def get(self): token = self.get_secure_cookie(LOGIN_TOKEN) try: action = self.get_argument("action") #login_auth = RedisLoginAuth(token) #uid = login_auth.get_uid() if action == "get_user_list": page_num = self.get_argument('pageNum') page_size = self.get_argument('pageSize') limit = int(page_size) offset = (int(page_num)) * limit order_by = self.get_argument("order_by", "gmt_create") filter_dict = json.loads(self.get_argument( "filter_dict", "{}")) data = SqlFunc.get_user_information( self.db_session, action, { "limit": limit, "offset": offset, "order_by_list": [order_by], "filter_dict": filter_dict }) self.write(HandlerTool.set_response(0, "", data)) except Exception as error: self.db_session.rollback() logging.error(str(error), exc_info=True) self.write(HandlerTool.set_response(-1, COMMON_ERROR, {}))
def post(self): request_body = HandlerTool.request_body_bytes2str(self.request.body) request_body_dict = json.loads(request_body) try: action = request_body_dict["action"] if action == "insert_user": if not CommonFunc.check_is_chinese( request_body_dict["real_name"]): raise InputError("真实姓名必须全部为中文,请检查") SqlFunc.create_user( self.db_session, { "username": request_body_dict["username"], "password": request_body_dict["password"], "real_name": request_body_dict["real_name"], "status": int(request_body_dict["status"]), "rid": int(request_body_dict["role"]) }) self.write(HandlerTool.set_response("0", "", {})) except InputError as error: self.db_session.rollback() logging.error(str(error), exc_info=True) self.write(HandlerTool.set_response("-1", str(error), {})) except sqlalchemy.exc.IntegrityError as error: self.db_session.rollback() logging.error(str(error), exc_info=True) self.write(HandlerTool.set_response("-1", "账号已存在", {})) except Exception as error: self.db_session.rollback() logging.error(str(error), exc_info=True) self.write(HandlerTool.set_response("-1", COMMON_ERROR, {}))
def post(self): request_body = HandlerTool.request_body_bytes2str(self.request.body) try: request_body = json.loads(request_body) mobilephone_number = request_body["mobilephone_number"].strip() password = request_body["password"].strip() #alipay_account = request_body["alipay_account"].strip() realname = request_body["realname"].strip() id_code = request_body["id_code"].strip() redis_reg = RedisRegister(mobilephone_number) if redis_reg.get_id_code() == id_code: SqlFunc.create_user( self.db_session, { "mobilephonenumber": mobilephone_number, "password": password, "realname": realname, "status": 0, "rolename": "generaluser" }) self.write(HandlerTool.set_response("0", "", {})) else: self.write(HandlerTool.set_response("-1", "验证码错误", {})) except Exception as error: self.db_session.rollback() logging.error(str(error), exc_info=True) self.write(HandlerTool.set_response("-1", "没有访问权限", {}))
def delete(self): request_body = HandlerTool.request_body_bytes2str(self.request.body) try: request_body_dict = json.loads(request_body) self.write( HandlerTool.set_response(0, "", { "hi": "Hello, world", "request_body": request_body_dict })) except Exception as error: logging.error(str(error), exc_info=True) self.write(HandlerTool.set_response(-1, str(error), {}))
def get(self): try: username = self.get_argument('username', 'you can guess it') password = self.get_argument('password', 'you can guess it') self.write( HandlerTool.set_response( 0, "", { "hi": "Hello, world", "request_body": { "username": username, "password": password } })) except Exception as error: logging.error(str(error), exc_info=True) self.write(HandlerTool.set_response(-1, str(error), {}))
def get(self): random_number = "".join([chr(random.randrange(ord('0'), ord('9') + 1)) for _ in range(6)]) mobilephone_number = str(self.get_argument("mobilephone_number", '')).strip() if phonecheck(mobilephone_number): try: sms_obj = CustomSms() result = sms_obj.send_id_code(mobilephone_number.strip(),random_number) #如果用户通过验证 if result["Message"] == "OK": redis_reg = RedisRegister(mobilephone_number) redis_reg.set_id_code(random_number) self.write(HandlerTool.set_response("0","success",{})) else: self.write(HandlerTool.set_response("-1","网络繁忙,请稍后再试(red)",{})) except Exception as error: logging.exception(error,exc_info = True) self.write(HandlerTool.set_response("-1",str(error),{}))
async def get(self): #mobilephone_number = self.get_argument('mobilephone_number', '') username = self.get_argument('username', '') password = self.get_argument('password', '') try: #mobilephone_number = mobilephone_number.strip() username = username.strip() password = password.strip() result = await IOLoop.current().run_in_executor( None, SqlFunc.verify_user, *(self.db_session, "by_username", { "username": username, "password": password })) if result: #生成token并存储 token = result["token"] #前端设置cookies self.set_secure_cookie( LOGIN_TOKEN, token, expires_days=1 / 24 / 60 * int(config_ini_identification["LOGIN_EXPIRES_MIN"])) #logging.info(result) self.write( HandlerTool.set_response( "0", "", { "data": result["data"]["children"], "username": result["username"], "realname": result["realname"], "role_list": result["role_list"], })) else: self.write(HandlerTool.set_response("A00003", "用户名或密码错误", {})) except InputError as error: self.db_session.rollback() logging.exception(error, exc_info=True) self.write(HandlerTool.set_response("-1", str(error), {})) except Exception as error: self.db_session.rollback() logging.exception(error, exc_info=True) self.write(HandlerTool.set_response("-1", COMMON_ERROR, {})) finally: self.finish()
def patch(self): request_body = HandlerTool.request_body_bytes2str(self.request.body) request_body_dict = json.loads(request_body) token = self.get_secure_cookie(LOGIN_TOKEN) try: action = request_body_dict["action"] if action == "update_user_information": if not CommonFunc.check_is_chinese( request_body_dict["real_name"]): raise InputError("真实姓名必须全部为中文,请检查") SqlFunc.update_user( self.db_session, action, { "status": request_body_dict["status"], "real_name": request_body_dict["real_name"], "uid": request_body_dict["id"] }) self.write(HandlerTool.set_response("0", "success", {})) elif action == "update_user_password": SqlFunc.update_user( self.db_session, action, { "uid": self.get_uid(token), "old_password": request_body_dict["old_password"].strip(), "new_password": request_body_dict["new_password"].strip() }) self.write(HandlerTool.set_response("0", "success", {})) else: raise InputError("action错误") except InputError as error: self.db_session.rollback() logging.error(str(error), exc_info=True) self.write(HandlerTool.set_response("-1", str(error), {})) except Exception as error: self.db_session.rollback() logging.exception(error, exc_info=True) self.write(HandlerTool.set_response("-1", COMMON_ERROR, {}))
async def get(self): #mobilephone_number = self.get_argument('mobilephone_number', '') username = self.get_argument('username', '') password = self.get_argument('password', '') try: #mobilephone_number = mobilephone_number.strip() username = username.strip() password = password.strip() result = await IOLoop.current().run_in_executor( None, SqlFunc.verify_user, *(self.db_session, "by_username", { "username": username, "password": password })) if result: #生成token并存储 token = str(uuid.uuid1()) login_auth = RedisLoginAuth(token) #uid,rid,limit_count uid = result["uid"] rid_set = result["rid_set"] login_auth.login_init(uid, rid_set, 3) #前端设置cookies self.set_secure_cookie( LOGIN_TOKEN, token, expires_days=1 / 24 / 60 * int(config_ini_identification["LOGIN_EXPIRES_MIN"])) #logging.info(result) self.write( HandlerTool.set_response( "0", "", { "data": result["data"]["children"], "username": result["username"], "realname": result["realname"], "CARD_TID2DESC_HEADER_DICT": CARD_TID2DESC_HEADER_DICT, "CARD_TID2DATA_TID_DICT": CARD_TID2DATA_TID_DICT, "DATA_TID2DESC_DICT": DATA_TID2DESC_DICT, "DETAIL_STAUTS_DICT": DETAIL_STAUTS_DICT, "SINGLE_CARD_TID2DESC_HEADER_DICT": SINGLE_CARD_TID2DESC_HEADER_DICT })) else: self.write(HandlerTool.set_response("A00003", "用户名或密码错误", {})) except InputError as error: self.db_session.rollback() logging.exception(error, exc_info=True) self.write(HandlerTool.set_response("-1", str(error), {})) except Exception as error: self.db_session.rollback() logging.exception(error, exc_info=True) self.write(HandlerTool.set_response("-1", COMMON_ERROR, {})) finally: self.finish()
def wrapper(self, *args, **kwargs): token = self.get_secure_cookie(LOGIN_TOKEN) #如果token在前端不存在,就重新登陆 if token: login_auth = RedisLoginAuth(token) uid = login_auth.get_uid() #如果token在后端不存在,直接重新登陆 if not uid: self.write({ "code": "A00004", "desc": "登陆失效,请重新登陆", "data": {} }) return else: #如果计数器大于规定的值,直接重新登陆,重新登陆的时候也会判断这个值,所以相当于用户登陆不了 if not login_auth.is_count_lte_limit(): self.write({ "code": "A00004", "desc": "登陆失效,请重新登陆(用户登陆次数超限制)", "data": {} }) return else: #计数器+1 #username_count.create_or_incr() #如果有参数,继续检查参数 if rid_set: #logging.info(rid_set) #logging.info(login_auth.get_rid_set()) if not rid_set.issubset(login_auth.get_rid_set()): self.write({ "code": "A00009", "desc": "没有权限", "data": {} }) return else: self.write({ "code": "A00004", "desc": "登陆失效,请重新登陆", "data": {} }) return #全部通过的话,前端和后端都需要更新token时间 #前端更新 self.set_secure_cookie( LOGIN_TOKEN, token, expires_days=1 / 24 / 60 * int(config_ini_identification["LOGIN_EXPIRES_MIN"])) #后端更新 login_auth.update_expire_second() #logging.info(self.request.body) if self.request.body[0:3].decode() != "---": monitor_dict = { "uid": uid, "uri": self.request.uri, "body": json.loads( HandlerTool.request_body_bytes2str(self.request.body)) } else: monitor_dict = { "uid": uid, "uri": self.request.uri, "body": self.request.body.decode() } logging.info("{}".format( json.dumps(monitor_dict, ensure_ascii=False))) return func(self, *args, **kwargs)