def rainEntrance(self):
RAINDB_CONF = current_app.config['RAINDB_CONF']
username = self['username']
password = self['password']
user = User(username=username)
result = user.query(RAINDB_CONF)
if result is None:
return json.dumps({"success": False})
elif username in json.dumps(result):
if pwd_context.verify(password, result['password']) is True:
g.user = user
try:
expiration = 10
token = Serializer(current_app.config['SECRET_KEY'],
expires_in=expiration).dumps(
{'username': username})
return json.dumps({
"success": True,
"token": token.decode('ascii')
})
except BaseException as e:
print(e)
return json.dumps({"success": False})
else:
return json.dumps({"success": False})
def path_filter(self, req, resp):
if req.path == '/' and req.method == 'GET':
# 首页
raise UserHttpError(description=dict(code=0, msg='hello, world!'))
elif req.path == '{}/login'.format(
self.config.route_path) and req.method == 'POST':
# 登录
username = req.body.get('username', None)
password = req.body.get('password', None)
if not username or not password:
raise UserHttpError(description=dict(code=3000, msg=msg[3000]))
self.logger.info('user: {} is logging in......'.format(username))
if not db_session.query(User).filter(User.username == username,
User.password
== password).first():
raise UserHttpError(description=dict(code=3001, msg=msg[3001]))
else:
token_dict = dict(username=username,
forwarded_host=req.forwarded_host)
token = Serializer(self.config.SECRET_KEY,
expires_in=7200).dumps(token_dict)
self.logger.info(
(username, req.forwarded_host, req.port, req.method,
req.path, resp.status, resp.body))
raise UserHttpError(description=dict(
code=0, msg=msg[0], token=token.decode('utf-8')))
elif req.path == '{}/logout'.format(
self.config.route_path) and req.method == 'POST':
# 退出
raise UserHttpError(description=dict(code=0, msg=msg[0]))
def post(self, request):
username = request.POST.get('user_name')
password = request.POST.get('pwd')
email = request.POST.get('email')
allow = request.POST.get('allow')
if not all([username, password, email]):
return render(request, 'register.html', {'errmsg': '数据不完整'})
if not re.match(r'^[a-z0-9][\w.\-]*@[a-z0-9\-]+(\.[a-z]{2,5}){1,2}$',
email):
return render(request, 'register.html', {'errmsg': '邮箱格式有误'})
if allow != 'on':
return render(request, 'register.html', {'errmsg': '未勾选协议'})
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = None
if user:
return render(request, 'register.html', {'errmsg': '用户名已存在'})
user = User.objects.create_user(username, email, password)
user.is_active = 0
user.save()
user_info = {
'user_id': user.id,
}
token = TimedJSONWebSignatureSerializer(secret_key=settings.SECRET_KEY,
expires_in=30)
token = token.dumps(user_info)
token = token.decode()
# 发邮件
subject = '淘生鲜欢迎您'
message = ''
sender = settings.EMAIL_FROM
receiver = [email]
html_message = f'<h1>{username}您好,欢迎您成为淘生鲜注册用户</h1>请点击以下链接激活您的账号<a href="http://127.0.0.1:8000/user/active/{token}">http://127.0.0.1:8000/user/active/{token}</a>'
# 发送激活邮件
send_mail(subject,
message,
sender,
receiver,
html_message=html_message)
return redirect(reverse('goods:index'))
def login():
auth = request.authorization
if not auth or not auth.username or not auth.password:
return make_response('Could not verify', 401, {'WWW-Authenticate':'Basic realm="Login required"'})
user = User.query.filter_by(name=auth.username).first()
if not user:
return make_response('Could not verify', 401, {'WWW-Authenticate':'Basic realm="Login required"'})
if check_password_hash(user.password, auth.password):
token = Serializer(app.config['SECRET_KEY'], expires_in = 3600).dumps(user.public_id)
return jsonify({'token':token.decode('UTF-8') })
return make_response('Could not verify', 401, {'WWW-Authenticate':'Basic realm="Login required"'})
