Contemporary_DMS.ZHOU_Xuan.2021Fall.DaSE
/
Project2
5
1
Fork 1
Code Issues 1 Pull Requests 1 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
3.0 MiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Project2/be/model/user.py

169 lines
5.8 KiB
Raw Permalink Normal View History

f
2 years ago
 
  1. import jwt
  2. import time
  3. import logging
  4. import sqlite3 as sqlite
  5. from be.model import error
  6. from be.model import db_conn
  7. 

  8. # encode a json string like:
  9. #   {
  10. #       "user_id": [user name],
  11. #       "terminal": [terminal code],
  12. #       "timestamp": [ts]} to a JWT
  13. #   }
  14. 

  15. 

  16. def jwt_encode(user_id: str, terminal: str) -> str:
  17.     encoded = jwt.encode(
  18.         {"user_id": user_id, "terminal": terminal, "timestamp": time.time()},
  19.         key=user_id,
  20.         algorithm="HS256",
  21.     )
  22.     return encoded.decode("utf-8")
  23. 

  24. 

  25. # decode a JWT to a json string like:
  26. #   {
  27. #       "user_id": [user name],
  28. #       "terminal": [terminal code],
  29. #       "timestamp": [ts]} to a JWT
  30. #   }
  31. def jwt_decode(encoded_token, user_id: str) -> str:
  32.     decoded = jwt.decode(encoded_token, key=user_id, algorithms="HS256")
  33.     return decoded
  34. 

  35. 

  36. class User(db_conn.DBConn):
  37.     token_lifetime: int = 3600  # 3600 second
  38. 

  39.     def __init__(self):
  40.         db_conn.DBConn.__init__(self)
  41. 

  42.     def __check_token(self, user_id, db_token, token) -> bool:
  43.         try:
  44.             if db_token != token:
  45.                 return False
  46.             jwt_text = jwt_decode(encoded_token=token, user_id=user_id)
  47.             ts = jwt_text["timestamp"]
  48.             if ts is not None:
  49.                 now = time.time()
  50.                 if self.token_lifetime > now - ts >= 0:
  51.                     return True
  52.         except jwt.exceptions.InvalidSignatureError as e:
  53.             logging.error(str(e))
  54.             return False
  55. 

  56.     def register(self, user_id: str, password: str):
  57.         try:
  58.             terminal = "terminal_{}".format(str(time.time()))
  59.             token = jwt_encode(user_id, terminal)
  60.             self.conn.execute(
  61.                 "INSERT into user(user_id, password, balance, token, terminal) "
  62.                 "VALUES (?, ?, ?, ?, ?);",
  63.                 (user_id, password, 0, token, terminal), )
  64.             self.conn.commit()
  65.         except sqlite.Error:
  66.             return error.error_exist_user_id(user_id)
  67.         return 200, "ok"
  68. 

  69.     def check_token(self, user_id: str, token: str) -> (int, str):
  70.         cursor = self.conn.execute("SELECT token from user where user_id=?", (user_id,))
  71.         row = cursor.fetchone()
  72.         if row is None:
  73.             return error.error_authorization_fail()
  74.         db_token = row[0]
  75.         if not self.__check_token(user_id, db_token, token):
  76.             return error.error_authorization_fail()
  77.         return 200, "ok"
  78. 

  79.     def check_password(self, user_id: str, password: str) -> (int, str):
  80.         cursor = self.conn.execute("SELECT password from user where user_id=?", (user_id,))
  81.         row = cursor.fetchone()
  82.         if row is None:
  83.             return error.error_authorization_fail()
  84. 

  85.         if password != row[0]:
  86.             return error.error_authorization_fail()
  87. 

  88.         return 200, "ok"
  89. 

  90.     def login(self, user_id: str, password: str, terminal: str) -> (int, str, str):
  91.         token = ""
  92.         try:
  93.             code, message = self.check_password(user_id, password)
  94.             if code != 200:
  95.                 return code, message, ""
  96. 

  97.             token = jwt_encode(user_id, terminal)
  98.             cursor = self.conn.execute(
  99.                 "UPDATE user set token= ? , terminal = ? where user_id = ?",
  100.                 (token, terminal, user_id), )
  101.             if cursor.rowcount == 0:
  102.                 return error.error_authorization_fail() + ("", )
  103.             self.conn.commit()
  104.         except sqlite.Error as e:
  105.             return 528, "{}".format(str(e)), ""
  106.         except BaseException as e:
  107.             return 530, "{}".format(str(e)), ""
  108.         return 200, "ok", token
  109. 

  110.     def logout(self, user_id: str, token: str) -> bool:
  111.         try:
  112.             code, message = self.check_token(user_id, token)
  113.             if code != 200:
  114.                 return code, message
  115. 

  116.             terminal = "terminal_{}".format(str(time.time()))
  117.             dummy_token = jwt_encode(user_id, terminal)
  118. 

  119.             cursor = self.conn.execute(
  120.                 "UPDATE user SET token = ?, terminal = ? WHERE user_id=?",
  121.                 (dummy_token, terminal, user_id), )
  122.             if cursor.rowcount == 0:
  123.                 return error.error_authorization_fail()
  124. 

  125.             self.conn.commit()
  126.         except sqlite.Error as e:
  127.             return 528, "{}".format(str(e))
  128.         except BaseException as e:
  129.             return 530, "{}".format(str(e))
  130.         return 200, "ok"
  131. 

  132.     def unregister(self, user_id: str, password: str) -> (int, str):
  133.         try:
  134.             code, message = self.check_password(user_id, password)
  135.             if code != 200:
  136.                 return code, message
  137. 

  138.             cursor = self.conn.execute("DELETE from user where user_id=?", (user_id,))
  139.             if cursor.rowcount == 1:
  140.                 self.conn.commit()
  141.             else:
  142.                 return error.error_authorization_fail()
  143.         except sqlite.Error as e:
  144.             return 528, "{}".format(str(e))
  145.         except BaseException as e:
  146.             return 530, "{}".format(str(e))
  147.         return 200, "ok"
  148. 

  149.     def change_password(self, user_id: str, old_password: str, new_password: str) -> bool:
  150.         try:
  151.             code, message = self.check_password(user_id, old_password)
  152.             if code != 200:
  153.                 return code, message
  154. 

  155.             terminal = "terminal_{}".format(str(time.time()))
  156.             token = jwt_encode(user_id, terminal)
  157.             cursor = self.conn.execute(
  158.                 "UPDATE user set password = ?, token= ? , terminal = ? where user_id = ?",
  159.                 (new_password, token, terminal, user_id), )
  160.             if cursor.rowcount == 0:
  161.                 return error.error_authorization_fail()
  162. 

  163.             self.conn.commit()
  164.         except sqlite.Error as e:
  165.             return 528, "{}".format(str(e))
  166.         except BaseException as e:
  167.             return 530, "{}".format(str(e))
  168.         return 200, "ok"
  169.