def identify(self, request): """ 用户鉴权 :return: list """ data = '' msg = '' status = code.AUTHORIZATION_ERROR auth_header = request.headers.get('Authorization') if (auth_header): auth_tokenArr = auth_header.split(" ") if (not auth_tokenArr or auth_tokenArr[0] != 'JWT' or len(auth_tokenArr) != 2): msg = '请传递正确的验证头信息' else: auth_token = auth_tokenArr[1] payload = self.decode_auth_token(auth_token) if not isinstance(payload, str): user = UsersModel.get(UsersModel, payload['data']['id']) if (user is None): msg = '找不到该用户信息' else: if (user.login_time == payload['data']['login_time']): status = code.OK data = user.id msg = '请求成功' else: msg = 'Token已更改,请重新登录获取' else: msg = payload else: msg = '没有提供认证token' return pretty_result(status, data=data, msg=msg)
def post(self): user = UsersModel.get(UsersModel, g.user_id) returnUser = { 'id': user.id, 'username': user.username, 'email': user.email, 'permission': user.permission, 'avatar': user.avatar, 'login_time': user.login_time } return pretty_result(code.OK, data=returnUser)
def get(self): """ 获取用户列表信息 :return: json """ user = UsersModel.get(UsersModel, g.user_id) returnUser = { 'id': user.id, 'userName': user.username, 'email': user.email, 'permission': user.permission, 'avatar': user.avatar # 'login_time': user.login_time } totalCount = 3 List = [{ "id": "@id", "permission": "editor", }] return pretty_result(code.OK, data=List)
class Users(Controller): # constructor def __init__(self): super(Users, self).__init__() self._data = UsersModel() # login def login(self): if self.logged(): return write("Well done") email = request.values.get("email") password = request.values.get("password") if email is not None and \ password is not None and \ self._data.valid(email, sha512(password)): session["email"] = email return write("Well done") else: return error("Incorrect login or password") # logout def logout(self): if not self.logged(): return error("You not logged") session.pop('email', None) return write("Well done") # entered def entered(self): if self.logged(): return write("Yes") else: return write("No") # register new user def register(self): if self.logged(): return error("You are already logged") email = request.values.get("email") password = request.values.get("password") fname = request.values.get("fname") lname = request.values.get("lname") role = request.values.get("role") avatar = request.values.get("avatar") status = request.values.get("status") if (not (type(email) is unicode)) or (len(email) < 5): return error("Incorrect e-mail") if (not (type(password) is unicode)) or (len(password) < 5): return error("Incorrect password") if self._data.exists(email): return error("User with this e-mail already exists") try: self._data.add({"email": email, "password": sha512(password), "fname": fname, "lname": lname, "role": role, "avatar": avatar, "status": status}) return write("Well done") except: return error("Registration failed") # delete user def delete(self): if not self.logged(): return error("You not logged") try: id = int(request.values.get("id")) self._data.delete(id) return write("Well done") except: return error("Invalid request") # get user info def get(self, param): if not self.logged(): return error("You not logged") try: if type(param) is int: return write(self._data.get(param)) elif type(param) is unicode: return write(self._data.get(param)) else: return write(self._data.get(session["email"])) except: return error("Invalid request") # change user info def change(self): if not self.logged(): return error("You not logged") user = {"email": request.values.get("email"), "password": request.values.get("password"), "fname": request.values.get("fname"), "lname": request.values.get("lname"), "role": request.values.get("role"), "avatar": request.values.get("avatar"), "status": request.values.get("status")} try: id = int(request.values.get("id")) self._data.edit(id, user) return write("Well done") except: return error("Invalid request") # get all user list def all(self): if not self.logged(): return error("You not logged") try: return write(self._data.all()) except: return error("Invalid request") def fetch(self, **kwargs): action = kwargs.get("action") param = kwargs.get("param") if action == "login": return self.login() elif action == "logout": return self.logout() elif action == "entered": return self.entered() elif action == "register": return self.register() elif action == "delete": return self.delete() elif action == "get" or action is None: return self.get(param) elif action == "change": return self.change() elif action == "all": return self.all() else: return error("Invalid request")