def wrapper(*args, **kwargs): if request.method == 'POST': token = GetRequestJsonData(request, 'Token', None) if not token: return ReturnRequest(ReturnCode.paramete_error, '非法请求', '') account = Account.query.filter(Account.token == token).first() if not account: return ReturnRequest(SystemCode.TokenInvalid, 'Token已失效或不正确, 请重新登录', '') if not user_group: print('注意!@UserTokenAuthPost: 未设置可访问的用户权限') return '' if account.account_group not in user_group: return ReturnRequest(ReturnCode.paramete_error, '你没有权限访问该接口', '') request.json['current_account'] = account return func(request, *args, **kwargs) # try: # except: # return ReturnRequest(ReturnCode.paramete_type_error, '请求参数格式有误', '') else: return ReturnRequest(SystemCode.ErrorRequestMethod, '请求方法不正确', '')
def upload_article(request): userid = GetRequestJsonData(request, 'userid', None) title = GetRequestJsonData(request, 'title', None) introduce = GetRequestJsonData(request, 'introduce', None) content = GetRequestJsonData(request, 'content', None) article_type = GetRequestJsonData(request, 'article_type', None) content_type = GetRequestJsonData(request, 'content_type', None) status = GetRequestJsonData(request, 'status', 0) cover = GetRequestJsonData(request, 'cover', None) if not userid: return ReturnCode.paramete_error, '用户id异常', '' if not title: return ReturnCode.paramete_error, '标题不能为空', '' if not introduce: return ReturnCode.paramete_error, '介绍不能为空', '' if not str(content): return ReturnCode.paramete_error, '内容不能为空', '' if not article_type: return ReturnCode.paramete_error, '发布类型不能为空', '' if not cover: return ReturnCode.paramete_error, '封面不能为空', '' if int(article_type) == 1: if not content_type: return ReturnCode.paramete_error, '作品类型不能为空', '' new = Article() new.upload_userid = userid new.upload_time = datetime.now() new.article_type = int(article_type) new.title = str(title) new.introduce = str(introduce) new.content = str(content) new.content_type = int(content_type) new.cover = str(cover) new.status = status db.session.add(new) try: db.session.commit() return ReturnCode.ok, '上传成功', {'id': new.id} except: db.session().rollback() return ReturnCode.server_error, '系统出错', ''
def register(request): username = GetRequestJsonData(request, 'username', None) email = GetRequestJsonData(request, 'email', None) password = GetRequestJsonData(request, 'password', None) repassword = GetRequestJsonData(request, 'repassword', None) print(username, email, password, repassword) if not all([username, email, password, repassword]): return ReturnCode.paramete_error, '邮箱或用户名密码输入不正确', '' if User.query.filter(User.email == email).first(): return ReturnCode.paramete_error, '该邮箱已被注册', '' if User.query.filter(User.username == username).first(): return ReturnCode.paramete_error, '该用户名已被注册', '' if password != password: return ReturnCode.paramete_error, '两次密码输入不一致', '' adduser = User( reg_time = datetime.now(), password = generate_password_hash(str(password)), email = str(email), username = str(username), token = '', head = 'default.png', userstatus = 0 ) db.session.add(adduser) try: db.session.commit() return ReturnCode.ok, '注册成功', '' except: db.session().rollback() return ReturnCode.server_error, '系统出错', ''
def login(request): hmduserreturncode = 1000 email = GetRequestJsonData(request, 'email', None) password = GetRequestJsonData(request, 'password', None) user = User.query.filter(User.email == email).first() if not user: return ReturnCode.paramete_error, '用户不存在', '' if user.userstatus == 2: return hmduserreturncode, '黑名单用户 禁止登录', '' if check_password_hash(str(user.password), password): md5 = hashlib.md5((user.email + DateTimeForStr(datetime.now())).encode()).hexdigest() user.token = str(md5) db.session.commit() # return 400, '登录成功', {'Token':md5, 'userID': str(user.id)} return ReturnCode.ok, '登录成功', {'Token':md5, 'userID': str(user.id), 'username':user.username, 'head':SERVER_GULAOBURL + '/static/head/' + user.head, 'userstatus':user.userstatus} return ReturnCode.paramete_error, ' 邮箱或密码不正确', ''
def wrapper(*args, **kwargs): if request.method == 'GET': userkey = GetRequestJsonData(request, 'userid', None) token = GetRequestJsonData(request, 'token', None) if not userkey or not token: return ReturnRequest(SystemCode.NotLogin, '请求参数有误', '') obj = UserAccount.query.filter(UserAccount.id == userkey).first() if not obj: return ReturnRequest(SystemCode.NotLogin, '请求参数有误', '') if not token: ReturnRequest(SystemCode.NotLogin, '请求参数有误', '') if obj.token != token: return ReturnRequest(SystemCode.TokenInvalid, 'Token已失效或不正确, 请重新登录', '') # userid = obj.id return func(request, *args, **kwargs) else: return ReturnRequest(SystemCode.ErrorRequestMethod, '请求方法不对', '')
def Logout(request): userid = GetRequestJsonData(request, 'userid', None) user = User.query.filter(User.id == userid).first() if not user: return ReturnCode.paramete_error, '用户不存在', '' user.token = '' try: db.session.commit() return ReturnCode.ok, '退出登录成功', '' except: db.session.rollback() return ReturnCode.server_error, '系统出错', ''