def wrapper(*args, **kwargs):
auth_token = request.headers.get('User-Token')
if not auth_token:
raise ClientError(code=401, err=ErrorCode.NEED_LOGIN, msg='需要登录')
payload = Token.decode(auth_token)
if kwargs.get('user_id') != payload['data']['userId']:
raise ClientError(code=401, err=ErrorCode.NEED_LOGIN, msg='需要登录')
return func(*args, **kwargs)
def decode(cls, auth_token):
rsa_key_storage = RsaKeyStorage.instance()
try:
payload = jwt.decode(auth_token, rsa_key_storage.pub_key,
options={'verify_exp': True})
return payload
except jwt.ExpiredSignatureError:
raise ClientError(code=401, err=ErrorCode.JWT_DECODE,
msg='登录已过期,请重新登录')
except jwt.InvalidTokenError:
raise ClientError(code=401, err=ErrorCode.JWT_DECODE,
msg='登录无效,请重新登录')
def load_json(s):
content_type = request.headers.get('Content-Type')
if not content_type or not content_type.startswith('application/json'):
raise ClientError(code=400,
err=ErrorCode.CONTENT_TYPE_ERROR,
msg='invalid content-type')
try:
data = ujson.loads(request.data)
except Exception as e:
logger.exception(e)
raise ClientError(code=400,
err=ErrorCode.CONTENT_ERROR,
msg='invalid content format')
return try_load(s, data)
def register(cls, email, nickname, *, session):
user = session.query(User).filter_by(email=email).first()
if user:
raise ClientError(code=400,
err=ErrorCode.USER_EXISTS,
msg='该用户已经存在,请直接登录')
with session.begin():
new_user = User(nickname=nickname, email=email)
session.add(new_user)
new_user = session.query(User).filter_by(email=email).first()
token = Token.encode(user_id=new_user.id,
nickname=new_user.nickname)
default_password = '******'
db_password = password_maker(default_password)
auth = LocalAuth(user_id=new_user.id, password=db_password)
session.add(auth)
blog = Blog(user_id=new_user.id, name=nickname)
session.add(blog)
ret = {
'id': new_user.id,
'nickname': new_user.nickname,
'default_password': default_password,
'token': token
}
return ret
def delete_category(cls, user_id, name, *, session):
category = session.query(Category).filter_by(name=name,
user_id=user_id,
is_drop=0).first()
if not category:
raise ClientError(code=400, err=ErrorCode.ARGS_ERROR, msg='该分类不存在')
with session.begin():
category.is_drop = 1
def try_load(s, data):
try:
return s.load(data).data
except ValidationError as e:
logger.exception(e)
raise ClientError(code=400,
err=ErrorCode.ARGS_ERROR,
msg=e.normalized_messages())
def login(cls, email, password, *, session):
user = session.query(User).filter_by(email=email).first()
if not user:
raise ClientError(code=400,
err=ErrorCode.USER_NOT_FOUND,
msg='用户不存在')
auth = session.query(LocalAuth).filter_by(user_id=user.id).first()
if not auth:
raise ClientError(code=400,
err=ErrorCode.USER_NOT_FOUND,
msg='用户未设置密码')
client_password = password_maker(password=password)
if client_password != auth.password:
raise ClientError(code=401,
err=ErrorCode.PASSWORD_ERROR,
msg='密码错误')
token = Token.encode(user_id=user.id, nickname=user.nickname)
return dict(user_id=user.id, token=token, nickname=user.nickname)
def delete_tag(cls, user_id, name, *, session):
tag = session.query(Tag).filter_by(name=name,
user_id=user_id,
is_drop=0).first()
logger.info(tag)
if not tag:
raise ClientError(code=400, err=ErrorCode.ARGS_ERROR, msg='该标签不存在')
with session.begin():
tag.is_drop = 1
def insert_tag(cls, user_id, name, *, session):
tag = session.query(Tag).filter_by(name=name,
user_id=user_id,
is_drop=0).first()
if tag:
raise ClientError(code=400, err=ErrorCode.ARGS_ERROR, msg='该标签已存在')
with session.begin():
tag = Tag(user_id=user_id, name=name)
session.add(tag)
def insert_category(cls, user_id, name, *, session):
category = session.query(Category).filter_by(name=name,
user_id=user_id,
is_drop=0).first()
if category:
raise ClientError(code=400, err=ErrorCode.ARGS_ERROR, msg='该分类已存在')
with session.begin():
blog = session.query(Blog).filter_by(user_id=user_id).first()
blog_id = blog.id
category = Category(user_id=user_id, name=name, blog_id=blog_id)
session.add(category)
def get(self, *args, **kwargs):
raise ClientError(code=405,
err=ErrorCode.METHOD_NOT_ALLOWED,
msg='Method(GET) Not Allowed!',
data=None)