def add_session(form):
if not assert_keys_in_form_exist(form, ['email', 'password']):
return msg.error_msg("Please check the inputs.")
sessions = SessionModel()
users = UserModel()
(email, password) = (form['email'], form['password'])
users_founded = users.get_user(email=email,
password=encrypt(password),
enable=True)
if users_founded == None:
return msg.error_msg("Failed to validate user information.")
if len(users_founded) == 0:
return msg.error_msg("Invalid email address or password.")
uid = users_founded[0]['user_id']
new_session_id = sessions.create_session_id()
start_time = datetime.utcnow()
res = sessions.start_session(new_session_id, uid, start_time)
if res == None:
return msg.error_msg("Failed to start a new session.")
return msg.success_msg({
"sessionID": new_session_id,
"uid": uid,
"startTime": str(start_time),
"userName": users_founded[0]['name']
})
def get_user_info(form):
users = UserModel()
sessions = SessionModel()
if not assert_keys_in_form_exist(form, ['sessionID']):
return msg.error_msg("Invalid Session ID.")
session_id = form['sessionID']
session = sessions.get_session(session_id)
if len(session) == 0:
return msg.error_msg("Unable to find the session.")
(sessionid, uid, start_time, end_time) = session[0].values()
user = users.get_user(uid=uid)
if len(user) == 0:
return msg.error_msg("Unable to find the user")
(uid, name, email, phone, password, major, degree,
enable) = user[0].values()
return msg.success_msg({
"uid": uid,
"name": name,
"email": email,
"phone": phone,
"major": major,
"degree": degree
})
def __init__(self, auth_header):
self.auth_header = auth_header
s = URLSafeSerializer(secret_key=settings.TOKEN_SECRET_KEY)
try:
self.auth_key = s.loads(self.auth_header['X-AUTH-KEY'])
# self.user_key = self.auth_header['X-AUTH-USER']
user = User()
user.id = self.auth_key
user.get_user()
self.is_authorized_user = user.id == self.auth_key # users auth key is valid
except BadSignature:
self.is_authorized_user = False
except BadPayload:
self.is_authorized_user = False
except:
print sys.exc_info()[0]
self.is_authorized_user = False
def add_user(form):
users = UserModel()
if not assert_keys_in_form_exist(
form, ['name', 'email', 'phone', 'password', 'major', 'degree']):
return msg.error_msg("Please check your requests.")
name = form['name']
email = form['email']
phone = form['phone']
password = form['password']
major = form['major']
degree = form['degree']
if name.strip() == "":
return msg.error_msg("Username cannot be empty.")
if password.strip() == "":
return msg.error_msg("Password cannot be empty.")
if len(password) < 6:
return msg.error_msg("Password cannot less than 6 character.")
if len(name) > 255:
return msg.error_msg("Username cannot exceed 255 characters.")
if len(password) > 255:
return msg.error_msg("Password cannot exceed 255 characters.")
findUser = users.get_user(email=email, enable=True)
if findUser is None:
return msg.error_msg("Failed to find user.")
print('findUser', findUser)
print(len(findUser))
if len(findUser) != 0:
return msg.error_msg("User already exists. (Email already in use)")
args = {
"Name": name,
"Email": email,
"Phone": phone,
"Password": encrypt(password),
"Major": major,
"Degree": degree,
"Enable": True
}
res = users.add_user(args)
if res is None:
return msg.error_msg("Failed to add user.")
return msg.success_msg({"msg": "User added successfully."})
def authorize_user(self, request):
x_auth_key = request.headers['X-AUTH-KEY']
serializer = URLSafeSerializer(secret_key=settings.TOKEN_SECRET_KEY)
try:
user = User()
user.id = serializer.loads(x_auth_key)
self.is_authorized_user = user.get_user()
self.user_id = user.id
return self.is_authorized_user
except BadSignature:
return False
except BadPayload:
return False
except:
print sys.exc_info()[0]
return False
def get_user_info(form):
if not assert_keys_in_form_exist(form, ['sessionID']):
return msg.error_msg("Invalid request.")
session_id = form['sessionID']
session = Session.get_session(session_id)
if len(session) == 0:
return msg.error_msg("Unable to find the session.")
(sessionid, uid, start_time, end_time) = session[0].values()
user = User.get_user(uid=uid)
if len(user) == 0:
return msg.error_msg("Unable to find the user")
(uid, name, email, phone, password, enable) = user[0].values()
return msg.success_msg({"uid": uid, "name": name, "email": email, "phone": phone})
def login(request):
name = request.params['name']
password = request.params['password']
user_db = User()
user = user_db.get_user(name)
if user is None:
return {'status': 'nok', 'data': '该用户不存在!'}
m = hashlib.md5()
m.update(password)
passwordStr = m.hexdigest()
print passwordStr
if passwordStr == user['password']:
print 'before session'
request.session['name'] = name
roles = user['roles']
print 'ok'
return {'status': 'ok', 'roles': roles}
else:
return {'status': 'nok', 'data': '密码错误!'}
def delete_user(form):
users = UserModel()
sessions = SessionModel()
if not assert_keys_in_form_exist(form, ['sessionID', 'password']):
return msg.error_msg("Please check the inputs.")
password = form['password']
session_id = form['sessionID']
# Get User according to sessionID
session = sessions.get_session(session_id)
if len(session) == 0:
return msg.error_msg("Unable to find the session.")
(sessionid, uid, start_time, end_time) = session[0].values()
if end_time is not None:
return msg.error_msg("Expired SessionID")
# Verify password
if password.strip() == "":
return msg.error_msg("Password cannot be empty.")
findUser = users.get_user(uid=uid, password=encrypt(password), enable=True)
if findUser is None:
return msg.error_msg("Failed to find user.")
if len(findUser) == 0:
return msg.error_msg("Wrong password.")
# Delete User
ret = users.delete_user(uid)
if ret is None:
return msg.error_msg("Failed to delete user.")
# Revoke all sessions
sessions.end_session(uid=uid)
return msg.success_msg({"uid": uid, "sessionID": session_id})
def add_user(form):
if not assert_keys_in_form_exist(form, ['name', 'email', 'phone', 'password']):
return msg.error_msg("Invalid request.")
name = form['name']
email = form['email']
phone = form['phone']
password = form['password']
if password.strip() == "":
return msg.error_msg("Password cannot be empty.")
if len(name) > 255:
return msg.error_msg("Username cannot exceed 255 characters.")
if len(password) > 255:
return msg.error_msg("Password cannot exceed 255 characters.")
findUser = User.get_user(email=email, enable=True)
if findUser is None:
return msg.error_msg("Failed to find user.")
if len(findUser) != 0:
return msg.error_msg("User already exists.")
args = {
"Name": name,
"Email": email,
"Phone": phone,
"Password": encrypt(password),
"Enable": True
}
res = User.add_user(args)
if res is None:
return msg.error_msg("Failed to add user.")
return msg.success_msg({"msg": "User added successfully."})
def add_session(form):
if not assert_keys_in_form_exist(form, ['email', 'password']):
return msg.error_msg("Invalid request.")
(email, password) = (form['email'], form['password'])
users_founded = User.get_user(email=email, password=encrypt(password), enable=True)
if users_founded is None:
return msg.error_msg("Failed to validate user information.")
if len(users_founded) == 0:
return msg.error_msg("Invalid email address or password.")
uid = users_founded[0]['user_id']
new_session_id = Session.create_session_id()
start_time = datetime.utcnow()
res = Session.start_session(new_session_id, uid, start_time)
if res is None:
return msg.error_msg("Failed to start a new session.")
return msg.success_msg({"sessionID": new_session_id, "uid": uid, "startTime": str(start_time)})
def get_group_user(user_id):
user = User()
user.id = user_id
user.get_user()
return user
def get_user_by_email(email):
user = User()
user.email = email
user.get_user()
return user
def get_user_by_id(user_id):
user = User()
user.id = user_id
user.get_user()
return user
