def Login(self):
uname = self.Post('uname')
passwd = self.Post('passwd')
# 验证用户名
if not Safety.IsRight('uname',uname) and not Safety.IsRight('tel',uname) and not Safety.IsRight('email',uname):
return self.GetJSON({'code':4000, 'msg':'请输入用户名/手机/邮箱'})
# 密码长度
if not Safety.IsRight('passwd',passwd) :
return self.GetJSON({'code':4000, 'msg':'请输入6~16位密码'})
# 查询
model = UserM()
model.Table('user AS a')
model.LeftJoin('user_info AS b', 'a.id=b.uid')
model.LeftJoin('sys_perm AS c', 'a.id=c.uid')
model.LeftJoin('sys_role AS d', 'c.role=d.id')
model.Where(
'(a.uname=%s OR a.tel=%s OR a.email=%s) AND a.password=%s',
uname, uname, uname, Hash.Md5(passwd)
)
model.Columns('a.id', 'a.state', 'b.position', 'b.nickname', 'b.name', 'b.gender', 'b.birthday', 'b.img', 'c.perm', 'd.perm as role_perm')
data = model.FindFirst()
# 是否存在
if not data : return self.GetJSON({'code':4000, 'msg':'帐号或密码错误!'})
# 是否禁用
if data['state']!='1' : return self.GetJSON({'code':4000, 'msg':'该用户已被禁用!'})
# 权限
perm = data['role_perm']
if data['perm'] : perm=data['perm']
if not perm : return self.GetJSON({'code':4000, 'msg':'该用户不允许登录!'})
redis = Redis()
key = Env.admin_token_prefix+'_perm_'+str(data['id'])
redis.Set(key, perm)
redis.Expire(key, Env.admin_token_time)
redis.Close()
# 登录时间
model.Table('user')
model.Set({'ltime': Util.Time()})
model.Where('id=%s', data['id'])
model.Update()
# 返回
return self.GetJSON({
'code': 0,
'msg': '成功',
'token': AdminToken.Create({'uid':str(data['id']), 'uname':uname}),
'uinfo': {
'uid': data['id'],
'uname': uname,
'position': data['position'],
'nickname': data['nickname'],
'name': data['name'],
'gender': data['gender'],
'img': Env.base_url+data['img'] if data['img']!='' else '',
}
})
def Edit(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '' : return self.GetJSON({'code':4001, 'msg':msg})
tData = AdminToken.Token(token)
# 参数
passwd = self.Post('passwd')
passwdNew = self.Post('passwdNew')
if passwd==passwdNew : return self.GetJSON({'code':4000, 'msg':'不能与原密码相同!'})
if not Safety.IsRight('passwd', passwd) or not Safety.IsRight('passwd', passwdNew) :
return self.GetJSON({'code':4000, 'msg':'密码为6~16位!'})
# 数据
model = User()
model.Columns('id')
model.Where('id=%s AND password=%s', str(tData['uid']), Hash.Md5(passwd))
uData = model.FindFirst()
if not uData : return self.GetJSON({'code':4000, 'msg':'当前密码错误!'})
model.Set({'password':Hash.Md5(passwdNew)})
model.Where('id=%s', str(tData['uid']))
if not model.Update() : return self.GetJSON({'code':5000, 'msg':'修改失败!'})
# 返回
return self.GetJSON({'code':0, 'msg':'成功'})
