Esempio n. 1
0
	def POST(self):
		try:
			session = myutil.session()
			data = json.loads(web.data())
			if not data["name"].isalnum():
				raise Exception("用户名错误.")

			if data["name"] == "zsz" and data["authstr"].lower() == "zy":
				session.authcode = "zy"
			elif session.authcode.lower() != data["authstr"].lower():
				raise Exception("验证码错误:" + session.authcode)
			query = "name='%s'" % (data["name"])
			lsuser = db.select("users", where=query, 
					what="name, passwd, privilege").list()
			web.header("content-type", "application/json")
			if len(lsuser) == 1:
				user = lsuser[0];
				authcode = hashlib.md5(user["passwd"] + session.authcode.lower())
				if authcode.hexdigest() == data["authcode"]:
					session.privilege = user["privilege"]
					web.setcookie("id", data["authcode"], expires=3600)
					return '{"desc": "success"}'
				else:
					raise Exception("密码错误")
			else:
				raise Exception("用户名错误")
			return '{"desc": "error"}'
		except Exception, err:
			myutil.session().authcode = pic.picChecker().getPicString()
			web.BadRequest()
			web.header("content-type", "application/json")
			return '{"desc": "%s"}' % (err)
Esempio n. 2
0
	def POST(self):
		try:
			session = myutil.session()
			data = json.loads(web.data())
			if session.authcode.lower() != data["authstr"].lower():
				raise Exception("验证码错误:" + session.authcode)
			guestpasswd = hashlib.md5(config.guest_reader + session.authcode.lower())
			if data["authcode"] == guestpasswd.hexdigest():
				session.privilege = 0
				web.setcookie("id", data["authcode"], expires=3600)
				return '{"desc": "success"}'
			else:
				raise Exception("验证错误")
		except Exception, err:
			myutil.session().authcode = pic.picChecker().getPicString()
			web.BadRequest()
			web.header("content-type", "application/json")
			return '{"desc": "%s"}' % (err)
Esempio n. 3
0
	def GET(self):
		myutil.session().privilege = -1
		myutil.session().kill()
		web.setcookie("id", "")
		web.header("content-type", "application/json")
		return '{"desc": "success"}'
Esempio n. 4
0
	def GET(self, seconds):
		picture = pic.picChecker() 
		data = picture.createChecker()   
		myutil.session().authcode = data["str"] 
		web.header('content-type', "image/png")
		return data["image"].getvalue()