def post(self):
response = {}
username = str(self.get_body_argument("username", ''))
password = str(self.get_body_argument("password", ''))
if not check_uname_passwd(username, password):
self.set_status(400)
response['msg'] = "The type of username or password is error"
self.write(response)
return
user = yield self.db.users.find_one({"username": username})
if not user:
self.set_status(400)
response['msg'] = "The user doesn't exit"
self.write(response)
return
hashed = str(user.get('password', ''))
if check_passwd(password, hashed):
userid = str(user.get('id', ''))
token = token_encode({"id": userid}, options.secret_key)
response['token'] = token
response['msg'] = "Login Success"
self.write(response)
return
self.set_status(401)
response['msg'] = "The password was error"
self.write(response)
return
def validateUser():
username = request.form.get('username')
password = request.form.get('password')
user = db.session.query(User).filter_by(uname=username).first()
if not user:
return jsonify({'msg': 'username error!'})
is_valid_user = check_passwd(user, password)
if is_valid_user is False:
return jsonify({'msg': 'password error!'})
return jsonify({'msg': 'success!'})
def post(self):
data = request.get_json()
print(data)
if "email" not in data or "password" not in data:
return {
'error_code': "input your password or email"
}, HTTPStatus.BAD_REQUEST
connection = get_mysql_connection()
cursor = connection.cursor(dictionary=True)
try:
# Validate.
valid = validate_email(data['email'])
except EmailNotValidError as e:
# email is not valid, exception message is human-readable
print(str(e))
return {'error_code': 'not valid email'}, HTTPStatus.BAD_REQUEST
query = '''select id, password
from user
where email = %s;'''
param = (data['email'], )
cursor.execute(query, param)
records = cursor.fetchall()
if records == []:
return {'error_code': 'not exist email'}
cursor.close()
connection.close()
# JWT를 이용해서 인증토큰을 생성해 준다.
password = check_passwd(data['password'], records[0]['password'])
if password is True:
user_id = records[0]['id']
access_token = create_access_token(identity=user_id)
return {
'message': 'access login',
'token': access_token
}, HTTPStatus.OK
else:
return {'message': 'wrong password'}, HTTPStatus.BAD_REQUEST
def cmp_password(self, raw_password):
"""
检测密码是否正确
@raw_password: 输入待验证的密码
"""
return utils.check_passwd(raw_password, self.password)
def cmp_password(self, raw_password):
"""
检测密码是否正确
@raw_password: 输入待验证的密码
"""
return utils.check_passwd(raw_password, self.password)
def test_check_passwd_valid_input(self):
self.assertTrue(check_passwd('unittestPassword'))
def test_check_passwd_invalid_input(self):
self.assertFalse(check_passwd('test'))