class UserRetrieveUpdateDestroyHandler(RetrieveUpdateDestroyAPIHandler):
model = models.AuthUserModel()
mp_require_params = ["id"] # put 方法必要参数
mp_update_params = ["id", "mobile", "password", "nickname",
"username"] # put 方法允许参数
def delete(self):
result = utils.init_response_data()
try:
raise Exception("操作限制!")
except Exception, e:
result = utils.reset_response_data(0, str(e))
self.finish(result)
class UserSignUp(APIHandler):
model = models.AuthUserModel()
@tornado.web.asynchronous
@tornado.gen.engine
def post(self):
result = utils.init_response_data()
try:
user_coll = self.model.get_coll()
oauth_coll = models.OauthModel().get_coll()
checkcode_coll = models.CheckCode().get_coll()
mobile = self.get_argument("mobile")
mobile_code = self.get_argument("mobile_code")
email = self.get_argument("email")
email_code = self.get_argument("email_code")
password = self.get_argument("password")
type = self.get_argument("type", "b")
if mobile == "":
raise Exception("请输入手机号!")
elif mobile_code == "":
raise Exception("请输入手机验证码")
elif password == "":
raise Exception("请输入password!")
# 检查手机验证码
utils.check_code(checkcode_coll, mobile, mobile_code)
# 检查邮箱验证码
utils.check_code(checkcode_coll, email, email_code, type="email")
add_time = datetime.datetime.now()
login_date = ""
headimgurl = ""
nickname = ""
username = ""
active = 0
sex = 0
city = ""
address = ""
privilege = 0
province = ""
if not user_coll.find_one({'mobile': mobile}):
user_coll.insert_one({
'mobile': mobile,
'email': email,
'password': password,
'add_time': add_time,
'login_date': login_date,
'headimgurl': headimgurl,
'nickname': nickname,
'username': '',
'active': active,
'sex': sex,
'city': city,
'address': address,
'privilege': privilege,
'province': province,
'type': type,
})
oauth_coll.insert_one({
'identifier':
mobile,
'secret':
password,
'redirect_uris': [],
'authorized_grants':
[oauth2.grant.ClientCredentialsGrant.grant_type]
})
params = {
'login': mobile,
'password': password,
}
body = urllib.urlencode(params)
client = tornado.httpclient.AsyncHTTPClient()
response = yield tornado.gen.Task(client.fetch,
"http://localhost:8500" +
"/api/user/signin",
method='POST',
body=body)
response_body = json.loads(response.body)
if response_body.has_key("error"):
result = utils.reset_response_data(
0, response_body["error"] +
response_body["error_description"])
self.finish(result)
return
result["data"] = response_body["response"]["data"]
except Exception, e:
result = utils.reset_response_data(0, str(e))
self.finish(result)
class UserListHandler(ListAPIHandler):
model = models.AuthUserModel()
class UserSignIn(APIHandler):
model = models.AuthUserModel()
@tornado.web.asynchronous
@tornado.gen.engine
def post(self):
result = utils.init_response_data()
user_coll = self.model.get_coll()
try:
login = self.get_argument("login")
password = self.get_argument("password")
is_save_password = int(self.get_argument("is_save_password",
False))
if login == "":
raise Exception("请输入用户名!")
elif user_coll.find({"mobile":login}).count() == 0 \
and user_coll.find({"email":login}).count() == 0:
raise Exception("手机或邮箱不存在!")
elif password == "":
raise Exception("请输入密码!")
user = user_coll.find_one({"mobile": login}) or user_coll.find_one(
{"email": login})
if user["password"] != password:
raise Exception("密码错误!")
user["login_date"] = datetime.datetime.now()
user_coll.save(user)
params = {
'client_id': user["mobile"],
'client_secret': password,
'grant_type': 'client_credentials',
'scope': 'font-api',
}
body = urllib.urlencode(params)
client = tornado.httpclient.AsyncHTTPClient()
response = yield tornado.gen.Task(client.fetch,
"http://localhost:8888/token",
method='POST',
body=body)
response_body = json.loads(response.body)
try:
access_token = response_body["access_token"]
except Exception, e:
result = utils.reset_response_data(-1, str(e) + \
response_body["error"]+" "+\
response_body["error_description"]+\
" or password error!")
self.finish(result)
return
if is_save_password:
self.model.delay_access_token(access_token)
user["_id"] = str(user["_id"])
# 存储 token-uid
self.model.save_token_uid(access_token, user["_id"])
user["add_time"] = str(user["add_time"]).split(".")[0]
user["login_date"] = str(user["login_date"]).split(".")[0]
del user["password"]
result["data"] = user
result["data"]["access_token"] = access_token
except Exception, e:
result = utils.reset_response_data(0, str(e))