def GetURL(apiUrl: str):
cfg = Tencent.TRTC()
userSig = Signature.UserSig(cfg['UserID'])
random = str(Util.Time())
return 'https://console.tim.qq.com/v4/' + apiUrl + '?sdkappid=' + str(
cfg['SDKAppID']
) + '&identifier=' + str(
cfg['UserID']
) + '&usersig=' + userSig + '&random=' + random + '&contenttype=json'
def Login(self):
uname = self.Post('uname')
passwd = self.Post('passwd')
# 验证用户名
if not Safety.IsRight('uname',uname) and not Safety.IsRight('tel',uname) and not Safety.IsRight('email',uname):
return self.GetJSON({'code':4000, 'msg':'请输入用户名/手机/邮箱'})
# 密码长度
if not Safety.IsRight('passwd',passwd) :
return self.GetJSON({'code':4000, 'msg':'请输入6~16位密码'})
# 查询
model = UserM()
model.Table('user AS a')
model.LeftJoin('user_info AS b', 'a.id=b.uid')
model.LeftJoin('sys_perm AS c', 'a.id=c.uid')
model.LeftJoin('sys_role AS d', 'c.role=d.id')
model.Where(
'(a.uname=%s OR a.tel=%s OR a.email=%s) AND a.password=%s',
uname, uname, uname, Hash.Md5(passwd)
)
model.Columns('a.id', 'a.state', 'b.position', 'b.nickname', 'b.name', 'b.gender', 'b.birthday', 'b.img', 'c.perm', 'd.perm as role_perm')
data = model.FindFirst()
# 是否存在
if not data : return self.GetJSON({'code':4000, 'msg':'帐号或密码错误!'})
# 是否禁用
if data['state']!='1' : return self.GetJSON({'code':4000, 'msg':'该用户已被禁用!'})
# 权限
perm = data['role_perm']
if data['perm'] : perm=data['perm']
if not perm : return self.GetJSON({'code':4000, 'msg':'该用户不允许登录!'})
redis = Redis()
key = Env.admin_token_prefix+'_perm_'+str(data['id'])
redis.Set(key, perm)
redis.Expire(key, Env.admin_token_time)
redis.Close()
# 登录时间
model.Table('user')
model.Set({'ltime': Util.Time()})
model.Where('id=%s', data['id'])
model.Update()
# 返回
return self.GetJSON({
'code': 0,
'msg': '成功',
'token': AdminToken.Create({'uid':str(data['id']), 'uname':uname}),
'uinfo': {
'uid': data['id'],
'uname': uname,
'position': data['position'],
'nickname': data['nickname'],
'name': data['name'],
'gender': data['gender'],
'img': Env.base_url+data['img'] if data['img']!='' else '',
}
})
def RoomDismiss(roomId: str):
# 参数
Trtc.Init()
Signature.Action = 'DismissRoomByStrRoomId'
# 数据
time = Util.Time()
data = {
'SdkAppId': str(Trtc.SdkAppId),
'RoomId': roomId,
}
# 请求头
header = Signature.V3Header(data)
return Curl.PostJson(Signature.ApiUrl, data, header)
def VerifyUserSig(userId: int, userSig: str):
# 解码
base64 = Base64.UrlDecode(userSig)
# 解压
un_sig = Base64.UnCompress(base64)
data = Util.JsonDecode(bytes.decode(un_sig))
# 配置
cfg = Tencent.TRTC()
if str(cfg['SDKAppID']) != data['TLS.sdkappid']: return 0
if str(userId) != data['TLS.identifier']: return 0
# 是否过期
now_time = Util.Time()
out_time = int(data['TLS.time']) + int(data['TLS.expire'])
if now_time > out_time: return 0
return out_time - now_time
def UserSig(userId: any, expire: int = 0):
# 配置
cfg = Tencent.TRTC()
if expire == 0: expire = cfg['ExpireTime']
# 参数
param = {
'TLS.ver': '2.0',
'TLS.identifier': str(userId),
'TLS.sdkappid': str(cfg['SDKAppID']),
'TLS.expire': str(expire),
'TLS.time': str(Util.Time()),
}
# 签名
param['TLS.sig'] = Signature.__hmacsha256(param, cfg['SecretKey'])
# 压缩
data = Base64.Compress(Util.JsonEncode(param))
return Base64.UrlEncode(data)
def Perm(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
id = self.Post('id')
perm = self.Post('perm')
if not id:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
# 数据
m = SysRoleM()
m.Set({'perm': perm, 'utime': Util.Time()})
m.Where('id=%s', id)
if m.Update():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def V3Header(data: dict = {}):
# 数据
json = Util.JsonEncode(data) if len(data) > 0 else '{}'
HashedRequestPayload = Hash.Sha256(json)
# 请求串
CanonicalRequest = Signature.RequestMethod+"\n"\
+ Signature.CanonicalURI+"\n"\
+ Signature.CanonicalQueryString+"\n"\
+ 'content-type:'+Signature.ContentType+"\n"+'host:'+Signature.Host+"\n"+"\n"\
+ Signature.SignedHeaders+"\n"\
+ HashedRequestPayload
# 字符串
timeStamp = str(Util.Time())
date = datetime.utcfromtimestamp(float(timeStamp)).strftime("%Y-%m-%d")
CredentialScope = date + '/' + Signature.Service + '/tc3_request'
HashedCanonicalRequest = Hash.Sha256(CanonicalRequest)
StringToSign = Signature.Algorithm+"\n"\
+ timeStamp+"\n"\
+ CredentialScope+"\n"\
+ HashedCanonicalRequest
# 计算签名
cfg = Tencent.CAPI()
SecretDate = Hash.HmacSha256(date,
str.encode("TC3" + cfg['SecretKey']))
SecretService = Hash.HmacSha256(Signature.Service, SecretDate)
SecretSigning = Hash.HmacSha256('tc3_request', SecretService)
Sign = Hash.HexEncode(Hash.HmacSha256(StringToSign, SecretSigning))
# Authorization
Authorization = Signature.Algorithm+' '\
+ 'Credential='+cfg['SecretId']+'/'+CredentialScope+', '\
+ 'SignedHeaders='+Signature.SignedHeaders+', '\
+ 'Signature='+Sign
# 请求头
header = {
'Authorization': Authorization,
'Content-Type': Signature.ContentType,
'Host': Signature.Host,
'X-TC-Action': Signature.Action,
'X-TC-Version': Signature.Version,
'X-TC-Timestamp': timeStamp,
'X-TC-Region': Signature.Region,
}
return header
def Add(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
if not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
name = Util.Trim(param['name']) if 'name' in param.keys() else ''
if name == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = SysRoleM()
m.Values({'name': name, 'ctime': Util.Time()})
if m.Insert():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '添加失败!'})
def Edit(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
id = self.Post('id')
data = self.Post('data')
if not id or not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
name = Util.Trim(param['name']) if 'name' in param.keys() else ''
if name == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = SysRoleM()
m.Set({'name': name, 'utime': Util.Time()})
m.Where('id=%s', id)
if m.Update():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def Edit(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
id = self.Post('id')
data = self.Post('data')
if not id or not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
title = Util.Trim(param['title']) if 'title' in param.keys() else ''
if title == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = ApiMenu()
m.Set({
'fid':
Util.Trim(param['fid']) if 'fid' in param.keys() else 0,
'title':
title,
'url':
Util.Trim(param['url']) if 'url' in param.keys() else '',
'ico':
Util.Trim(param['ico']) if 'ico' in param.keys() else '',
'sort':
Util.Trim(param['sort']) if 'sort' in param.keys() else 0,
'controller':
Util.Trim(param['controller'])
if 'controller' in param.keys() else '',
'utime':
Util.Time(),
})
m.Where('id=%s', id)
if m.Update():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def Add(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
if not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
title = Util.Trim(param['title']) if 'title' in param.keys() else ''
if title == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = ApiMenu()
m.Values({
'fid':
Util.Trim(param['fid']) if 'fid' in param.keys() else 0,
'title':
title,
'url':
Util.Trim(param['url']) if 'url' in param.keys() else '',
'ico':
Util.Trim(param['ico']) if 'ico' in param.keys() else '',
'sort':
Util.Trim(param['sort']) if 'sort' in param.keys() else 0,
'controller':
Util.Trim(param['controller'])
if 'controller' in param.keys() else '',
'ctime':
Util.Time(),
})
if m.Insert():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '添加失败!'})
