def wrapper(*args, **kwargs):
if request.method == 'POST':
token = GetRequestJsonData(request, 'Token', None)
if not token:
return ReturnRequest(ReturnCode.paramete_error, '非法请求', '')
account = Account.query.filter(Account.token == token).first()
if not account:
return ReturnRequest(SystemCode.TokenInvalid,
'Token已失效或不正确, 请重新登录', '')
if not user_group:
print('注意!@UserTokenAuthPost: 未设置可访问的用户权限')
return ''
if account.account_group not in user_group:
return ReturnRequest(ReturnCode.paramete_error,
'你没有权限访问该接口', '')
request.json['current_account'] = account
return func(request, *args, **kwargs)
# try:
# except:
# return ReturnRequest(ReturnCode.paramete_type_error, '请求参数格式有误', '')
else:
return ReturnRequest(SystemCode.ErrorRequestMethod, '请求方法不正确',
'')
def upload_article(request):
userid = GetRequestJsonData(request, 'userid', None)
title = GetRequestJsonData(request, 'title', None)
introduce = GetRequestJsonData(request, 'introduce', None)
content = GetRequestJsonData(request, 'content', None)
article_type = GetRequestJsonData(request, 'article_type', None)
content_type = GetRequestJsonData(request, 'content_type', None)
status = GetRequestJsonData(request, 'status', 0)
cover = GetRequestJsonData(request, 'cover', None)
if not userid:
return ReturnCode.paramete_error, '用户id异常', ''
if not title:
return ReturnCode.paramete_error, '标题不能为空', ''
if not introduce:
return ReturnCode.paramete_error, '介绍不能为空', ''
if not str(content):
return ReturnCode.paramete_error, '内容不能为空', ''
if not article_type:
return ReturnCode.paramete_error, '发布类型不能为空', ''
if not cover:
return ReturnCode.paramete_error, '封面不能为空', ''
if int(article_type) == 1:
if not content_type:
return ReturnCode.paramete_error, '作品类型不能为空', ''
new = Article()
new.upload_userid = userid
new.upload_time = datetime.now()
new.article_type = int(article_type)
new.title = str(title)
new.introduce = str(introduce)
new.content = str(content)
new.content_type = int(content_type)
new.cover = str(cover)
new.status = status
db.session.add(new)
try:
db.session.commit()
return ReturnCode.ok, '上传成功', {'id': new.id}
except:
db.session().rollback()
return ReturnCode.server_error, '系统出错', ''
def register(request):
username = GetRequestJsonData(request, 'username', None)
email = GetRequestJsonData(request, 'email', None)
password = GetRequestJsonData(request, 'password', None)
repassword = GetRequestJsonData(request, 'repassword', None)
print(username, email, password, repassword)
if not all([username, email, password, repassword]):
return ReturnCode.paramete_error, '邮箱或用户名密码输入不正确', ''
if User.query.filter(User.email == email).first():
return ReturnCode.paramete_error, '该邮箱已被注册', ''
if User.query.filter(User.username == username).first():
return ReturnCode.paramete_error, '该用户名已被注册', ''
if password != password:
return ReturnCode.paramete_error, '两次密码输入不一致', ''
adduser = User(
reg_time = datetime.now(),
password = generate_password_hash(str(password)),
email = str(email),
username = str(username),
token = '',
head = 'default.png',
userstatus = 0
)
db.session.add(adduser)
try:
db.session.commit()
return ReturnCode.ok, '注册成功', ''
except:
db.session().rollback()
return ReturnCode.server_error, '系统出错', ''
def login(request):
hmduserreturncode = 1000
email = GetRequestJsonData(request, 'email', None)
password = GetRequestJsonData(request, 'password', None)
user = User.query.filter(User.email == email).first()
if not user:
return ReturnCode.paramete_error, '用户不存在', ''
if user.userstatus == 2:
return hmduserreturncode, '黑名单用户 禁止登录', ''
if check_password_hash(str(user.password), password):
md5 = hashlib.md5((user.email + DateTimeForStr(datetime.now())).encode()).hexdigest()
user.token = str(md5)
db.session.commit()
# return 400, '登录成功', {'Token':md5, 'userID': str(user.id)}
return ReturnCode.ok, '登录成功', {'Token':md5, 'userID': str(user.id), 'username':user.username, 'head':SERVER_GULAOBURL + '/static/head/' + user.head, 'userstatus':user.userstatus}
return ReturnCode.paramete_error, ' 邮箱或密码不正确', ''
def wrapper(*args, **kwargs):
if request.method == 'GET':
userkey = GetRequestJsonData(request, 'userid', None)
token = GetRequestJsonData(request, 'token', None)
if not userkey or not token:
return ReturnRequest(SystemCode.NotLogin, '请求参数有误', '')
obj = UserAccount.query.filter(UserAccount.id == userkey).first()
if not obj:
return ReturnRequest(SystemCode.NotLogin, '请求参数有误', '')
if not token:
ReturnRequest(SystemCode.NotLogin, '请求参数有误', '')
if obj.token != token:
return ReturnRequest(SystemCode.TokenInvalid,
'Token已失效或不正确, 请重新登录', '')
# userid = obj.id
return func(request, *args, **kwargs)
else:
return ReturnRequest(SystemCode.ErrorRequestMethod, '请求方法不对', '')
def Logout(request):
userid = GetRequestJsonData(request, 'userid', None)
user = User.query.filter(User.id == userid).first()
if not user:
return ReturnCode.paramete_error, '用户不存在', ''
user.token = ''
try:
db.session.commit()
return ReturnCode.ok, '退出登录成功', ''
except:
db.session.rollback()
return ReturnCode.server_error, '系统出错', ''