async def login(user_in: UserIn, response: Response): """ OAuth2 compatible token login, get an access token for future requests """ if user_in.sms_code: await verify_auth_code(user_in.uid, None, user_in.sms_code) user = await MarketUser.get_or_none(phone=user_in.uid) if not user: raise HTTPException(status_code=403, detail="用户不存在") elif user_in.password: await verify_code(user_in.vcode_id, user_in.vcode) user = await authenticate_user(user_in.uid, user_in.password) if not user: raise HTTPException(status_code=400, detail="用户 ID/ 密码错误") else: raise HTTPException(status_code=400, detail="登录失败,请输入密码 / 登录码") if user.status != UserStatus.normal: raise HTTPException(status_code=400, detail="用户未激活 / 已禁用") access_token_expires = timedelta( minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token(data={"uuid": user.uuid.hex}, expires_delta=access_token_expires) # response.headers[APIKEY_HEADER_NAME] = access_token response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token) return UserToken(**user.__dict__, token=access_token)
async def login(user_in: UserIn, response: Response): """ OAuth2 compatible token login, get an access token for future requests """ if user_in.sms_code: await verify_auth_code(user_in.uid, None, user_in.sms_code) user = await MarketUser.query.where(MarketUser.phone == user_in.uid ).gino.first() if not user: raise HTTPException(status_code=404, detail="用户不存在") #print(user.id,'user---333333333333333') elif user_in.password: await verify_code(user_in.vcode_id, user_in.vcode) user = await authenticate_user(user_in.uid, user_in.password) if not user: raise HTTPException(status_code=400, detail="用户 ID/ 密码错误") else: raise HTTPException(status_code=400, detail="登录失败,请输入密码 / 登录码") if user.status != int(UserStatus.normal): raise HTTPException(status_code=400, detail="用户未激活 / 已禁用") access_token_expires = timedelta( minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) #print(user.uuid.hex,'login ----uuid ------12222222222221111111111111111') access_token = create_access_token( #data={"uuid": user.id}, expires_delta=access_token_expires data={"uuid": user.uuid.hex}, expires_delta=access_token_expires) #print(access_token,'access_token----22222222222222222222') # response.headers[APIKEY_HEADER_NAME] = access_token response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token) return UserToken(**user.to_dict(), token=access_token)
async def admin_login(schema_in: AdminUserIn, response: Response): """登录管理后台""" if schema_in.verification_code != "1234": raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect verification_code", ) #user = await authenticate_admin_user(schema_in.user_id, schema_in.password) user, user1 = await info_admin_user(schema_in.user_id, schema_in.password) if user and user1 == 0: if user.status == UserStatus.disabled: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="该用户被禁用,请联系超管解禁!!", ) if not user and user1 == 0: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="用户不存在!!", ) if not user and user1 == 1: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="密码错误!!", ) access_token_expires = timedelta( minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token( #data={"uuid": user.id}, expires_delta=access_token_expires data={"uuid": user.uuid.hex}, expires_delta=access_token_expires) # response.headers[APIKEY_HEADER_NAME] = access_token response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token) return AdminToken(**user.__dict__["__values__"], token=access_token)
async def register_user(user_in: UserCreate, response: Response): """ Create new user. """ # 验证验证码 # await verify_code(user_in.vcode_id, user_in.vcode) await verify_auth_code(user_in.phone, user_in.email, user_in.sms_code) get_filter = Q(name=user_in.name) if not (user_in.phone or user_in.email): raise HTTPException(status_code=400, detail="Must specify phone/email") if user_in.phone: get_filter = Q(phone=user_in.phone) if user_in.email: get_filter |= Q(email=user_in.email) user = await MarketUser.get_or_none(get_filter) if user: raise HTTPException( status_code=403, detail="该账号已存在,请登录!", ) try: market = await StrategyMarket.get(id=config.MARKET_ID) except DoesNotExist: raise HTTPException(status_code=500, detail="配置错误,请联系管理员!") password = user_in.password if len(password) > 16: raise HTTPException( status_code=403, detail="密码不能超过16位", ) elif len(password) < 8: raise HTTPException( status_code=403, detail="密码不能少于8位", ) user_data = user_in.dict() user_data["uuid"] = uuid.uuid1().hex user_data["password"] = get_password_hash(password, user_data["uuid"]) user_data["market"] = market user_data["status"] = UserStatus.normal # user_data["market"] = get_password_hash(user_in.password, user_data["uuid"]) user = MarketUser(**user_data) await user.save() access_token_expires = timedelta( minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token(data={"uuid": user.uuid.hex}, expires_delta=access_token_expires) # response.headers[APIKEY_HEADER_NAME] = access_token response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token) return UserToken(**user.__dict__, token=access_token)
async def admin_login(schema_in: AdminUserIn, response: Response): """登录管理后台""" if schema_in.verification_code != "1234": raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect verification_code", # headers={"WWW-Authenticate": ""}, ) user = await authenticate_admin_user(schema_in.user_id, schema_in.password) if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password", # headers={"WWW-Authenticate": ""}, ) access_token_expires = timedelta( minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token(data={"uuid": user.uuid.hex}, expires_delta=access_token_expires) # response.headers[APIKEY_HEADER_NAME] = access_token response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token) return AdminToken(**user.__dict__, token=access_token)
async def register_user(user_in: UserCreate, response: Response): """ Create new user. """ # 验证验证码 # await verify_code(user_in.vcode_id, user_in.vcode) await verify_auth_code(user_in.phone, user_in.email, user_in.sms_code) if not (user_in.phone or user_in.email): raise HTTPException(status_code=400, detail="Must specify phone/email") row = await MarketUser.select("id").where(MarketUser.name == user_in.name ).gino.all() if row: raise HTTPException( status_code=403, #detail="The user with this name already exists in the system.", detail="该用户名已存在,请直接登录!") if user_in.phone: row = await MarketUser.select("id").where( MarketUser.phone == user_in.phone).gino.all() if row: raise HTTPException( status_code=403, #detail="The user with this phone already exists in the system.", detail="该手机号已存在") if user_in.email: row = await MarketUser.select("id").where( MarketUser.email == user_in.email).gino.all() if row: raise HTTPException( status_code=403, #detail="The user with this email already exists in the system.", detail="该邮箱已存在") market = await StrategyMarket.get(int(config.MARKET_ID)) if not market: raise HTTPException(status_code=500, detail="配置错误,请联系管理员!") user_data = user_in.dict() user_data["password"] = get_password_hash(user_in.password) user_data["market"] = market user_data["status"] = int(UserStatus.normal) #user = await MarketUser.create(**user_data) user = await MarketUser.create( name=user_in.name, phone=user_in.phone, email=user_in.email, uuid=uuid.uuid1().hex, password=get_password_hash(user_in.password), #sms_code = user_in.sms_code, broker_id=user_in.broker_id, #vcode_id = user_in.vcode_id, #vcode = user_in.vcode, market_id=int(market.id), status=int(UserStatus.normal), ) access_token_expires = timedelta( minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) #print(user.uuid.hex,'uuid--------1222222222221111111111111') access_token = create_access_token( #data={"uuid": user.id}, expires_delta=access_token_expires data={"uuid": user.uuid.hex}, expires_delta=access_token_expires) # response.headers[APIKEY_HEADER_NAME] = access_token response.set_cookie(key=APIKEY_HEADER_NAME, value=access_token) return UserToken(**user.__dict__["__values__"], token=access_token)