def api_delete_user(user_id): check_admin() user = Users.get(user_id) if not user: raise APIResourceNotFoundError('user') localauth = LocalAuth.find_first('where user_id=?',user_id) user.delete() localauth.delete() return dict(user_id=user_id)
def check_admin(): """ :return: """ user = ctx.request.user localauth = LocalAuth.find_first('where user_id=?', user.user_id) if user and localauth.user_admin: return raise APIPermissionError('No permission')
def manage_interceptor(next): """ :param next: :return: :raise seeother: """ user = ctx.request.user if user: localauth = LocalAuth.find_first('where user_id=?', user.user_id) if localauth.user_admin: return next() raise seeother('/signin')
def register_user(): i = ctx.request.input(name='', email='', password='') name = i.name.strip() email = i.email.strip().lower() password = hashlib.md5(i.password).hexdigest() if not name: raise APIValueError('name') if not email or not _RE_EMAIL.match(email): raise APIValueError('email') # if not password or not _RE_PASSWORD.match(password): # raise APIValueError('password') user = LocalAuth.find_first('where user_email=?', email) if user: raise APIError('register:failed', 'email', 'Email already in user.') user = Users(user_name=name) user.insert() # print user.user_id localauth = LocalAuth(user_id=user.user_id, user_email=email, user_password=password) localauth.insert() # make session cookie cookie = make_signed_cookie(user.user_id, localauth.user_password, None) ctx.response.set_cookie(__COOKIE_NAME, cookie) return user
def authenticate(): i = ctx.request.input(remember='') email = i.email.strip().lower() password = hashlib.md5(i.password).hexdigest() remember = i.remember localauth = LocalAuth.find_first('where user_email=?', email) print localauth if localauth is None: raise APIError('auth:failed', 'email', 'Invalid email') elif password != localauth.user_password: raise APIError('auth:failed', 'password', 'Invalid password') # make session cookie: max_age = 608400 if remember == 'true' else None cookie = make_signed_cookie(localauth.user_id, password, max_age) ctx.response.set_cookie(__COOKIE_NAME, cookie, max_age) user = Users.get(localauth.user_id) # print user return user
def parse_signed_cookie(cookie_str): """ 解析COOKIE :param cookie_str: :return: """ try: L = cookie_str.split('-') if len(L) != 3: return None id, expires, md5 = L if int(expires) < time.time(): return None user = Users.get(id) localauth = LocalAuth.find_first('where user_id=?', id) if user is None: return None if md5 != hashlib.md5('%s-%s-%s-%s' % (id, localauth.user_password, expires, __COOKIE_KEY)).hexdigest(): return None return user except: return None