10205501415
/
BookStore-PJ2
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

auth中的路由全部实现

master
杨舜 2 years ago
parent
87dd0b7260
commit
d06898c562
9 changed files with 132 additions and 101 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. BIN
      figure_require/login_test.png
  2. BIN
      figure_require/logout_test.png
  3. BIN
      figure_require/password_test.png
  4. BIN
      figure_require/unregister_test.png
  5. BIN
      modified/be/model/__pycache__/user.cpython-38.pyc
  6. +123
    -100
      modified/be/model/user.py
  7. BIN
      modified/be/view/__pycache__/auth.cpython-38.pyc
  8. +1
    -0
      modified/be/view/auth.py
  9. +8
    -1
      report.md

BIN
figure_require/login_test.png View File

Before After
Width: 953  |  Height: 692  |  Size: 61 KiB

BIN
figure_require/logout_test.png View File

Before After
Width: 901  |  Height: 627  |  Size: 49 KiB

BIN
figure_require/password_test.png View File

Before After
Width: 898  |  Height: 581  |  Size: 48 KiB

BIN
figure_require/unregister_test.png View File

Before After
Width: 865  |  Height: 536  |  Size: 44 KiB

BIN
modified/be/model/__pycache__/user.cpython-38.pyc View File


+ 123
- 100
modified/be/model/user.py View File

@ -2,6 +2,7 @@ import jwt
import time import time
import logging import logging
import sqlite3 as sqlite import sqlite3 as sqlite
from sqlalchemy.exc import SQLAlchemyError
from model import error from model import error
from model import postgreSQLORM from model import postgreSQLORM
from model.postgreSQLORM import User from model.postgreSQLORM import User
@ -44,6 +45,7 @@ class User(db_conn.DBConn):
def __check_token(self, user_id, db_token, token) -> bool: def __check_token(self, user_id, db_token, token) -> bool:
try: try:
if db_token != token: if db_token != token:
# print('touch')
return False return False
jwt_text = jwt_decode(encoded_token=token, user_id=user_id) jwt_text = jwt_decode(encoded_token=token, user_id=user_id)
ts = jwt_text["timestamp"] ts = jwt_text["timestamp"]
@ -66,6 +68,7 @@ class User(db_conn.DBConn):
## 为新注册的用户创建对象 ## 为新注册的用户创建对象
new_user = postgreSQLORM.User(user_id=user_id,password=password,balance=0,token=token,terminal=terminal) new_user = postgreSQLORM.User(user_id=user_id,password=password,balance=0,token=token,terminal=terminal)
self.session.add(new_user) self.session.add(new_user)
self.session.commit()
# self.conn.execute( # self.conn.execute(
# "INSERT into user(user_id, password, balance, token, terminal) " # "INSERT into user(user_id, password, balance, token, terminal) "
@ -76,104 +79,124 @@ class User(db_conn.DBConn):
# return error.error_exist_user_id(user_id) # return error.error_exist_user_id(user_id)
return 200, "ok" return 200, "ok"
# def check_token(self, user_id: str, token: str) -> (int, str):
# cursor = self.conn.execute("SELECT token from user where user_id=?", (user_id,))
# row = cursor.fetchone()
# if row is None:
# return error.error_authorization_fail()
# db_token = row[0]
# if not self.__check_token(user_id, db_token, token):
# return error.error_authorization_fail()
# return 200, "ok"
# def check_password(self, user_id: str, password: str) -> (int, str):
# cursor = self.conn.execute("SELECT password from user where user_id=?", (user_id,))
# row = cursor.fetchone()
# if row is None:
# return error.error_authorization_fail()
# if password != row[0]:
# return error.error_authorization_fail()
# return 200, "ok"
# def login(self, user_id: str, password: str, terminal: str) -> (int, str, str):
# token = ""
# try:
# code, message = self.check_password(user_id, password)
# if code != 200:
# return code, message, ""
# token = jwt_encode(user_id, terminal)
# cursor = self.conn.execute(
# "UPDATE user set token= ? , terminal = ? where user_id = ?",
# (token, terminal, user_id), )
# if cursor.rowcount == 0:
# return error.error_authorization_fail() + ("", )
# self.conn.commit()
# except sqlite.Error as e:
# return 528, "{}".format(str(e)), ""
# except BaseException as e:
# return 530, "{}".format(str(e)), ""
# return 200, "ok", token
# def logout(self, user_id: str, token: str) -> bool:
# try:
# code, message = self.check_token(user_id, token)
# if code != 200:
# return code, message
# terminal = "terminal_{}".format(str(time.time()))
# dummy_token = jwt_encode(user_id, terminal)
# cursor = self.conn.execute(
# "UPDATE user SET token = ?, terminal = ? WHERE user_id=?",
# (dummy_token, terminal, user_id), )
# if cursor.rowcount == 0:
# return error.error_authorization_fail()
# self.conn.commit()
# except sqlite.Error as e:
# return 528, "{}".format(str(e))
# except BaseException as e:
# return 530, "{}".format(str(e))
# return 200, "ok"
# def unregister(self, user_id: str, password: str) -> (int, str):
# try:
# code, message = self.check_password(user_id, password)
# if code != 200:
# return code, message
# cursor = self.conn.execute("DELETE from user where user_id=?", (user_id,))
# if cursor.rowcount == 1:
# self.conn.commit()
# else:
# return error.error_authorization_fail()
# except sqlite.Error as e:
# return 528, "{}".format(str(e))
# except BaseException as e:
# return 530, "{}".format(str(e))
# return 200, "ok"
# def change_password(self, user_id: str, old_password: str, new_password: str) -> bool:
# try:
# code, message = self.check_password(user_id, old_password)
# if code != 200:
# return code, message
# terminal = "terminal_{}".format(str(time.time()))
# token = jwt_encode(user_id, terminal)
# cursor = self.conn.execute(
# "UPDATE user set password = ?, token= ? , terminal = ? where user_id = ?",
# (new_password, token, terminal, user_id), )
# if cursor.rowcount == 0:
# return error.error_authorization_fail()
# self.conn.commit()
# except sqlite.Error as e:
# return 528, "{}".format(str(e))
# except BaseException as e:
# return 530, "{}".format(str(e))
# return 200, "ok"
def check_token(self, user_id: str, token: str) -> (int, str):
row = self.session.query(postgreSQLORM.User.token).filter(postgreSQLORM.User.user_id==user_id).first()
# cursor = self.conn.execute("SELECT token from user where user_id=?", (user_id,))
# row = cursor.fetchone()
# print(row)
if row is None:
# print('touch')
return error.error_authorization_fail()
db_token = row[0]
# print(db_token)
# print(token)
if not self.__check_token(user_id, db_token, token):
# print('touch')
return error.error_authorization_fail()
return 200, "ok"
def check_password(self, user_id: str, password: str) -> (int, str):
row = self.session.query(postgreSQLORM.User.password).filter(postgreSQLORM.User.user_id==user_id).first()
# cursor = self.conn.execute("SELECT password from user where user_id=?", (user_id,))
# row = cursor.fetchone()
if row is None:
return error.error_authorization_fail()
if password != row[0]:
return error.error_authorization_fail()
return 200, "ok"
def login(self, user_id: str, password: str, terminal: str) -> (int, str, str):
token = ""
try:
code, message = self.check_password(user_id, password)
if code != 200:
return code, message, ""
token = jwt_encode(user_id, terminal)
row = self.session.query(postgreSQLORM.User).filter_by(user_id=user_id).update({'token':token,'terminal':terminal})
# cursor = self.conn.execute(
# "UPDATE user set token= ? , terminal = ? where user_id = ?",
# (token, terminal, user_id), )
# if cursor.rowcount == 0:
if row == 0:
return error.error_authorization_fail() + ("", )
# self.conn.commit()
self.session.commit()
except SQLAlchemyError as e:
return 528, "{}".format(str(e)), ""
except BaseException as e:
return 530, "{}".format(str(e)), ""
return 200, "ok", token
def logout(self, user_id: str, token: str) -> bool:
try:
code, message = self.check_token(user_id, token)
if code != 200:
return code, message
terminal = "terminal_{}".format(str(time.time()))
dummy_token = jwt_encode(user_id, terminal)
row = self.session.query(postgreSQLORM.User).filter_by(user_id=user_id).update({'token':dummy_token,'terminal':terminal})
# cursor = self.conn.execute(
# "UPDATE user SET token = ?, terminal = ? WHERE user_id=?",
# (dummy_token, terminal, user_id), )
# if cursor.rowcount == 0:
# print(row)
if row == 0:
return error.error_authorization_fail()
# self.conn.commit()
self.session.commit()
except SQLAlchemyError as e:
return 528, "{}".format(str(e))
except BaseException as e:
return 530, "{}".format(str(e))
return 200, "ok"
def unregister(self, user_id: str, password: str) -> (int, str):
try:
code, message = self.check_password(user_id, password)
if code != 200:
return code, message
row = self.session.query(postgreSQLORM.User).filter(postgreSQLORM.User.user_id==user_id).delete()
# cursor = self.conn.execute("DELETE from user where user_id=?", (user_id,))
# if cursor.rowcount == 1:
if row == 1:
self.session.commit()
# self.conn.commit()
else:
return error.error_authorization_fail()
except SQLAlchemyError as e:
return 528, "{}".format(str(e))
except BaseException as e:
return 530, "{}".format(str(e))
return 200, "ok"
def change_password(self, user_id: str, old_password: str, new_password: str) -> bool:
try:
code, message = self.check_password(user_id, old_password)
if code != 200:
return code, message
terminal = "terminal_{}".format(str(time.time()))
token = jwt_encode(user_id, terminal)
row = self.session.query(postgreSQLORM.User).filter_by(user_id=user_id).update({'password':new_password,'token':token,'terminal':terminal})
# cursor = self.conn.execute(
# "UPDATE user set password = ?, token= ? , terminal = ? where user_id = ?",
# (new_password, token, terminal, user_id), )
# if cursor.rowcount == 0:
if row == 0:
return error.error_authorization_fail()
self.session.commit()
# self.conn.commit()
except SQLAlchemyError as e:
return 528, "{}".format(str(e))
except BaseException as e:
return 530, "{}".format(str(e))
return 200, "ok"

BIN
modified/be/view/__pycache__/auth.cpython-38.pyc View File


+ 1
- 0
modified/be/view/auth.py View File

@ -19,6 +19,7 @@ def login():
def logout(): def logout():
user_id: str = request.json.get("user_id") user_id: str = request.json.get("user_id")
token: str = request.headers.get("token") token: str = request.headers.get("token")
print(token)
u = user.User() u = user.User()
code, message = u.logout(user_id=user_id, token=token) code, message = u.logout(user_id=user_id, token=token)
return jsonify({"message": message}), code return jsonify({"message": message}), code

+ 8
- 1
report.md View File

@ -242,6 +242,7 @@
## 为新注册的用户创建对象 ## 为新注册的用户创建对象
new_user = postgreSQLORM.User(user_id=user_id,password=password,balance=0,token=token,terminal=terminal) new_user = postgreSQLORM.User(user_id=user_id,password=password,balance=0,token=token,terminal=terminal)
self.session.add(new_user) self.session.add(new_user)
self.session.commit()
# self.conn.execute( # self.conn.execute(
# "INSERT into user(user_id, password, balance, token, terminal) " # "INSERT into user(user_id, password, balance, token, terminal) "
@ -254,4 +255,10 @@
``` ```
![avatar](./figure_require/register_test.png) ![avatar](./figure_require/register_test.png)
7.
7. 另外对于auth路由中的其他功能接口(注销、登录、登出、更改密码)进行类似上述注册接口的修改,此处不在单独贴出代码,只是给出postman的测试截图,至此auth中的路由全部实现(2022.10.30 17:50 杨舜)
![avatar](./figure_require/unregister_test.png)
![avatar](./figure_require/login_test.png)
![avatar](./figure_require/logout_test.png)
![avatar](./figure_require/password_test.png)
8.

Write Preview
Loading…
Cancel
Save