def test_jwt(self): user = User(id=55, user_name='kulich', email='*****@*****.**') secret = 'ZZigIKCHuSNeSHwfU+TAbyNX4nwyMUDRXnv0aZgBlOM' token = create_token(user, secret) claim = verify_token(token, secret) self.assertEqual(user.id, claim['id']) self.assertEqual(user.user_name, claim['user_name']) self.assertEqual(user.email, claim['email']) self.assertTrue(verify_token(token, 'bad secret') is None) token2 = create_token(user, secret, -30) self.assertTrue(verify_token(token2, secret) is None)
def reading_modify(): token_data = utils.verify_token(request.headers['Authorization']) user_id = uuid.UUID(token_data['userId']) book_name = request.values.get('bookName') chapter_id = request.values.get('chapterId') collections = app.mongo.db.mark condition = { "userId": user_id, "bookName": book_name, "chapterId": chapter_id } result = collections.find_one(condition) if result is not None: return {"message": "不可重复记录阅读进度"}, utils.http_code["Conflict"] collections.delete_one({ "userId": user_id, "bookName": book_name, }) collections.insert_one({ "userId": user_id, "bookName": book_name, "chapterId": chapter_id }) return {"message": "已记录阅读进度"}
def is_token_valid(): body = request.get_json(force=True) is_valid = verify_token(body["token"]) if is_valid: return jsonify(is_token_valid=True) else: return jsonify(is_token_valid=False), 403
def authenticate(realm, user_id, details): log.debug('Got auth request for %s') token = details.get('ticket') payload = verify_token(token, settings.SECRET_KEY) if payload and user_id == payload['email']: if 'user' in payload['roles']: log.debug('Authenticaticated user %s to role user', user_id) return 'user' return 'anonymous'
def book_del(): token_data = utils.verify_token(request.headers['Authorization']) user_id = uuid.UUID(token_data['userId']) book_name = request.values.get("bookName") collections = app.mongo.db.collections condition = {"userId": user_id, "bookName": book_name} collections.delete_one(condition) return {"message": "已取消收藏"}
def book_fetch(): token_data = utils.verify_token(request.headers['Authorization']) user_id = uuid.UUID(token_data['userId']) book_name = request.values.get("bookName", "") collections = app.mongo.db.collections condition = { "userId": user_id, "bookName": book_name } if book_name != "" else { "userId": user_id } result = collections.find(condition, {'_id': False, 'userId': False}) return fetch_data(result)
def reading_fetch(): token_data = utils.verify_token(request.headers['Authorization']) user_id = uuid.UUID(token_data["userId"]) book_name = request.values.get("bookName", "") collections = app.mongo.db.mark condition = { 'userId': user_id, 'bookName': book_name } if book_name != "" else { 'userId': user_id } result = collections.find(condition, {'_id': False}) result = [x for x in result] return fetch_data(result[::-1])
def info(): token = request.headers['Authorization'] user_data = utils.verify_token(token) users = app.mongo.db.users result = users.find_one({'userId': uuid.UUID(user_data['userId'])}) if result is None: return {"message": "用户不存在"}, utils.http_code['BadRequest'] return { 'message': '请求成功', 'data': { 'username': result['username'], 'userId': result['userId'] } }
def book_add(): token_data = utils.verify_token(request.headers['Authorization']) user_id = uuid.UUID(token_data['userId']) book_name = request.values.get("bookName") collections = app.mongo.db.collections condition = {"userId": user_id, "bookName": book_name} result = collections.find_one(condition) if result is not None: return {"message": "不可重复收藏"}, utils.http_code["Conflict"] collections.insert_one({"userId": user_id, "bookName": book_name}) return { "message": "收藏成功", }
def load_user_from_request(request): user_token = request.args.get('bearer_token') if not user_token: token=request.headers.get('Authorization') if token and token.lower().startswith('bearer '): user_token=token[7:].strip() if not user_token: return claim=verify_token(user_token, SECRET_KEY) if claim: user=model.User.query.get(claim['id']) # @UndefinedVariable if user and user.is_active: return user # finally, return None if both methods did not login the user return None