コード例 #1
0
        def wrapper(*args, **kwargs):
            if request.method == 'POST':

                token = GetRequestJsonData(request, 'Token', None)

                if not token:
                    return ReturnRequest(ReturnCode.paramete_error, '非法请求', '')

                account = Account.query.filter(Account.token == token).first()

                if not account:
                    return ReturnRequest(SystemCode.TokenInvalid,
                                         'Token已失效或不正确, 请重新登录', '')

                if not user_group:
                    print('注意!@UserTokenAuthPost: 未设置可访问的用户权限')
                    return ''

                if account.account_group not in user_group:
                    return ReturnRequest(ReturnCode.paramete_error,
                                         '你没有权限访问该接口', '')

                request.json['current_account'] = account

                return func(request, *args, **kwargs)

                # try:
                # except:
                #     return ReturnRequest(ReturnCode.paramete_type_error, '请求参数格式有误', '')

            else:
                return ReturnRequest(SystemCode.ErrorRequestMethod, '请求方法不正确',
                                     '')
コード例 #2
0
ファイル: views.py プロジェクト: weivis/My-Website
def upload_article(request):
    userid = GetRequestJsonData(request, 'userid', None)
    title = GetRequestJsonData(request, 'title', None)
    introduce = GetRequestJsonData(request, 'introduce', None)
    content = GetRequestJsonData(request, 'content', None)
    article_type = GetRequestJsonData(request, 'article_type', None)
    content_type = GetRequestJsonData(request, 'content_type', None)
    status = GetRequestJsonData(request, 'status', 0)
    cover = GetRequestJsonData(request, 'cover', None)

    if not userid:
        return ReturnCode.paramete_error, '用户id异常', ''

    if not title:
        return ReturnCode.paramete_error, '标题不能为空', ''

    if not introduce:
        return ReturnCode.paramete_error, '介绍不能为空', ''

    if not str(content):
        return ReturnCode.paramete_error, '内容不能为空', ''

    if not article_type:
        return ReturnCode.paramete_error, '发布类型不能为空', ''

    if not cover:
        return ReturnCode.paramete_error, '封面不能为空', ''

    if int(article_type) == 1:
        if not content_type:
            return ReturnCode.paramete_error, '作品类型不能为空', ''

    new = Article()
    new.upload_userid = userid
    new.upload_time = datetime.now()
    new.article_type = int(article_type)
    new.title = str(title)
    new.introduce = str(introduce)
    new.content = str(content)
    new.content_type = int(content_type)
    new.cover = str(cover)
    new.status = status

    db.session.add(new)
    try:
        db.session.commit()
        return ReturnCode.ok, '上传成功', {'id': new.id}

    except:
        db.session().rollback()
        return ReturnCode.server_error, '系统出错', ''
コード例 #3
0
ファイル: views.py プロジェクト: Quart233/My-Website
def register(request):

    username = GetRequestJsonData(request, 'username', None)
    email = GetRequestJsonData(request, 'email', None)
    password = GetRequestJsonData(request, 'password', None)
    repassword = GetRequestJsonData(request, 'repassword', None)

    print(username, email, password, repassword)

    if not all([username, email, password, repassword]):
        return ReturnCode.paramete_error, '邮箱或用户名密码输入不正确', ''

    if User.query.filter(User.email == email).first():
        return ReturnCode.paramete_error, '该邮箱已被注册', ''

    if User.query.filter(User.username == username).first():
        return ReturnCode.paramete_error, '该用户名已被注册', ''

    if password != password:
        return ReturnCode.paramete_error, '两次密码输入不一致', ''

    adduser = User(
        reg_time = datetime.now(),
        password = generate_password_hash(str(password)),
        email = str(email),
        username = str(username),
        token = '',
        head = 'default.png',
        userstatus = 0
    )
    db.session.add(adduser)

    try:
        db.session.commit()
        return ReturnCode.ok, '注册成功', ''

    except:
        db.session().rollback()
        return ReturnCode.server_error, '系统出错', ''
コード例 #4
0
ファイル: views.py プロジェクト: Quart233/My-Website
def login(request):

    hmduserreturncode = 1000

    email = GetRequestJsonData(request, 'email', None)
    password = GetRequestJsonData(request, 'password', None)

    user = User.query.filter(User.email == email).first()
    if not user:
        return ReturnCode.paramete_error, '用户不存在', ''

    if user.userstatus == 2:
        return hmduserreturncode, '黑名单用户 禁止登录', ''

    if check_password_hash(str(user.password), password):
        md5 = hashlib.md5((user.email + DateTimeForStr(datetime.now())).encode()).hexdigest()
        user.token = str(md5)
        db.session.commit()
        # return 400, '登录成功', {'Token':md5, 'userID': str(user.id)}
        return ReturnCode.ok, '登录成功', {'Token':md5, 'userID': str(user.id), 'username':user.username, 'head':SERVER_GULAOBURL + '/static/head/' + user.head, 'userstatus':user.userstatus}
        

    return ReturnCode.paramete_error, ' 邮箱或密码不正确', ''
コード例 #5
0
ファイル: Middleware.py プロジェクト: Quart233/My-Website
    def wrapper(*args, **kwargs):
        if request.method == 'GET':
            userkey = GetRequestJsonData(request, 'userid', None)
            token = GetRequestJsonData(request, 'token', None)
            if not userkey or not token:
                return ReturnRequest(SystemCode.NotLogin, '请求参数有误', '')

            obj = UserAccount.query.filter(UserAccount.id == userkey).first()

            if not obj:
                return ReturnRequest(SystemCode.NotLogin, '请求参数有误', '')

            if not token:
                ReturnRequest(SystemCode.NotLogin, '请求参数有误', '')

            if obj.token != token:
                return ReturnRequest(SystemCode.TokenInvalid,
                                     'Token已失效或不正确, 请重新登录', '')

            # userid = obj.id
            return func(request, *args, **kwargs)

        else:
            return ReturnRequest(SystemCode.ErrorRequestMethod, '请求方法不对', '')
コード例 #6
0
ファイル: views.py プロジェクト: Quart233/My-Website
def Logout(request):
    userid = GetRequestJsonData(request, 'userid', None)
    user = User.query.filter(User.id == userid).first()
    if not user:
        return ReturnCode.paramete_error, '用户不存在', ''

    user.token = ''

    try:
        db.session.commit()
        return ReturnCode.ok, '退出登录成功', ''

    except:
        db.session.rollback()
        return ReturnCode.server_error, '系统出错', ''