def get_token_auth(): access_token = redis_store.get('access_token') if access_token: return "Bearer " + access_token else: if json.loads(refreshAccToken())['success']: access_token = redis_store.get('access_token') return "Bearer " + access_token else: return json.dumps(return_unsuccess('Refresh token expire'))
def refreshAccToken(): # res = json.loads(decode_token()).get('result') # try: # account = res[0]['companyId'] # except Exception as e: # return jsonify(return_unsuccess('Query Failed :' + str(e))) url = "https://sandbox.apihub.citi.com/gcb/api/authCode/oauth2/refresh" payload = "grant_type=refresh_token&refresh_token={0}".format( redis_store.get('refresh_token')) headers = { 'authorization': get_basic_auth(), 'content-type': "application/x-www-form-urlencoded", 'accept': "application/json" } r = requests.post(url, data=payload, headers=headers) dic = json.loads(r.text) # print(dic) redis_store.set('access_token', dic['access_token'], ex=dic['expires_in']) redis_store.set('refresh_token', dic['refresh_token'], ex=dic['refresh_token_expires_in']) if r.status_code == 200: return json.dumps(return_success('ok')) else: return json.dumps(return_unsuccess('Failed to refresh'))
def revokeAcc(): url = 'https://sandbox.apihub.citi.com/gcb/api/authCode/oauth2/revoke' payload = "token={0}&token_type_hint={1}".format( redis_store.get('refresh_token'), 'refresh_token') headers = { 'authorization': get_basic_auth(), 'content-type': 'application/x-www-form-urlencoded', 'accept': "application/json" } r = requests.post(url, data=payload, headers=headers) if r.status_code == 200: return redirect(INDEX) else: return "<h1>Revoke authorization grant failed !!</h1>"
def userRegister(): _json = request.json account = _json.get("account") res = json.loads(check_account()) suc = res.get("success") if not suc: return jsonify(return_unsuccess("账户重复")) companyId = _json.get("companyId") password = _json.get("passwd") verification = _json.get("verification") # 验证码验证 true_veri = redis_store.get('veri' + account) print(true_veri) print(type(true_veri)) if not true_veri: return jsonify(return_unsuccess("验证码过期")) elif verification != true_veri: return jsonify(return_unsuccess("验证码错误")) # 验证码正确,删除对应键值 redis_store.delete('veri' + account) # 生成token login_time = int(time.time()) token = Auth.create_jwt({'account': account, 'login_time': login_time}) # 密码处理 store = base64.b64decode(password) store_in = binascii.hexlify(store) strpass = str(store_in, 'utf-8') print(strpass) try: user_dao = UserDao() user_dao.add(account, strpass, companyId) resp = return_success("") resp['token'] = token return jsonify(resp) except Exception as e: print(e) return json.dumps(return_unsuccess("注册失败"), ensure_ascii=False)
def test13(self): redis_store.delete('access_token') print(redis_store.get('access_token'))
def login(): # token登陆 if request.method == 'GET': return decode_token() _json = request.json login_type = _json.get('type') account = _json.get('account') password = _json.get('passwd') web = _json.get('web') # 生成token login_time = int(time.time()) token = Auth.create_jwt({'account': account, 'login_time': login_time}) # 账号密码登陆 if login_type == 0: store_in = base64.b64decode(password) if not web: store_in = binascii.hexlify(store_in) strpass = str(store_in, 'utf-8') print(strpass) user_dao = UserDao() res = user_dao.query_check_login(account, strpass) size = len(res) if size == 1: resp = return_success(UserDao.to_dict(res)) resp['token'] = token return jsonify(resp) else: return jsonify(return_unsuccess('账号或密码错误')) # 验证码登陆 elif login_type == 1: true_veri = redis_store.get('veri' + account) if not true_veri: return jsonify(return_unsuccess("验证码过期")) elif password != true_veri: return jsonify(return_unsuccess("验证码错误")) res = json.loads(check_account()) suc = res.get("success") if not suc: print(res) redis_store.delete('veri' + account) user = UserDao().query_by_account(account) resp = return_success(UserDao.to_dict(user)) resp['token'] = token else: resp = return_unsuccess('Error: No such user') return jsonify(resp) # openid登陆 elif login_type == 2: openid = _json.get("openid") user_dao = UserDao() res = user_dao.query_by_openid_account(account, openid) size = len(res) if size == 1: resp = return_success(UserDao.to_dict(res)) token = Auth.create_jwt({ 'account': res[0][0], 'login_time': login_time }) resp['token'] = token return jsonify(resp) else: return jsonify(return_unsuccess('Error: No such user')) else: return jsonify(return_unsuccess('Error: Wrong Login Method'))