def POST(self):
name = xutils.get_argument("username", "")
pswd = xutils.get_argument("password", "")
target = xutils.get_argument("target")
users = xauth.get_users()
error = ""
count = cacheutil.get("login.fail.count#%s" % name, 0)
if count >= RETRY_LIMIT:
error = "重试次数过多"
elif name in users:
user = users[name]
if pswd == user["password"]:
save_login_info(name, "success")
xauth.write_cookie(name)
xauth.update_user(name,
dict(login_time=xutils.format_datetime()))
if target is None:
raise web.seeother("/")
raise web.seeother(target)
else:
error = "用户名或密码错误"
save_login_info(name, pswd)
cacheutil.set("login.fail.count#%s" % name, count + 1, 60)
else:
error = "用户名或密码错误"
save_login_info(name, pswd)
# 用户名异常的不做限制,防止缓存被刷爆
# cacheutil.set("login.fail.count#%s" % name, count+1, 60)
return xtemplate.render("login.html",
username=name,
password=pswd,
error=error)
def set_user_config(key, value):
if key not in USER_CONFIG_KEY_SET:
return
user = xauth.current_user()
if user.config is None:
user.config = Storage()
user.config[key] = value
xauth.update_user(user["name"], user)