def signout():
if request.cookies.get('session'):
ses = Session()
ses.delete(request.cookies.get("session"))
res = make_response(redirect("/authen/signin"))
res.set_cookie("session", "", max_age=-1)
return res
return redirect("/authen/signin")
def route_logout(request):
"""
注销登录
"""
session = current_session(request)
session_id = int(session.id)
Session.delete(session_id)
return redirect('/')
def user_role_change(user, params, token, device):
uid = params.get("id", "")
if device == "web":
role, role_id = user.identify[0], int(user.identify[1:])
else:
role, role_id = user.app_identify[0], int(user.app_identify[1:])
tmp_user = User.select().where(User.uuid==uid).first()
identify = None
if not tmp_user:
tmp_team = Team.select().where(Team.uuid==uid).first()
if not tmp_team or tmp_team.user != user:
return {"error_code": 20332, "msg": "the role not change, not allowed"}
if role == "f":
identify = "c%s" % tmp_team.id
else:
if tmp_user.id != user.id:
return {"error_code": 20332, "msg": "the role not change, not allowed"}
if role == "c":
identify = "f%s" % tmp_user.id
if identify:
if device == "web":
user.identify = identify
user.save()
else:
user.app_identify = identify
user.save()
if device in ("ios", "android"):
qs = Session.delete().where(Session.user==user, Session.session_key!=token, Session.device << ("ios", "android"))
qs.execute()
return {"error_code": 0, "msg": "ok"}
def doEditPassword(id):
acc = Account()
v = acc.getAccountById(id)
usr = v['usr']
newpwd = request.form.get("pwd") + '#$%^&*$@' + usr
newpwd = md5(newpwd.encode())
a = (newpwd.digest(), id)
ret = acc.editPassword(a)
if ret > 0:
if request.cookies.get('session'):
ses = Session()
ses.delete(request.cookies.get("session"))
res = make_response(redirect("/authen/signin"))
res.set_cookie("session", "", max_age=-1)
return res
return "Failed"
def user_role_change(user, params, token, device):
uid = params.get("id", "")
if device == "web":
role, role_id = user.identify[0], int(user.identify[1:])
else:
role, role_id = user.app_identify[0], int(user.app_identify[1:])
tmp_user = User.select().where(User.uuid==uid).first()
identify = None
if not tmp_user:
tmp_team = Team.select().where(Team.uuid==uid).first()
if not tmp_team or tmp_team.user != user:
return {"error_code": 20332, "msg": "the role not change, not allowed"}
if role == "f":
identify = "c%s" % tmp_team.id
else:
if tmp_user.id != user.id:
return {"error_code": 20332, "msg": "the role not change, not allowed"}
if role == "c":
identify = "f%s" % tmp_user.id
if identify:
if device == "web":
user.identify = identify
user.save()
else:
user.app_identify = identify
user.save()
if device in ("ios", "android"):
qs = Session.delete().where(Session.user==user, Session.session_key!=token, Session.device << ("ios", "android"))
qs.execute()
return {"error_code": 0, "msg": "ok"}
def signout():
if request.cookies.get('session'):
ses = Session()
ret = ses.delete(request.cookies.get('session'))
res = make_response(redirect('/authen/signin'))
res.set_cookie('session', '', max_age= -1)
return res
return redirect('authen/signin')
def logout(user):
if user:
Session.delete().where(Session.user==user)
return {"error_code":0, "msg":"ok"}
def cleanup_session(body):
now = utils.now()
qs = Session.delete().where(Session.expire_at <= now)
qs.execute()
def logout(user):
if user:
Session.delete().where(Session.user == user)
return {"error_code": 0, "msg": "ok"}
