async def login(user_in: UserIn, response: Response):
"""
OAuth2 compatible token login, get an access token for future requests
"""
if user_in.sms_code:
await verify_auth_code(user_in.uid, None, user_in.sms_code)
user = await MarketUser.get_or_none(phone=user_in.uid)
if not user:
raise HTTPException(status_code=403, detail="用户不存在")
elif user_in.password:
await verify_code(user_in.vcode_id, user_in.vcode)
user = await authenticate_user(user_in.uid, user_in.password)
if not user:
raise HTTPException(status_code=400, detail="用户 ID/ 密码错误")
else:
raise HTTPException(status_code=400, detail="登录失败,请输入密码 / 登录码")
if user.status != UserStatus.normal:
raise HTTPException(status_code=400, detail="用户未激活 / 已禁用")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(data={"uuid": user.uuid.hex},
expires_delta=access_token_expires)
# response.headers[APIKEY_HEADER_NAME] = access_token
response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token)
return UserToken(**user.__dict__, token=access_token)
async def login(user_in: UserIn, response: Response):
"""
OAuth2 compatible token login, get an access token for future requests
"""
if user_in.sms_code:
await verify_auth_code(user_in.uid, None, user_in.sms_code)
user = await MarketUser.query.where(MarketUser.phone == user_in.uid
).gino.first()
if not user:
raise HTTPException(status_code=404, detail="用户不存在")
#print(user.id,'user---333333333333333')
elif user_in.password:
await verify_code(user_in.vcode_id, user_in.vcode)
user = await authenticate_user(user_in.uid, user_in.password)
if not user:
raise HTTPException(status_code=400, detail="用户 ID/ 密码错误")
else:
raise HTTPException(status_code=400, detail="登录失败,请输入密码 / 登录码")
if user.status != int(UserStatus.normal):
raise HTTPException(status_code=400, detail="用户未激活 / 已禁用")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
#print(user.uuid.hex,'login ----uuid ------12222222222221111111111111111')
access_token = create_access_token(
#data={"uuid": user.id}, expires_delta=access_token_expires
data={"uuid": user.uuid.hex},
expires_delta=access_token_expires)
#print(access_token,'access_token----22222222222222222222')
# response.headers[APIKEY_HEADER_NAME] = access_token
response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token)
return UserToken(**user.to_dict(), token=access_token)
async def admin_login(schema_in: AdminUserIn, response: Response):
"""登录管理后台"""
if schema_in.verification_code != "1234":
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect verification_code",
)
#user = await authenticate_admin_user(schema_in.user_id, schema_in.password)
user, user1 = await info_admin_user(schema_in.user_id, schema_in.password)
if user and user1 == 0:
if user.status == UserStatus.disabled:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="该用户被禁用,请联系超管解禁!!",
)
if not user and user1 == 0:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="用户不存在!!",
)
if not user and user1 == 1:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="密码错误!!",
)
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(
#data={"uuid": user.id}, expires_delta=access_token_expires
data={"uuid": user.uuid.hex},
expires_delta=access_token_expires)
# response.headers[APIKEY_HEADER_NAME] = access_token
response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token)
return AdminToken(**user.__dict__["__values__"], token=access_token)
async def register_user(user_in: UserCreate, response: Response):
"""
Create new user.
"""
# 验证验证码
# await verify_code(user_in.vcode_id, user_in.vcode)
await verify_auth_code(user_in.phone, user_in.email, user_in.sms_code)
get_filter = Q(name=user_in.name)
if not (user_in.phone or user_in.email):
raise HTTPException(status_code=400, detail="Must specify phone/email")
if user_in.phone:
get_filter = Q(phone=user_in.phone)
if user_in.email:
get_filter |= Q(email=user_in.email)
user = await MarketUser.get_or_none(get_filter)
if user:
raise HTTPException(
status_code=403,
detail="该账号已存在,请登录!",
)
try:
market = await StrategyMarket.get(id=config.MARKET_ID)
except DoesNotExist:
raise HTTPException(status_code=500, detail="配置错误,请联系管理员!")
password = user_in.password
if len(password) > 16:
raise HTTPException(
status_code=403,
detail="密码不能超过16位",
)
elif len(password) < 8:
raise HTTPException(
status_code=403,
detail="密码不能少于8位",
)
user_data = user_in.dict()
user_data["uuid"] = uuid.uuid1().hex
user_data["password"] = get_password_hash(password, user_data["uuid"])
user_data["market"] = market
user_data["status"] = UserStatus.normal
# user_data["market"] = get_password_hash(user_in.password, user_data["uuid"])
user = MarketUser(**user_data)
await user.save()
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(data={"uuid": user.uuid.hex},
expires_delta=access_token_expires)
# response.headers[APIKEY_HEADER_NAME] = access_token
response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token)
return UserToken(**user.__dict__, token=access_token)
async def admin_login(schema_in: AdminUserIn, response: Response):
"""登录管理后台"""
if schema_in.verification_code != "1234":
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect verification_code",
# headers={"WWW-Authenticate": ""},
)
user = await authenticate_admin_user(schema_in.user_id, schema_in.password)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
# headers={"WWW-Authenticate": ""},
)
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(data={"uuid": user.uuid.hex},
expires_delta=access_token_expires)
# response.headers[APIKEY_HEADER_NAME] = access_token
response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token)
return AdminToken(**user.__dict__, token=access_token)
async def register_user(user_in: UserCreate, response: Response):
"""
Create new user.
"""
# 验证验证码
# await verify_code(user_in.vcode_id, user_in.vcode)
await verify_auth_code(user_in.phone, user_in.email, user_in.sms_code)
if not (user_in.phone or user_in.email):
raise HTTPException(status_code=400, detail="Must specify phone/email")
row = await MarketUser.select("id").where(MarketUser.name == user_in.name
).gino.all()
if row:
raise HTTPException(
status_code=403,
#detail="The user with this name already exists in the system.",
detail="该用户名已存在,请直接登录!")
if user_in.phone:
row = await MarketUser.select("id").where(
MarketUser.phone == user_in.phone).gino.all()
if row:
raise HTTPException(
status_code=403,
#detail="The user with this phone already exists in the system.",
detail="该手机号已存在")
if user_in.email:
row = await MarketUser.select("id").where(
MarketUser.email == user_in.email).gino.all()
if row:
raise HTTPException(
status_code=403,
#detail="The user with this email already exists in the system.",
detail="该邮箱已存在")
market = await StrategyMarket.get(int(config.MARKET_ID))
if not market:
raise HTTPException(status_code=500, detail="配置错误,请联系管理员!")
user_data = user_in.dict()
user_data["password"] = get_password_hash(user_in.password)
user_data["market"] = market
user_data["status"] = int(UserStatus.normal)
#user = await MarketUser.create(**user_data)
user = await MarketUser.create(
name=user_in.name,
phone=user_in.phone,
email=user_in.email,
uuid=uuid.uuid1().hex,
password=get_password_hash(user_in.password),
#sms_code = user_in.sms_code,
broker_id=user_in.broker_id,
#vcode_id = user_in.vcode_id,
#vcode = user_in.vcode,
market_id=int(market.id),
status=int(UserStatus.normal),
)
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
#print(user.uuid.hex,'uuid--------1222222222221111111111111')
access_token = create_access_token(
#data={"uuid": user.id}, expires_delta=access_token_expires
data={"uuid": user.uuid.hex},
expires_delta=access_token_expires)
# response.headers[APIKEY_HEADER_NAME] = access_token
response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token)
return UserToken(**user.__dict__["__values__"], token=access_token)
