def post(self):
"""
@apiDescription 用户登录
@api {post} /login/? 登录
@apiGroup login
@apiParam {Number} phone 手机号
@apiParam {String} passwd 密码
@apiError UserNotExists 用户不存在
@apiError BadPassword 密码错误
"""
phone = self.get_argument("phone")
passwd = self.get_argument("passwd")
user = User.user_login(self.orm_session, phone, passwd)
if user:
uid = str(user.id)
level = str(user.level)
self.sid = sid = self.gen_sid(uid)
self.redis_session.set(sid, ";".join([uid, level]))
self.set_secure_cookie("sid", sid)
if user.level == 2:
self.redirect("/admin")
else:
self.write({})
else:
self.write(dict(
status=1,
msg="login failed, user not exists or password is wrong"
))
