__init__.py 6.3 KB
from enum import auto
from logging import error
from unittest import result
from flasgger import swag_from
from app.util import BlueprintApi
from app.util import BlueprintApi
from flask import Blueprint, render_template, redirect, request, session, jsonify
from .models import *
from .oauth2 import authorization, generate_user_info, require_oauth
from authlib.oauth2 import OAuth2Error
from authlib.integrations.flask_oauth2 import current_token
from . import user_create, client_create, client_query, user_query, user_update, user_delete
import configure
from app.decorators.auth_decorator import auth_decorator
import time
from app.models import SM3, AESHelper


def current_user():
    if "id" in session:
        uid = session["id"]
        return User.query.get(uid)
    return None


def remove_user():
    user = current_user()
    if user:
        session.pop("id")


def split_by_crlf(s):
    return [v for v in s.splitlines() if v]


class DataManager(BlueprintApi):
    bp = Blueprint("Auth", __name__, url_prefix="/auth")

    @staticmethod
    @bp.route("/authorize", methods=("GET", "POST"))
    def authorize():
        user = current_user()
        if request.method == "GET":
            # 没有登录,跳转到登录界面
            try:
                grant = authorization.validate_consent_request(end_user=user)
            except OAuth2Error as error:
                return jsonify(dict(error.get_body()))
            if not user:
                return render_template("auth/authorize.html", user=user, grant=grant)
        error = ""
        if not user:
            if not "username" in request.form or not request.form.get("username"):
                error = "用户名不可为空"
            elif not "password" in request.form or not request.form.get("password"):
                error = "密码不可为空"
            else:
                username = request.form.get("username")
                password = SM3.encode(request.form.get("password"))
                user = User.query.filter_by(
                    username=username, password=password).first()
                if not user:
                    error = "账号或密码不正确"

        if user:
            session["id"] = user.id
            grant_user = user
            return authorization.create_authorization_response(grant_user=grant_user)

        try:
            grant = authorization.validate_consent_request(end_user=user)
        except OAuth2Error as error:
            return jsonify(dict(error.get_body()))
        return render_template("auth/authorize.html", user=user, grant=grant, error=error)

    @staticmethod
    @bp.route("/token", methods=["POST"])
    def issue_token():
        return authorization.create_token_response()

    @staticmethod
    @bp.route("/userinfo")
    @require_oauth("profile")
    def api_me():
        try:
            return jsonify(generate_user_info(current_token.user, current_token.scope))
        except error as e:
            return jsonify(dict(e.get_body()))

    @staticmethod
    @bp.route("/logout", methods=["GET"])
    def logout():
        url = ''
        try:
            user = current_user()
            grant = authorization.validate_consent_request(end_user=user)
            access_token = request.args.get("accesstoken")
            accesstoken = OAuth2Token.query.filter_by(
                access_token=access_token).first()
            accesstoken.revoked = True
            db.session.commit()
            remove_user()
            if accesstoken:
                url = grant.client.client_uri
        except OAuth2Error as error:
            return jsonify(dict(error.get_body()))
        return redirect(url)

    """接口"""
    @staticmethod
    @bp.route("/users", methods=["GET"])
    @swag_from(user_query.Api.api_doc)
    @auth_decorator(configure.UserPermission)
    def user_query():
        """
        获取用户列表
        """
        return user_query.Api().result

    @staticmethod
    @bp.route("/users", methods=["POST"])
    @swag_from(user_create.Api.api_doc)
    @auth_decorator(configure.UserPermission)
    def user_create():
        """
        创建用户
        """
        return user_create.Api().result

    @staticmethod
    @bp.route("/userEdit", methods=["POST"])
    @swag_from(user_update.Api.api_doc)
    @auth_decorator(configure.UserPermission)
    def user_update():
        """
        更新用户信息
        """
        return user_update.Api().result

    @staticmethod
    @bp.route("/userDelete", methods=["POST"])
    @swag_from(user_delete.Api.api_doc)
    @auth_decorator(configure.UserPermission)
    def user_delete():
        """
        删除用户
        """
        return user_delete.Api().result

    @staticmethod
    @bp.route("/client", methods=["POST"])
    @swag_from(client_create.Api.api_doc)
    def client_create():
        """
        创建client
        """
        return client_create.Api().result

    @staticmethod
    @bp.route("/client", methods=["GET"])
    @swag_from(client_query.Api.api_doc)
    def client_query():
        """
        获取client列表
        """
        return client_query.Api().result

    @staticmethod
    @bp.route("/init", methods=["GET"])
    def init():
        username = 'admin'
        password = 'admin'
        if not User.query.filter_by(username=username).one_or_none():
            user = User(username=username, password=password, role='admin',
                        phone='', company='', position='', email='',
                        create_time=time.strftime(
                            "%Y-%m-%d %H:%M:%S", time.localtime()),
                        update_time=time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()))
            db.sesion.add(user)
            db.session.commit()
            return "创建默认用户成功"
        else:
            return "默认用户已存在"

    @staticmethod
    @bp.route("/test", methods=["GET"])
    def test():
        result = 'c78ca1de8139e62c99d4c4d2050ddd16'
        result = AESHelper.encode('dataman2')
        # result=DES.decode('U2FsdGVkX199Ncuh7+0/HVmonwM9Uz7SYnmF73wtW7c=')
        result2 = AESHelper.decode(result)
        return result2