def post(self): a_dict = dict() user_email = self.get_argument('user_email') user_password = self.get_argument('user_password') captcha_value = self.get_argument('captcha_value') if not user_email or not user_password or not captcha_value: a_dict['code'] = 1 a_dict['msg'] = 'empty input' self.write(json.dumps(a_dict, ensure_ascii=False)) return user_email = user_email.strip() user_password = user_password.strip() captcha_value = captcha_value.strip() if captcha_value.lower() != self.get_secure_cookie('captcha_value').lower(): a_dict['code'] = 2 a_dict['msg'] = 'captcha error' self.write(json.dumps(a_dict, ensure_ascii=False)) return user = DbOperator.get_user_info(user_email) if not user: a_dict['code'] = 3 a_dict['msg'] = 'no this user' self.write(json.dumps(a_dict, ensure_ascii=False)) return m = hashlib.md5() m.update(user_password) input_password = m.hexdigest() if input_password != user.user_pwd: a_dict['code'] = 4 a_dict['msg'] = 'password error' self.write(json.dumps(a_dict, ensure_ascii=False)) return self.set_secure_cookie("user_id", str(user.id), expires_days=None) self.set_secure_cookie("user_email", user.user_email, expires_days=None) self.set_secure_cookie("user_name", user.user_name, expires_days=None) self.set_secure_cookie("user_right", str(user.user_right), expires_days=None) self.set_secure_cookie("last_time", str(time.time()), expires_days=None) self.set_cookie("page_right", str(user.user_right), expires_days=None) a_dict['code'] = 0 a_dict['msg'] = 'ok' self.write(json.dumps(a_dict, ensure_ascii=False))
def post(self): if Config.FAKE_LOGIN: user_email = self.get_argument("user_email") db_user = DbOperator.get_user_info(user_email) if not db_user: self.render("user/fake_login.html") return self.set_secure_cookie("user_email", db_user.user_email, expires_days=None) if db_user.user_name: self.set_secure_cookie("user_name", db_user.user_name, expires_days=None) else: self.set_secure_cookie("user_name", db_user.user_email, expires_days=None) self.set_secure_cookie("user_right", str(db_user.user_right), expires_days=None) self.set_secure_cookie("last_time", str(time.time()), expires_days=None) self.set_cookie("page_right", str(db_user.user_right), expires_days=None) self.redirect("/")
def get(self): if Config.FAKE_LOGIN: # 本机fake登录 self.redirect('/fake_login') return # 线上真实登录 Logger.info(json.dumps(self.request.arguments, ensure_ascii=False), self.request.uri) user_email = self.get_current_user() if user_email: if self.check_login_valid(): self.redirect("/") return code_from_auth = self.get_argument('code', None) if not code_from_auth: redirect_url = Config.OAUTH_AUTH_URL redirect_url += '?appid=%s' % Config.OAUTH_APP_ID redirect_url += '&response_type=code' redirect_url += '&redirect_uri=%s' % quote(Config.OAUTH_REDIRECT_URL) redirect_url += '&scope=user_info' redirect_url += '&state=test' self.redirect(redirect_url) return status, content = Login.get_access_token(code_from_auth) if status != 200: self.write(content) return Logger.info("get_access_token: [%s]" % content) try: a_dict = json.loads(content) except: Logger.error("parse token error: content[%s]" % content) self.write(content) return access_token = a_dict.get("access_token", None) openid = a_dict.get("openid", None) status, content = Login.get_user_info(access_token, openid) if status != 200: self.write(content) return Logger.info("get_user_info: [%s]" % content) try: a_dict = json.loads(content) except: Logger.error("parse user_info error: contnet[%s]" % content) self.write(content) return user_name = a_dict.get("name") user_email = a_dict.get("email") db_user = DbOperator.get_user_info(user_email) if not db_user: self.redirect('/refuse') return # 保存session self.set_secure_cookie("user_email", user_email, expires_days=None) self.set_secure_cookie("user_name", user_name, expires_days=None) self.set_secure_cookie("user_right", str(db_user.user_right), expires_days=None) self.set_secure_cookie("last_time", str(time.time()), expires_days=None) self.set_cookie("page_right", str(db_user.user_right), expires_days=None) # 重向定 self.redirect("/")