def register():
username = request.form['username']
password = request.form['password']
print 'register Header: %s\nusername: %s, password:%s' % (
request.headers, username, password)
if username <> '' and password <> '':
if User.select().where(User.username == username).first():
return jsonify({
'success': False,
'server_time': time.time(),
'msg': u'User name existed!'
})
user = User(username=username, password=password)
user.save()
return jsonify({
'success': True,
'server_time': time.time(),
'msg': ''
})
return jsonify({
'success': False,
'server_time': time.time(),
'msg': 'register fail, check username and password.'
})
def api_register_user(*, name, email, password):
if not name or not name.strip():
raise APIValueError('name')
if not email or not RE_EMAIL.match(email):
raise APIValueError('email')
if not password or not RE_PASSWORD.match(password):
raise APIValueError('password')
if (yield from User.findAll('email=?', [email])):
raise APIError('Register: failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_password = '******' % (uid, password)
user = User(id=uid,
name=name.strip(),
email=email,
password=hashlib.sha1(
sha1_password.encode('utf-8')).hexdigest())
yield from user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.password = '******'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
def user_list():
check_authentication()
res = []
p = User.select().where(True)
for x in p:
res.append(model_to_dict(x))
return app.response_class(response=json.dumps(res),
status=200,
mimetype='application/json')
def cookie2user(cookie):
L = cookie.split('-')
if len(L) != 3:
return None
uid, expires, sha1 = L
if int(expires) < time.time():
return None
user = yield from User.find(uid)
if not user:
return None
s = '%s-%s-%s-%s' % (user.id, user.password, expires, COOKIE_KEY)
if sha1 != hashlib.sha1(s.encode('utf-8')).hexdigest():
return None
user.password = '******'
return user
def login():
if request.method == 'GET':
return "Login Page" #render_template('login.html')
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
p = User.select().where(User.username == username)
if len(p) == 0:
return make_error_message("No such user")
elif len(p) == 1:
user = p[0]
return login_check(user, username, password)
else:
return make_error_message("Too many users: " + username)
def create_user_ws():
if not request.json or not 'username' in request.json or not 'user_id' in request.json or not 'realname' in request.json or not 'email' in request.json or not 'amount' in request.json:
abort(400)
if ORM.query_DB.user_exist(request.json['username']):
abort(400)
new_user = User(username=request.json['username'],
user_id=request.json['user_id'],
real_name=request.json['realname'],
email=request.json['email'],
amount=request.json['amount'])
session.add(new_user)
session.commit()
return jsonify(id=new_user.id,
username=new_user.username,
user_id=new_user.user_id,
realname=new_user.real_name,
email=new_user.email,
amount=new_user.amount), 201
def api_authenticate(*, email, password):
if not email:
raise APIValueError('email', 'Email can not be empty')
if not password:
raise APIValueError('password', 'Password can not be empty')
user = yield from User.findAll('email=?', [email])
if len(user) == 0:
raise APIValueError('email', 'Email does not exist.')
user = user[0]
sha1_password = '******' % (user.id, password)
sha1 = hashlib.sha1(sha1_password.encode('utf-8')).hexdigest()
if user.password != sha1:
raise APIValueError('password', 'Invalid password.')
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
r.content_type = 'application/json'
user.password = '******'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r