Modify code organization

2025-08-07 20:10:19 +08:00 · 2019-12-18 23:33:22 +09:00
parent ccf1d1c09a
commit 92183423df
329 changed files with 29553 additions and 38 deletions
--- a/cmdb-api/api/views/account.py
+++ b/cmdb-api/api/views/account.py
@@ -0,0 +1,64 @@
+# -*- coding:utf-8 -*-
+
+import datetime
+
+import jwt
+from flask import abort
+from flask import current_app
+from flask import request
+from flask import session
+from flask_login import login_user, logout_user
+
+from api.lib.decorator import args_required
+from api.lib.perm.auth import auth_abandoned
+from api.models.acl import User, Role
+from api.resource import APIView
+from api.lib.perm.acl.role import RoleRelationCRUD
+from api.lib.perm.acl.cache import RoleCache
+
+
+class LoginView(APIView):
+    url_prefix = "/login"
+
+    @args_required("username")
+    @args_required("password")
+    @auth_abandoned
+    def post(self):
+        username = request.values.get("username") or request.values.get("email")
+        password = request.values.get("password")
+        user, authenticated = User.query.authenticate(username, password)
+        if not user:
+            return abort(403, "User <{0}> does not exist".format(username))
+        if not authenticated:
+            return abort(403, "invalid username or password")
+
+        login_user(user)
+
+        token = jwt.encode({
+            'sub': user.email,
+            'iat': datetime.datetime.now(),
+            'exp': datetime.datetime.now() + datetime.timedelta(minutes=24 * 60 * 7)},
+            current_app.config['SECRET_KEY'])
+
+        role = Role.get_by(uid=user.uid, first=True, to_dict=False)
+        if role:
+            parent_ids = RoleRelationCRUD.recursive_parent_ids(role.id)
+            parent_roles = [RoleCache.get(i).name for i in parent_ids]
+        else:
+            parent_roles = []
+        session["acl"] = dict(uid=user.uid,
+                              avatar=user.avatar,
+                              userName=user.username,
+                              nickName=user.nickname,
+                              parentRoles=parent_roles)
+
+        return self.jsonify(token=token.decode())
+
+
+class LogoutView(APIView):
+    url_prefix = "/logout"
+
+    @auth_abandoned
+    def post(self):
+        logout_user()
+        self.jsonify(code=200)