def post(self): """ 登录创建token """ json_parser = RequestParser() json_parser.add_argument('mobile', type=parser.mobile, required=True, location='json') json_parser.add_argument('code', type=parser.regex(r'^\d{6}$'), required=True, location='json') args = json_parser.parse_args() mobile = args.mobile code = args.code # 从redis中获取验证码 key = 'app:code:{}'.format(mobile) try: real_code = current_app.redis_master.get(key) except ConnectionError as e: current_app.logger.error(e) real_code = current_app.redis_slave.get(key) if mobile != '18516952650': try: current_app.redis_master.delete(key) except ConnectionError as e: current_app.logger.error(e) if not real_code or real_code.decode() != code: return {'message': 'Invalid code.'}, 400 # 查询或保存用户 user = User.query.filter_by(mobile=mobile).first() if user is None: # 用户不存在,注册用户 user_id = current_app.id_worker.get_id() user = User(id=user_id, mobile=mobile, name=mobile, last_login=datetime.now()) db.session.add(user) profile = UserProfile(id=user.id) db.session.add(profile) db.session.commit() else: if user.status == User.STATUS.DISABLE: cache_user.UserStatusCache(user.id).save(user.status) return {'message': 'Invalid user.'}, 403 token, refresh_token = self._generate_tokens(user.id) # 缓存用户信息 cache_user.UserProfileCache(user.id).save() cache_user.UserStatusCache(user.id).save(User.STATUS.ENABLE) return {'token': token, 'refresh_token': refresh_token}, 201
def wrapper(*args, **kwargs): if g.use_token and not g.user_id: return {'message': 'Token has some errors.'}, 401 else: if g.user_id: # 判断用户状态 user_enable = cache_user.UserStatusCache(g.user_id).get() if not user_enable: return {'message': 'User denied.'}, 403 return func(*args, **kwargs)
def wrapper(*args, **kwargs): if not g.user_id: return {'message': 'User must be authorized.'}, 401 elif g.is_refresh_token: return {'message': 'Do not use refresh token.'}, 403 else: # 判断用户状态 user_enable = cache_user.UserStatusCache(g.user_id).get() if not user_enable: return {'message': 'User denied.'}, 403 return func(*args, **kwargs)
def put(self): """ 刷新token """ user_id = g.user_id if user_id and g.is_refresh_token: # 判断用户状态 user_enable = cache_user.UserStatusCache(g.user_id).get() if not user_enable: return {'message': 'User denied.'}, 403 token, refresh_token = self._generate_tokens(user_id, with_refresh_token=False) return {'token': token}, 201 else: return {'message': 'Wrong refresh token.'}, 403