def check_login():
cookies = request.cookies
auth_cookie = cookies[app.config['AUTH_COOKIE_NAME']] if app.config[
'AUTH_COOKIE_NAME'] in cookies else None
if auth_cookie is None:
return False
auth_info = auth_cookie.split("@")
if len(auth_info) != 2:
return False
try:
user_info = User.query.filter_by(uid=auth_info[1]).first()
except Exception:
return False
if user_info is None:
return False
if auth_info[0] != UserService.generateAuthCode(user_info):
return False
if user_info.status != 1:
return False
return user_info
def login():
# 用来获取用户的登录状态
if request.method == 'GET':
if g.current_user:
return redirect(UrlManager.buildUrl("/"))
return ops_render("user/login.html")
# POST请求
resp = {
'code':200,
'msg':'登录成功',
'data':{}
}
req = request.values
print('----------------------------------------')
print(req,'req')
# 如果账号密码不在req中,值为空
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
# 对账号密码的校验规则
# 如果账号为none或者长度小于1
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的密码"
return jsonify(resp)
# 从数据库中取出user
# 把获取到的用户名和数据库中进行比较
user_info = User.query.filter_by(login_name=login_name).first()
# 如果不存在
if not user_info:
resp['code'] = -1
resp['msg'] = "用户不存在"
return jsonify(resp)
# 存在的情况下判断密码是否正确
# 判断密码
if user_info.login_pwd != UserService.generatePwd(login_pwd,user_info.login_salt):
resp['code'] = -1
resp['msg'] = "密码输入错误"
return jsonify(resp)
# 判断用户状态
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = "用户已经被禁用,请联系管理员处理"
return jsonify(resp)
# 以上校验不出问题会登陆成功
response = make_response(json.dumps({'code':200,'msg':'登录成功~~~'}))
# Cookie中存入的信息是user_info.uid,user_info
response.set_cookie(app.config['AUTH_COOKIE_NAME'],"%s@%s"%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*15)
return response
def resetPwd():
# get请求返回页面
if request.method == "GET":
return ops_render("user/reset_pwd.html")
# POST请求
resp = {
'code':200,
'msg':'重置密码成功',
'data':{}
}
# 获取用户信息
req = request.values
# 如果不在req中返回空
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
# 对新旧密码进行校验
# 如果旧密码为空或者长度小于6
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的旧密码"
return jsonify(resp)
# 如果新密码为空或者长度小于6
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的新密码"
return jsonify(resp)
# 如果两次密码一样
if old_password == new_password:
resp['code'] = -1
resp['msg'] = "新密码和旧密码不能相同"
return jsonify(resp)
user_info = g.current_user
#演示账号的保护
# if user_info.uid == 1:
# pass
user_info.login_pwd = UserService.generatePwd(new_password,user_info.login_salt)
# 修改数据库中的数据并保存
db.session.add(user_info)
db.session.commit()
# 修改cookie中的旧用户信息
response = make_response(json.dumps(resp))
# Cookie中存入的信息是user_info.uid,user_info
response.set_cookie(app.config['AUTH_COOKIE_NAME'],"%s@%s"%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*15)
return response
def login():
if request.method == 'GET':
if g.current_user:
return redirect(UrlManager.buildUrl("/"))
return ops_render("user/login.html")
resp = {
'code':200,
'msg':'登录成功!',
'data':{}
}
req = request.values
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名或密码"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名或密码"
return jsonify(resp)
# 从数据库中取出user
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
print(login_name)
resp['code'] = -1
resp['msg'] = '用户不存在'
return jsonify(resp)
# 判断密码
if user_info.login_pwd != UserService.generatePwd(login_pwd,user_info.login_salt):
resp['code'] = -1
resp['msg'] = '密码输入错误'
return jsonify(resp)
# 判断用户状态
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = '用户已被禁用'
return jsonify(resp)
response = make_response(json.dumps({'code':200,'msg':'登录成功!'}))
# Cookie中存入的信息是user_info.uid,user_info
response.set_cookie('hmsc_Dws','%s@%s'%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*2)
return response
def login():
if request.method == "GET":
if g.current_user:
return redirect(UrlManager.buildUrl("/"))
return ops_render("user/login.html")
resp = {'code': 200, 'msg': '登录成功!', 'data': {}}
req = request.values
print(req)
login_name = req['login_name']
login_pwd = req['login_pwd']
# 后端校检 不为空 长度不小于1
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名~~~"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的密码~~~"
return jsonify(resp)
# 数据库比对
user_info = User.query.filter_by(login_name=login_name).first()
print(user_info.login_pwd)
if not user_info:
resp['code'] = -1
resp['msg'] = '用户不存在'
return jsonify(resp)
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = '账号已被禁用,请联系管理员处理'
return jsonify(resp)
if user_info.login_pwd != UserService.generatePwd(login_pwd,
user_info.login_salt):
resp['code'] = -1
resp['msg'] = "密码错误!"
return jsonify(resp)
# 将用户信息存入到浏览器的Cookie中
# json.dumps() 只能处理 dict,list类型;经过处理的后的类型可以直接在浏览器中使用
response = make_response(json.dumps({'code': 200, 'msg': '登陆成功!'}))
# name:名字 value:内容 time:过期时间
# value 包括 login_name login_pwd login_salt uid
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
'%s@%s' % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 5)
return response
def login():
if request.method == 'GET':
if g.current_user:
return redirect(UrlManager.buildUrl('/'))
return ops_render('user/login.html')
resp = {'code': 200, 'msg': '登陆成功', 'data': {}}
req = request.values
login_name = req['login_name']
login_pwd = req['login_pwd']
#后端校检 不为空 长度不小于1
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = '请输入正确用户名'
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = '请输入正确密码'
return jsonify(resp)
#数据库比对
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
resp['code'] = -1
resp['msg'] = '用户不存在'
return jsonify(resp)
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = '账号被禁用,请联系管理员处理'
return jsonify(resp)
if user_info.login_pwd != UserService.generatePwd(login_pwd,
user_info.login_salt):
resp['code'] = -1
resp['msg'] = '密码错误'
return jsonify(resp)
#将用户信息存入到浏览器的Cookie中
#json.dumps()处理dict,list类型,经过处理后可以直接再浏览器使用
response = make_response(json.dumps({'code': 200, 'msg': '登录成功'}))
# name value(login-name,login_pwd,login_salt,uid) 过期时间
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
'%s@%s' % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 5)
return response
def resetPwd():
if request.method == "GET":
return render_template("/user/reset_pwd.html")
# POST
resp = {'code': 200, 'msg': '重置密码成功', 'data': {}}
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
# 校检
if UserService.generatePwd(
old_password,
g.current_user.login_salt) != g.current_user.login_pwd:
resp['code'] = -1
resp['msg'] = '旧密码错误,请重新输入'
return jsonify(resp)
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的原密码'
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的新密码'
return jsonify(resp)
if new_password == old_password:
resp['code'] = -1
resp['msg'] = '请输入与原密码不相同的新密码'
return jsonify(resp)
# 获取用户信息,修改密码为新密码生成的加密密码
user_info = g.current_user
user_info.login_pwd = UserService.generatePwd(new_password,
user_info.login_salt)
db.session.add(user_info)
db.session.commit()
# 更新cookie中的旧密码
response = make_response(json.dumps(resp))
response.set_cookie(
app.config["AUTH_COOKIE_NAME"],
"%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 5)
print(resp.msg)
return response
def resetPwd():
if request.method == "GET":
return ops_render("/user/reset_pwd.html")
# POST
resp = {"code": 200, "msg": "重置密码成功", "data": {}}
req = request.values
old_password = req['old_password'] if "old_password" in req else ''
new_password = req['new_password'] if "new_password" in req else ''
print(old_password)
print(new_password)
# 校检
# 旧密码
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的原始密码"
return jsonify(resp)
# 新密码
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的新密码"
return jsonify(resp)
# 旧密码和新密码是否一致
if new_password == old_password:
resp['code'] = -1
resp['msg'] = "请输入与原始密码不相同的新密码"
return jsonify(resp)
# 重新给密码加密
# 获取用户信息,修改密码为新密码生成的加密密码
user_info = g.current_user
# 设置缓存
user_info.login_pwd = UserService.generatePwd(new_password,
user_info.login_salt)
# 添加到数据库,作为更改
db.session.add(user_info)
db.session.commit()
# 更新cookie中的旧密码
response = make_response(json.dumps(resp))
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
"%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 5)
return response
def login():
if request.method == 'GET':
if g.current_user:
return redirect(U)
return ops_render('user/login.html')
resp = {
'code':200,
'msg':'登录成功!',
'data':{}
}
req = request.values
login_name = req['login_name']
login_pwd = req['login_pwd']
# 后端校检 不为空 长度不小于1
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = '请输入正确的用户名!'
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = '请输入正确的密码'
return jsonify(resp)
user_info = User.query.filter_by(login_name=login_name).first()
print(user_info)
if not user_info:
resp['code'] = -1
resp['msg'] = '用户名不存在'
return jsonify(resp)
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = '账户已被禁用'
return jsonify(resp)
if user_info.login_pwd != UserService.generatePwd(login_pwd,user_info.login_salt):
resp['code'] = -1
resp['msg'] = '密码错误'
return jsonify(resp)
# 将用户信息存入到浏览器的cookie中
# json.dumps() 只能处理dict list类型,经过处理可以直接在浏览器使用
response = make_response(json.dumps({'code':200,'msg':'登录成功!'}))
# name value 过期时间
# value包括login_name login_pwd login_salt uid
response.set_cookie(app.config["AUTH_COOKIE_NAME"],'%s@%s'%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*5)
return response
def resetPwd():
if request.method == 'GET':
return ops_render("user/reset_pwd.html")
# POST请求
resp = {
'code':200,
'msg':'修改密码成功!',
'data':{}
}
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入不小于六位的旧密码'
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入不小于六位的新密码'
return jsonify(resp)
if old_password == new_password:
resp['code'] = -1
resp['msg'] = '新密码不能与旧密码一致'
return jsonify(resp)
user_info = g.current_user
# 演示账号的保护
# if user_info.uid == 1:
# pass
user_info.login_pwd = UserService.generatePwd(new_password,user_info.login_salt)
db.session.add(user_info)
db.session.commit()
# 修改cookie中的旧用户信息
response = make_response(json.dumps(resp))
response.set_cookie(app.config['AUTH_COOKIE_NAME'],'%s@%s' % (UserService.generateAuthCode(user_info),user_info.uid),60*60*24*2)
return response
def resetPwd():
if request.method == 'GET':
return ops_render('/user/reset_pwd.html')
#post
resp = {'code': 200, 'msg': '重置密码成功', 'data': {}}
#缓存
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
#校检
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的原密码'
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的新密码'
return jsonify(resp)
if new_password == old_password:
resp['code'] = -1
resp['msg'] = '原密码与新密码不能相同'
return jsonify(resp)
#获取用户信息,修改密码生成新的加密后的密码
user_info = g.current_user
user_info.login_pwd = UserService.generatePwd(new_password,
user_info.login_salt)
db.session.add(user_info)
db.session.commit()
#更新cookie中的旧密码
response = make_response(json.dumps(resp))
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
'%s@%s' % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 5)
return response
def login():
if request.method == 'GET':
return render_template("user/login.html")
resp = {'code': 200, 'msg': '登录成功', 'data': {}}
req = request.values
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的密码"
return jsonify(resp)
# 从数据库中取出user
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
resp['code'] = -1
resp['msg'] = "用户不存在"
return jsonify(resp)
# 判断密码
if user_info.login_pwd != UserService.generatePwd(login_pwd,
user_info.login_salt):
resp['code'] = -1
resp['msg'] = "密码输入错误"
return jsonify(resp)
# 判断用户状态
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = "用户已经被禁用,请联系管理员处理"
return jsonify(resp)
response = make_response(json.dumps({'code': 200, 'msg': '登录成功~~~'}))
# Cookie中存入的信息是user_info.uid,user_info
response.set_cookie(
"hmsc_1901C",
"%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 15)
return response
