async def post(self, *args, **kwargs): re_data = {} params = self.request.body.decode("utf8") params = json.loads(params) login_form = LoginForm.from_json(params) if login_form.validate(): mobile = login_form.mobile.data password = login_form.password.data try: user = await self.application.objects.get(User, mobile=mobile) if not user.password.check_password(password): self.set_status(400) re_data['non_fields'] = "用户名或密码错误" else: # 登录成功 # 生成json web token payload = { "id": user.id, "nick_name": user.nick_name, "exp": datetime.utcnow() } token = jwt.encode(payload, self.settings['secret_key'], algorithm='HS256') re_data["id"] = user.id if user.nick_name is not None: re_data["nick_name"] = user.nick_name else: re_data["nick_name"] = user.mobile re_data['token'] = token.decode("utf8") except User.DoesNotExist as e: self.set_status(400) re_data["mobile"] = "用户不存在" self.finish(re_data)
async def post(self, *args, **kwargs): return_data = {} params = self.request.body.decode('utf-8') params = json.loads(params) login_form = LoginForm.from_json(params) if login_form.validate(): mobile = login_form.mobile.data password = login_form.password.data try: user = await self.application.objects.get(User, mobile=mobile) if not user.password.check_password(password): # check_password将明文的密码加密成密文 self.set_status(400) return_data['non_fields'] = '用户名或密码错误' else: # 登录成功,jwt本质是加密技术 # 生成json web token payload = { 'id': user.id, 'nickname': user.nickname, 'exp': datetime.utcnow(), # jwt内部过期用到的也是utcnow } token = jwt.encode(payload, self.settings['secret_key'], algorithm='HS256') return_data['id'] = user.id if user.nickname is not None: return_data['nickname'] = user.nickname else: return_data['nickname'] = user.mobile return_data['token'] = token.decode('utf-8') except User.DoesNotExist as e: self.set_status(400) return_data['mobile'] = '用户不存在' self.finish(return_data)
async def post(self, *args, **kwargs): req_data = self.request.body.decode("utf-8") req_data = json.loads(req_data) login_form = LoginForm.from_json(req_data) res_data = {} if login_form.validate(): phone_num = login_form.phone_num.data password = login_form.password.data try: user_obj = await self.application.objects.get( User, phone_num=phone_num ) if not user_obj.password.check_password(password): self.set_status(400) res_data["content"] = "用户名或密码不正确" else: payload = { "id": user_obj.id, "exp": get_current_timestamp() } token = jwt.encode( payload, self.settings["secret_key"], algorithm="HS256" ) res_data["id"] = user_obj.id res_data["token"] = token.decode("utf8") except User.DoesNotExist: self.set_status(400) res_data["content"] = "用户名不存在" else: res_data["content"] = login_form.errors self.finish(res_data)
async def post(self, *args, **kwargs): re_data = {} param = self.request.body.decode('utf8') login_form = LoginForm.from_json(json.loads(param)) if login_form.validate(): mobile = login_form.mobile.data password = login_form.password.data try: user = await self.application.objects.get(User, mobile=mobile) if not user.password.check_password(password): self.set_status(400) re_data['non_fields'] = '用户名或者密码错误' else: # 删除 jwt payload = { 'id': user.id, 'nick_name': user.nick_name, 'exp': datetime.utcnow() } token = jwt.encode(payload, self.settings['SECRET'], algorithm='HS256') re_data['id'] = user.id if user.nick_name: re_data['nick_name'] = user.nick_name else: re_data['nick_name'] = user.mobile re_data['token'] = token.decode('utf8') except: self.set_status(400) re_data['mobile'] = '用户不存在' return self.write(re_data)
async def post(self, *args, **kwargs): re_data = {} params = self.request.body.decode("utf-8") params = json.loads(params) login_form = LoginForm.from_json(params) if login_form.validate(): mobile = login_form.mobile.data password = login_form.password.data try: user = await self.application.objects.get(User, mobile=mobile) # 密码加密不可逆 将密码加密之后进行重新比较 if user.password.check_password(password): # 构建 json web token # 设置过期时间要设置 UTC 时间 因为内部检查使用的也是 UTC 时间 payload = { "id": user.id, "nick_name": user.nick_name, "exp": datetime.utcnow() } token = jwt.encode(payload, self.settings["secret_key"], algorithm='HS256') re_data["id"] = user.id if user.nick_name is not None: re_data["nick_name"] = user.nick_name else: re_data["nick_name"] = user.mobile re_data["token"] = token.decode( "utf8") # 将byte 类型 decode成utf-8格式 else: self.set_status(400) re_data["non_fields"] = "用户名或密码错误" except User.DoesNotExist as e: self.set_status(400) re_data["mobile"] = "用户不存在" self.finish(re_data)
async def post(self, *args, **kwargs): param = self.request.body.decode('utf8') re_data = {} param = json.loads(param) form = LoginForm.from_json(param) if form.validate(): mobile = form.mobile.data password = form.password.data try: user = await self.application.objects.get(User, mobile=mobile) if not user.password.check_password(password): self.set_status(400) re_data['non_fields'] = "用户名或密码错误" else: # 登陆成功 ployed = { 'id': user.id, 'nick_name': user.nick_name, # 固定参数 'exp': datetime.utcnow() } # 生成jwt token = jwt.encode(ployed, self.settings['secret_key'], algorithm='HS256') re_data['id'] = user.id if user.nick_name: re_data['nick_name'] = user.nick_name else: re_data['nick_name'] = user.mobile # TypeError: Object of type 'bytes' is not JSON serializable # 不加decode会报错 re_data['token'] = token.decode('utf8') except User.DoesNotExist as e: self.set_status(400) re_data['mobile'] = '用户不存在' self.finish(re_data)
async def post(self, *args, **kwargs): param = self.request.body.decode('utf-8') param = json.loads(param) form = LoginForm.from_json(param) account = form.account.data password = form.password.data if account is None: return self.json(Result(code=10080, msg="参数有误, 不可缺少account字段")) if password is None: return self.json(Result(code=10080, msg="参数有误, 不可缺少password字段")) if form.validate(): try: user = await self.application.objects.get(User, account=account) if not user.password.check_password(password): return self.json(Result(code=10090, msg="密码错误,请重新输入!")) else: payload = { "id": user.id, "nick_name": user.nick_name, "exp": datetime.utcnow() } token = jwt.encode(payload, self.settings['secret_key'], algorithm='HS256') nick_name = user.nick_name if user.nick_name is not None else user.account return self.json( Result(code=1, msg="登陆成功", data={ 'id': user.id, 'nick_name': nick_name, 'token': token.decode('utf-8') })) except User.DoesNotExist: return self.json(Result(code=10020, msg="该账户不存在,尚未注册过!")) else: return self.json(Result(code=10090, msg="账号或密码错误, 请检查!"))
async def post(self, *args, **kwargs): re_data = {} param = self.request.body.decode("utf-8") param = json.loads(param) form = LoginForm.from_json(param) if form.validate(): mobile = form.mobile.data password = form.password.data try: user = await self.application.objects.get(User, mobile=mobile) if not user.password.check_password(password): self.set_status(400) re_data["non_fields"] = "用户名或密码错误" else: #登录成功 #1. 是不是rest api只能使用jwt # session实际上是服务器随机生成的一段字符串, 保存在服务器的 # jwt 本质上还是加密技术,userid, user.name #生成json web token payload = { "id": user.id, "nick_name": user.nick_name, "exp": datetime.utcnow() } token = jwt.encode(payload, self.settings["secret_key"], algorithm='HS256') re_data["id"] = user.id if user.nick_name is not None: re_data["nick_name"] = user.nick_name else: re_data["nick_name"] = user.mobile re_data["token"] = token.decode("utf8") except User.DoesNotExist as e: self.set_status(400) re_data["mobile"] = "用户不存在" self.finish(re_data)
async def post(self, *args, **kwargs): param = self.request.body.decode('utf-8') param = json.loads(param) form = LoginForm.from_json(param) account = form.account.data password = form.password.data if form.validate(): try: user = await self.application.objects.get(User, account=account) if not user.password.check_password(password): return self.json(JsonResponse(code=10008)) else: payload = { "id": user.id, "nick_name": user.nick_name, "exp": datetime.utcnow() } token = jwt.encode( payload, settings.TORNADO_CONF.secret_key, algorithm='HS256' ) nick_name = user.nick_name if user.nick_name is not None else user.account return self.json( JsonResponse( code=1, data={ 'id': user.id, 'nick_name': nick_name, 'token': token.decode('utf-8')}) ) except User.DoesNotExist: self.set_status(400) return self.json(JsonResponse(code=10009)) else: self.set_status(400) return self.json(JsonResponse(code=10008))
async def post(self, *args, **kwargs): res = {} data = self.request.body.decode("utf-8") data = json.loads(data) form = LoginForm.from_json(data) if form.validate(): username = form.username.data password = form.password.data try: query = UserProfile.select().where( (UserProfile.username == username) | (UserProfile.email == username)) user = await self.application.objects.execute(query) user = user[0] if not user.password.check_password(password): res['non_fields'] = '用户名或密码错误' self.set_status(400) else: payload = { 'id': user.id, 'username': username, 'exp': datetime.utcnow() } token = jwt.encode(payload, self.settings["secret_key"], algorithm='HS256') res['token'] = token.decode('utf-8') except UserProfile.DoesNotExist: self.set_status(400) res['username'] = '******' else: self.set_status(400) for field in form.errors: res[field] = form.errors[field] self.finish(res)