async def api_login(*, email, password, rememberme):
if not email:
raise APIValueError('email', 'Invalid email.')
if not password:
raise APIValueError('password', 'Invalid password.')
users = await User.findAll(where='email=?', args=[email])
if len(users) == 0:
raise APIValueError('email', 'Email not exist.')
user = users[0]
# 检查密码
sha1 = hashlib.sha1()
sha1.update(user.id.encode('utf-8'))
sha1.update(b':')
sha1.update(password.encode('utf-8'))
logging.info('password:%s' % user.password)
logging.info('sha1:%s' % sha1.hexdigest())
if user.password != sha1.hexdigest():
raise APIValueError('password', 'Invalid password.')
# 密码正确,设置cookie
r = web.Response()
if rememberme:
max_age = configs.cookie.max_age_long
else:
max_age = configs.cookie.max_age
r.set_cookie(configs.cookie.name,
user2cookie(user, max_age),
max_age=max_age,
httponly=True)
user.password = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_login(*, email, password, rememberme):
if not email:
raise APIValueError('email', 'Invalid email.')
if not password:
raise APIValueError('password', 'Invalid password.')
users = await User.findAll(where='email=?', args=[email])
if len(users) == 0:
raise APIValueError('email', 'Email not exist.')
user = users[0]
# 检查密码
sha1 = hashlib.sha1()
sha1.update(user.id.encode('utf-8'))
sha1.update(b':')
sha1.update(password.encode('utf-8'))
logging.info('password:%s' % user.password)
logging.info('sha1:%s' % sha1.hexdigest())
if user.password != sha1.hexdigest():
raise APIValueError('password', 'Invalid password.')
# 密码正确,设置cookie
r = web.Response()
if rememberme:
max_age = configs.cookie.max_age_long
else:
max_age = configs.cookie.max_age
r.set_cookie(configs.cookie.name, user2cookie(user, max_age), max_age=max_age, httponly=True)
user.password = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_signin(*, email, name, password):
if not name or not name.strip():
raise APIValueError('name')
if not email or not RE_EMAIL.match(email):
raise APIValueError('email')
if not password or not RE_SHA1.match(password):
raise APIValueError('password')
users = await User.findAll(where='email=?', args=[email])
if len(users) > 0:
raise APIError('signup:failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_password = '******' % (uid, password)
user = User(id=uid,
name=name.strip(),
email=email,
password=hashlib.sha1(
sha1_password.encode('utf-8')).hexdigest(),
image=configs.web_meta.user_image)
await user.save()
# 设置cookie
r = web.Response()
r.set_cookie(configs.cookie.name,
user2cookie(user, configs.cookie.max_age),
max_age=configs.cookie.max_age,
httponly=True)
user.password = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_signin(*, email, name, password):
if not name or not name.strip():
raise APIValueError('name')
if not email or not RE_EMAIL.match(email):
raise APIValueError('email')
if not password or not RE_SHA1.match(password):
raise APIValueError('password')
users = await User.findAll(where='email=?', args=[email])
if len(users) > 0:
raise APIError('signup:failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_password = '******' % (uid, password)
user = User(id=uid, name=name.strip(), email=email, password=hashlib.sha1(sha1_password.encode('utf-8')).hexdigest(), image=configs.web_meta.user_image)
await user.save()
# 设置cookie
r = web.Response()
r.set_cookie(configs.cookie.name, user2cookie(user, configs.cookie.max_age), max_age=configs.cookie.max_age, httponly=True)
user.password = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r