def identify(self, request):
"""
用户鉴权
:return: list
"""
data = ''
msg = ''
status = code.AUTHORIZATION_ERROR
auth_header = request.headers.get('Authorization')
if (auth_header):
auth_tokenArr = auth_header.split(" ")
if (not auth_tokenArr or auth_tokenArr[0] != 'JWT'
or len(auth_tokenArr) != 2):
msg = '请传递正确的验证头信息'
else:
auth_token = auth_tokenArr[1]
payload = self.decode_auth_token(auth_token)
if not isinstance(payload, str):
user = UsersModel.get(UsersModel, payload['data']['id'])
if (user is None):
msg = '找不到该用户信息'
else:
if (user.login_time == payload['data']['login_time']):
status = code.OK
data = user.id
msg = '请求成功'
else:
msg = 'Token已更改,请重新登录获取'
else:
msg = payload
else:
msg = '没有提供认证token'
return pretty_result(status, data=data, msg=msg)
def post(self):
user = UsersModel.get(UsersModel, g.user_id)
returnUser = {
'id': user.id,
'username': user.username,
'email': user.email,
'permission': user.permission,
'avatar': user.avatar,
'login_time': user.login_time
}
return pretty_result(code.OK, data=returnUser)
def get(self):
"""
获取用户列表信息
:return: json
"""
user = UsersModel.get(UsersModel, g.user_id)
returnUser = {
'id': user.id,
'userName': user.username,
'email': user.email,
'permission': user.permission,
'avatar': user.avatar
# 'login_time': user.login_time
}
totalCount = 3
List = [{
"id": "@id",
"permission": "editor",
}]
return pretty_result(code.OK, data=List)
class Users(Controller):
# constructor
def __init__(self):
super(Users, self).__init__()
self._data = UsersModel()
# login
def login(self):
if self.logged():
return write("Well done")
email = request.values.get("email")
password = request.values.get("password")
if email is not None and \
password is not None and \
self._data.valid(email, sha512(password)):
session["email"] = email
return write("Well done")
else:
return error("Incorrect login or password")
# logout
def logout(self):
if not self.logged():
return error("You not logged")
session.pop('email', None)
return write("Well done")
# entered
def entered(self):
if self.logged():
return write("Yes")
else:
return write("No")
# register new user
def register(self):
if self.logged():
return error("You are already logged")
email = request.values.get("email")
password = request.values.get("password")
fname = request.values.get("fname")
lname = request.values.get("lname")
role = request.values.get("role")
avatar = request.values.get("avatar")
status = request.values.get("status")
if (not (type(email) is unicode)) or (len(email) < 5):
return error("Incorrect e-mail")
if (not (type(password) is unicode)) or (len(password) < 5):
return error("Incorrect password")
if self._data.exists(email):
return error("User with this e-mail already exists")
try:
self._data.add({"email": email,
"password": sha512(password),
"fname": fname,
"lname": lname,
"role": role,
"avatar": avatar,
"status": status})
return write("Well done")
except:
return error("Registration failed")
# delete user
def delete(self):
if not self.logged():
return error("You not logged")
try:
id = int(request.values.get("id"))
self._data.delete(id)
return write("Well done")
except:
return error("Invalid request")
# get user info
def get(self, param):
if not self.logged():
return error("You not logged")
try:
if type(param) is int:
return write(self._data.get(param))
elif type(param) is unicode:
return write(self._data.get(param))
else:
return write(self._data.get(session["email"]))
except:
return error("Invalid request")
# change user info
def change(self):
if not self.logged():
return error("You not logged")
user = {"email": request.values.get("email"),
"password": request.values.get("password"),
"fname": request.values.get("fname"),
"lname": request.values.get("lname"),
"role": request.values.get("role"),
"avatar": request.values.get("avatar"),
"status": request.values.get("status")}
try:
id = int(request.values.get("id"))
self._data.edit(id, user)
return write("Well done")
except:
return error("Invalid request")
# get all user list
def all(self):
if not self.logged():
return error("You not logged")
try:
return write(self._data.all())
except:
return error("Invalid request")
def fetch(self, **kwargs):
action = kwargs.get("action")
param = kwargs.get("param")
if action == "login":
return self.login()
elif action == "logout":
return self.logout()
elif action == "entered":
return self.entered()
elif action == "register":
return self.register()
elif action == "delete":
return self.delete()
elif action == "get" or action is None:
return self.get(param)
elif action == "change":
return self.change()
elif action == "all":
return self.all()
else:
return error("Invalid request")
