def update_expire_time(access_token): action_time = utils.cur_timestamp() data = { 'access_token': access_token, 'action_time': action_time, 'expire_time': action_time + config.expire_second } db_session.update(data)
def post(self): ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return user_info = json.loads(self.request.body) user_id = user_info['user_id'] ok, info = check.check_user_id(user_id) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return access_token = encrypt.make_cookie_secret() action_time = utils.cur_timestamp() session_data = { 'access_token': access_token, 'user_id': user_id, 'action_time': action_time, 'expire_time': action_time + config.expire_second } if db_session.update(session_data): self.set_secure_cookie("access_token", access_token) self.set_cookie("user_id", user_id) ok = True info = {} else: ok = False info = u"登陆失败,请联系管理员!" self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return user_info = json.loads(self.request.body) username, password = user_info['username'], user_info['passwd'] ok, info = check.check_password(username, password) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return access_token = encrypt.make_cookie_secret() action_time = utils.cur_timestamp() session_data = { 'access_token': access_token, 'username': username, 'action_time': action_time, 'expire_time': action_time + config.expire_second } if db_session.update(session_data): self.set_secure_cookie("access_token", access_token) self.set_cookie("username", username) ok = True info = {} else: ok = False info = "Login error, please contact with the system administrator" self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def is_expired(access_token): """ verify if user has action time @param access_token: user's access_token, get form cookie @return Boolean, expired or not """ info = db_utils.get_info_by_token(access_token) expire_time = info['expire_time'] if utils.cur_timestamp() > expire_time: return True else: action_time = utils.cur_timestamp() session_data = { 'username': info['username'], 'action_time': action_time, 'expire_time': action_time + config.expire_second } db_session.update(session_data) return False