def get(self):
token = self.get_secure_cookie(LOGIN_TOKEN)
try:
action = self.get_argument("action")
#login_auth = RedisLoginAuth(token)
#uid = login_auth.get_uid()
if action == "get_user_list":
page_num = self.get_argument('pageNum')
page_size = self.get_argument('pageSize')
limit = int(page_size)
offset = (int(page_num)) * limit
order_by = self.get_argument("order_by", "gmt_create")
filter_dict = json.loads(self.get_argument(
"filter_dict", "{}"))
data = SqlFunc.get_user_information(
self.db_session, action, {
"limit": limit,
"offset": offset,
"order_by_list": [order_by],
"filter_dict": filter_dict
})
self.write(HandlerTool.set_response(0, "", data))
except Exception as error:
self.db_session.rollback()
logging.error(str(error), exc_info=True)
self.write(HandlerTool.set_response(-1, COMMON_ERROR, {}))
def post(self):
request_body = HandlerTool.request_body_bytes2str(self.request.body)
request_body_dict = json.loads(request_body)
try:
action = request_body_dict["action"]
if action == "insert_user":
if not CommonFunc.check_is_chinese(
request_body_dict["real_name"]):
raise InputError("真实姓名必须全部为中文,请检查")
SqlFunc.create_user(
self.db_session, {
"username": request_body_dict["username"],
"password": request_body_dict["password"],
"real_name": request_body_dict["real_name"],
"status": int(request_body_dict["status"]),
"rid": int(request_body_dict["role"])
})
self.write(HandlerTool.set_response("0", "", {}))
except InputError as error:
self.db_session.rollback()
logging.error(str(error), exc_info=True)
self.write(HandlerTool.set_response("-1", str(error), {}))
except sqlalchemy.exc.IntegrityError as error:
self.db_session.rollback()
logging.error(str(error), exc_info=True)
self.write(HandlerTool.set_response("-1", "账号已存在", {}))
except Exception as error:
self.db_session.rollback()
logging.error(str(error), exc_info=True)
self.write(HandlerTool.set_response("-1", COMMON_ERROR, {}))
def post(self):
request_body = HandlerTool.request_body_bytes2str(self.request.body)
try:
request_body = json.loads(request_body)
mobilephone_number = request_body["mobilephone_number"].strip()
password = request_body["password"].strip()
#alipay_account = request_body["alipay_account"].strip()
realname = request_body["realname"].strip()
id_code = request_body["id_code"].strip()
redis_reg = RedisRegister(mobilephone_number)
if redis_reg.get_id_code() == id_code:
SqlFunc.create_user(
self.db_session, {
"mobilephonenumber": mobilephone_number,
"password": password,
"realname": realname,
"status": 0,
"rolename": "generaluser"
})
self.write(HandlerTool.set_response("0", "", {}))
else:
self.write(HandlerTool.set_response("-1", "验证码错误", {}))
except Exception as error:
self.db_session.rollback()
logging.error(str(error), exc_info=True)
self.write(HandlerTool.set_response("-1", "没有访问权限", {}))
def delete(self):
request_body = HandlerTool.request_body_bytes2str(self.request.body)
try:
request_body_dict = json.loads(request_body)
self.write(
HandlerTool.set_response(0, "", {
"hi": "Hello, world",
"request_body": request_body_dict
}))
except Exception as error:
logging.error(str(error), exc_info=True)
self.write(HandlerTool.set_response(-1, str(error), {}))
def get(self):
try:
username = self.get_argument('username', 'you can guess it')
password = self.get_argument('password', 'you can guess it')
self.write(
HandlerTool.set_response(
0, "", {
"hi": "Hello, world",
"request_body": {
"username": username,
"password": password
}
}))
except Exception as error:
logging.error(str(error), exc_info=True)
self.write(HandlerTool.set_response(-1, str(error), {}))
def get(self):
random_number = "".join([chr(random.randrange(ord('0'), ord('9') + 1)) for _ in range(6)])
mobilephone_number = str(self.get_argument("mobilephone_number", '')).strip()
if phonecheck(mobilephone_number):
try:
sms_obj = CustomSms()
result = sms_obj.send_id_code(mobilephone_number.strip(),random_number)
#如果用户通过验证
if result["Message"] == "OK":
redis_reg = RedisRegister(mobilephone_number)
redis_reg.set_id_code(random_number)
self.write(HandlerTool.set_response("0","success",{}))
else:
self.write(HandlerTool.set_response("-1","网络繁忙,请稍后再试(red)",{}))
except Exception as error:
logging.exception(error,exc_info = True)
self.write(HandlerTool.set_response("-1",str(error),{}))
async def get(self):
#mobilephone_number = self.get_argument('mobilephone_number', '')
username = self.get_argument('username', '')
password = self.get_argument('password', '')
try:
#mobilephone_number = mobilephone_number.strip()
username = username.strip()
password = password.strip()
result = await IOLoop.current().run_in_executor(
None, SqlFunc.verify_user,
*(self.db_session, "by_username", {
"username": username,
"password": password
}))
if result:
#生成token并存储
token = result["token"]
#前端设置cookies
self.set_secure_cookie(
LOGIN_TOKEN,
token,
expires_days=1 / 24 / 60 *
int(config_ini_identification["LOGIN_EXPIRES_MIN"]))
#logging.info(result)
self.write(
HandlerTool.set_response(
"0", "", {
"data": result["data"]["children"],
"username": result["username"],
"realname": result["realname"],
"role_list": result["role_list"],
}))
else:
self.write(HandlerTool.set_response("A00003", "用户名或密码错误", {}))
except InputError as error:
self.db_session.rollback()
logging.exception(error, exc_info=True)
self.write(HandlerTool.set_response("-1", str(error), {}))
except Exception as error:
self.db_session.rollback()
logging.exception(error, exc_info=True)
self.write(HandlerTool.set_response("-1", COMMON_ERROR, {}))
finally:
self.finish()
def patch(self):
request_body = HandlerTool.request_body_bytes2str(self.request.body)
request_body_dict = json.loads(request_body)
token = self.get_secure_cookie(LOGIN_TOKEN)
try:
action = request_body_dict["action"]
if action == "update_user_information":
if not CommonFunc.check_is_chinese(
request_body_dict["real_name"]):
raise InputError("真实姓名必须全部为中文,请检查")
SqlFunc.update_user(
self.db_session, action, {
"status": request_body_dict["status"],
"real_name": request_body_dict["real_name"],
"uid": request_body_dict["id"]
})
self.write(HandlerTool.set_response("0", "success", {}))
elif action == "update_user_password":
SqlFunc.update_user(
self.db_session, action, {
"uid": self.get_uid(token),
"old_password":
request_body_dict["old_password"].strip(),
"new_password":
request_body_dict["new_password"].strip()
})
self.write(HandlerTool.set_response("0", "success", {}))
else:
raise InputError("action错误")
except InputError as error:
self.db_session.rollback()
logging.error(str(error), exc_info=True)
self.write(HandlerTool.set_response("-1", str(error), {}))
except Exception as error:
self.db_session.rollback()
logging.exception(error, exc_info=True)
self.write(HandlerTool.set_response("-1", COMMON_ERROR, {}))
async def get(self):
#mobilephone_number = self.get_argument('mobilephone_number', '')
username = self.get_argument('username', '')
password = self.get_argument('password', '')
try:
#mobilephone_number = mobilephone_number.strip()
username = username.strip()
password = password.strip()
result = await IOLoop.current().run_in_executor(
None, SqlFunc.verify_user,
*(self.db_session, "by_username", {
"username": username,
"password": password
}))
if result:
#生成token并存储
token = str(uuid.uuid1())
login_auth = RedisLoginAuth(token)
#uid,rid,limit_count
uid = result["uid"]
rid_set = result["rid_set"]
login_auth.login_init(uid, rid_set, 3)
#前端设置cookies
self.set_secure_cookie(
LOGIN_TOKEN,
token,
expires_days=1 / 24 / 60 *
int(config_ini_identification["LOGIN_EXPIRES_MIN"]))
#logging.info(result)
self.write(
HandlerTool.set_response(
"0", "", {
"data":
result["data"]["children"],
"username":
result["username"],
"realname":
result["realname"],
"CARD_TID2DESC_HEADER_DICT":
CARD_TID2DESC_HEADER_DICT,
"CARD_TID2DATA_TID_DICT":
CARD_TID2DATA_TID_DICT,
"DATA_TID2DESC_DICT":
DATA_TID2DESC_DICT,
"DETAIL_STAUTS_DICT":
DETAIL_STAUTS_DICT,
"SINGLE_CARD_TID2DESC_HEADER_DICT":
SINGLE_CARD_TID2DESC_HEADER_DICT
}))
else:
self.write(HandlerTool.set_response("A00003", "用户名或密码错误", {}))
except InputError as error:
self.db_session.rollback()
logging.exception(error, exc_info=True)
self.write(HandlerTool.set_response("-1", str(error), {}))
except Exception as error:
self.db_session.rollback()
logging.exception(error, exc_info=True)
self.write(HandlerTool.set_response("-1", COMMON_ERROR, {}))
finally:
self.finish()
def wrapper(self, *args, **kwargs):
token = self.get_secure_cookie(LOGIN_TOKEN)
#如果token在前端不存在,就重新登陆
if token:
login_auth = RedisLoginAuth(token)
uid = login_auth.get_uid()
#如果token在后端不存在,直接重新登陆
if not uid:
self.write({
"code": "A00004",
"desc": "登陆失效,请重新登陆",
"data": {}
})
return
else:
#如果计数器大于规定的值,直接重新登陆,重新登陆的时候也会判断这个值,所以相当于用户登陆不了
if not login_auth.is_count_lte_limit():
self.write({
"code": "A00004",
"desc": "登陆失效,请重新登陆(用户登陆次数超限制)",
"data": {}
})
return
else:
#计数器+1
#username_count.create_or_incr()
#如果有参数,继续检查参数
if rid_set:
#logging.info(rid_set)
#logging.info(login_auth.get_rid_set())
if not rid_set.issubset(login_auth.get_rid_set()):
self.write({
"code": "A00009",
"desc": "没有权限",
"data": {}
})
return
else:
self.write({
"code": "A00004",
"desc": "登陆失效,请重新登陆",
"data": {}
})
return
#全部通过的话,前端和后端都需要更新token时间
#前端更新
self.set_secure_cookie(
LOGIN_TOKEN,
token,
expires_days=1 / 24 / 60 *
int(config_ini_identification["LOGIN_EXPIRES_MIN"]))
#后端更新
login_auth.update_expire_second()
#logging.info(self.request.body)
if self.request.body[0:3].decode() != "---":
monitor_dict = {
"uid":
uid,
"uri":
self.request.uri,
"body":
json.loads(
HandlerTool.request_body_bytes2str(self.request.body))
}
else:
monitor_dict = {
"uid": uid,
"uri": self.request.uri,
"body": self.request.body.decode()
}
logging.info("{}".format(
json.dumps(monitor_dict, ensure_ascii=False)))
return func(self, *args, **kwargs)