def login(): """ :params: str :user_name :params: str :password :return: """ input_json = request.json res = Response() try: if input_json and input_json['user_name']: user = User.filter(User.user_name == input_json['user_name']).first() if not user: res.Code = 400 res.Message = 'username password do not match' return jsonify(res.object_to_dict()) password = input_json['password'] if isinstance(password, str): password = bytes(password, 'utf-8') user_password = bytes(user.password, 'utf-8') if len(user.password) < 16: # 检查是不是 bcrypt 保存的密码 考虑到可能会直接操作数据库进行user信息的写入 user.password = bcrypt.hashpw(user_password, bcrypt.gensalt()) is_valid = bcrypt.checkpw(password, user.password) else: is_valid = bcrypt.checkpw(password, user_password) if not is_valid: logging.info('%s %s login failed', user.user_name, user.id) res.Code = 400 res.Message = 'username password do not match' return jsonify(res.object_to_dict()) logging.info('%s %s login successed', user.user_name, user.id) user.last_login_at = datetime.now() user.save() res.Code = 200 res.Message = "login success" res.Result = { 'jwt': encode_auth_token(user.id, user.account_id) } else: res.Code = 400 res.Message = "no user name" return jsonify(res.object_to_dict()) except Exception as e: logging.info("user %s login error. %s", input_json['user_name'], e) res.Code = 500 res.Message = 'Internal service error' return jsonify(res.object_to_dict())