def identify(request):
"""
用户鉴权
:return: list
"""
auth_header = request.headers.get('Authorization')
if auth_header:
auth_tokenArr = auth_header.split(" ")
if not auth_tokenArr or auth_tokenArr[0] != 'JWT' or len(
auth_tokenArr) != 2:
result = false_return(msg='请传递正确的验证头信息')
else:
auth_token = auth_tokenArr[1]
payload = Auth.decode_auth_token(auth_token)
if isinstance(payload, str):
result = false_return(msg=payload)
else:
user = session.query(admin_db).filter_by(
uid=payload['data']['uid']).first()
if user is None:
result = false_return(msg='找不到该用户信息')
else:
if user.login_time == payload['data']['login_time']:
result = true_return(data=user, msg='请求成功')
else:
result = false_return(msg='Token已过期')
else:
result = false_return(msg='未提供token')
return result
def wrapper():
auth_token = request.headers.get('Authorization')
if auth_token:
auth_token_arr = auth_token.split(".")
if not auth_token_arr or len(auth_token_arr) == 3:
auth_header = json.loads(
base64.b64decode(str(auth_token_arr[0]).encode()).decode())
if auth_header['typ'] != 'JWT':
result = common.false_return('', '请传递正确的验证头信息')
else:
payload = Auth.decode_auth_token(auth_token)
if not isinstance(payload, str):
users = user.Users.get_by_id(payload['data']['id'])
if users is None:
result = common.false_return('', '找不到该用户')
else:
if users.login_time == payload['data'][
'login_time']:
return_user = {
'id': users.id,
'username': users.username
}
result = common.true_return(
return_user, '请求成功')
else:
result = common.false_return(
'', 'Token已更改,请重新登录获取')
else:
result = common.false_return('', payload, 301)
else:
result = common.false_return('', '请传递正确的验证头信息')
else:
result = common.false_return('', '没有提供认证Token')
return func(result)
async def get(self):
motor_client = MotorClient()
collections = await motor_client.get_collections()
data = []
for i in collections:
data.append({'name': i})
self.write(true_return(data=data))
def post(self):
ip = self.get_argument('ip', None)
todo = self.get_argument('todo', None)
if not ip or not todo: return
print(todo, ip)
if todo == 'kill':
md_server.global_connection.pop(ip).close()
self.write(true_return(msg='封禁成功'))
elif todo == 'pull_black':
md_server.global_connection.pop(ip).close()
md_server.blacklist.add(ip)
blacklist_db.push(ip)
self.write(true_return(msg='拉黑成功'))
else:
self.write(false_return(msg='操作失败'))
def post(self):
ip = self.get_argument('ip', None)
todo = self.get_argument('todo', None)
if not ip or not todo: return
log.info(todo, ip)
if ip in md_server.global_connection:
md_server.global_connection.pop(ip).close() # 断开连接
if ip in md_server.tick_origin:
md_server.tick_origin.remove(ip) # 源服务器弹出
if todo == 'kill':
self.write(true_return(msg='封禁成功'))
if todo == 'pull_black':
md_server.blacklist.add(ip) # 拉黑
blacklist_db.add(ip) # 存入数据库
self.write(true_return(msg='拉黑成功'))
else:
self.write(false_return(msg='操作失败'))
def post(self):
auth_required = int(self.get_argument('auth_required'))
tornado.options.options.AUTH_REQUIRED = bool(auth_required)
tornado.options.options.KEY = self.get_argument('key')
tornado.options.options.ORIGIN_NUMBER = int(self.get_argument('origin_number'))
config_db.update(key=tornado.options.options.KEY, auth_required=auth_required,
origin_number=tornado.options.options.ORIGIN_NUMBER)
self.write(true_return(msg='更新成功'))
def post(self):
ip = self.get_argument('ip', None)
todo = self.get_argument('todo', None)
if not ip or not todo: return
print(todo, ip)
if todo == 'alive':
md_server.blacklist.remove(ip)
blacklist_db.pop(ip)
self.write(true_return(msg='解封成功'))
else:
self.write(false_return(msg='解封失败'))
def authenticate(self, username, password):
"""
用户登录,登录成功返回token, 登录失败返回失败原因
:param username:
:param password:
:return:
"""
user_info = Users.query.filter_by(username=username).first()
if user_info is None:
return jsonify(common.false_return('', '找不到用户'))
else:
if Users.check_password(user_info.password, password):
login_time = int(time.time())
Users.update(Users, user_info.id, login_time)
token = self.encode_auth_token(user_info.id, login_time)
return jsonify(common.true_return(token.decode(), '登录成功'))
else:
return jsonify(common.false_return('', '密码不正确'))
def register():
"""
用户注册
:return:json
"""
username = request.form.get('username')
password = request.form.get('password')
password = user.Users.set_password(password)
users = user.Users(username=username, password=password)
result = user.Users.add(users)
if users.id:
return_user = {
'id': users.id,
'username': users.username,
}
return jsonify(common.true_return(return_user, '用户注册成功'))
else:
return jsonify(common.false_return('', '用户注册失败'))
def post(self):
old_pwd = self.get_argument('old_pwd')
new_pwd1 = self.get_argument('new_pwd1')
new_pwd2 = self.get_argument('new_pwd2')
if not old_pwd or not new_pwd1 or not new_pwd2:
self.write(false_return(msg='含空项'))
return
if new_pwd1 != new_pwd2:
self.write(false_return(msg='密码不一致'))
return
admin = session.query(admin_db).filter_by(
uid=self.current_user.uid).first()
if admin.update_password(old_pwd, new_pwd1):
self.write(true_return(msg='修改密码成功!'))
else:
self.write(false_return(msg='密码错误'))
def authenticate(username, password):
"""
用户登录,登录成功返回token,写将登录时间写入数据库;登录失败返回失败原因
:param username
:param password
:return: true_return(data=token.decode(), msg='登录成功')
"""
user = session.query(admin_db).filter_by(username=username).first()
if user is None:
return false_return(msg='找不到用户')
else:
if user.check_password(password):
login_time = int(time.time())
user.login_time = login_time
session.commit()
user_info = {"login_time": login_time, "uid": user.uid}
token = Auth.encode_auth_token(user_info)
return true_return(data=token.decode(), msg='登录成功')
else:
return false_return(msg='密码不正确')
def get(self):
data = []
for ip in md_server.blacklist:
data.append({'ip': ip})
self.write(true_return(data=data))
def get(self):
data = dict(key=tornado.options.options.KEY, auth_required=tornado.options.options.AUTH_REQUIRED,
origin_number=tornado.options.options.ORIGIN_NUMBER)
self.write(true_return(data=data))
def get(self):
data = []
for ip in list(blacklist_db.load_ip()):
data.append({'ip': ip})
self.write(true_return(data=data))
def get(self):
data = []
for ip in list(md_server.global_connection.keys()):
data.append({'ip': ip})
self.write(true_return(data=data))
def get(self):
data = []
for ip in md_server.tick_origin:
data.append({'ip': ip})
self.write(true_return(data=data))
