示例#1
0
 def post(self, *args, **kwargs):
     newpwd = self.get_argument("newpwd", None)
     renewpwd = self.get_argument("renewpwd", None)
     db = self.settings["db"]
     userid = self.current_user.get("userid")
     if newpwd and renewpwd and newpwd == renewpwd:
         yield db.users.update({"_id": ObjectId(userid)}, {"$set": {"pwd": make_password(newpwd)}})
         self.send_message("密码修改成功")
     else:
         self.send_message("两次输入的密码不一致", status_code=1)
示例#2
0
 def post(self, *args, **kwargs):
     """验证输入的密码是否与当前用户的密码一致"""
     db = self.settings["db"]
     userid = self.current_user.get("userid", None)
     user = yield db.users.find_one({"_id": ObjectId(userid)})
     pwd = self.get_argument("pwd", None)
     if pwd and make_password(pwd) == user.get("pwd"):
         self.send_message("密码正确")
     else:
         self.send_message("密码不正确", status_code=1)
示例#3
0
    def post(self, *args, **kwargs):
        #gen.sleep(10);
        username = self.get_argument('username',None)
        pwd = self.get_argument('pwd',None)
        db = self.settings['db']
        role_code=self.get_argument('role',None)

        user = yield db.users.find_one({"$or":[{"email":username},{"loginname":username}]})

        if user and pwd:
            if make_password(pwd) == user.get('pwd'):
                if user.get('nologin')==1:
                    self.send_message('用户被禁止登录,请联系管理员!',status_code=1)
                    return
                # self.send_error(status_code=500,reason='用户名和密码不能违空')
                # 验证通过后,获取用户的权限列表信息并保存到用户会话中
                role=yield db.roles.find_one({'code':role_code})

                if role['code'] not in user.get('roles',[]):
                    self.send_message('选择的角色与用户角色不匹配,请重新选择!',status_code=1)
                    return

                user_perm_ids=[ObjectId(id) for id in role.get('perms',[])]
                perms=yield db.perms.find({"_id":{"$in":user_perm_ids}},{'_id':0,'name':1}).to_list(length=None)

                #user_role_ids=[ObjectId(id) for id in user.get('roles',[])]
                #roles=yield db.roles.find({"_id":{"$in":user_role_ids}}).to_list(length=None)


                self.session.set('user',{'username':username,
                                         'role':role_code,
                                         'userid':str(user['_id']),
                                         'perms':[item['name'] for item in perms],
                                         'remote_ip':self.request.remote_ip,
                                         'login_time':datetime.datetime.now()})
                self.set_cookie('role',role_code)
                self.set_cookie('userid',str(user['_id']))
                user_profile=yield db.user.profile.find_one({'_id':str(user['_id'])})
                skin=user_profile.get('skin','default') if user_profile else 'default'
                self.set_cookie('miniuiSkin',skin)
                self.send_message("登录成功")
            else:
                self.send_message("密码错误",status_code=1)
        else:
            self.send_message("用户不存在或密码为空",status_code=1)
示例#4
0
 def get(self, *args, **kwargs):
     key=self.get_argument('key',None)
     md5=make_password(key if key else '111111')
     self.send_message(md5)