async def post(self, *args, **kwargs):
re_data = {}
params = self.request.body.decode("utf8")
params = json.loads(params)
login_form = LoginForm.from_json(params)
if login_form.validate():
mobile = login_form.mobile.data
password = login_form.password.data
try:
user = await self.application.objects.get(User, mobile=mobile)
if not user.password.check_password(password):
self.set_status(400)
re_data['non_fields'] = "用户名或密码错误"
else:
# 登录成功
# 生成json web token
payload = {
"id": user.id,
"nick_name": user.nick_name,
"exp": datetime.utcnow()
}
token = jwt.encode(payload, self.settings['secret_key'], algorithm='HS256')
re_data["id"] = user.id
if user.nick_name is not None:
re_data["nick_name"] = user.nick_name
else:
re_data["nick_name"] = user.mobile
re_data['token'] = token.decode("utf8")
except User.DoesNotExist as e:
self.set_status(400)
re_data["mobile"] = "用户不存在"
self.finish(re_data)
async def post(self, *args, **kwargs):
return_data = {}
params = self.request.body.decode('utf-8')
params = json.loads(params)
login_form = LoginForm.from_json(params)
if login_form.validate():
mobile = login_form.mobile.data
password = login_form.password.data
try:
user = await self.application.objects.get(User, mobile=mobile)
if not user.password.check_password(password): # check_password将明文的密码加密成密文
self.set_status(400)
return_data['non_fields'] = '用户名或密码错误'
else:
# 登录成功,jwt本质是加密技术
# 生成json web token
payload = {
'id': user.id,
'nickname': user.nickname,
'exp': datetime.utcnow(), # jwt内部过期用到的也是utcnow
}
token = jwt.encode(payload, self.settings['secret_key'], algorithm='HS256')
return_data['id'] = user.id
if user.nickname is not None:
return_data['nickname'] = user.nickname
else:
return_data['nickname'] = user.mobile
return_data['token'] = token.decode('utf-8')
except User.DoesNotExist as e:
self.set_status(400)
return_data['mobile'] = '用户不存在'
self.finish(return_data)
async def post(self, *args, **kwargs):
req_data = self.request.body.decode("utf-8")
req_data = json.loads(req_data)
login_form = LoginForm.from_json(req_data)
res_data = {}
if login_form.validate():
phone_num = login_form.phone_num.data
password = login_form.password.data
try:
user_obj = await self.application.objects.get(
User, phone_num=phone_num
)
if not user_obj.password.check_password(password):
self.set_status(400)
res_data["content"] = "用户名或密码不正确"
else:
payload = {
"id": user_obj.id,
"exp": get_current_timestamp()
}
token = jwt.encode(
payload,
self.settings["secret_key"],
algorithm="HS256"
)
res_data["id"] = user_obj.id
res_data["token"] = token.decode("utf8")
except User.DoesNotExist:
self.set_status(400)
res_data["content"] = "用户名不存在"
else:
res_data["content"] = login_form.errors
self.finish(res_data)
async def post(self, *args, **kwargs):
re_data = {}
param = self.request.body.decode('utf8')
login_form = LoginForm.from_json(json.loads(param))
if login_form.validate():
mobile = login_form.mobile.data
password = login_form.password.data
try:
user = await self.application.objects.get(User, mobile=mobile)
if not user.password.check_password(password):
self.set_status(400)
re_data['non_fields'] = '用户名或者密码错误'
else:
# 删除 jwt
payload = {
'id': user.id,
'nick_name': user.nick_name,
'exp': datetime.utcnow()
}
token = jwt.encode(payload,
self.settings['SECRET'],
algorithm='HS256')
re_data['id'] = user.id
if user.nick_name:
re_data['nick_name'] = user.nick_name
else:
re_data['nick_name'] = user.mobile
re_data['token'] = token.decode('utf8')
except:
self.set_status(400)
re_data['mobile'] = '用户不存在'
return self.write(re_data)
async def post(self, *args, **kwargs):
re_data = {}
params = self.request.body.decode("utf-8")
params = json.loads(params)
login_form = LoginForm.from_json(params)
if login_form.validate():
mobile = login_form.mobile.data
password = login_form.password.data
try:
user = await self.application.objects.get(User, mobile=mobile)
# 密码加密不可逆 将密码加密之后进行重新比较
if user.password.check_password(password):
# 构建 json web token
# 设置过期时间要设置 UTC 时间 因为内部检查使用的也是 UTC 时间
payload = {
"id": user.id,
"nick_name": user.nick_name,
"exp": datetime.utcnow()
}
token = jwt.encode(payload,
self.settings["secret_key"],
algorithm='HS256')
re_data["id"] = user.id
if user.nick_name is not None:
re_data["nick_name"] = user.nick_name
else:
re_data["nick_name"] = user.mobile
re_data["token"] = token.decode(
"utf8") # 将byte 类型 decode成utf-8格式
else:
self.set_status(400)
re_data["non_fields"] = "用户名或密码错误"
except User.DoesNotExist as e:
self.set_status(400)
re_data["mobile"] = "用户不存在"
self.finish(re_data)
async def post(self, *args, **kwargs):
param = self.request.body.decode('utf8')
re_data = {}
param = json.loads(param)
form = LoginForm.from_json(param)
if form.validate():
mobile = form.mobile.data
password = form.password.data
try:
user = await self.application.objects.get(User, mobile=mobile)
if not user.password.check_password(password):
self.set_status(400)
re_data['non_fields'] = "用户名或密码错误"
else:
# 登陆成功
ployed = {
'id': user.id,
'nick_name': user.nick_name,
# 固定参数
'exp': datetime.utcnow()
}
# 生成jwt
token = jwt.encode(ployed,
self.settings['secret_key'],
algorithm='HS256')
re_data['id'] = user.id
if user.nick_name:
re_data['nick_name'] = user.nick_name
else:
re_data['nick_name'] = user.mobile
# TypeError: Object of type 'bytes' is not JSON serializable
# 不加decode会报错
re_data['token'] = token.decode('utf8')
except User.DoesNotExist as e:
self.set_status(400)
re_data['mobile'] = '用户不存在'
self.finish(re_data)
async def post(self, *args, **kwargs):
param = self.request.body.decode('utf-8')
param = json.loads(param)
form = LoginForm.from_json(param)
account = form.account.data
password = form.password.data
if account is None:
return self.json(Result(code=10080, msg="参数有误, 不可缺少account字段"))
if password is None:
return self.json(Result(code=10080, msg="参数有误, 不可缺少password字段"))
if form.validate():
try:
user = await self.application.objects.get(User,
account=account)
if not user.password.check_password(password):
return self.json(Result(code=10090, msg="密码错误,请重新输入!"))
else:
payload = {
"id": user.id,
"nick_name": user.nick_name,
"exp": datetime.utcnow()
}
token = jwt.encode(payload,
self.settings['secret_key'],
algorithm='HS256')
nick_name = user.nick_name if user.nick_name is not None else user.account
return self.json(
Result(code=1,
msg="登陆成功",
data={
'id': user.id,
'nick_name': nick_name,
'token': token.decode('utf-8')
}))
except User.DoesNotExist:
return self.json(Result(code=10020, msg="该账户不存在,尚未注册过!"))
else:
return self.json(Result(code=10090, msg="账号或密码错误, 请检查!"))
async def post(self, *args, **kwargs):
re_data = {}
param = self.request.body.decode("utf-8")
param = json.loads(param)
form = LoginForm.from_json(param)
if form.validate():
mobile = form.mobile.data
password = form.password.data
try:
user = await self.application.objects.get(User, mobile=mobile)
if not user.password.check_password(password):
self.set_status(400)
re_data["non_fields"] = "用户名或密码错误"
else:
#登录成功
#1. 是不是rest api只能使用jwt
# session实际上是服务器随机生成的一段字符串, 保存在服务器的
# jwt 本质上还是加密技术,userid, user.name
#生成json web token
payload = {
"id": user.id,
"nick_name": user.nick_name,
"exp": datetime.utcnow()
}
token = jwt.encode(payload,
self.settings["secret_key"],
algorithm='HS256')
re_data["id"] = user.id
if user.nick_name is not None:
re_data["nick_name"] = user.nick_name
else:
re_data["nick_name"] = user.mobile
re_data["token"] = token.decode("utf8")
except User.DoesNotExist as e:
self.set_status(400)
re_data["mobile"] = "用户不存在"
self.finish(re_data)
async def post(self, *args, **kwargs):
param = self.request.body.decode('utf-8')
param = json.loads(param)
form = LoginForm.from_json(param)
account = form.account.data
password = form.password.data
if form.validate():
try:
user = await self.application.objects.get(User, account=account)
if not user.password.check_password(password):
return self.json(JsonResponse(code=10008))
else:
payload = {
"id": user.id,
"nick_name": user.nick_name,
"exp": datetime.utcnow()
}
token = jwt.encode(
payload,
settings.TORNADO_CONF.secret_key, algorithm='HS256'
)
nick_name = user.nick_name if user.nick_name is not None else user.account
return self.json(
JsonResponse(
code=1,
data={
'id': user.id,
'nick_name': nick_name,
'token': token.decode('utf-8')})
)
except User.DoesNotExist:
self.set_status(400)
return self.json(JsonResponse(code=10009))
else:
self.set_status(400)
return self.json(JsonResponse(code=10008))
async def post(self, *args, **kwargs):
res = {}
data = self.request.body.decode("utf-8")
data = json.loads(data)
form = LoginForm.from_json(data)
if form.validate():
username = form.username.data
password = form.password.data
try:
query = UserProfile.select().where(
(UserProfile.username == username)
| (UserProfile.email == username))
user = await self.application.objects.execute(query)
user = user[0]
if not user.password.check_password(password):
res['non_fields'] = '用户名或密码错误'
self.set_status(400)
else:
payload = {
'id': user.id,
'username': username,
'exp': datetime.utcnow()
}
token = jwt.encode(payload,
self.settings["secret_key"],
algorithm='HS256')
res['token'] = token.decode('utf-8')
except UserProfile.DoesNotExist:
self.set_status(400)
res['username'] = '******'
else:
self.set_status(400)
for field in form.errors:
res[field] = form.errors[field]
self.finish(res)