def password_hash(login_password: str) -> str:
"""
获取 hash 后的密码
:param password:
:return:
"""
# login_password = bytes(login_password)
setting.SECRET_KEY = md5(login_password)
return md5(login_password)
def verify_password(self, password):
pwdMd5 = md5(password)
if self.pwd == pwdMd5:
print('MD5加密之后的密文比较', self.pwd, pwdMd5)
return True
else:
return False
def login():
if request.method == 'POST':
msg = None
name = request.form.get('name')
pwd = request.form.get('pwd')
pwd = md5(pwd)
# print(name, pwd)
session_ = connect_db()
user_obj = session_.query(Users).filter(or_(Users.name == name, Users.mobile_number == name),
Users.pwd == pwd)
count = user_obj.count()
id = user_obj.first().id
name = user_obj.first().name
# print(count, id, name)
session['id'] = id
session['name'] = name
login_logs_obj = UsersLoginLogs(
ip=request.remote_addr,
users_id=id,
)
session_.add(login_logs_obj)
session_.commit()
session_.close()
if count > 0:
msg = 'ok'
return msg
else:
msg = 'error'
return msg
return '不允许Get请求!'
def register():
if request.method == 'POST':
msg = None
verify_code = request.form.get('verify_code')
# print(verify_code, session['random_verify_code'])
if verify_code != session['random_verify_code']:
msg = 'verify_code_err'
return msg
name = request.form.get('name')
mobile_number = request.form.get('mobile_number')
pwd = request.form.get('pwd')
pwd = md5(pwd)
session_ = connect_db()
name_count = ret = session_.query(Users).filter(Users.mobile_number == mobile_number).count()
if name_count > 0:
msg = 'name_error'
return msg
try:
user_obj = Users(
name=name,
pwd=pwd,
mobile_number=mobile_number
)
session_.add(user_obj)
session_.commit()
session_.close()
except Exception as e:
msg = 'db_error'
return msg
msg = 'ok'
return msg
return '不允许Get请求!'
def login():
error = ''
if request.method == 'GET':
form = LoginForm(None)
else:
# post请求验证表单
form = LoginForm(request.form)
if form.validate():
# 表单验证通过验证用户信息
username = form.data.get('username')
password = form.data.get('password')
# md5加密
pwd_md5 = md5(password)
data = fetch_one(
'select id, nickname from userinfo where user = %s and pwd = %s',
(username, pwd_md5))
if not data:
error = '用户名密码错误'
else:
session['user_info'] = {
'user_id': data['id'],
'nick_name': data['nickname']
}
return redirect('/index')
return render_template('login.html', form=form, error=error)
def vertify_password(login_password, db_password) -> bool:
"""
验证密码
:param plain_password: 原密码
:param hashed_password: hash后的密码
:return:
"""
md5_password = md5(login_password)
return md5_password == db_password
def login():
form = LoginForm(request.form)
form = form.validate_for_api()
4 / 0
# 表单验证通过验证用户信息
username = form.data.get('username')
password = form.data.get('password')
# md5加密
pwd_md5 = md5(password)
data = fetch_one(
'select id, nickname from userinfo where user = %s and pwd = %s',
(username, pwd_md5))
if data:
return Success()
else:
return AuthFailed()
def addAdminUser(request):
return_dict = {'status': '200', 'msg': '添加用户成功', 'flag':True, 'data': {}}
print('request.get_data()',request.get_data())
requestData=json.loads(request.get_data())
print('requestData',requestData)
user=adminUserList(
name=requestData['name'],
user_name=requestData['userName'],
email=requestData['email'],
phone=requestData['phone'],
sex=int(requestData['sex']),
)
user.pwd=md5(requestData['passWord'])
ifexistUser = adminUserList.query.filter_by(user_name=requestData['userName']).first()
ifexistUserTel = adminUserList.query.filter_by(phone=requestData['phone']).first()
ifexistUserEmai = adminUserList.query.filter_by(email=requestData['email']).first()
#如果数据库中有该用户,则禁止再添加
if ifexistUser:
return_dict['msg'] = '添加用户失败,该用户已存在'
return_dict['flag'] = False
return return_dict
if ifexistUserTel:
return_dict['msg'] = '添加用户失败,该手机号码已注册'
return_dict['flag'] = False
return return_dict
if ifexistUserEmai:
return_dict['msg'] = '添加用户失败,该邮箱已注册'
return_dict['flag'] = False
return return_dict
try:
print('333',user.pwd)
db.session.add(user)
db.session.commit()
currentUser = adminUserList.query.filter_by(user_name=requestData['userName']).first()
reg_user = currentUser.to_json()
return_dict['msg'] = '注册用户成功,用户名:{userName}'.format(userName=reg_user['userName'])
return_dict['data'] = reg_user
except Exception as err:
print('errr',err)
db.session.rollback()
return_dict['msg'] = '添加用户失败{}'.format(err)
return_dict['flag'] = False
return return_dict
def user_login():
if request.method == 'POST':
user = request.form.get('user', None)
pwd = request.form.get('pwd', None)
print(user, pwd)
if user and pwd:
ret = db_helper.fetchone(
'select *from userinfo where user=%s and pwd=%s',
(user, md5.md5(pwd)))
print(
ret
) # {'id': 1, 'user': '******', 'pwd': 'ea48576f30be1669971699c09ad05c94', 'nickname': 'thanlon'}
if not ret:
flash('用户名或者密码错误', 'error')
return render_template('home/login.html')
# session['user_id'] = ret['id']
# session['user_nickname'] = ret['nickname']
# session['user_info'] = {'user_id': ret['id'], 'user_nickname': ret['nickname']}
session['user_info'] = ret
flash('欢迎进入系统!', 'ok')
return redirect('/')
return render_template('home/login.html')
def getMd5(request):
requestData = request.args.to_dict()
print(requestData)
str=requestData.get('str')
return md5(str)