merge

--Subproject commit 8e446e18a7a81ea282d05f6026f4d41d5dae1378

-import decimal
-
-from flask import Flask as _Flask
-from flask.json import JSONEncoder as _JSONEncoder
-from flask_cors import CORS
-import time
-import configure
-from app.util import BlueprintApi
-from app.util import find_class
-from app.models import db, Table, InsertingLayerName, Database, DES, Task
-from app.modules.auth.oauth2 import config_oauth
-from flasgger import Swagger
-# from rtree import index
-import logging
-from sqlalchemy.orm import Session
-import multiprocessing
-from app.util.component.EntryData import EntryData
-from app.util.component.EntryDataVacuate import EntryDataVacuate
-import json
-import threading
-import traceback
-from sqlalchemy import distinct
-import uuid
-from osgeo.ogr import DataSource
-import datetime
-from sqlalchemy import or_
-from app.util.component.StructuredPrint import StructurePrint
-from app.util.component.PGUtil import PGUtil
-import os
-
-class JSONEncoder(_JSONEncoder):
-    """
-    因为decimal不能序列化，增加Flask对decimal类的解析
-    """
-    def default(self, o):
-        if isinstance(o, decimal.Decimal):
-            return float(o)
-        super(JSONEncoder, self).default(o)
-
-
-class Flask(_Flask):
-    json_encoder = JSONEncoder
-
-
-GLOBAL_DIC={}
-def create_app():
-    """
-    flask应用创建函数
-    :return:app,flask实例
-    """
-
-    # app基本设置
-    app = Flask(__name__)
-    app.config['SQLALCHEMY_DATABASE_URI'] = configure.SQLALCHEMY_DATABASE_URI
-    app.config['echo'] = True
-    app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
-    app.config['JSON_AS_ASCII'] = False
-    app.config['SECRET_KEY'] = configure.SECRET_KEY
-    app.config['OAUTH2_JWT_ENABLED'] = True
-
-    app.config['OAUTH2_JWT_ISS'] = 'http://localhost:5000'
-    app.config['OAUTH2_JWT_KEY'] = 'secret-key'
-    app.config['OAUTH2_JWT_ALG'] = 'HS256'
-    # app.config['SQLALCHEMY_ECHO'] = True
-
-    # 跨域设置
-    CORS(app)
-
-    # swagger设置
-    swagger_config = Swagger.DEFAULT_CONFIG
-    swagger_config.update(configure.swagger_configure)
-    Swagger(app, config=swagger_config)
-
-    # 创建数据库
-    db.init_app(app)
-    db.create_all(app=app)
-
-    # 日志
-    logging.basicConfig(level=logging.INFO)
-    log_file = os.path.join(os.path.dirname(os.path.dirname(
-        os.path.realpath(__file__))), "logs", "log.txt")
-    handler = logging.FileHandler(
-        log_file, encoding='UTF-8')   # 设置日志字符集和存储路径名字
-    logging_format = logging.Formatter(
-        '[%(levelname)s] %(asctime)s %(message)s')
-    handler.setFormatter(logging_format)
-    app.logger.addHandler(handler)
-    
-    # 配置使用鉴权组件，不写无法认证授权
-    config_oauth(app)
-    
-    # 注册blueprint，查找BlueprintApi的子类
-    for scan in configure.scan_module:
-        for api in find_class(scan, BlueprintApi):
-            app.register_blueprint(api.bp)
-
-    # 入库监测线程
-
-    @app.before_first_request
-    def data_entry_process():
-        StructurePrint.print("start listen")
-        process = threading.Thread(target=data_entry_center)
-        process.start()
-    
-    # 不检测https
-    os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
-
-    # 上下文全局变量字典
-    global GLOBAL_DIC
-
-    return app
-
-
-def data_entry_center():
-    running_dict = {}
-    sys_session: Session = PGUtil.get_db_session(
-        configure.SQLALCHEMY_DATABASE_URI)
-
-    while True:
-
-        try:
-            time.sleep(3)
-
-            # 已经结束的进程 从监测中删除
-            remove_process = []
-
-            # structured_print(running_dict.__len__().__str__())
-
-            for process, layer_names in running_dict.items():
-                if not process.is_alive():
-                    for l in layer_names:
-                        inserted = sys_session.query(
-                            InsertingLayerName).filter_by(name=l).one_or_none()
-                        if inserted:
-                            sys_session.delete(inserted)
-                    sys_session.commit()
-                    remove_process.append(process)
-            for process in remove_process:
-                running_dict.pop(process)
-
-            # StructurePrint.print("listening...")
-
-            # 入库进程少于阈值，开启入库进程
-
-            inter_size = sys_session.query(
-                distinct(InsertingLayerName.task_guid)).count()
-
-            if inter_size < configure.entry_data_thread:
-                # 锁表啊
-                ready_task:Task = sys_session.query(Task).filter_by(state=0,task_type=1).order_by(Task.create_time).with_lockmode("update").limit(1).one_or_none()
-                if ready_task:
-
-                    try:
-                        parameter = json.loads(ready_task.parameter)
-                        StructurePrint.print("检测到入库任务")
-                        ready_task.state = 2
-                        ready_task.process = "入库中"
-                        sys_session.commit()
-
-                        metas: list = json.loads(
-                            parameter.get("meta").__str__())
-                        parameter["meta"] = metas
-
-                        database = sys_session.query(Database).filter_by(
-                            guid=ready_task.database_guid).one_or_none()
-                        pg_ds: DataSource = PGUtil.open_pg_data_source(
-                            1, DES.decode(database.sqlalchemy_uri))
-
-                        this_task_layer = []
-                        for meta in metas:
-                            overwrite = parameter.get("overwrite", "no")
-
-                            for layer_name_origin, layer_name in meta.get("layer").items():
-                                origin_name = layer_name
-                                no = 1
-
-                                while (overwrite.__eq__("no") and pg_ds.GetLayerByName(layer_name)) or sys_session.query(InsertingLayerName).filter_by(name=layer_name).one_or_none():
-                                    layer_name = origin_name + "_{}".format(no)
-                                    no += 1
-
-                                # 添加到正在入库的列表中
-                                iln = InsertingLayerName(guid=uuid.uuid1().__str__(),
-                                                         task_guid=ready_task.guid,
-                                                         name=layer_name)
-
-                                sys_session.add(iln)
-                                sys_session.commit()
-                                this_task_layer.append(layer_name)
-                                # 修改表名
-                                meta["layer"][layer_name_origin] = layer_name
-
-                        pg_ds.Destroy()
-                        entry_data_process = multiprocessing.Process(
-                            target=EntryDataVacuate().entry, args=(parameter,))
-                        entry_data_process.start()
-                        running_dict[entry_data_process] = this_task_layer
-                    except Exception as e:
-                        sys_session.query(Task).filter_by(guid=ready_task.guid).update(
-                            {"state": -1, "process": "入库失败"})
-                        sys_session.commit()
-                        StructurePrint.print(e.__str__(), "error")
-                else:
-                    # 解表啊
-                    sys_session.commit()
-        except Exception as e:
-            sys_session.commit()
-            StructurePrint.print(e.__str__(), "error")
+import decimal
+
+from flask import Flask as _Flask
+from flask.json import JSONEncoder as _JSONEncoder
+from flask_cors import CORS
+import time
+
+from sqlalchemy.sql.expression import true
+import configure
+from app.util import BlueprintApi
+from app.util import find_class
+from app.models import db, Table, InsertingLayerName, Database, DES, Task
+from app.modules.auth.oauth2 import config_oauth, myCodeIDToken
+from flasgger import Swagger
+# from rtree import index
+import logging
+from sqlalchemy.orm import Session
+import multiprocessing
+from app.util.component.EntryData import EntryData
+from app.util.component.EntryDataVacuate import EntryDataVacuate
+import json
+import threading
+import traceback
+from sqlalchemy import distinct
+import uuid
+from osgeo.ogr import DataSource
+import datetime
+from sqlalchemy import or_
+from app.util.component.StructuredPrint import StructurePrint
+from app.util.component.PGUtil import PGUtil
+import os
+
+
+class JSONEncoder(_JSONEncoder):
+    """
+    因为decimal不能序列化，增加Flask对decimal类的解析
+    """
+
+    def default(self, o):
+        if isinstance(o, decimal.Decimal):
+            return float(o)
+        super(JSONEncoder, self).default(o)
+
+
+class Flask(_Flask):
+    json_encoder = JSONEncoder
+
+
+GLOBAL_DIC = {}
+
+
+def create_app():
+    """
+    flask应用创建函数
+    :return:app,flask实例
+    """
+
+    # app基本设置
+    app = Flask(__name__)
+    app.config['SQLALCHEMY_DATABASE_URI'] = configure.SQLALCHEMY_DATABASE_URI
+    app.config['echo'] = True
+    app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
+    app.config['JSON_AS_ASCII'] = False
+    app.config['SECRET_KEY'] = configure.SECRET_KEY
+    app.config['OAUTH2_JWT_ENABLED'] = True
+
+    app.config['OAUTH2_JWT_ISS'] = 'http://localhost:5000'
+    app.config['OAUTH2_JWT_KEY'] = 'secret-key'
+    app.config['OAUTH2_JWT_ALG'] = 'HS256'
+    # app.config['SQLALCHEMY_ECHO'] = True
+    
+    # allows cookies and credentials to be submitted across domains
+    app.config['CORS_SUPPORTS_CREDENTIALS'] = true
+    app.config['CORS_ORIGINS ']="*"
+
+    # 跨域设置
+    CORS(app)
+
+    # swagger设置
+    swagger_config = Swagger.DEFAULT_CONFIG
+    swagger_config.update(configure.swagger_configure)
+    Swagger(app, config=swagger_config)
+
+    # 创建数据库
+    db.init_app(app)
+    db.create_all(app=app)
+
+    # 日志
+    logging.basicConfig(level=logging.INFO)
+    log_file = os.path.join(os.path.dirname(os.path.dirname(
+        os.path.realpath(__file__))), "logs", "log.txt")
+    handler = logging.FileHandler(
+        log_file, encoding='UTF-8')   # 设置日志字符集和存储路径名字
+    logging_format = logging.Formatter(
+        '[%(levelname)s] %(asctime)s %(message)s')
+    handler.setFormatter(logging_format)
+    app.logger.addHandler(handler)
+
+    # 配置使用鉴权组件，不写无法认证授权
+    config_oauth(app)
+
+    # 注册blueprint，查找BlueprintApi的子类
+    for scan in configure.scan_module:
+        for api in find_class(scan, BlueprintApi):
+            app.register_blueprint(api.bp)
+
+    # 入库监测线程
+
+    @app.before_first_request
+    def data_entry_process():
+        StructurePrint.print("start listen")
+        process = threading.Thread(target=data_entry_center)
+        process.start()
+
+    # 不检测https
+    os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
+
+    # 上下文全局变量字典
+    global GLOBAL_DIC
+
+    return app
+
+
+def data_entry_center():
+    running_dict = {}
+    sys_session: Session = PGUtil.get_db_session(
+        configure.SQLALCHEMY_DATABASE_URI)
+
+    while True:
+
+        try:
+            time.sleep(3)
+
+            # 已经结束的进程 从监测中删除
+            remove_process = []
+
+            # structured_print(running_dict.__len__().__str__())
+
+            for process, layer_names in running_dict.items():
+                if not process.is_alive():
+                    for l in layer_names:
+                        inserted = sys_session.query(
+                            InsertingLayerName).filter_by(name=l).one_or_none()
+                        if inserted:
+                            sys_session.delete(inserted)
+                    sys_session.commit()
+                    remove_process.append(process)
+            for process in remove_process:
+                running_dict.pop(process)
+
+            # StructurePrint.print("listening...")
+
+            # 入库进程少于阈值，开启入库进程
+
+            inter_size = sys_session.query(
+                distinct(InsertingLayerName.task_guid)).count()
+
+            if inter_size < configure.entry_data_thread:
+                # 锁表啊
+                ready_task: Task = sys_session.query(Task).filter_by(state=0, task_type=1).order_by(
+                    Task.create_time).with_lockmode("update").limit(1).one_or_none()
+                if ready_task:
+
+                    try:
+                        parameter = json.loads(ready_task.parameter)
+                        StructurePrint.print("检测到入库任务")
+                        ready_task.state = 2
+                        ready_task.process = "入库中"
+                        sys_session.commit()
+
+                        metas: list = json.loads(
+                            parameter.get("meta").__str__())
+                        parameter["meta"] = metas
+
+                        database = sys_session.query(Database).filter_by(
+                            guid=ready_task.database_guid).one_or_none()
+                        pg_ds: DataSource = PGUtil.open_pg_data_source(
+                            1, DES.decode(database.sqlalchemy_uri))
+
+                        this_task_layer = []
+                        for meta in metas:
+                            overwrite = parameter.get("overwrite", "no")
+
+                            for layer_name_origin, layer_name in meta.get("layer").items():
+                                origin_name = layer_name
+                                no = 1
+
+                                while (overwrite.__eq__("no") and pg_ds.GetLayerByName(layer_name)) or sys_session.query(InsertingLayerName).filter_by(name=layer_name).one_or_none():
+                                    layer_name = origin_name + "_{}".format(no)
+                                    no += 1
+
+                                # 添加到正在入库的列表中
+                                iln = InsertingLayerName(guid=uuid.uuid1().__str__(),
+                                                         task_guid=ready_task.guid,
+                                                         name=layer_name)
+
+                                sys_session.add(iln)
+                                sys_session.commit()
+                                this_task_layer.append(layer_name)
+                                # 修改表名
+                                meta["layer"][layer_name_origin] = layer_name
+
+                        pg_ds.Destroy()
+                        entry_data_process = multiprocessing.Process(
+                            target=EntryDataVacuate().entry, args=(parameter,))
+                        entry_data_process.start()
+                        running_dict[entry_data_process] = this_task_layer
+                    except Exception as e:
+                        sys_session.query(Task).filter_by(guid=ready_task.guid).update(
+                            {"state": -1, "process": "入库失败"})
+                        sys_session.commit()
+                        StructurePrint.print(e.__str__(), "error")
+                else:
+                    # 解表啊
+                    sys_session.commit()
+        except Exception as e:
+            sys_session.commit()
+            StructurePrint.print(e.__str__(), "error")

-from app.util import BlueprintApi
-from app.util import BlueprintApi
-from flask import Blueprint, render_template, redirect, url_for, request, session, jsonify
-from flask_sqlalchemy import sqlalchemy
-from sqlalchemy import and_
-from .models import *
-from werkzeug.security import gen_salt
-import time
-from .oauth2 import authorization, require_oauth, generate_user_info
-from authlib.oauth2 import OAuth2Error
-from authlib.integrations.flask_oauth2 import current_token
-
-
-def current_user():
-    if 'id' in session:
-        uid = session['id']
-        return User.query.get(uid)
-    return None
-
-
-def split_by_crlf(s):
-    return [v for v in s.splitlines() if v]
-
-
-class DataManager(BlueprintApi):
-    bp = Blueprint("Auth", __name__, url_prefix="/auth")
-
-    # @staticmethod
-    # @bp.route('/test', methods=('GET', 'POST'))
-    # def Test():
-    #     res = {}
-    #     try:
-    #         res['user'] = User.query.all()
-    #     except Exception as e:
-    #         raise e
-    #     return res
-
-    # @staticmethod
-    # @bp.route('/login', methods=('GET', 'POST'))
-    # def Login():
-    #     if request.method == 'POST':
-    #         username = request.form['username']
-    #         password = request.form['password']
-    #         user = User.query.filter_by(username=username).first()
-    #         if not user:
-    #             user = User(username=username,
-    #                         password=password, role='admin')
-    #             db.session.add(user)
-    #             db.session.commit()
-    #         session['id'] = user.id
-    #         return redirect('/auth/authorize')
-    #     user = current_user()
-    #     if user:
-    #         clients = OAuth2Client.query.filter_by(user_id=user.id).all()
-    #     else:
-    #         clients = []
-    #     return render_template('auth/authorize.html', user=user, clients=clients)
-
-    # @staticmethod
-    # @bp.route('/create_client', methods=('GET', 'POST'))
-    # def create_client():
-    #     user = current_user()
-    #     if not user:
-    #         return redirect('/auth/login')
-    #     if request.method == 'GET':
-    #         return render_template('auth/create_client.html')
-    #     form = request.form
-    #     client_id = gen_salt(24)
-    #     client = OAuth2Client(client_id=client_id, user_id=user.id)
-    #     # Mixin doesn't set the issue_at date
-    #     client.client_id_issued_at = int(time.time())
-    #     if client.token_endpoint_auth_method == 'none':
-    #         client.client_secret = ''
-    #     else:
-    #         client.client_secret = gen_salt(48)
-    #     client_metadata = {
-    #         "client_name": form["client_name"],
-    #         "client_uri": form["client_uri"],
-    #         "grant_types": split_by_crlf(form["grant_type"]),
-    #         "redirect_uris": split_by_crlf(form["redirect_uri"]),
-    #         "response_types": split_by_crlf(form["response_type"]),
-    #         "scope": form["scope"],
-    #         "token_endpoint_auth_method": form["token_endpoint_auth_method"]
-    #     }
-    #     client.set_client_metadata(client_metadata)
-    #     db.session.add(client)
-    #     db.session.commit()
-    #     return redirect('/auth/login')
-
-    @staticmethod
-    @bp.route('/authorize', methods=('GET', 'POST'))
-    def authorize():
-        user = current_user()
-        if request.method == 'GET':
-            try:
-                grant = authorization.validate_consent_request(end_user=user)
-            except OAuth2Error as error:
-                return jsonify(dict(error.get_body()))
-            return render_template('auth/authorize.html', user=user, grant=grant)
-            # return render_template('auth/login1.html', user=user, grant=grant)
-        if not user and 'username' in request.form:
-            username = request.form.get('username')
-            password = request.form.get('password')
-            user = User.query.filter_by(
-                username=username, password=password).first()
-        grant_user = user
-        # if request.form['confirm']:
-        #     grant_user = user
-        # else:
-        #     grant_user = None
-        return authorization.create_authorization_response(grant_user=grant_user)
-
-    @staticmethod
-    @bp.route('/token', methods=['POST'])
-    def issue_token():
-        return authorization.create_token_response()
-
-    @staticmethod
-    @bp.route('/userinfo')
-    @require_oauth('profile')
-    def api_me():
-        return jsonify(generate_user_info(current_token.user, current_token.scope))
+from enum import auto
+from logging import error
+from flasgger import swag_from
+from app.util import BlueprintApi
+from app.util import BlueprintApi
+from flask import Blueprint, render_template, redirect, request, session, jsonify
+from sqlalchemy import and_
+from .models import *
+from .oauth2 import authorization, require_oauth, generate_user_info
+from authlib.oauth2 import OAuth2Error
+from authlib.integrations.flask_oauth2 import current_token
+from . import user_create, client_create, client_query, user_query, user_update, user_delete
+
+
+def current_user():
+    if "id" in session:
+        uid = session["id"]
+        return User.query.get(uid)
+    return None
+
+
+def remove_user():
+    user = current_user()
+    if user:
+        session.pop("id")
+
+
+def split_by_crlf(s):
+    return [v for v in s.splitlines() if v]
+
+
+class DataManager(BlueprintApi):
+    bp = Blueprint("Auth", __name__, url_prefix="/auth")
+
+    # @staticmethod
+    # @bp.route("/test", methods=("GET", "POST"))
+    # def Test():
+    #     res = {}
+    #     try:
+    #         res["user"] = User.query.all()
+    #     except Exception as e:
+    #         raise e
+    #     return res
+
+    # @staticmethod
+    # @bp.route("/login", methods=("GET", "POST"))
+    # def Login():
+    #     if request.method == "POST":
+    #         username = request.form["username"]
+    #         password = request.form["password"]
+    #         user = User.query.filter_by(username=username).first()
+    #         if not user:
+    #             user = User(username=username,
+    #                         password=password, role="admin")
+    #             db.session.add(user)
+    #             db.session.commit()
+    #         session["id"] = user.id
+    #         return redirect("/auth/authorize")
+    #     user = current_user()
+    #     if user:
+    #         clients = OAuth2Client.query.filter_by(user_id=user.id).all()
+    #     else:
+    #         clients = []
+    #     return render_template("auth/authorize.html", user=user, clients=clients)
+
+    # @staticmethod
+    # @bp.route("/create_client", methods=("GET", "POST"))
+    # def create_client():
+    #     user = current_user()
+    #     if not user:
+    #         return redirect("/auth/login")
+    #     if request.method == "GET":
+    #         return render_template("auth/create_client.html")
+    #     form = request.form
+    #     client_id = gen_salt(24)
+    #     client = OAuth2Client(client_id=client_id, user_id=user.id)
+    #     # Mixin doesn"t set the issue_at date
+    #     client.client_id_issued_at = int(time.time())
+    #     if client.token_endpoint_auth_method == "none":
+    #         client.client_secret = ""
+    #     else:
+    #         client.client_secret = gen_salt(48)
+    #     client_metadata = {
+    #         "client_name": form["client_name"],
+    #         "client_uri": form["client_uri"],
+    #         "grant_types": split_by_crlf(form["grant_type"]),
+    #         "redirect_uris": split_by_crlf(form["redirect_uri"]),
+    #         "response_types": split_by_crlf(form["response_type"]),
+    #         "scope": form["scope"],
+    #         "token_endpoint_auth_method": form["token_endpoint_auth_method"]
+    #     }
+    #     client.set_client_metadata(client_metadata)
+    #     db.session.add(client)
+    #     db.session.commit()
+    #     return redirect("/auth/login")
+
+    @staticmethod
+    @bp.route("/authorize", methods=("GET", "POST"))
+    def authorize():
+        user = current_user()
+        if request.method == "GET":
+            # 没有登录，跳转到登录界面
+            try:
+                grant = authorization.validate_consent_request(end_user=user)
+            except OAuth2Error as error:
+                return jsonify(dict(error.get_body()))
+            if not user:
+                return render_template("auth/authorize.html", user=user, grant=grant)
+            # return render_template("auth/login1.html", user=user, grant=grant)
+        error = ""
+        if not user:
+            if not "username" in request.form or not request.form.get("username"):
+                error = "用户名不可为空"
+            elif not "password" in request.form or not request.form.get("password"):
+                error = "密码不可为空"
+            else:
+                username = request.form.get("username")
+                password = request.form.get("password")
+                user = User.query.filter_by(
+                    username=username, password=password).first()
+                if not user:
+                    error = "账号或密码不正确"
+
+        if user:
+            session["id"] = user.id
+            grant_user = user
+            return authorization.create_authorization_response(grant_user=grant_user)
+
+        try:
+            grant = authorization.validate_consent_request(end_user=user)
+        except OAuth2Error as error:
+            return jsonify(dict(error.get_body()))
+        return render_template("auth/authorize.html", user=user, grant=grant, error=error)
+
+        # if request.form["confirm"]:
+        #     grant_user = user
+        # else:
+        #     grant_user = None
+
+    @staticmethod
+    @bp.route("/token", methods=["POST"])
+    def issue_token():
+        return authorization.create_token_response()
+
+    @staticmethod
+    @bp.route("/userinfo")
+    @require_oauth("profile")
+    def api_me():
+        try:
+            return jsonify(generate_user_info(current_token.user, current_token.scope))
+        except error as e:
+            return jsonify(dict(e.get_body()))
+
+    @staticmethod
+    @bp.route("/logout", methods=["GET"])
+    # @require_oauth("profile")
+    def logout():
+        url = ''
+        try:
+            user = current_user()
+            grant = authorization.validate_consent_request(end_user=user)
+            access_token = request.args.get("accesstoken")
+            accesstoken = OAuth2Token.query.filter_by(
+                access_token=access_token).first()
+            accesstoken.revoked = True
+            db.session.commit()
+            remove_user()
+            if accesstoken:
+                url = grant.client.client_uri
+        except OAuth2Error as error:
+            return jsonify(dict(error.get_body()))
+        return redirect(url)
+        # if current_token:
+        #     remove_user()
+        #     # accesstoken = OAuth2Token.query.filter_by(
+        #     #     access_token=current_token.access_token).first()
+        #     try:
+        #         # accesstoken.revoked = True
+        #         # db.session.commit()
+        #     except error as e:
+        #         return jsonify(dict(e.get_body()))
+        # else:
+        #     return jsonify({"result": False, "message": "access_token is null"})
+
+        # return jsonify({"result": True, "message": "logout success"})
+
+    """接口"""
+    @staticmethod
+    @bp.route("/users", methods=["GET"])
+    @swag_from(user_query.Api.api_doc)
+    def user_query():
+        """
+        获取用户列表
+        """
+        return user_query.Api().result
+
+    @staticmethod
+    @bp.route("/users", methods=["POST"])
+    @swag_from(user_create.Api.api_doc)
+    def user_create():
+        """
+        创建用户
+        """
+        return user_create.Api().result
+
+    @staticmethod
+    @bp.route("/userEdit", methods=["POST"])
+    @swag_from(user_update.Api.api_doc)
+    def user_update():
+        """
+        更新用户信息
+        """
+        return user_update.Api().result
+
+    @staticmethod
+    @bp.route("/userDelete", methods=["POST"])
+    @swag_from(user_delete.Api.api_doc)
+    def user_delete():
+        """
+        删除用户
+        """
+        return user_delete.Api().result
+
+    @staticmethod
+    @bp.route("/client", methods=["POST"])
+    @swag_from(client_create.Api.api_doc)
+    def client_create():
+        """
+        创建client
+        """
+        return client_create.Api().result
+
+    @staticmethod
+    @bp.route("/client", methods=["GET"])
+    @swag_from(client_query.Api.api_doc)
+    def client_query():
+        """
+        获取client列表
+        """
+        return client_query.Api().result

+# coding=utf-8
+#author:        qianyingz
+#createtime:    2021/8/13
+#email:         qianyingz@chinadci.com
+
+from re import split
+from .models import *
+from app.util.component.ApiTemplate import ApiTemplate
+from werkzeug.security import gen_salt
+import time
+import string
+
+
+class Api(ApiTemplate):
+    api_name = "注册客户端"
+
+    def para_check(self):
+        if not self.para.get("name"):
+            raise Exception("name is null")
+        if not self.para.get("uri"):
+            raise Exception("uri is null")
+        if not self.para.get("redirect_uris"):
+            raise Exception("redirect_uris is null")
+        # if not self.para.get('username'):
+        #     raise Exception("username is null")
+         # if not self.para.get("scope"):
+        #     raise Exception("scope is null")
+        # if not self.para.get("grant_type"):
+        #     raise Exception("grant_type is null")
+        # if not self.para.get("response_type"):
+        #     raise Exception("response_type is null")
+
+    def process(self):
+
+        # 返回结果
+        res = {}
+        res["result"] = False
+        try:
+            # 默认值
+            scope = "openid profile"
+            grant_type = ["authorization_code"]
+            response_type = ["code"]
+            auth_method = "client_secret_basic"
+            # 业务逻辑
+            username = self.para.get("username")
+            client_id = gen_salt(24)
+            name = self.para.get("name")
+            uri = self.para.get("uri")
+            redirect_uris = self.para.get("redirect_uris").split(",")
+
+            if not username:
+                username = 'admin'
+            user = User.query.filter_by(username=username).first()
+            if not User:
+                res["msg"] = "username 指定用户不存在"
+                res["data"] = {}
+                res["result"] = False
+            else:
+                client = OAuth2Client(client_id=client_id, user_id=user.id)
+                # Mixin doesn"t set the issue_at date
+                client.client_id_issued_at = int(time.time())
+                if client.token_endpoint_auth_method == "none":
+                    client.client_secret = ""
+                else:
+                    client.client_secret = gen_salt(48)
+                    client_metadata = {
+                        "client_name": name,
+                        "client_uri": uri,
+                        "grant_types": grant_type,
+                        "redirect_uris": redirect_uris,
+                        "response_types": response_type,
+                        "scope": scope,
+                        "token_endpoint_auth_method": auth_method
+                    }
+                    client.set_client_metadata(client_metadata)
+                    db.session.add(client)
+                    db.session.commit()
+                    res["msg"] = "创建client成功"
+                    res["data"] = {"client_secret": client.client_secret,
+                                   "client_id": client.client_id}
+                    res["result"] = True
+        except Exception as e:
+            db.session.rollback()
+            raise e
+        return res
+
+    api_doc = {
+
+        "tags": ["认证接口"],
+        "parameters": [
+            {"name": "name",
+             "in": "formData",
+             "type": "string",
+             "description": "客户端名称",
+             "required": "true"},
+            {"name": "uri",
+             "in": "formData",
+             "type": "string",
+             "description": "客户端地址，多个地址用,连接",
+             "required": "true"},
+            {"name": "redirect_uris",
+             "in": "formData",
+             "type": "string",
+             "description": "重定向地址",
+             "required": "true"},
+            {"name": "username",
+             "in": "formData",
+             "type": "string",
+             "description": "注册client账号，默认使用admin"
+             },
+            # {"name": "scope",
+            #  "in": "formData",
+            #  "type": "string",
+            #  "description": "范围"},
+            # {"name": "grant_type",
+            #  "in": "formData",
+            #  "type": "string",
+            #  "description": "授权类型: authorization_code"},
+            #  {"name": "response_type",
+            #  "in": "formData",
+            #  "type": "string",
+            #  "description": "授权类型: code"}
+        ],
+        "responses": {
+            200: {
+                "schema": {
+                    "properties": {
+                    }
+                }
+            }
+        }
+    }

+# coding=utf-8
+#author:        qianyingz
+#createtime:    2021/8/13
+#email:         qianyingz@chinadci.com
+
+from .models import *
+from app.util.component.ApiTemplate import ApiTemplate
+from werkzeug.security import gen_salt
+
+class Api(ApiTemplate):
+    api_name = "获取client列表"
+
+    def para_check(self):
+        pass
+
+    def process(self):
+        # 返回结果
+        res = {}
+        res["result"] = False
+        res["data"] = []
+        try:
+            # 默认值
+            name = self.para.get("name")
+            if name:
+                clients = OAuth2Client.query.filter_by(client_name=name).all()
+            else:
+                clients = OAuth2Client.query.all()
+            for client in clients:
+                res["data"].append(
+                    {'client_id': client.client_id,
+                     'client_secret': client.client_secret,
+                     'client_id_issued_at': client.client_id_issued_at,
+                     'client_secret_expires_at': client.client_secret_expires_at,
+                     'client_metadata': client.client_metadata,
+                     'id': client.id,
+                     'user_id': client.user_id
+                     })
+            res["msg"] = "获取clients集合成功"
+            res["result"] = True
+        except Exception as e:
+            db.session.rollback()
+            raise e
+        return res
+
+    api_doc = {
+
+        "tags": ["认证接口"],
+        "parameters": [
+            {"name": "name",
+             "in": "formData",
+             "type": "string",
+             "description": "客户端名称"}
+        ],
+        "responses": {
+            200: {
+                "schema": {
+                    "properties": {
+                    }
+                }
+            }
+        }
+    }

-from flask_sqlalchemy import sqlalchemy
-from sqlalchemy import Column, Integer, Text, Time, ForeignKey
-from app.models import db
-from authlib.integrations.sqla_oauth2 import (
-    OAuth2ClientMixin,
-    OAuth2TokenMixin,
-    OAuth2AuthorizationCodeMixin
-)
-from sqlalchemy.orm import relationship
-
-
-class User (db.Model):
-    '''
-    用户信息表
-    '''
-    __tablename__ = "dmdms_user"
-    id = Column(Integer, primary_key=True)
-    username = Column(Text)
-    password = Column(Text)
-    company = Column(Text)
-    position = Column(Text)
-    phone = Column(Text)
-    email = Column(Text)
-    create_time = Column(Time)
-    update_time = Column(Time)
-    role = Column(Text)
-
-    def __str__(self):
-        return self.username
-
-    def get_user_id(self):
-        return self.id
-
-
-class OAuth2Client(db.Model, OAuth2ClientMixin):
-    __tablename__ = 'oauth2_client'
-
-    id = Column(Integer, primary_key=True)
-    user_id = Column(
-        Integer, ForeignKey('dmdms_user.id', ondelete='CASCADE'))
-    user = relationship('User')
-
-
-class OAuth2AuthorizationCode(db.Model, OAuth2AuthorizationCodeMixin):
-    __tablename__ = 'oauth2_code'
-
-    id = Column(Integer, primary_key=True)
-    user_id = Column(
-        Integer, ForeignKey('dmdms_user.id', ondelete='CASCADE'))
-    user = relationship('User')
-
-
-class OAuth2Token(db.Model, OAuth2TokenMixin):
-    __tablename__ = 'oauth2_token'
-
-    id = Column(Integer, primary_key=True)
-    user_id = Column(
-        Integer, ForeignKey('dmdms_user.id', ondelete='CASCADE'))
-    user = relationship('User')
+from flask_sqlalchemy import sqlalchemy
+from sqlalchemy import Column, Integer, Text, Time, ForeignKey
+from app.models import db
+from authlib.integrations.sqla_oauth2 import (
+    OAuth2ClientMixin,
+    OAuth2TokenMixin,
+    OAuth2AuthorizationCodeMixin
+)
+from sqlalchemy.orm import relationship
+
+
+class User (db.Model):
+    '''
+    用户信息表
+    '''
+    __tablename__ = "dmdms_user"
+    id = Column(Integer, primary_key=True)
+    username = Column(Text)
+    password = Column(Text)
+    company = Column(Text)
+    position = Column(Text)
+    phone = Column(Text)
+    email = Column(Text)
+    create_time = Column(Time)
+    update_time = Column(Time)
+    role = Column(Text)
+
+    def __str__(self):
+        return self.username
+
+    def get_user_id(self):
+        return self.id
+
+
+class OAuth2Client(db.Model, OAuth2ClientMixin):
+    __tablename__ = 'dmdms_oauth2_client'
+
+    id = Column(Integer, primary_key=True)
+    user_id = Column(
+        Integer, ForeignKey('dmdms_user.id', ondelete='CASCADE'))
+    user = relationship('User')
+
+
+class OAuth2AuthorizationCode(db.Model, OAuth2AuthorizationCodeMixin):
+    __tablename__ = 'dmdms_oauth2_code'
+
+    id = Column(Integer, primary_key=True)
+    user_id = Column(
+        Integer, ForeignKey('dmdms_user.id', ondelete='CASCADE'))
+    user = relationship('User')
+
+
+class OAuth2Token(db.Model, OAuth2TokenMixin):
+    __tablename__ = 'dmdms_oauth2_token'
+
+    id = Column(Integer, primary_key=True)
+    user_id = Column(
+        Integer, ForeignKey('dmdms_user.id', ondelete='CASCADE'))
+    # name = Column(Text)
+    user = relationship('User')

+from os import access, remove
+from time import time
 from authlib.integrations.flask_oauth2 import (
 from authlib.integrations.flask_oauth2 import (
     AuthorizationServer, ResourceProtector)
     AuthorizationServer, ResourceProtector)
 from authlib.integrations.sqla_oauth2 import (
 from authlib.integrations.sqla_oauth2 import (
@@ -13,11 +15,12 @@ from authlib.oidc.core.grants import (
     OpenIDImplicitGrant as _OpenIDImplicitGrant,
     OpenIDImplicitGrant as _OpenIDImplicitGrant,
     OpenIDHybridGrant as _OpenIDHybridGrant,
     OpenIDHybridGrant as _OpenIDHybridGrant,
 )
 )
-from authlib.oidc.core import UserInfo
+from authlib.oidc.core import UserInfo, CodeIDToken, IDToken
+from sqlalchemy.sql.sqltypes import DateTime
 from werkzeug.security import gen_salt
 from werkzeug.security import gen_salt
 from .models import db, User
 from .models import db, User
 from .models import OAuth2Client, OAuth2AuthorizationCode, OAuth2Token
 from .models import OAuth2Client, OAuth2AuthorizationCode, OAuth2Token
-
+from flask import g
 
 
 DUMMY_JWT_CONFIG = {
 DUMMY_JWT_CONFIG = {
     'key': 'secret-key',
     'key': 'secret-key',
@@ -26,6 +29,17 @@ DUMMY_JWT_CONFIG = {
     'exp': 7200,
     'exp': 7200,
 }
 }
 
 
+class myCodeIDToken(CodeIDToken):
+    def validate(self, now, leeway):
+        return super().validate(now=now, leeway=leeway)
+    
+    def validate_exp(self, now, leeway):
+        return super().validate_exp(now, leeway)
+
+
+def validate_token(accesstoken):
+    return IDToken.validate(self=accesstoken)
+
 
 
 def exists_nonce(nonce, req):
 def exists_nonce(nonce, req):
     exists = OAuth2AuthorizationCode.query.filter_by(
     exists = OAuth2AuthorizationCode.query.filter_by(
@@ -119,11 +133,12 @@ def config_oauth(app):
         app,
         app,
         query_client=query_client,
         query_client=query_client,
         save_token=save_token
         save_token=save_token
+        # fetch_token=fetch_token
     )
     )
 
 
     # support all openid grants
     # support all openid grants
     authorization.register_grant(AuthorizationCodeGrant, [
     authorization.register_grant(AuthorizationCodeGrant, [
-        OpenIDCode(require_nonce=True),
+        OpenIDCode(require_nonce=True)
     ])
     ])
     authorization.register_grant(ImplicitGrant)
     authorization.register_grant(ImplicitGrant)
     authorization.register_grant(HybridGrant)
     authorization.register_grant(HybridGrant)

+# coding=utf-8
+#author:        qianyingz
+#createtime:    2021/8/13
+#email:         qianyingz@chinadci.com
+
+from .models import *
+from app.util.component.ApiTemplate import ApiTemplate
+import time
+
+
+class Api(ApiTemplate):
+    api_name = "创建用户"
+
+    def para_check(self):
+        if not self.para.get("username"):
+            raise Exception("username is null")
+        if not self.para.get("pwd"):
+            raise Exception("pwd is null")
+        if not self.para.get("role"):
+            raise Exception("role is null")
+
+    def process(self):
+
+        # 返回结果
+        res = {}
+        res["result"] = False
+        try:
+            # 业务逻辑
+            username = self.para.get("username")
+            password = self.para.get("pwd")
+            role = self.para.get("role")
+            company = self.para.get("company", None)
+            position = self.para.get("position", None)
+            email = self.para.get("email", None)
+            phone = self.para.get("phone", None)
+            # 是否重名
+            if(User.query.filter_by(username=username).one_or_none()):
+                res["msg"] = "username 已存在"
+            else:
+                user = User(username=username, password=password, role=role,
+                            phone=phone, company=company, position=position, email=email,
+                            create_time=time.strftime(
+                                "%Y-%m-%d %H:%M:%S", time.localtime()),
+                            update_time=time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()))
+                db.session.add(user)
+                db.session.commit()
+                res["msg"] = "用户创建成功"
+                res["data"] = {"id": user.id,
+                               "username": user.username, "role": user.role}
+                res["result"] = True
+        except Exception as e:
+            db.session.rollback()
+            raise e
+        return res
+
+    api_doc = {
+
+        "tags": ["认证接口"],
+        "parameters": [
+            {"name": "username",
+             "in": "formData",
+             "type": "string",
+             "description": "用户名",
+             "required": "true"},
+            {"name": "pwd",
+             "in": "formData",
+             "type": "string",
+             "description": "密码",
+             "required": "true"},
+            {"name": "role",
+             "in": "formData",
+             "type": "string",
+             "description": "角色",
+             "required": "true"},
+            {"name": "company",
+             "in": "formData",
+             "type": "string",
+             "description": "单位",
+             "required": ""},
+            {"name": "email",
+             "in": "formData",
+             "type": "string",
+             "description": "邮件",
+             "required": ""},
+            {"name": "phone",
+             "in": "formData",
+             "type": "string",
+             "description": "电话",
+             "required": ""},
+            {"name": "position",
+             "in": "formData",
+             "type": "string",
+             "description": "职位",
+             "required": ""},
+        ],
+        "responses": {
+            200: {
+                "schema": {
+                    "properties": {
+                    }
+                }
+            }
+        }
+    }

+from app.util.component.ApiTemplate import ApiTemplate
+import time
+from .models import *
+
+
+class Api(ApiTemplate):
+    api_name = "更新用户信息"
+
+    def para_check(self):
+        if not self.para.get("guid"):
+            raise Exception("guid is null")
+        return super().para_check()
+
+    def process(self):
+        res = {}
+        res["result"] = False
+        try:
+            user_guid = int(self.para.get("guid"))
+            userinfo = User.query.filter_by(id=user_guid).one_or_none()
+            if not userinfo:
+                res["msg"] = "用户不存在"
+            else:
+                db.session.delete(userinfo)
+                db.session.commit()
+                res["result"] = True
+                res["msg"] = "删除用户成功"
+        except Exception as e:
+            db.session.rollback()
+            raise e
+        return res
+
+    api_doc = {
+        "tags": ["认证接口"],
+        "parameters": [
+            {"name": "guid",
+             "in": "formData",
+             "type": "string",
+             "description": "用户id",
+             "required": "true"}
+        ],
+        "responses": {
+            200: {
+                "schema": {
+                    "properties": {
+                    }
+                }
+            }
+        }
+    }

+# coding=utf-8
+#author:        qianyingz
+#createtime:    2021/8/14
+#email:         qianyingz@chinadci.com
+
+from authlib.oidc.core.claims import UserInfo
+from .models import *
+from app.util.component.ApiTemplate import ApiTemplate
+
+
+class Api(ApiTemplate):
+    api_name = "获取用户列表"
+
+    def para_check(self):
+        pass
+
+    def process(self):
+        # 返回结果
+        res = {}
+        res["result"] = False
+        try:
+            # 业务逻辑
+            pass
+            page_index = int(self.para.get("page_index", "0"))
+            page_size = int(self.para.get("page_size", "1000"))
+            name = self.para.get("name")
+            id = self.para.get('guid')
+
+            if id:
+                tmp_user = User.query.filter_by(id=id).first()
+                res["data"] = {"guid": tmp_user.id, "username": tmp_user.username,
+                               "role": tmp_user.role, "company": tmp_user.company,
+                               "position": tmp_user.position, "email": tmp_user.email,
+                               "phone": tmp_user.phone}
+            else:
+                # 获取集合
+                userLinq = User.query.order_by(User.id.desc())
+                if name:
+                    userLinq = userLinq.filter(
+                        User.username.like("%" + name + "%"))
+                tmp_count = userLinq.count()
+                tmp_list = userLinq.limit(page_size).offset(
+                    page_index * page_size).all()
+                res["data"] = {
+                    "count": tmp_count,
+                    "list": list(map(lambda t:
+                                     {"guid": t.id, "username": t.username,
+                                         "role": t.role},
+                                     tmp_list))}
+            res["result"] = True
+
+        except Exception as e:
+            raise e
+        return res
+
+    api_doc = {
+
+        "tags": ["认证接口"],
+        "parameters": [
+            {"name": "page_index",
+             "in": "query",
+             "type": "int",
+             "description": "当前页",
+             "default": 0},
+            {"name": "page_size",
+             "in": "query",
+             "type": "int",
+             "description": "条数",
+             "default": 1000},
+            {"name": "name",
+             "in": "query",
+             "type": "string",
+             "description": "名称关键字"},
+            {"name": "guid",
+             "in": "query",
+             "type": "string",
+             "description": "用户id，用于获取用户信息"}
+        ],
+        "responses": {
+            200: {
+                "schema": {
+                    "properties": {
+                    }
+                }
+            }
+        }
+    }

+from app.util.component.ApiTemplate import ApiTemplate
+import time
+from .models import *
+
+
+class Api(ApiTemplate):
+    api_name = "更新用户信息"
+
+    def para_check(self):
+        if not self.para.get("guid"):
+            raise Exception("guid is null")
+        return super().para_check()
+
+    def process(self):
+        res = {}
+        res["result"] = False
+        try:
+            user_guid = int(self.para.get("guid"))
+            obj_value = {"company": "company", "email": "email",
+                         "position": "position", "phone": "phone"}
+
+            userinfo = User.query.filter_by(id=user_guid)
+            if not userinfo.one_or_none():
+                res["msg"] = "数据不存在"
+            else:
+                # 更新密码要求同时输入pwd/newPwd/reNewPwd
+                if self.para.__contains__("pwd") or self.para.__contains__("newPwd") or self.para.__contains__("reNewPwd"):
+                    password = self.para.get("pwd")
+                    new_password = self.para.get("newPwd")
+                    re_new_password = self.para.get("reNewPwd")
+                    
+                    # validate pwd
+                    if not password:
+                        res["result"] = False
+                        res["msg"] = "无原密码"
+                        return res
+                    if new_password != re_new_password:
+                        res["result"] = False
+                        res["msg"] = "两次输入密码不一致"
+                        return res
+                    if userinfo.first().password != password:
+                        res["result"] = False
+                        res["msg"] = "原密码输入错误"
+                        return res
+                    
+                    # 更新密码
+                    userinfo.update({"password": new_password})
+                    
+                #更新用户基本信息
+                for key in obj_value:
+                    if self.para.__contains__(obj_value[key]):
+                        value = self.para.get(obj_value[key])
+                        value = "" if value == "None" or value == "none" else value
+                        userinfo.update({key: value})
+                        
+                db.session.commit()
+                res["result"] = True
+                res["msg"] = "更新用户信息成功"
+        except Exception as e:
+            db.session.rollback()
+            raise e
+        return res
+
+    api_doc = {
+        "tags": ["认证接口"],
+        "parameters": [
+            {"name": "guid",
+             "in": "formData",
+             "type": "string",
+             "description": "用户id",
+             "required": "true"},
+            {"name": "pwd",
+             "in": "formData",
+             "type": "string",
+             "description": "密码",
+             "required": ""},
+            {"name": "newPwd",
+             "in": "formData",
+             "type": "string",
+             "description": "密码",
+             "required": ""},
+            {"name": "reNewPwd",
+             "in": "formData",
+             "type": "string",
+             "description": "密码",
+             "required": ""},
+            {"name": "company",
+             "in": "formData",
+             "type": "string",
+             "description": "单位",
+             "required": ""},
+            {"name": "email",
+             "in": "formData",
+             "type": "string",
+             "description": "邮件",
+             "required": ""},
+            {"name": "phone",
+             "in": "formData",
+             "type": "string",
+             "description": "电话",
+             "required": ""},
+            {"name": "position",
+             "in": "formData",
+             "type": "string",
+             "description": "职位",
+             "required": ""},
+        ],
+        "responses": {
+            200: {
+                "schema": {
+                    "properties": {
+                    }
+                }
+            }
+        }
+    }

-html,
-body {
-    font-family: Microsoft YaHei Regular, Microsoft YaHei Regular-Regular;
-}
-
-html,
-body,
-p,
-input {
-    margin: 0;
-    padding: 0;
-}
-
-.login {
-    background: url(../images/login_background.png) no-repeat;
-    background-size: 100% 100%;
-    width: 100%;
-    height: 100%;
-    position: relative;
-}
-
-.login-container {
-    position: absolute;
-    top: -50px;
-    bottom: 0;
-    left: 0;
-    right: 0;
-    margin: auto;
-    width: 900px;
-    height: 454px;
-    background: #ffffff;
-    border-radius: 4px;
-    box-shadow: 2px 0 21px 0 rgba(38, 106, 184, 0.53);
-}
-
-.login-container-logo {
-    margin: 0;
-    background: url(../images/login_logo.png) no-repeat;
-    width: 401px;
-    height: 455px;
-    overflow: hidden;
-    float: left;
-}
-
-.login-container-header {
-    font-size: 22px;
-    font-weight: 700;
-    text-align: left;
-    color: #545454;
-    letter-spacing: 1px;
-    text-align: center;
-    margin-bottom: 54px;
-}
-
-.login-container-form {
-    margin-left: 401px;
-    height: 100%;
-    padding: 80px;
-}
-
-.login-container-form .form-group {
-    width: 296px;
-    margin: 0 auto;
-    margin-top: 22px;
-}
-
-.login-container-form .has-feedback.feedback-left .form-control-feedback {
-    left: 0;
-    right: auto;
-    width: 38px;
-    height: 45px;
-    line-height: 45px;
-    z-index: 4;
-    color: #dcdcdc;
-    font-size: 16px;
-}
-
-.login-container-form .has-feedback.feedback-left .micons-pwd {
-    font-size: 18px;
-    line-height: 48px;
-}
-
-.login-container-form .has-feedback.feedback-left .form-control {
-    padding-left: 38px;
-    padding-right: 12px;
-    border: 1px solid #ebebeb;
-    border-radius: 4px;
-    height: 45px;
-    color: #999;
-    font-size: 16px;
-    letter-spacing: 1px;
-}
-
-.login-container-form .has-feedback.feedback-left .form-control:hover,
-.login-container-form .has-feedback.feedback-left .form-control:hover,
-.login-container-form .has-feedback.feedback-left .form-control:focus {
-    border: 1px solid #3081c3;
-    outline: unset;
-    box-shadow: unset;
-}
-
-.login-container-form .overhidden {
-    padding-left: 24px;
-    font-size: 14px;
-    color: #999999;
-    vertical-align: bottom;
-    line-height: 18px;
-}
-
-.login-container-form .overhidden:hover {
-    color: #3081c3;
-}
-
-.login-container-form .ftdms-checkbox span::before {
-    height: 15px;
-    width: 15px;
-    border-width: 1px;
-    top: 2px;
-}
-
-#btn-login {
-    background: #3081c3;
-    height: 45px;
-    font-size: 16px;
-    font-weight: 400;
-    color: #ffffff;
-    letter-spacing: 1px;
-}
-
-#btn-login:hover {
-    background: #2ba3f6;
-}
-
-.form-control:focus,
-.form-control:hover {
-    box-shadow: unset;
-    border: 1px solid #3081c3 !important;
-}
-
-.form-control {
-    width: 100%;
-}
-
-.btn-info，.btn-info:active {
-    border: 1px solid;
-}
-
-.btn {
-    padding: 8px 12px;
-    border-radius: 2px;
-    outline: none !important;
-    -webkit-transition: 0.15s linear;
-    transition: 0.15s linear;
-}
-
-button {
-    display: block;
-    width: 100%;
-    margin-bottom: 0;
-    line-height: 1.42857143;
-    text-align: center;
-    white-space: nowrap;
-    touch-action: manipulation;
-    cursor: pointer;
-    user-select: none;
-    font-family: inherit;
-    overflow: visible;
-    margin: 0;
-    font: inherit;
-    outline: none !important;
-}
-
-.ftdms-checkbox span::before,
-.ftdms-radio span::before {
-    content: '';
-    position: absolute;
-    display: inline-block;
-    height: 18px;
-    width: 18px;
-    left: 0.5px;
-    top: 0px;
-    border: 2px solid #ebebeb;
-    -webkit-transition: all 0.1s;
-    -o-transition: all 0.1s;
-    transition: all 0.1s;
-}
-
-:after,
-:before {
-    -webkit-box-sizing: border-box;
-    -moz-box-sizing: border-box;
-    box-sizing: border-box;
+html,
+body {
+    font-family: Microsoft YaHei Regular, Microsoft YaHei Regular-Regular;
+}
+
+html,
+body,
+p,
+input {
+    margin: 0;
+    padding: 0;
+}
+
+.login {
+    background: url(../images/login_background.png) no-repeat;
+    background-size: 100% 100%;
+    width: 100%;
+    height: 100%;
+    position: relative;
+}
+
+.login-container {
+    position: absolute;
+    top: -50px;
+    bottom: 0;
+    left: 0;
+    right: 0;
+    margin: auto;
+    width: 900px;
+    height: 454px;
+    background: #ffffff;
+    border-radius: 4px;
+    box-shadow: 2px 0 21px 0 rgba(38, 106, 184, 0.53);
+}
+
+.login-container-logo {
+    margin: 0;
+    background: url(../images/login_logo.png) no-repeat;
+    width: 401px;
+    height: 455px;
+    overflow: hidden;
+    float: left;
+}
+
+.login-container-header {
+    font-size: 22px;
+    font-weight: 700;
+    text-align: left;
+    color: #545454;
+    letter-spacing: 1px;
+    text-align: center;
+    margin-bottom: 54px;
+}
+
+.login-container-header-small.login-container-header {
+    font-size: 22px;
+    font-weight: 700;
+    text-align: left;
+    color: #545454;
+    letter-spacing: 1px;
+    text-align: center;
+    margin-bottom: 22px;
+}
+
+.login-container-form {
+    margin-left: 401px;
+    height: 100%;
+    padding: 80px;
+}
+
+.login-container-form .form-tip {
+    margin-left: 21.5px;
+    color: red;
+    margin-bottom: 10px;
+    padding: 5px 6px;
+    width: 296px;
+    background: #ffebeb;
+    border: 1px solid #faccc6;
+    font-size: 11px;
+    border-radius: 4px;
+}
+
+.login-container-form .form-tip {
+    height: 32px;
+}
+
+.login-container-form .form-tip p {
+    margin: 0 0 0 5px;
+    line-height: 23px;
+}
+
+.login-container-form .form-tip p,
+.login-container-form .form-tip span {
+    display: block;
+    float: left;
+    height: 20px;
+}
+
+.stop {
+    background: url(../images/stop.png) no-repeat;
+    width: 20px;
+    height: 20px;
+}
+
+.login-container-form .form-group {
+    width: 296px;
+    margin: 0 auto;
+    margin-top: 22px;
+}
+
+.login-container-form :first-child {
+    margin-top: 0px;
+}
+
+.login-container-form .has-feedback.feedback-left .form-control-feedback {
+    left: 0;
+    right: auto;
+    width: 38px;
+    height: 45px;
+    line-height: 45px;
+    z-index: 4;
+    color: #dcdcdc;
+    font-size: 16px;
+}
+
+.login-container-form .has-feedback.feedback-left .micons-pwd {
+    font-size: 18px;
+    line-height: 48px;
+}
+
+.login-container-form .has-feedback.feedback-left .form-control {
+    padding-left: 38px;
+    padding-right: 12px;
+    border: 1px solid #ebebeb;
+    border-radius: 4px;
+    height: 45px;
+    color: #999;
+    font-size: 16px;
+    letter-spacing: 1px;
+}
+
+.login-container-form .has-feedback.feedback-left .form-control:hover,
+.login-container-form .has-feedback.feedback-left .form-control:hover,
+.login-container-form .has-feedback.feedback-left .form-control:focus {
+    border: 1px solid #3081c3;
+    outline: unset;
+    box-shadow: unset;
+}
+
+.login-container-form .overhidden {
+    padding-left: 24px;
+    font-size: 14px;
+    color: #999999;
+    vertical-align: bottom;
+    line-height: 18px;
+}
+
+.login-container-form .overhidden:hover {
+    color: #3081c3;
+}
+
+.login-container-form .ftdms-checkbox span::before {
+    height: 15px;
+    width: 15px;
+    border-width: 1px;
+    top: 2px;
+}
+
+#btn-login {
+    background: #3081c3;
+    height: 45px;
+    font-size: 16px;
+    font-weight: 400;
+    color: #ffffff;
+    letter-spacing: 1px;
+}
+
+#btn-login:hover {
+    background: #2ba3f6;
+}
+
+.form-control:focus,
+.form-control:hover {
+    box-shadow: unset;
+    border: 1px solid #3081c3 !important;
+}
+
+.form-control {
+    width: 100%;
+}
+
+.btn-info，.btn-info:active {
+    border: 1px solid;
+}
+
+.btn {
+    padding: 8px 12px;
+    border-radius: 2px;
+    outline: none !important;
+    -webkit-transition: 0.15s linear;
+    transition: 0.15s linear;
+}
+
+button {
+    display: block;
+    width: 100%;
+    margin-bottom: 0;
+    line-height: 1.42857143;
+    text-align: center;
+    white-space: nowrap;
+    touch-action: manipulation;
+    cursor: pointer;
+    user-select: none;
+    font-family: inherit;
+    overflow: visible;
+    margin: 0;
+    font: inherit;
+    outline: none !important;
+}
+
+.ftdms-checkbox span::before,
+.ftdms-radio span::before {
+    content: '';
+    position: absolute;
+    display: inline-block;
+    height: 18px;
+    width: 18px;
+    left: 0.5px;
+    top: 0px;
+    border: 2px solid #ebebeb;
+    -webkit-transition: all 0.1s;
+    -o-transition: all 0.1s;
+    transition: all 0.1s;
+}
+
+:after,
+:before {
+    -webkit-box-sizing: border-box;
+    -moz-box-sizing: border-box;
+    box-sizing: border-box;
 }
 }

-if (typeof(dmap) == "undefined") var dmap = {};
-dmap.login = {
-    init: function() {
-        $('#btn-login').bind('click', function(e) {
-            let username = $("#username").val();
-            let password = $("#password").val();
-
-            if (username.length <= 0 || password.length <= 0) {
-                tips.notify("用户名或密码不能为空", "danger", 1e3);
-                return false;
-            }
-
-            $.post("authorize", { username: username, password: password })
-        });
-    }
+if (typeof(dmap) == "undefined") var dmap = {};
+dmap.login = {
+    init: function() {
+        $('#btn-login').bind('click', function(e) {
+            let username = $("#username").val();
+            let password = $("#password").val();
+
+            if (username.length <= 0 || password.length <= 0) {
+                tips.notify("用户名或密码不能为空", "danger", 1e3);
+                return false;
+            }
+
+            $.post("authorize", { username: username, password: password }, function(data) {
+                if (!data.result) {
+                    tips.notify("账号或密码错误", "danger", 1e3);
+                }
+            })
+        });
+    }
 };
 };

-<html>
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-    <title>DMap Server</title>
-    <link
-      rel="stylesheet"
-      type="text/css"
-      href="{{ url_for('static', filename = 'content/css/login.css') }}"
-    />
-    <link
-      rel="stylesheet"
-      type="text/css"
-      href="{{ url_for('static', filename = 'content/css/font.css') }}"
-    />
-    <link
-      rel="stylesheet"
-      type="text/css"
-      href="{{ url_for('static', filename = 'content/css/bootstrap.min.css') }}"
-    />
-    <script src="{{ url_for('static',filename='content/js/jquery.min.js') }}"></script>
-    <script src="{{ url_for('static',filename='content/js/bootstrap-notify.min.js') }}"></script>
-    <script src="{{ url_for('static',filename='content/js/tips.js') }}"></script>
-    <script src="{{ url_for('static',filename='content/js/login.js') }}"></script>
-  </head>
-</html>
-
-<div class="login">
-  <div class="login-container">
-    <p class="login-container-logo"></p>
-    <div class="login-container-form">
-      <p class="login-container-header">广州城市信息研究所有限公司</p>
-      <form action="" method="post">
-        <div class="form-group has-feedback feedback-left">
-          <input
-            type="text"
-            placeholder="用户名"
-            maxlength="20"
-            autocomplete="off"
-            class="form-control border-info"
-            name="username"
-            id="username"
-          />
-          <span class="micons-user form-control-feedback"></span>
-        </div>
-
-        <div class="form-group has-feedback feedback-left">
-          <input
-            type="password"
-            placeholder="密码"
-            maxlength="20"
-            autocomplete="off"
-            class="form-control border-info"
-            id="password"
-            name="password"
-          />
-          <span class="micons-pwd form-control-feedback"></span>
-        </div>
-
-        <div class="form-group">
-          <button class="btn btn-block btn-info" type="submit" id="btn-login">
-            立即登录
-          </button>
-        </div>
-      </form>
-    </div>
-    <div class="clear"></div>
-  </div>
-</div>
-<script>
-  $(function () {})
-</script>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <title>DMap Server</title>
+    <link
+      rel="stylesheet"
+      type="text/css"
+      href="{{ url_for('static', filename = 'content/css/login.css') }}"
+    />
+    <link
+      rel="stylesheet"
+      type="text/css"
+      href="{{ url_for('static', filename = 'content/css/font.css') }}"
+    />
+    <link
+      rel="stylesheet"
+      type="text/css"
+      href="{{ url_for('static', filename = 'content/css/bootstrap.min.css') }}"
+    />
+    <script src="{{ url_for('static',filename='content/js/jquery.min.js') }}"></script>
+    <script src="{{ url_for('static',filename='content/js/bootstrap-notify.min.js') }}"></script>
+    <script src="{{ url_for('static',filename='content/js/tips.js') }}"></script>
+    <script src="{{ url_for('static',filename='content/js/login.js') }}"></script>
+  </head>
+</html>
+
+<div class="login">
+  <div class="login-container">
+    <p class="login-container-logo"></p>
+    <div class="login-container-form">
+
+      {%if error%}
+      <p class="login-container-header-small login-container-header">广州城市信息研究所有限公司</p>
+      <div class="form-tip">
+        <span class="stop"></span>
+        <p>{{error}}</p>
+      </div>
+      {% else %}
+      <p class="login-container-header">广州城市信息研究所有限公司</p>
+      {% endif %}
+
+      <form action="" method="post">
+        <div class="form-group has-feedback feedback-left">
+          <input
+            type="text"
+            placeholder="用户名"
+            maxlength="20"
+            autocomplete="off"
+            class="form-control border-info"
+            name="username"
+            id="username"
+          />
+          <span class="micons-user form-control-feedback"></span>
+        </div>
+
+        <div class="form-group has-feedback feedback-left">
+          <input
+            type="password"
+            placeholder="密码"
+            maxlength="20"
+            autocomplete="off"
+            class="form-control border-info"
+            id="password"
+            name="password"
+          />
+          <span class="micons-pwd form-control-feedback"></span>
+        </div>
+
+        <div class="form-group">
+          <button class="btn btn-block btn-info" type="submit" id="btn-login">
+            立即登录
+          </button>
+        </div>
+      </form>
+    </div>
+    <div class="clear"></div>
+  </div>
+</div>
+<script>
+  $(function () {})
+</script>

@@ -20,3 +20,4 @@ swagger_configure = {"title": "DMapManager"}
 entry_data_thread = 3
 entry_data_thread = 3
 scan_module = ["app.modules"]  # API所在的模块
 scan_module = ["app.modules"]  # API所在的模块
 SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/'
 SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/'
+

-# coding=utf-8
-from flask import Flask
-from app import create_app
-app:Flask = create_app()
-if __name__ == '__main__':
-    app.run(host="0.0.0.0", port="8840", threaded=True, debug=True)
-    # app.run(host="0.0.0.0", port="8840", threaded=True)
+# coding=utf-8
+from flask import Flask
+from app import create_app
+import os
+os.environ['AUTHLIB_INSECURE_TRANSPORT'] = '1'
+app: Flask = create_app()
+if __name__ == '__main__':
+    app.run(host="0.0.0.0", port="8840", threaded=True, debug=True)
+    # app.run(host="0.0.0.0", port="8840", threaded=True)