async def modify_client_authority( operate_token: str = Depends(verify.oauth2_scheme), modify_item: UserVarietyAuthItem = Body(...)): operate_user, _ = verify.decipher_user_token(operate_token) if not operate_user: raise HTTPException(status_code=401, detail="您登录过期了,重新登录后再操作!") # 验证expire_date try: datetime.strptime(modify_item.expire_date, '%Y-%m-%d') if not re.match(r'^[A-Z]{1,2}$', modify_item.variety_en): raise ValueError("INVALID VARIETY.") except Exception: raise HTTPException(status_code=400, detail="数据格式有误,修改失败!") with MySqlZ() as cursor: cursor.execute( "SELECT user_id,variety_id FROM user_user_variety WHERE variety_id=%s AND user_id=%s;", (modify_item.variety_id, modify_item.modify_user)) is_exist = cursor.fetchone() if is_exist: cursor.execute( "UPDATE user_user_variety SET expire_date=%(expire_date)s " "WHERE user_id=%(modify_user)s AND variety_id=%(variety_id)s;", jsonable_encoder(modify_item)) else: cursor.execute( "INSERT INTO user_user_variety (user_id, variety_id, variety_en, expire_date) " "VALUES (%(modify_user)s,%(variety_id)s,%(variety_en)s,%(expire_date)s);", jsonable_encoder(modify_item)) return {"message": "修改用户品种权限成功!"}
async def modify_client_authority(operate_token: str = Depends( verify.oauth2_scheme), modify_item: UserClientAuthItem = Body(...)): operate_user, _ = verify.decipher_user_token(operate_token) if not operate_user: raise HTTPException(status_code=401, detail="您登录过期了,重新登录后再操作!") # 验证expire_date try: datetime.strptime(modify_item.expire_date, '%Y-%m-%d') except Exception: raise HTTPException(status_code=400, detail="数据格式有误,修改失败!") with MySqlZ() as cursor: cursor.execute( "SELECT user_id,client_id FROM user_user_client WHERE client_id=%s AND user_id=%s;", (modify_item.client_id, modify_item.modify_user)) is_exist = cursor.fetchone() if is_exist: cursor.execute( "UPDATE user_user_client SET expire_date=%(expire_date)s " "WHERE user_id=%(modify_user)s AND client_id=%(client_id)s;", jsonable_encoder(modify_item)) else: cursor.execute( "INSERT INTO user_user_client (user_id, client_id, expire_date) " "VALUES (%(modify_user)s,%(client_id)s,%(expire_date)s);", jsonable_encoder(modify_item)) return {"message": "修改用户客户端登录权限成功!"}
async def user_token_logged(client: str = Query(..., min_length=36, max_length=36), token: str = Depends(verify.oauth2_scheme)): user_id, user_code = verify.decipher_user_token(token) if not user_id: raise HTTPException(status_code=401, detail="登录失败!Token Expired!") # 查询用户的有效与能否在此客户端登录 with MySqlZ() as cursor: cursor.execute( "SELECT `id`,role,username,note,is_active FROM user_user WHERE id=%s;", (user_id, )) user_info = cursor.fetchone() if not user_info: raise HTTPException(status_code=401, detail="登录失败!USER NOT FOUND!") cursor.execute( "SELECT `id`,is_manager FROM basic_client WHERE machine_uuid=%s;", (client, )) client_info = cursor.fetchone() if not client_info: raise HTTPException(status_code=401, detail="登录失败!INVALID CLIENT!") today_str = datetime.today().strftime("%Y-%m-%d") # 1 创建今日在线的数据库 cursor.execute( "SELECT `id`,online_date FROM user_user_online WHERE `user_id`=%s AND online_date=%s;", (user_info["id"], today_str)) is_today_online = cursor.fetchone() if not is_today_online: # 今日还未登录 cursor.execute( "INSERT INTO user_user_online (user_id,online_date,total_online) VALUES (%s,%s,%s);", (user_info["id"], today_str, 0)) # 2 非超管和运营查询当前用户是否能在这个客户端登录 if user_info["role"] not in ["superuser", "operator"]: cursor.execute( "SELECT userclient.id, userclient.user_id FROM user_user_client AS userclient " "INNER JOIN basic_client AS clienttb " "ON userclient.client_id=clienttb.id AND userclient.user_id=%s AND clienttb.machine_uuid=%s " "AND userclient.expire_date>%s;", (user_info["id"], client, today_str)) is_client_accessed = cursor.fetchone() if not is_client_accessed: raise HTTPException(status_code=403, detail="Can not login with the client.") return { "message": "token登录成功!", "show_username": user_info["username"], }
async def register( is_image_code_passed: bool = Depends(checked_image_code), phone: str = Form(...), nickname: str = Form(""), email: str = Form(""), weixin: str = Form(""), password: str = Form(...), ): if not is_image_code_passed: raise HTTPException(status_code=400, detail="Got an error image code.") print("phone:%s\n nickname:%s\n password:%s" % (phone, nickname, password)) time.sleep(3) # 将用户信息保存到数据库中 user_to_save = UserInDB( unique_code=verify.generate_user_unique_code(), # 生成系统号 username=nickname, phone=phone, email=email, weixin=weixin, password_hashed=verify.get_password_hash(password) # hash用户密码 ) with MySqlZ() as cursor: cursor.execute( "INSERT INTO `user_user` (`unique_code`,`username`,`phone`,`email`,`weixin`,`password_hashed`) " "VALUES (%(unique_code)s,%(username)s,%(phone)s,%(email)s,%(weixin)s,%(password_hashed)s);", (jsonable_encoder(user_to_save))) back_user = User(unique_code=user_to_save.unique_code, username=user_to_save.username, phone=user_to_save.phone, email=user_to_save.email, weixin=user_to_save.weixin) return {"message": "注册成功!", "user": back_user}
async def login_for_access_token( is_image_code_passed: bool = Depends(checked_image_code), user: User = Depends(get_user_in_db)): if not is_image_code_passed: raise HTTPException(status_code=400, detail="Got an error image code.") if not user: raise HTTPException(status_code=401, detail="Incorrect username or password.") # 得到通过密码验证的用户,签发token证书 access_token = verify.create_access_token( data={"unique_code": user.unique_code}) show_username = user.username if user.username else user.phone return { "show_username": show_username, "access_token": access_token, "token_type": "bearer" }
async def get_user_in_db(phone: str = Form(...), password: str = Form(...), client_uuid: str = Form(...), user_code: str = Form("")): # 解码phone和password phone = base64.b64decode(phone.encode('utf-8')).decode('utf-8') password = base64.b64decode(password.encode('utf-8')).decode('utf-8') with MySqlZ() as cursor: cursor.execute( "SELECT `id`,`user_code`,`username`,`phone`,`email`,`password_hashed`,`role` " "FROM `user_user` WHERE (`phone`=%s OR `user_code`=%s) AND `is_active`=1;", (phone, user_code)) user_dict = cursor.fetchone() if not user_dict: # 数据库中没有查询到用户 return None # 如果有用户,修改登录时间 cursor.execute( "UPDATE `user_user` SET `recent_login`=%s WHERE `id`=%s;", (datetime.today(), user_dict["id"])) if not verify.verify_password( password, user_dict["password_hashed"]): # 将查询到的密码验证 return None # 如果密码验证通过, today_str = datetime.today().strftime("%Y-%m-%d") # 非超管和运营查询当前用户是否能在这个客户端登录 if user_dict["role"] not in ["superuser", "operator"]: cursor.execute( "SELECT userclient.id, userclient.user_id FROM user_user_client AS userclient " "INNER JOIN basic_client AS clienttb " "ON userclient.client_id=clienttb.id AND userclient.user_id=%s AND clienttb.machine_uuid=%s " "AND userclient.expire_date>%s AND clienttb.is_active=1;", (user_dict["id"], client_uuid, today_str)) is_client_accessed = cursor.fetchone() if not is_client_accessed: raise HTTPException(status_code=403, detail="Can not login with the client.") return User(**user_dict)
async def user_authenticate_module(module_item: ModuleItem = Body(...)): if not module_item.user_token: raise HTTPException( status_code=403, detail="您还未登录,登录后在进行操作!") # 403 -> reply.error() = 201 user_id, user_code = verify.decipher_user_token( module_item.user_token) # 解析用户信息 if not user_id: raise HTTPException(status_code=403, detail="您登录已过期,请重新登录后再进行操作!") # 查询客户端类型和用户的身份信息 with MySqlZ() as cursor: cursor.execute( "SELECT `id`,is_manager,is_active FROM basic_client WHERE machine_uuid=%s;", (module_item.client_uuid, )) client_info = cursor.fetchone() cursor.execute( "SELECT `id`,role,is_active FROM user_user WHERE id=%s;", (user_id, )) user_info = cursor.fetchone() if not client_info or not client_info["is_active"]: detail_message = "进入「{}」失败:\n无效客户端,无法进行这个操作!".format( module_item.module_text) raise HTTPException( status_code=401, detail=detail_message) # 403 -> reply.error() = 204 if not user_info or not user_info["is_active"]: detail_message = "进入「{}」失败:\n无效用户,无法进行这个操作!".format( module_item.module_text) raise HTTPException(status_code=401, detail=detail_message) if user_info["role"] in ["superuser", "operator"]: return { "message": "验证成功!", "authenticate": True, "module_id": module_item.module_id, "module_text": module_item.module_text, } if client_info["is_manager"] and module_item.module_id >= "0": return { "message": "验证成功!", "authenticate": True, "module_id": module_item.module_id, "module_text": module_item.module_text, } # 查询用户是否有权限进入相应模块 today_str = datetime.today().strftime("%Y-%m-%d") cursor.execute( "SELECT `id`,user_id,module_id FROM user_user_module " "WHERE user_id=%s AND module_id=%s AND expire_date>%s;", (user_id, module_item.module_id, today_str)) is_accessed = cursor.fetchone() if not is_accessed: detail_message = "还没有「{}」的权限,请联系管理员进行开通!".format( module_item.module_text) raise HTTPException(status_code=401, detail=detail_message) else: return { "message": "验证成功!", "authenticate": True, "module_id": module_item.module_id, "module_text": module_item.module_text, }