def identity(self, request): # 用户鉴权 auth_header = request.headers.get('Authorization') if auth_header: auth_token_array = auth_header.split(" ") if not auth_token_array or auth_token_array[0] != 'JWT' or len(auth_token_array) != 2: return HttpCode.AUTH_ERROR else: auth_token = auth_token_array[1] payload = self.decode_auth_token(auth_token) if not isinstance(payload, str): user_id = payload.get('data').get('id') login_time = payload.get('data').get('login_time') user = UserLogin.query.get(user_id) if not user: return HttpCode.AUTH_ERROR else: if user.last_login == login_time: return success(msg='用户认证成功', data={"user_id": user.id}) else: return error(code=HttpCode.AUTH_ERROR, msg='用户认证失败') else: return error(code=HttpCode.AUTH_ERROR, msg='用户认证失败') else: return error(code=HttpCode.AUTH_ERROR, msg='用户认证失败')
def post(self): dict_data = request.args old_password = dict_data.get('old_password') new_password = dict_data.get('new_password') # session鉴权 user_id = session.get('user_id') if not user_id: return error(HttpCode.params_error, '请先登录') try: user = UserLogin.query.filter(UserLogin.id == user_id).first() except Exception as e: current_app.logger.error(e) return error(HttpCode.params_error, '查询失败') if not user: return error(HttpCode.params_error, '用户不存在') if not user.check_password(old_password): return error(HttpCode.params_error, '旧密码不符') user.password_hash = UserLogin.crypto_secret(new_password) try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return error(HttpCode.db_error, '添加数据失败') return success('修改成功')
def identify(self, request): """ 用户鉴权 :param request: :return: """ # 获取header中的Authorization auth_header = request.headers.get('Authorization') if auth_header: auth_token_arr = auth_header.split(" ") if not auth_token_arr or auth_token_arr[0] != 'JWT' or len( auth_token_arr) != 2: return HttpCode.auth_error else: auth_token = auth_token_arr[1] payload = self.decode_auth_token(auth_token) if not isinstance(payload, str): user_id = payload.get('data').get('id') login_time = payload.get('data').get('login_time') user = UserLogin.query.get(user_id) if not user: return HttpCode.un_auth_error else: if user.last_login == login_time: return success(msg='用户认证成功', data={"user_id": user.user_id}) else: return error(code=HttpCode.auth_error, msg='用户认证失败') else: return error(code=HttpCode.auth_error, msg='用户认证失败') else: return error(code=HttpCode.auth_error, msg='用户认证失败')
def post(self): parser = reqparse.RequestParser(bundle_errors=True) parser.add_argument('mobile', type=inputs.regex('1[3456789]\\d{9}'), required=True, nullable=False, location=['json'], help='手机号格式不正确') parser.add_argument('nickname', type=inputs.regex('^[A-Za-z][A-Za-z0-9]{2,7}'), required=True, nullable=False, location=['json'], help='昵称格式不正确') parser.add_argument('password', required=True, nullable=False, location=['json'], help='密码不正确') args = parser.parse_args() user = UserLogin() user.nickname = args.nickname user.mobile = args.mobile try: db.session.add(user) db.session.commit() userinfo = UserLogin.query.filter(UserLogin.mobile == args.mobile).first() if not userinfo: return error(code=HttpCode.DB_ERROR, msg='注册数据失败') except Exception as e: current_app.logger.error(e) db.session.rollback() return error(code=HttpCode.DB_ERROR, msg='注册数据失败') return success(msg='注册成功', data=user.to_dict())
def authenticate(self, mobile, password): user = UserLogin.query.filter_by(mobile=mobile).first() if not user: return error(HttpCode.AUTH_ERROR, '用户不存在') if user.check_password(password): login_time = int(time.time()) user.login_time = login_time user.update() token = self.encode_auth_token(user.id, login_time) token = str(token, encoding='utf-8') return success('登录成功', data={'token': token}) else: return error(HttpCode.PARAMS_ERROR, '密码错误')
def post(self): parser = reqparse.RequestParser(bundle_errors=True) parser.add_argument('mobile', type=inputs.regex('1[3456789]\\d{9}'), required=True, nullable=False, location=['json'], help='手机号参数不正确') parser.add_argument('password', required=True, nullable=False, location=['json'], help='密码参数不正确') args = parser.parse_args() verify_code = verify_imgcode(args.img_code_id, args.img_code) if verify_code == -2: return error(HttpCode.params_error, '验证码id不正确', {'img_code_id': args.img_code_id}) elif verify_code == -1: return error(HttpCode.params_error, '验证码不正确', {'img_code': args.img_code}) try: user = UserLogin.query.filter(UserLogin.mobile == mobile).first() except Exception as e: current_app.logger.error(e) return error(HttpCode.db_error, msg='获取数据出错') if not user: return error(HttpCode.params_error, msg='用户不存在') if not user.check_password(args.password): return error(HttpCode.params_error, msg='密码错误') # 保存session session['user_id'] = user.id session['mobile'] = args.mobile user.last_login = dt.now() try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return error(HttpCode.db_error, msg='添加数据失败') return success(msg='登录成功', data=user.to_dict())
def post(self): file_avatar = request.args.get('avatar') if not file_avatar: return error(HttpCode.params_error, '对象不存在') try: img_data = file_avatar.read() image_name = image_storage.image_storage(img_data) except Exception as e: current_app.logger.error(e) return error(HttpCode.params_error, '上传失败') g.user.avatar_url = QINIU_DOMIN_PREFIX + image_name return success(msg='上传成功', data={'avatar_url': QINIU_DOMIN_PREFIX + image_name})
def post(self): user_id = session.get('user_id') if not user_id: error(HttpCode.params_error, '请先登录') user_profile = {} dict_data = request.args user_profile['mobile'] = dict_data.get('mobile') user_profile['nickname'] = dict_data.get('nickname') # user_profile['avatar_url'] = dict_data.get('avatar_url') user_profile['signature'] = dict_data.get('signature') user_profile['sex'] = dict_data.get('sex') user_profile['birth_date'] = dict_data.get('birth_date') if not all(user_profile.values()): return error(HttpCode.params_error, '参数不能全为空') if user_profile['mobile'] and not re.fullmatch(r'1[356789]\d{9}', user_profile['mobile']): return error(HttpCode.params_error, msg='手机号格式错误') if user_profile['nickname'] and not re.fullmatch( r'^[A-Za-z][A-Za-z0-9]{2,7}', user_profile['nickname']): return error(HttpCode.params_error, msg='昵称格式错误') if user_profile['sex'] and user_profile['sex'] not in ['0', '1', '2']: return error(HttpCode.params_error, msg='性别输入错误') try: user = UserInfo.query.filter(UserInfo.id == user_id).first() except Exception as e: current_app.logger.error(e) return error(HttpCode.db_error, '获取数据失败') if not user: return error(HttpCode.params_error, '用户不存在') user.from_dict(user_profile) try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return error(HttpCode.db_error, '更新数据失败') return success('修改成功')
def post(self): parser = reqparse.RequestParser(bundle_errors=True) parser.add_argument('mobile', type=inputs.regex('1[3456789]\\d{9}'), required=True, nullable=False, location=['json'], help='手机号格式不正确') # parser.add_argument('nickname', type=inputs.regex('^[A-Za-z][A-Za-z0-9]{2,7}'), required=True, # nullable=False, location=['json'], help='昵称格式不正确') parser.add_argument('password', required=True, nullable=False, location=['json'], help='密码不正确') args = parser.parse_args() try: user = UserLogin.query.filter_by(mobile=args.mobile).first() except Exception as e: current_app.logger.error(e) return error(HttpCode.DB_ERROR, msg='获取数据出错') if not user: return error(HttpCode.PARAMS_ERROR, msg='用户不存在') if not user.check_password(args.password): return error(HttpCode.PARAMS_ERROR, msg='密码错误') # 保存session session['user_id'] = user.id session['mobile'] = user.mobile user.last_login = dt.now() try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return error(code=HttpCode.DB_ERROR, msg='注册数据失败') g.data = { 'id': user.id, 'success': True } return success(msg='登录成功', data=user.to_dict())
def post(self): session.pop('user_id', '') session.pop('mobile', '') g.success = False return success('退出成功')
def post(self): parser = reqparse.RequestParser(bundle_errors=True) parser.add_argument('mobile', type=inputs.regex('1[3456789]\\d{9}'), required=True, nullable=False, location=['json'], help='手机号参数不正确') parser.add_argument('nickname', type=inputs.regex('^[A-Za-z][A-Za-z0-9]{2,7}'), required=True, nullable=False, location=['json'], help='昵称格式不正确') parser.add_argument('password', required=True, nullable=False, location=['json'], help='密码参数不正确') parser.add_argument('img_code_id', required=True, nullable=False, location=['json'], help='验证码图片id参数不正确') parser.add_argument('img_code', required=True, nullable=False, location=['json'], help='验证码参数不正确') args = parser.parse_args() # 验证码 verify_code = verify_imgcode(args.img_code_id, args.img_code) if verify_code == -2: return error(HttpCode.params_error, '验证码id不正确', {'img_code_id': args.img_code_id}) elif verify_code == -1: return error(HttpCode.params_error, '验证码不正确', {'img_code': args.img_code}) user_profile = UserInfo() user_profile.nickname = args.nickname user_profile.mobile = args.mobile try: db.session.add(user_profile) db.session.commit() userinfo = UserInfo.query.filter( UserInfo.mobile == args.mobile).first() if not userinfo: return error(code=HttpCode.db_error, msg='添加数据失败') except Exception as e: current_app.logger.error(e) db.session.rollback() return error(code=HttpCode.db_error, msg='添加数据失败') user = UserLogin() user.mobile = args.mobile user.password_hash = user.crypto_secret(args.password) user.user_id = user_profile.id try: db.session.add(user) db.session.add(user_profile) db.session.commit() except Exception as e: current_app.logger.error(e) return error(code=HttpCode.db_error, msg='注册失败', data=user.to_dict()) return success(msg='注册成功', data=user.to_dict())
def post(self): session.pop('user_id', '') session.pop('mobile', '') return success('登出成功')