def identify(self, request):
"""
用户鉴权
:return: list
"""
auth_header = request.headers.get('Authorization')
if (auth_header):
auth_tokenArr = auth_header.split(" ")
if (not auth_tokenArr or auth_tokenArr[0] != 'JWT'
or len(auth_tokenArr) != 2):
return '请传递正确的验证头信息'
else:
auth_token = auth_tokenArr[1]
payload = self.decode_auth_token(auth_token)
if not isinstance(payload, str):
user = Users.get(payload['data']['id'])
if (user is None):
return '找不到该用户信息'
else:
if (user.updated_at == payload['data']['updated_at']):
result = payload
else:
return 'Token已更改,请重新登录获取'
else:
result = payload
else:
return '没有提供认证token'
return result
def authenticate(email, password):
"""
用户登录,登录成功返回token,写将登录时间写入数据库;登录失败返回失败原因
:param password:
:return: json
"""
filters = {
Users.email == email
}
userInfo = Users().getOne(filters)
userInfoPas = Users().getOne(filters, order = 'id desc', field = ('password',))
if(userInfo is None):
return BaseController().error('找不到用户')
else:
if (Users.check_password(userInfoPas['password'], password)):
updated_at = int(time.time())
Users.update(email, updated_at)
token = UsersAuthJWT.encode_auth_token(userInfo['id'], updated_at)
return BaseController().successData({'token': token.decode(), 'user': userInfo}, '登陆成功')
else:
return BaseController().error('密码不正确')