def post(self):
        if check_use_source(_USE_SOURCE_TYPE_1):
            # 1.0 校验平台
            result = check_bg_ip()
            if result is False:
                self.return_error(30000)
            # 2.0 获取参数
            argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
                must_keys=['user_id', 'level'],
                verify_timeliness=False,
                api_type=_USER_TYPE_ADMIN,
                check_token=False,
                invariable_key=False,
                request_type=_REQUEST_TYPE_LOGIN,
                decode_by_inner=_DECODE_TYPE_DEFAULT)

            user_id = argument_dict['user_id']
            level = argument_dict['level']

            user_service = UserBaseService(aes_share_key=aes_share_key,
                                           aes_nonce=aes_nonce)
            user_info = user_service.get_admin_user_info_by_id(
                user_id, admin_level=level)

            return user_info
        else:
            # 1.0 校验平台
            result = check_bg_ip()
            if result is False:
                self.return_error(30000)

            # 2.0 获取参数
            argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
                must_keys=['user_id', 'level'],
                verify_timeliness=False,
                api_type=_USER_TYPE_ADMIN,
                check_token=False,
                invariable_key=False,
                request_type=_REQUEST_TYPE_LOGIN,
                decode_by_inner=_DECODE_TYPE_INNER)

            user_service = UserBaseService(aes_share_key=aes_share_key,
                                           aes_nonce=aes_nonce)
            user_info = user_service.get_user_info_by_id(
                argument_dict['user_id'],
                user_type=_USER_TYPE_ADMIN,
                admin_level=argument_dict['level'])

            return user_info
    def post(self):
        if check_use_source(_USE_SOURCE_TYPE_1):
            # 1.0 校验平台
            result = check_bg_ip()
            if result is False:
                self.return_error(30000)
            argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
                must_keys=[
                    'user_id', 'user_name', 'rights_list', 'password',
                    'change_type'
                ],
                api_type=_USER_TYPE_ADMIN,
                request_type=_REQUEST_TYPE_LOGIN,
                check_form_token=True,
            )

            user_id = argument_dict['user_id']
            user_name = argument_dict['user_name']
            rights_list = argument_dict['rights_list']
            password = argument_dict['password']
            change_type = argument_dict['change_type']

            user_service = UserBaseService(aes_share_key=aes_share_key,
                                           aes_nonce=aes_nonce)
            result = user_service.change_rights_by_admin(
                user_id, user_name, rights_list, password, change_type)

            return result, aes_share_key, aes_nonce
        else:
            return False
    def post(self):
        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
            must_keys=['user_id', 'vcode', 'password', 'level'],
            api_type=_USER_TYPE_ADMIN,
            request_type=_REQUEST_TYPE_LOGIN,
            decode_by_inner=_DECODE_TYPE_INNER)

        user_id = argument_dict['user_id']
        vcode = argument_dict['vcode']
        password = argument_dict['password']
        level = argument_dict['level']
        if not check_admin_user_platform_level(level):
            self.return_error(10039)

        # 3.0 检查验证码有效性
        if not check_authentication(vcode):
            self.return_error(30201)

        r = UserBaseService( aes_share_key=aes_share_key, aes_nonce=aes_nonce).\
            reset_login_password(user_id, password, user_type=_USER_TYPE_ADMIN, admin_level=level)

        return r, aes_share_key, aes_nonce
    def post(self):
        """
        用户注册时,获取用户key_salt
        :return:
        """
        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
            must_keys=['user_name', 'client_public_key', 'level'],
            check_token=False,
            invariable_key=False,
            api_type=_USER_TYPE_ADMIN,
            request_type=_REQUEST_TYPE_REGISTER,
            decode_by_inner=_DECODE_TYPE_INNER)
        name = argument_dict['user_name']
        client_public_key = argument_dict['client_public_key']
        level = argument_dict['level']
        if not check_admin_user_platform_level(level):
            self.return_error(10039)

        # 2.0 创建用户并且创建salt
        us = UserBaseService(aes_share_key=aes_share_key, aes_nonce=aes_nonce)
        result = us.get_register_key_salt(name,
                                          client_public_key,
                                          user_type=_USER_TYPE_ADMIN,
                                          admin_level=level)
        return result, aes_share_key, aes_nonce
    def post(self):
        """
        登录
        :return:
        """
        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        user_type = _USER_TYPE_ADMIN
        # 2.0 获取登录参数
        argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
            must_keys=['user_mobile', 'password', 'level'],
            check_token=False,
            api_type=user_type,
            request_type=_REQUEST_TYPE_LOGINING,
            decode_by_inner=_DECODE_TYPE_INNER,
            check_form_token=True)
        user_name = argument_dict['user_mobile']
        password = argument_dict['password']
        level = argument_dict['level']
        if not check_admin_user_platform_level_new(level):
            self.return_error(10039)

        # 3.0 完成登录
        r = UserBaseService( aes_share_key=aes_share_key, aes_nonce=aes_nonce).\
            login(user_name, password, user_type=user_type, admin_level=level)
        return r, aes_share_key, aes_nonce
    def post(self):
        """
        登录时创建key_salt
        :return:
        """

        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        user_type = _USER_TYPE_ADMIN
        argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
            must_keys=['user_mobile', 'client_public_key', 'level'],
            check_token=False,
            invariable_key=False,
            api_type=user_type,
            request_type=_REQUEST_TYPE_LOGIN,
            decode_by_inner=_DECODE_TYPE_DEFAULT,
            check_form_token=False)

        user_mobile = argument_dict['user_mobile']
        client_public_key = argument_dict['client_public_key']
        level = argument_dict['level']
        if not check_admin_user_platform_level_new(level):
            self.return_error(10039)

        us = UserBaseService(aes_share_key=aes_share_key, aes_nonce=aes_nonce)
        # 创建salt
        result = us.get_login_key_salt(user_mobile,
                                       client_public_key,
                                       user_type=user_type,
                                       admin_level=level)
        return result, aes_share_key, aes_nonce
Exemplo n.º 7
0
    def post(self):
        """
        刷新用户access_token
        :return:
        """
        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        api_type = _USER_TYPE_ADMIN
        # 2.0 获取参数
        argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
            must_keys=['user_id', 'refresh_token'],
            check_token=False,
            api_type=api_type,
            request_type=_REQUEST_TYPE_LOGIN,
            decode_by_inner=_DECODE_TYPE_INNER)
        user_id = argument_dict['user_id']
        refresh_token = argument_dict['refresh_token']

        # 3.0 刷新token
        r = ApiTokenService(aes_share_key=aes_share_key, aes_nonce=aes_nonce).\
            refresh_token(user_id, refresh_token, user_type=api_type)
        return r, aes_share_key, aes_nonce
    def post(self):
        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        # 2.0 获取参数
        argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
            api_type=_USER_TYPE_BORROW,
            request_type=_REQUEST_TYPE_LOGIN,
            check_user_id=True)

        return argument_dict
    def post(self):
        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        # 2.0 获取参数
        argument_dict, _, _ = self.get_argument_dict(
            api_type=_USER_TYPE_ADMIN,
            request_type=_REQUEST_TYPE_LOGIN,
            decode_by_inner=_DECODE_TYPE_INNER)

        return argument_dict
Exemplo n.º 10
0
    def post(self, path):
        all_path_list = request.path.split("/")[1:]
        path_list = path.split("/")

        # 1.0 区别前后台用户
        if all_path_list[0] == 'bg':
            if len(path_list) < 2:
                self.return_error(10043)
            self.user_type = _USER_TYPE_ADMIN
            # 后台用户需要校验ip
            result = check_bg_ip()
            if result is False:
                self.return_error(30000)
        elif all_path_list[0] == 'users':
            pass
        else:
            self.return_error(10004)

        # 2.0 获取参数
        argument_dict, share_key, nonce = self.get_argument_dict(
            must_keys=self.must_keys,
            is_transfer=True,
            api_type=self.user_type,
            request_type=self.request_type,
            invariable_key=self.invariable_key,
            check_token=self.check_token,
            check_user_id=self.check_user_id,
            verify_timeliness=self.verify_timeliness,
            encrypt=self.encrypt,
            check_form_token=self.check_form_token)
        raise_logger('UsersTransferToPlatformController' +
                     json.dumps(argument_dict))
        # 3.0 后台用户校验权限
        user_service = UserBaseService(aes_share_key=share_key,
                                       aes_nonce=nonce)
        if self.user_type == _USER_TYPE_ADMIN:
            user_id = argument_dict['user_id']
            module_url = path_list[0]
            transfer_check_result = user_service.check_admin_user_module_rights_by_user_id(
                user_id, module_url)
            if not transfer_check_result:
                self.return_error(30232)
        transfer_url = get_transfer_to_platform_config(
        )['default_ip'] + request.path
        response_dict = transfer_to_platform(transfer_url, data=argument_dict)
        if self.return_aes:
            return response_dict, share_key, nonce
        else:
            return response_dict
    def post(self):
        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        user_type = _USER_TYPE_BORROW
        # 2.0 获取参数
        argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
            must_keys=['user_id'],
            verify_timeliness=False,
            api_type=user_type,
            check_token=False,
            invariable_key=False,
            request_type=_REQUEST_TYPE_LOGIN,
            decode_by_inner=_DECODE_TYPE_INNER)

        user_info = UserBaseService(aes_share_key=aes_share_key, aes_nonce=aes_nonce).\
            update_user_info_by_id(argument_dict, user_type=user_type)

        return user_info
    def post(self):
        if check_use_source(_USE_SOURCE_TYPE_1):
            # 1.0 校验平台
            result = check_bg_ip()
            if result is False:
                self.return_error(30000)
            argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
                must_keys=['user_id'],
                api_type=_USER_TYPE_ADMIN,
                request_type=_REQUEST_TYPE_LOGIN,
            )

            user_id = argument_dict['user_id']

            user_service = UserBaseService(aes_share_key=aes_share_key,
                                           aes_nonce=aes_nonce)
            result = user_service.list_rights_to_admin(user_id)

            return result, aes_share_key, aes_nonce
        else:
            return False
    def post(self):
        """
        用户注册
        :return:
        header 放入 User-Mobile 为用户名
        """
        # 1.0 校验平台
        result = check_bg_ip()
        if result is False:
            self.return_error(30000)

        if check_use_source(_USE_SOURCE_TYPE_1):
            return result
        else:
            # 2.0 获取注册参数
            argument_dict, aes_share_key, aes_nonce = self.get_argument_dict(
                must_keys=['user_mobile', 'vcode', 'password', 'level'],
                check_token=False,
                api_type=_USER_TYPE_ADMIN,
                request_type=_REQUEST_TYPE_REGISTER,
                decode_by_inner=_DECODE_TYPE_INNER)

            user_name = argument_dict['user_mobile']
            vcode = argument_dict['vcode']
            password = argument_dict['password']
            level = argument_dict['level']

            if not check_admin_user_platform_level(level):
                self.return_error(10039)

            # 3.0 检查验证码有效性
            if not check_authentication(vcode):
                self.return_error(30201)

            # 4.0 处理用户注册逻辑, 注册后更新saltkey
            result = UserBaseService( aes_share_key=aes_share_key, aes_nonce=aes_nonce).\
                register(user_name, password, level, user_type=_USER_TYPE_ADMIN)
            return result, aes_share_key, aes_nonce