def register():
"""
用户注册
"""
if request.method == 'POST':
username = request.form.get("username")
password = request.form.get("password")
password2 = request.form.get("password2")
if not all([username, password, password2]):
return render_template('login.html', error="用户名或密码不允许为空")
user = db.query(User).filter(User.username == username).one_or_none()
if user:
return render_template('register.html', error="该用户名已注册")
if password2 != password:
return render_template('register.html', error="两次输入的密码不匹配")
token = create_token()
user = User(username=username,
password=generate_password_hash(password),
active=True,
token=token)
db.session.add(user)
db.session.commit()
response = make_response(redirect('/'))
response.set_cookie("token", token)
return response
return render_template('register.html')
def login():
"""
用户登录
"""
if request.method == 'POST':
username = request.form.get("username")
password = request.form.get("password")
if not all([username, password]):
return render_template('login.html', error="用户名或密码不允许为空")
user = db.query(User).filter(User.username == username).one_or_none()
if user and check_password_hash(user.password, password):
token = create_token()
user.token = token
db.session.commit()
response = make_response(redirect('/'))
response.set_cookie("token", token)
return response
else:
return render_template('login.html', error="用户名或密码不允许为空")
return render_template('login.html')
def login():
"""
管理员登录
:return:
"""
data = request.get_json()
username = data.get("username")
password = data.get("password")
admin = db.session.query(Admin).filter(
Admin.username == username).one_or_none()
if admin and check_password_hash(admin.password, password):
token = create_token()
admin.token = token
admin.login_time = datetime.now()
db.session.commit()
ret = {"token": token}
return jsonify(ret)
else:
return make_response(jsonify({
'error': '账号不存在或密码错误!',
'code': 401
}), 401)
def post(self):
data = request.get_json()
username = data.get("username")
password = data.get("password")
admin = db.session.query(Admin).filter(
Admin.username == username).one_or_none()
if admin is None:
raise exceptions.AuthFailed()
if check_password_hash(admin.password, password):
token = create_token()
admin.token = token
admin.login_time = datetime.now()
db.session.commit()
ret = {
"token": token,
"role": admin.role_id,
"role_name": admin.role.name if admin.role else None,
"username": admin.username,
"id": admin.id,
}
return jsonify(ret)
else:
raise exceptions.AuthFailed()