async def login_access_token( *, db: Session = Depends(deps.get_db), user_info: user.UserEmailAuth, ) -> Any: """ 用户登录 :param db: :param user_info: :return: """ # 验证用户 user = curd_user.authenticate(db, email=user_info.username, password=user_info.password) if not user: logger.info(f"用户邮箱认证错误: email{user_info.username} password:{user_info.password}") return response_code.resp_500(message="用户名或者密码错误") elif not curd_user.is_active(user): return response_code.resp_500(message="用户邮箱未激活") access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) return response_code.resp_200(data={ "token": security.create_access_token(user.id, expires_delta=access_token_expires), "token_type": "Bearer", })
async def login_for_access_token( form_data: OAuth2PasswordRequestForm = Depends()): user = await authenticate_user(form_data.username, form_data.password) if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password.", headers={"WWW-Authenticate": "Bearer"}, ) access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token(data={"sub": user.username}, expires_delta=access_token_expires) logging.info(user) user_data = { "id": user.oid, "license": user.license, "name": user.name, "username": user.username, "email": user.email, "licenseOwner": user.licenseOwner, "verified": user.verified, "disabled": user.disabled, "roles": user.roles, "token": access_token, } return { "access_token": access_token, "token_type": "bearer", "user": user_data }
async def login_access_token( *, db: Session = Depends(deps.get_db), user_info: user_schema.UserEmailAuth, ) -> Any: """ 用户JWT登录 :param db: :param user_info: :return: """ # 验证用户 user = curd_user.authenticate(db, email=user_info.username, password=user_info.password) if not user: logger.info(f"用户邮箱认证错误: email{user_info.username} password:{user_info.password}") return response_code.resp_4003(message="username or password error") elif not curd_user.is_active(user): return response_code.resp_4003(message="User email not activated") access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) # 登录token 只存放了user.id return response_code.resp_200(data={ "token": security.create_access_token(user.id, expires_delta=access_token_expires), })
async def login_access_token( form_data: schemas.UserLogin, db: AsyncIOMotorClient = Depends(get_database) ) -> Any: """ 登录接口 :param form_data: :param db: :return: {code: int, data: {'access_token':xxx, "name": xxx}, 'message':xxx} """ user = await crud.user.authenticate(db, login_data=form_data) if not user: return {'code': 50000, 'message': '账号或者密码错误!'} elif not await crud.user.is_active(user): return {'code': 50004, 'message': '账号冻结,请联系管理员激活账号!'} access_token_expires = timedelta( minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) return { "code": 20000, "data": { "access_token": security.create_access_token(user['username'], expires_delta=access_token_expires), "name": user['full_name'] }, 'message': '登陆成功!' }
def basic_user_token( test_db, create_basic_user # noqa F811 ): if authenticate(test_db, username=settings.TEST_USER_USERNAME, password=settings.TEST_USER_PASSWORD): return create_access_token(settings.TEST_USER_USERNAME)
async def login(login: Login, users: UserRepository = Depends(get_user_repository)): user = await users.get_by_email(login.email) if user is None or not verify_password(login.password, user.hashed_password): raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password") return Token(access_token=create_access_token({"sub": user.email}), token_type="Bearer")
def login(user:Login,db: Session = Depends(get_db)): user = authenticate(db,user.email,user.password) if not user: raise HTTPException(status_code=400, detail="Incorrect email or password") return { "access_token": create_access_token(user.email), "token_type": "bearer", "rol_id": user.rol.id if user.rol else None, "rol_name": user.rol.name if user.rol else None }
def login(user: Login, db: Session = Depends(get_db)): user = authenticate(db, username=user.username, password=user.password, email=user.email) if not user: raise HTTPException(status_code=400, detail='Incorrect email or password') return { 'access_token': create_access_token(user.username), 'token_type': 'bearer', 'rol_id': user.rol.id if user.rol else None, 'rol_name': user.rol.name if user.rol else None }
def login(user: Login, db: Session = Depends(get_db)) -> TokenUser: user_auth = authenticate(db, username=user.username, password=user.password, email=user.email) if not user_auth: credential_type = 'email' if user.email else 'username' raise HTTPException( status_code=400, detail=f'Incorrect {credential_type} or password' ) return { 'access_token': create_access_token(user_auth.username), 'token_type': 'bearer', 'rol_id': user_auth.rol.id if user_auth.rol else None, 'rol_name': user_auth.rol.name if user_auth.rol else None }
def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)): user = authenticate_user(username=form_data.username, password=form_data.password, db=db) if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password", ) access_token_expires = timedelta( minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token(data={"sub": user.email}, expires_delta=access_token_expires) return {"access_token": access_token, "token_type": "bearer"}
async def login_for_access_token( form_data: OAuth2PasswordRequestForm = Depends()): user = security.authenticate_user(fake_users_db, form_data.username, form_data.password) if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password", headers={"WWW-Authenticate": "Bearer"}, ) access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = security.create_access_token( data={"sub": user.username}, expires_delta=access_token_expires) return {"access_token": access_token, "token_type": "bearer"}
async def login_for_access_token(*, username: str = Body(...), password: str = Body(...), db: Session = Depends(get_db), respose: Response): user = crud.user.authenticate(db, username, password) if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password", headers={"WWW-Authenticate": "Bearer"}, ) access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token(data={"sub": user.username}, expires_delta=access_token_expires) # respose.set_cookie("airwaybill-session", access_token) //mvc set cookies return {"access_token": access_token, "token_type": "bearer"}
async def profile_login(user_info: UserLogin): """ 登录 \n username admin \n password 12345 \n :param user_info: :return: """ # 由于这里这是模拟 所以就不查询数据库了, 如有需要查看我这个项目 FastAPI jwt登录认证 # https://github.com/CoderCharm/FastAdmin/blob/master/backend/app/api/api_v1/auth/views.py#L32 if user_info.username == "admin" and user_info.password == "12345": # 过期时间 access_token_expires = timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) # 保存数据到token中, 我这里保存的是用户名 一般保存用户id token = security.create_access_token(user_info.username, expires_delta=access_token_expires) return response_code.resp_200({"token": token}) else: return response_code.resp_200(message="用户名或者密码错误")
def login_access_token(db: Session = Depends(deps.get_db), form_data: OAuth2PasswordRequestForm = Depends()): """ OAuth2 compatible token login, get an access token for future requests """ user = user_crud.authenticate(db, email=form_data.username, password=form_data.password) if not user: raise HTTPException(status_code=400, detail="Incorrect email or password") access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) return { "access_token": security.create_access_token(user.id, expires_delta=access_token_expires), "token_type": "bearer", }
def login_access_token( db: Session = Depends(deps.get_db), form_data: OAuth2PasswordRequestForm = Depends() ) -> Any: """ OAuth2 compatible token login, get an access token for future requests """ user = crud.user.authenticate( db, email=form_data.username, password=form_data.password ) if not user: raise NotFoundException("用户不存在") elif not crud.user.is_active(user): raise UnicornException("无效用户") access_token_expires = timedelta( minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) return resp_200({ "access_token": security.create_access_token( user.id, expires_delta=access_token_expires ), "token_type": "bearer", })
def login_access_token( form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(deps.get_db), ) -> Any: user = crud.user.authenticate(db, email=form_data.username, password=form_data.password) if not user: raise HTTPException(status_code=400, detail="Incorrect email or password") elif not crud.user.is_active(user): raise HTTPException(status_code=400, detail="Inactive user") access_token_expires = timedelta( minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) return { "access_token": security.create_access_token(user.id, expires_delta=access_token_expires), "token_type": "bearer", }
async def get_token(request: Request, form_data: AuthLoginForm = Depends(verify_auth_form)): login_log = LoginLog(grant_type=form_data.grant_type, ip_address=request.client.host) response = AuthorizationResponse( token_type="Bearer", expires_in=settings.ACCESS_TOKEN_EXPIRATION_TIME) user: ORMUser = None if form_data.grant_type == "password": user = await ORMUser.query.where(ORMUser.email == form_data.username ).gino.first() if user is None or form_data.password != user.password: if not user: pre_user: PreUser = await PreUser.query.where( PreUser.email == form_data.username).gino.first() if pre_user and pre_user.password == form_data.password: token: str = await create_email_confirmation_token(pre_user ) await send_confirmation_email(pre_user.email, token) return { "pre_user_id": pre_user.id, "success": "emailconfirm_login", "success_description": "Need to confirm email before login", } if user.password == None: #TODO: AUTENTIFICAR COM GOOGLE,FACEBOOK ou APPLE return '' raise HTTPException( status_code=400, detail={ "error": "invalid_grant", "error_description": "Email or password incorrect.", }, ) refresh_token = await create_refresh_token(user) response.refresh_token = refresh_token if form_data.grant_type == "refresh_token": if not await verify_refresh_token(form_data.refresh_token): raise HTTPException( status_code=400, detail={ "error": "invalid_grant", "error_description": "Refresh token invalid or revoked.", }, ) user = await get_owner_refresh_token(form_data.refresh_token) response.refresh_token = form_data.refresh_token if not user.is_active: raise HTTPException( status_code=400, detail={ "error": "invalid_grant", "error_description": "User is not active.", }, ) login_log.user_id = user.id await login_log.create() response.access_token = create_access_token(user) return response
def signin_by_verify_code(self, db: Session, request: Request, response: Response, *, obj_in: schema_user.UserVerifyCodeSigninIn): """ 通过 短信/邮箱 验证码登录 :param account: 手机号/邮箱/用户名 :param verify_code: 验证码 :return: token, 提示信息 """ # --------- 比较验证码是否匹配 ----------- # redis_verify_code = redis_client.get(obj_in.account) if obj_in.verify_code != redis_verify_code: message = "验证码不正确或已过期" response.status_code = status.HTTP_422_UNPROCESSABLE_ENTITY logger.error(message) return None, message if re.match(RE_PHONE, obj_in.account): # 手机 db_user = crud_user.get_user_by_phone(db, phone=obj_in.account) elif re.match(RE_EMAIL, obj_in.account): # 邮箱 db_user = crud_user.get_user_by_email(db, email=obj_in.account) else: message = "账号输入有误,请重新输入" response.status_code = status.HTTP_422_UNPROCESSABLE_ENTITY logger.error(message) return None, message # ----------- 判断账号是否注册过 ----------- # userid = None authorityid = None if not db_user: if re.match(RE_PHONE, obj_in.account): # 手机 dict_obj_in = { "phone": obj_in.account, "hashed_password": None, "ip": request.client.host } db_user_obj = crud_user.create_by_phone(db, obj_in=dict_obj_in) elif re.match(RE_EMAIL, obj_in.account): # 邮箱 dict_obj_in = { "email": obj_in.account, "hashed_password": None, "ip": request.client.host } db_user_obj = crud_user.create_by_email(db, obj_in=dict_obj_in) if not db_user_obj: message = "登录失败" response.status_code = status.HTTP_500_INTERNAL_SERVER_ERROR logger.error(message) return None, message userid = db_user_obj.id # 将新增之后的 用户id 赋值给变量 authorityid = db_user_obj.authorityid # 默认权限 elif db_user.status == 1: message = f"账号 {obj_in.account} 已被禁用" response.status_code = status.HTTP_403_FORBIDDEN logger.error(message) return None, message if db_user: userid = db_user.id authorityid = db_user.authorityid # -------- # 登录token 存储了userid 和 authorityid ------- # access_token_expires = timedelta( minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) token = security.create_access_token( userid, authorityid, expires_delta=access_token_expires) redis_client.set(userid, token, ex=settings.ACCESS_TOKEN_EXPIRE_MINUTES) # --------- 登录成功之后向数据库添加一条登录日志信息 ---------- # ip = request.client.host # 用户ip signin_log_id = crud_user.add_signin_log(db, userid=userid, ip=ip) if not signin_log_id: message = f"用户 {obj_in.account} 登录失败" response.status_code = status.HTTP_500_INTERNAL_SERVER_ERROR logger.error(message) return None, message else: redis_client.set(obj_in.account, "", ex=1) # 使验证码失效 message = f"用户 {obj_in.account} 登录成功" response.status_code = status.HTTP_200_OK return token, message
def signin(self, db: Session, request: Request, response: Response, *, obj_in: schema_user.UserPasswordSigninIn): """ 通过密码登录 :param account: 手机号/邮箱/用户名 :param password: 密码 :return: token, 提示信息 """ # -------- 判断输入账号 手机号/邮箱/用户名 ------- # if re.match(RE_PHONE, obj_in.account): # 手机 db_user = crud_user.get_user_by_phone(db, phone=obj_in.account) elif re.match(RE_EMAIL, obj_in.account): # 邮箱 db_user = crud_user.get_user_by_email(db, email=obj_in.account) else: # 用户名 db_user = crud_user.get_user_by_username(db, username=obj_in.account) # --------- 判断账号是否注册过 ---------- # if not db_user: message = f"账号 {obj_in.account} 未注册" response.status_code = status.HTTP_404_NOT_FOUND elif db_user.status == 1: message = f"账号 {obj_in.account} 已被禁用" response.status_code = status.HTTP_403_FORBIDDEN else: # ------ 判断用户是否设置初始密码 ------ # if not db_user.hashed_password: message = f"账号 {obj_in.account} 还未设置初始密码" response.status_code = status.HTTP_401_UNAUTHORIZED return None, message # --------- 密码进行比对 ----------- # if not security.verify_password(obj_in.password, db_user.hashed_password): message = f"用户 {obj_in.account} 密码不正确" response.status_code = status.HTTP_401_UNAUTHORIZED logger.error(message) else: # -------- # 登录token 存储了userid 和 authorityid ------- # access_token_expires = timedelta( minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) token = security.create_access_token( db_user.id, db_user.authorityid, expires_delta=access_token_expires) redis_client.set(db_user.id, token, ex=settings.ACCESS_TOKEN_EXPIRE_MINUTES) # -------- 登录成功之后向数据库添加一条登录日志信息 -------- # ip = request.client.host # 用户ip db_signin_log = crud_user.add_signin_log(db, userid=db_user.id, ip=ip) if not db_signin_log: message = f"用户 {obj_in.account} 登录失败" response.status_code = status.HTTP_401_UNAUTHORIZED else: message = f"用户 {obj_in.account} 登录成功" response.status_code = status.HTTP_200_OK return token, message logger.error(message) return None, message