def check_login(): cookies = request.cookies auth_cookie = cookies[app.config['AUTH_COOKIE_NAME']] if app.config[ 'AUTH_COOKIE_NAME'] in cookies else None if auth_cookie is None: return False auth_info = auth_cookie.split("@") if len(auth_info) != 2: return False try: user_info = User.query.filter_by(uid=auth_info[1]).first() except Exception: return False if user_info is None: return False if auth_info[0] != UserService.generateAuthCode(user_info): return False if user_info.status != 1: return False return user_info
def login(): # 用来获取用户的登录状态 if request.method == 'GET': if g.current_user: return redirect(UrlManager.buildUrl("/")) return ops_render("user/login.html") # POST请求 resp = { 'code':200, 'msg':'登录成功', 'data':{} } req = request.values print('----------------------------------------') print(req,'req') # 如果账号密码不在req中,值为空 login_name = req['login_name'] if 'login_name' in req else '' login_pwd = req['login_pwd'] if 'login_pwd' in req else '' # 对账号密码的校验规则 # 如果账号为none或者长度小于1 if login_name is None or len(login_name) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的用户名" return jsonify(resp) if login_pwd is None or len(login_pwd) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的密码" return jsonify(resp) # 从数据库中取出user # 把获取到的用户名和数据库中进行比较 user_info = User.query.filter_by(login_name=login_name).first() # 如果不存在 if not user_info: resp['code'] = -1 resp['msg'] = "用户不存在" return jsonify(resp) # 存在的情况下判断密码是否正确 # 判断密码 if user_info.login_pwd != UserService.generatePwd(login_pwd,user_info.login_salt): resp['code'] = -1 resp['msg'] = "密码输入错误" return jsonify(resp) # 判断用户状态 if user_info.status != 1: resp['code'] = -1 resp['msg'] = "用户已经被禁用,请联系管理员处理" return jsonify(resp) # 以上校验不出问题会登陆成功 response = make_response(json.dumps({'code':200,'msg':'登录成功~~~'})) # Cookie中存入的信息是user_info.uid,user_info response.set_cookie(app.config['AUTH_COOKIE_NAME'],"%s@%s"%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*15) return response
def resetPwd(): # get请求返回页面 if request.method == "GET": return ops_render("user/reset_pwd.html") # POST请求 resp = { 'code':200, 'msg':'重置密码成功', 'data':{} } # 获取用户信息 req = request.values # 如果不在req中返回空 old_password = req['old_password'] if 'old_password' in req else '' new_password = req['new_password'] if 'new_password' in req else '' # 对新旧密码进行校验 # 如果旧密码为空或者长度小于6 if old_password is None or len(old_password) < 6: resp['code'] = -1 resp['msg'] = "请输入符合规范的旧密码" return jsonify(resp) # 如果新密码为空或者长度小于6 if new_password is None or len(new_password) < 6: resp['code'] = -1 resp['msg'] = "请输入符合规范的新密码" return jsonify(resp) # 如果两次密码一样 if old_password == new_password: resp['code'] = -1 resp['msg'] = "新密码和旧密码不能相同" return jsonify(resp) user_info = g.current_user #演示账号的保护 # if user_info.uid == 1: # pass user_info.login_pwd = UserService.generatePwd(new_password,user_info.login_salt) # 修改数据库中的数据并保存 db.session.add(user_info) db.session.commit() # 修改cookie中的旧用户信息 response = make_response(json.dumps(resp)) # Cookie中存入的信息是user_info.uid,user_info response.set_cookie(app.config['AUTH_COOKIE_NAME'],"%s@%s"%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*15) return response
def login(): if request.method == 'GET': if g.current_user: return redirect(UrlManager.buildUrl("/")) return ops_render("user/login.html") resp = { 'code':200, 'msg':'登录成功!', 'data':{} } req = request.values login_name = req['login_name'] if 'login_name' in req else '' login_pwd = req['login_pwd'] if 'login_pwd' in req else '' if login_name is None or len(login_name) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的用户名或密码" return jsonify(resp) if login_pwd is None or len(login_pwd) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的用户名或密码" return jsonify(resp) # 从数据库中取出user user_info = User.query.filter_by(login_name=login_name).first() if not user_info: print(login_name) resp['code'] = -1 resp['msg'] = '用户不存在' return jsonify(resp) # 判断密码 if user_info.login_pwd != UserService.generatePwd(login_pwd,user_info.login_salt): resp['code'] = -1 resp['msg'] = '密码输入错误' return jsonify(resp) # 判断用户状态 if user_info.status != 1: resp['code'] = -1 resp['msg'] = '用户已被禁用' return jsonify(resp) response = make_response(json.dumps({'code':200,'msg':'登录成功!'})) # Cookie中存入的信息是user_info.uid,user_info response.set_cookie('hmsc_Dws','%s@%s'%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*2) return response
def login(): if request.method == "GET": if g.current_user: return redirect(UrlManager.buildUrl("/")) return ops_render("user/login.html") resp = {'code': 200, 'msg': '登录成功!', 'data': {}} req = request.values print(req) login_name = req['login_name'] login_pwd = req['login_pwd'] # 后端校检 不为空 长度不小于1 if login_name is None or len(login_name) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的用户名~~~" return jsonify(resp) if login_pwd is None or len(login_pwd) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的密码~~~" return jsonify(resp) # 数据库比对 user_info = User.query.filter_by(login_name=login_name).first() print(user_info.login_pwd) if not user_info: resp['code'] = -1 resp['msg'] = '用户不存在' return jsonify(resp) if user_info.status != 1: resp['code'] = -1 resp['msg'] = '账号已被禁用,请联系管理员处理' return jsonify(resp) if user_info.login_pwd != UserService.generatePwd(login_pwd, user_info.login_salt): resp['code'] = -1 resp['msg'] = "密码错误!" return jsonify(resp) # 将用户信息存入到浏览器的Cookie中 # json.dumps() 只能处理 dict,list类型;经过处理的后的类型可以直接在浏览器中使用 response = make_response(json.dumps({'code': 200, 'msg': '登陆成功!'})) # name:名字 value:内容 time:过期时间 # value 包括 login_name login_pwd login_salt uid response.set_cookie( app.config['AUTH_COOKIE_NAME'], '%s@%s' % (UserService.generateAuthCode(user_info), user_info.uid), 60 * 60 * 24 * 5) return response
def login(): if request.method == 'GET': if g.current_user: return redirect(UrlManager.buildUrl('/')) return ops_render('user/login.html') resp = {'code': 200, 'msg': '登陆成功', 'data': {}} req = request.values login_name = req['login_name'] login_pwd = req['login_pwd'] #后端校检 不为空 长度不小于1 if login_name is None or len(login_name) < 1: resp['code'] = -1 resp['msg'] = '请输入正确用户名' return jsonify(resp) if login_pwd is None or len(login_pwd) < 1: resp['code'] = -1 resp['msg'] = '请输入正确密码' return jsonify(resp) #数据库比对 user_info = User.query.filter_by(login_name=login_name).first() if not user_info: resp['code'] = -1 resp['msg'] = '用户不存在' return jsonify(resp) if user_info.status != 1: resp['code'] = -1 resp['msg'] = '账号被禁用,请联系管理员处理' return jsonify(resp) if user_info.login_pwd != UserService.generatePwd(login_pwd, user_info.login_salt): resp['code'] = -1 resp['msg'] = '密码错误' return jsonify(resp) #将用户信息存入到浏览器的Cookie中 #json.dumps()处理dict,list类型,经过处理后可以直接再浏览器使用 response = make_response(json.dumps({'code': 200, 'msg': '登录成功'})) # name value(login-name,login_pwd,login_salt,uid) 过期时间 response.set_cookie( app.config['AUTH_COOKIE_NAME'], '%s@%s' % (UserService.generateAuthCode(user_info), user_info.uid), 60 * 60 * 24 * 5) return response
def resetPwd(): if request.method == "GET": return render_template("/user/reset_pwd.html") # POST resp = {'code': 200, 'msg': '重置密码成功', 'data': {}} req = request.values old_password = req['old_password'] if 'old_password' in req else '' new_password = req['new_password'] if 'new_password' in req else '' # 校检 if UserService.generatePwd( old_password, g.current_user.login_salt) != g.current_user.login_pwd: resp['code'] = -1 resp['msg'] = '旧密码错误,请重新输入' return jsonify(resp) if old_password is None or len(old_password) < 6: resp['code'] = -1 resp['msg'] = '请输入符合规范的原密码' return jsonify(resp) if new_password is None or len(new_password) < 6: resp['code'] = -1 resp['msg'] = '请输入符合规范的新密码' return jsonify(resp) if new_password == old_password: resp['code'] = -1 resp['msg'] = '请输入与原密码不相同的新密码' return jsonify(resp) # 获取用户信息,修改密码为新密码生成的加密密码 user_info = g.current_user user_info.login_pwd = UserService.generatePwd(new_password, user_info.login_salt) db.session.add(user_info) db.session.commit() # 更新cookie中的旧密码 response = make_response(json.dumps(resp)) response.set_cookie( app.config["AUTH_COOKIE_NAME"], "%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid), 60 * 60 * 24 * 5) print(resp.msg) return response
def resetPwd(): if request.method == "GET": return ops_render("/user/reset_pwd.html") # POST resp = {"code": 200, "msg": "重置密码成功", "data": {}} req = request.values old_password = req['old_password'] if "old_password" in req else '' new_password = req['new_password'] if "new_password" in req else '' print(old_password) print(new_password) # 校检 # 旧密码 if old_password is None or len(old_password) < 6: resp['code'] = -1 resp['msg'] = "请输入符合规范的原始密码" return jsonify(resp) # 新密码 if new_password is None or len(new_password) < 6: resp['code'] = -1 resp['msg'] = "请输入符合规范的新密码" return jsonify(resp) # 旧密码和新密码是否一致 if new_password == old_password: resp['code'] = -1 resp['msg'] = "请输入与原始密码不相同的新密码" return jsonify(resp) # 重新给密码加密 # 获取用户信息,修改密码为新密码生成的加密密码 user_info = g.current_user # 设置缓存 user_info.login_pwd = UserService.generatePwd(new_password, user_info.login_salt) # 添加到数据库,作为更改 db.session.add(user_info) db.session.commit() # 更新cookie中的旧密码 response = make_response(json.dumps(resp)) response.set_cookie( app.config['AUTH_COOKIE_NAME'], "%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid), 60 * 60 * 24 * 5) return response
def login(): if request.method == 'GET': if g.current_user: return redirect(U) return ops_render('user/login.html') resp = { 'code':200, 'msg':'登录成功!', 'data':{} } req = request.values login_name = req['login_name'] login_pwd = req['login_pwd'] # 后端校检 不为空 长度不小于1 if login_name is None or len(login_name) < 1: resp['code'] = -1 resp['msg'] = '请输入正确的用户名!' return jsonify(resp) if login_pwd is None or len(login_pwd) < 1: resp['code'] = -1 resp['msg'] = '请输入正确的密码' return jsonify(resp) user_info = User.query.filter_by(login_name=login_name).first() print(user_info) if not user_info: resp['code'] = -1 resp['msg'] = '用户名不存在' return jsonify(resp) if user_info.status != 1: resp['code'] = -1 resp['msg'] = '账户已被禁用' return jsonify(resp) if user_info.login_pwd != UserService.generatePwd(login_pwd,user_info.login_salt): resp['code'] = -1 resp['msg'] = '密码错误' return jsonify(resp) # 将用户信息存入到浏览器的cookie中 # json.dumps() 只能处理dict list类型,经过处理可以直接在浏览器使用 response = make_response(json.dumps({'code':200,'msg':'登录成功!'})) # name value 过期时间 # value包括login_name login_pwd login_salt uid response.set_cookie(app.config["AUTH_COOKIE_NAME"],'%s@%s'%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*5) return response
def resetPwd(): if request.method == 'GET': return ops_render("user/reset_pwd.html") # POST请求 resp = { 'code':200, 'msg':'修改密码成功!', 'data':{} } req = request.values old_password = req['old_password'] if 'old_password' in req else '' new_password = req['new_password'] if 'new_password' in req else '' if old_password is None or len(old_password) < 6: resp['code'] = -1 resp['msg'] = '请输入不小于六位的旧密码' return jsonify(resp) if new_password is None or len(new_password) < 6: resp['code'] = -1 resp['msg'] = '请输入不小于六位的新密码' return jsonify(resp) if old_password == new_password: resp['code'] = -1 resp['msg'] = '新密码不能与旧密码一致' return jsonify(resp) user_info = g.current_user # 演示账号的保护 # if user_info.uid == 1: # pass user_info.login_pwd = UserService.generatePwd(new_password,user_info.login_salt) db.session.add(user_info) db.session.commit() # 修改cookie中的旧用户信息 response = make_response(json.dumps(resp)) response.set_cookie(app.config['AUTH_COOKIE_NAME'],'%s@%s' % (UserService.generateAuthCode(user_info),user_info.uid),60*60*24*2) return response
def resetPwd(): if request.method == 'GET': return ops_render('/user/reset_pwd.html') #post resp = {'code': 200, 'msg': '重置密码成功', 'data': {}} #缓存 req = request.values old_password = req['old_password'] if 'old_password' in req else '' new_password = req['new_password'] if 'new_password' in req else '' #校检 if old_password is None or len(old_password) < 6: resp['code'] = -1 resp['msg'] = '请输入符合规范的原密码' return jsonify(resp) if new_password is None or len(new_password) < 6: resp['code'] = -1 resp['msg'] = '请输入符合规范的新密码' return jsonify(resp) if new_password == old_password: resp['code'] = -1 resp['msg'] = '原密码与新密码不能相同' return jsonify(resp) #获取用户信息,修改密码生成新的加密后的密码 user_info = g.current_user user_info.login_pwd = UserService.generatePwd(new_password, user_info.login_salt) db.session.add(user_info) db.session.commit() #更新cookie中的旧密码 response = make_response(json.dumps(resp)) response.set_cookie( app.config['AUTH_COOKIE_NAME'], '%s@%s' % (UserService.generateAuthCode(user_info), user_info.uid), 60 * 60 * 24 * 5) return response
def login(): if request.method == 'GET': return render_template("user/login.html") resp = {'code': 200, 'msg': '登录成功', 'data': {}} req = request.values login_name = req['login_name'] if 'login_name' in req else '' login_pwd = req['login_pwd'] if 'login_pwd' in req else '' if login_name is None or len(login_name) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的用户名" return jsonify(resp) if login_pwd is None or len(login_pwd) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的密码" return jsonify(resp) # 从数据库中取出user user_info = User.query.filter_by(login_name=login_name).first() if not user_info: resp['code'] = -1 resp['msg'] = "用户不存在" return jsonify(resp) # 判断密码 if user_info.login_pwd != UserService.generatePwd(login_pwd, user_info.login_salt): resp['code'] = -1 resp['msg'] = "密码输入错误" return jsonify(resp) # 判断用户状态 if user_info.status != 1: resp['code'] = -1 resp['msg'] = "用户已经被禁用,请联系管理员处理" return jsonify(resp) response = make_response(json.dumps({'code': 200, 'msg': '登录成功~~~'})) # Cookie中存入的信息是user_info.uid,user_info response.set_cookie( "hmsc_1901C", "%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid), 60 * 60 * 24 * 15) return response