class RUser: def __init__(self, token=''): self.sessions = RMemorySessionStore() self.utils = RUtils() self.database = RDataBase() self.data = None if token != '': self.restore_from_token(token) def restore_from_token(self, token): if self.sessions.contains(token): self.data = self.sessions.get(token) return True else: result = self.database.query('SELECT * FROM token WHERE token = %s AND expired_time > now()', (token,)) if result: self.data = UserData() self.data.id = result[0]['user_id'] self.data.ifLogin = True self.reload() return True self.data = UserData() return False def reload(self): result = self.database.query('SELECT * FROM users WHERE id = %s', (self.data.id,)) if not result: return False self.data.username = result[0]['username'] self.data.status = result[0]['status'] self.data.email = result[0]['email'] return True def login(self, username, password): if self.data.ifLogin: return True result = self.database.query('SELECT * FROm users
class RAdminUser(): def __init__(self, token=None): self.session = RMemorySessionStore() self.db = RDataBasePool() self.info = RAdminUserInfo() self.config = RConfig() if token: self.info.token = token if self.info.token != "": self.login_by_token() def login_by_token(self): if not self.info.token: return False if self.session.contains(self.info.token): self.info = self.session.get(self.info.token) if self.info.expired_time < time.time(): self.info.ifLogin = False self.session.remove(self.info.token) if self.info.ifLogin: return True return False def login_by_password(self, username="", password="", token=""): if username == "" or password == "" or token == "": raise RError(20) password = hashlib.sha512(password + self.config.password_salt).hexdigest()[0: 64] result = self.db.query("SELECT * FROM admin_users WHERE username=%s AND password=%s", (username, password)) if not result: raise RError(25) self.info.id = result[0]['id'] self.info.ifLogin = True self.info.token = token return self.sync_from_mysql() def logout(self): if not self.info.ifLogin: return True if self.info.token == "": return True self.session.remove(self.info.token) self.info.ifLogin = False return True def sync_from_mysql(self): if not self.info.ifLogin: return False if self.info.id <= 0: return False result = self.db.query("SELECT * FROM admin_users WHERE id = %s", (self.info.id,)) if not result: return False self.info.username = result[0]['username'] self.info.invite_code_id = result[0]['invite_code_id'] self.info.level = result[0]['level'] self.session.push(self.info.token, self.info) return True def register(self, code="", username="", password=""): if code == "" or password == "" or username == "": raise RError(20) password = hashlib.sha512(password + self.config.password_salt).hexdigest()[0: 64] if self.db.query("SELECT * FROM admin_users WHERE username = %s", (username,)): raise RError(19) self.db.execute( "INSERT INTO admin_users(username, password, level, invite_code_id) " "VALUES(%s,%s,1, (SELECT id FROM invite_codes WHERE code = %s))", (username, password, code)) self.db.execute("UPDATE invite_codes SET used = 1 WHERE code = %s", (code,)) return True def reset_password(self, code="", password=""): if code == "" or password == "": raise RError(20) password = hashlib.sha512(password + self.config.password_salt).hexdigest()[0: 64] self.db.execute( "UPDATE admin_users SET password = %s WHERE invite_code_id in (SELECT id FROM invite_codes WHERE code = %s)", (password, code)) return True