def reset_password(self):
"""重置密码"""
try:
user_id = self.data.pop('userId')
except KeyError:
return make_response({"code": "100", "desc": "入参校验失败"})
obj = UserManager.get_user(user_id)
if not obj:
return make_response({"code": "200", "desc": "userId不存在"})
if obj.username in ['admin', 'guest']:
return make_response({"code": "300", "desc": "特殊账号不能重置密码"})
user_obj = UserManager.get_user(user_id)
if user_obj.level in [25, 35]:
reset_level = 35
else:
reset_level = 30
UserManager.update_user(user_id,
password=md5(config.DEFAULT_USER_PWD),
level=reset_level,
user_status=1)
# 清除redis的token和user
token = redis.get_user_info(obj.username, key='token')
redis.delete_token(token)
redis.delete_user(obj.username)
return make_response({
"code":
"000",
"desc":
"用户密码已重置为[{}]".format(config.DEFAULT_USER_PWD)
})
def wrapper(self, *args, **kw):
if config.NON_AUTHENTICATION:
return func(self, *args, **kw)
token = request.headers.get('X-Token')
if token:
# from atp.api.redis_api import RedisManager
# r = RedisManager()
# username = r.get_username(token)
if self.username:
level = r.get_user_info(self.username, key='level')
if level and int(level) <= 35:
c = func(self, *args, **kw)
else:
c = make_response({
"code": "120",
"desc": "Sorry, 当前用户没有此项操作权限"
})
else:
c = make_response({"code": "110", "desc": "用户未登录"})
else:
c = make_response({"code": "110", "desc": "用户未登录"})
return c
def wrapper(self, *args, **kw):
if config.NON_AUTHENTICATION:
return func(self, *args, **kw)
token = request.headers.get('X-Token')
if token:
if self.username:
level = r.get_user_info(self.username, key='level')
if level and int(level) <= 25:
if 20 < int(level):
class_name = __get_class_name(self)
if class_name in _class_map_to_model:
creator = get_creator(self)
if creator != 'no creator column' and creator != self.username:
c = make_response({
"code":
"130",
"desc":
"Sorry, 当前用户角色只能修改/删除自己创建的记录"
})
return c
r.conn.expire('token:%s' % token, config.LOGIN_EXPIRE_TIME)
c = func(self, *args, **kw)
else:
c = make_response({
"code": "120",
"desc": "Sorry, 当前用户没有此项操作权限"
})
else:
c = make_response({"code": "110", "desc": "用户未登录"})
else:
c = make_response({"code": "110", "desc": "用户未登录"})
return c
def login(self):
"""用户登录"""
try:
username = self.data["username"]
plain_password = self.data["password"]
except KeyError:
return make_response({"code": "100", "desc": "入参校验失败"})
user_obj = UserManager.get_user_by_username(username)
if not user_obj:
user_obj = UserManager.get_user_by_nickname(username)
password = md5(plain_password)
if not user_obj or user_obj.password != password:
return make_response({"code": "100", "desc": "用户名或密码错误"})
username = user_obj.username
nickname = user_obj.nickname
level = user_obj.level
old_token = redis.get_user_info(username, key='token')
# token不存在,或者,token存在但已失效
if (not old_token) or (not redis.check_token_valid(old_token)):
token = gen_token(username, password)
user_map = {
'token': token,
'nickname': nickname,
'online': 1,
'level': level
}
redis.set_user_map(username, user_map)
redis.set_token(token,
username,
expire_time=config.LOGIN_EXPIRE_TIME)
else:
token = old_token
redis.set_token(token,
username,
expire_time=config.LOGIN_EXPIRE_TIME)
return make_response({
"code": "000",
"desc": "登录成功",
"token": token,
"username": username,
"nickname": nickname
})
def delete_user(self):
"""删除用户"""
try:
user_id = self.data.pop('userId')
except KeyError:
return make_response({"code": "100", "desc": "入参校验失败"})
obj = UserManager.get_user(user_id)
if not obj:
return make_response({"code": "200", "desc": "userId不存在"})
UserManager.delete_user(user_id)
# 清除redis的token和user
token = redis.get_user_info(obj.username, key='token')
redis.delete_token(token)
redis.delete_user(obj.username)
return make_response({"code": "000", "desc": "用户已删除"})
def username_to_nickname(username):
if not username:
return username
# 在这里初始化redis特别耗时!!!
# from atp.api.redis_api import RedisManager
# r = RedisManager()
global GL_USERNAME_NICKNAME_CACHE_DIC
if username in GL_USERNAME_NICKNAME_CACHE_DIC:
return GL_USERNAME_NICKNAME_CACHE_DIC[username]
else:
nickname = r.get_user_info(username, 'nickname')
if nickname:
GL_USERNAME_NICKNAME_CACHE_DIC[username] = nickname
return nickname
else:
return username