def post(self):
"""
登录创建token
"""
json_parser = RequestParser()
json_parser.add_argument('mobile', type=parser.mobile, required=True, location='json')
json_parser.add_argument('code', type=parser.regex(r'^\d{6}$'), required=True, location='json')
args = json_parser.parse_args()
mobile = args.mobile
code = args.code
# 从redis中获取验证码
key = 'app:code:{}'.format(mobile)
try:
real_code = current_app.redis_master.get(key)
except ConnectionError as e:
current_app.logger.error(e)
real_code = current_app.redis_slave.get(key)
if mobile != '18516952650':
try:
current_app.redis_master.delete(key)
except ConnectionError as e:
current_app.logger.error(e)
if not real_code or real_code.decode() != code:
return {'message': 'Invalid code.'}, 400
# 查询或保存用户
user = User.query.filter_by(mobile=mobile).first()
if user is None:
# 用户不存在,注册用户
user_id = current_app.id_worker.get_id()
user = User(id=user_id, mobile=mobile, name=mobile, last_login=datetime.now())
db.session.add(user)
profile = UserProfile(id=user.id)
db.session.add(profile)
db.session.commit()
else:
if user.status == User.STATUS.DISABLE:
cache_user.UserStatusCache(user.id).save(user.status)
return {'message': 'Invalid user.'}, 403
token, refresh_token = self._generate_tokens(user.id)
# 缓存用户信息
cache_user.UserProfileCache(user.id).save()
cache_user.UserStatusCache(user.id).save(User.STATUS.ENABLE)
return {'token': token, 'refresh_token': refresh_token}, 201
def wrapper(*args, **kwargs):
if g.use_token and not g.user_id:
return {'message': 'Token has some errors.'}, 401
else:
if g.user_id:
# 判断用户状态
user_enable = cache_user.UserStatusCache(g.user_id).get()
if not user_enable:
return {'message': 'User denied.'}, 403
return func(*args, **kwargs)
def wrapper(*args, **kwargs):
if not g.user_id:
return {'message': 'User must be authorized.'}, 401
elif g.is_refresh_token:
return {'message': 'Do not use refresh token.'}, 403
else:
# 判断用户状态
user_enable = cache_user.UserStatusCache(g.user_id).get()
if not user_enable:
return {'message': 'User denied.'}, 403
return func(*args, **kwargs)
def put(self):
"""
刷新token
"""
user_id = g.user_id
if user_id and g.is_refresh_token:
# 判断用户状态
user_enable = cache_user.UserStatusCache(g.user_id).get()
if not user_enable:
return {'message': 'User denied.'}, 403
token, refresh_token = self._generate_tokens(user_id, with_refresh_token=False)
return {'token': token}, 201
else:
return {'message': 'Wrong refresh token.'}, 403
