def login():
"""
:params: str :user_name
:params: str :password
:return:
"""
input_json = request.json
res = Response()
try:
if input_json and input_json['user_name']:
user = User.filter(User.user_name == input_json['user_name']).first()
if not user:
res.Code = 400
res.Message = 'username password do not match'
return jsonify(res.object_to_dict())
password = input_json['password']
if isinstance(password, str):
password = bytes(password, 'utf-8')
user_password = bytes(user.password, 'utf-8')
if len(user.password) < 16:
# 检查是不是 bcrypt 保存的密码 考虑到可能会直接操作数据库进行user信息的写入
user.password = bcrypt.hashpw(user_password, bcrypt.gensalt())
is_valid = bcrypt.checkpw(password, user.password)
else:
is_valid = bcrypt.checkpw(password, user_password)
if not is_valid:
logging.info('%s %s login failed', user.user_name, user.id)
res.Code = 400
res.Message = 'username password do not match'
return jsonify(res.object_to_dict())
logging.info('%s %s login successed', user.user_name, user.id)
user.last_login_at = datetime.now()
user.save()
res.Code = 200
res.Message = "login success"
res.Result = {
'jwt': encode_auth_token(user.id, user.account_id)
}
else:
res.Code = 400
res.Message = "no user name"
return jsonify(res.object_to_dict())
except Exception as e:
logging.info("user %s login error. %s", input_json['user_name'], e)
res.Code = 500
res.Message = 'Internal service error'
return jsonify(res.object_to_dict())
