def identify(self, request): """ 用户鉴权 :return: list """ auth_header = request.headers.get('Authorization') if (auth_header): auth_tokenArr = auth_header.split(" ") if (not auth_tokenArr or auth_tokenArr[0] != 'JWT' or len(auth_tokenArr) != 3): result = falseReturn('', '请传递正确的验证头信息') else: auth_token = auth_tokenArr[2] payload = self.decode_auth_token(auth_token) if not isinstance(payload, str): user = User.get(User, payload['data']['id']) if (user is None): result = falseReturn('', '找不到该用户信息') else: if (user.login_time == payload['data']['login_time']): result = trueReturn(user.id, '请求成功') else: result = falseReturn('', 'Token已更改,请重新登录获取') else: result = falseReturn('', payload) else: result = falseReturn('', '没有提供认证token') return result
def register(): """ 用户注册 :return: json """ email = request.form.get('email') username = request.form.get('username') password = request.form.get('password') # 最后一条记录及其ID lastUserRecord = User.query.order_by(desc('id')).first() if (lastUserRecord is None): newRecordId = 1 else: newRecordId = lastUserRecord.id + 1 user = User(id=newRecordId, email=email, username=username, password=User.set_password(User, password)) User.add(User, user) userInfo = User.get(User, user.id) if userInfo: returnUser = { 'id': userInfo.id, 'username': userInfo.username, 'email': userInfo.email, 'login_time': userInfo.login_time } return jsonify(trueReturn(returnUser, REGISTER_SUCCESS_MSG)) else: return jsonify(falseReturn('', REGISTER_FAILURE_MSG))
def load_user_from_request(request): result = Auth.identify(Auth, request) if (result['status'] and result['data']): user = User.get(User, result['data']) if user: return user else: print("is exception !!!!") return falseReturn('', '用户验证失败')
def authenticate(self, username, password): """ 用户登录,登录成功返回token,写将登录时间写入数据库;登录失败返回失败原因 :param password: :return: json """ userInfo = User.query.filter_by(username=username).first() if (userInfo is None): return jsonify(falseReturn('', '找不到用户')) else: if (User.check_password(User, userInfo.password, password)): login_time = int(time.time()) userInfo.login_time = login_time User.update(User) token = self.encode_auth_token(userInfo.id, login_time) return jsonify(trueReturn(token.decode(), '登录成功')) else: return jsonify(falseReturn('', '密码不正确'))
def handle_exception(e): """Return JSON instead of HTML for HTTP errors.""" # start with the correct headers and status code from the error # response = e.get_response() # replace the body with JSON # response.content_type = "application/json" rst = json.dumps({ "code": e.code, "name": e.name, "description": e.description, }) logging.error(rst) return jsonify(falseReturn(rst,API_FAILURE_MSG))