid') model.LeftJoin('sys_perm AS c', 'a.id=c.uid') model.LeftJoin('sys_role AS d', 'c.role=d.id') model.Where( '(a.uname=%s OR a.tel=%s OR a.email=%s) AND a.password=%s', uname, uname, uname, Hash.Md5(passwd) ) model.Columns('a.id', 'a.state', 'b.position', 'b.nickname', 'b.name', 'b.gender', 'b.birthday', 'b.img', 'c.perm', 'd.perm as role_perm') data = model.FindFirst() # 是否存在 if not data : return self.GetJSON({'code':4000, 'msg':'帐号或密码错误!'}) # 是否禁用 if data['state']!='1' : return self.GetJSON({'code':4000, 'msg':'该用户已被禁用!'}) # 权限 perm = data['role_perm'] if data['perm'] : perm=data['perm'] if not perm : return self.GetJSON({'code':4000, 'msg':'该用户不允许登录!'}) redis = Redis() key = Env.admin_token_prefix+'_perm_'+str(data['id']) redis.Set(key, perm) redis.Expire(key, Env.admin_token_time) redis.Close() # 登录时间 model.Table('user') model.Set({'ltime': Util.Time()}) model.Where('id=%s', data['id']) model.Update() # 返回 return self.GetJSON({ 'code': 0, 'msg': '成功', 'token': AdminToken.Create({'uid':str(data['id']), 'uname':uname}), 'uinfo': { 'uid': data['id'], 'uname': uname, 'position': data['position'], 'nickname': data['nickname'], 'name': data['name'], 'gender': data['gender'], 'img': Env.base_url+data['img'] if data['img']!='' else '', } })
def Edit(self): # 验证 token = self.Post('token') msg = AdminToken.Verify(token, request.path) if msg != '' : return self.GetJSON({'code':4001, 'msg':msg}) tData = AdminToken.Token(token) # 参数 passwd = self.Post('passwd') passwdNew = self.Post('passwdNew') if passwd==passwdNew : return self.GetJSON({'code':4000, 'msg':'不能与原密码相同!'}) if not Safety.IsRight('passwd', passwd) or not Safety.IsRight('passwd', passwdNew) : return self.GetJSON({'code':4000, 'msg':'密码为6~16位!'}) # 数据 model = User() model.Columns('id') model.Where('id=%s AND password=%s', str(tData['uid']), Hash.Md5(passwd)) uData = model.FindFirst() if not uData : return self.GetJSON({'code':4000, 'msg':'当前密码错误!'}) model.Set({'password':Hash.Md5(passwdNew)}) model.Where('id=%s', str(tData['uid'])) if not model.Update() : return self.GetJSON({'code':5000, 'msg':'修改失败!'}) # 返回 return self.GetJSON({'code':0, 'msg':'成功'})