-
Notifications
You must be signed in to change notification settings - Fork 84
/
Copy pathaccounts2.py
103 lines (78 loc) · 2.79 KB
/
accounts2.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# -*- coding: utf-8 -*-
from __future__ import absolute_import
import shelve
import os
import web
import uuid
import hashlib
import json
from datetime import datetime
_curdir = os.path.dirname(__file__)
_session = shelve.open(os.path.join(_curdir, 'session'))
_accounts = shelve.open(os.path.join(_curdir, 'accounts'))
class LoginException(Exception):
pass
def _save_session(username):
sessionid = str(uuid.uuid1())
web.setcookie('sessionid', sessionid, 60 * 60 * 24 * 365)
_session[sessionid] = web.storage(username=username, createtime=datetime.now())
def _account_exists(username):
return username in _accounts
def _check_login(username, password):
account = _accounts[username]
if account.password != password:
return dict(code=401, message='password invalid')
else:
_save_session(username)
return dict(code=200, message='login ok')
def _register_account(username, password):
_accounts[username] = web.Storage(password=password)
_save_session(username)
return json.dumps(dict(code=200, message='register ok'))
def _check_session():
sessionid = web.cookies('sessionid')
if not sessionid:
raise LoginException('sessionid not found in cookies')
if sessionid not in _session:
raise LoginException('sessionid not found in sessions')
return sessionid, _session[sessionid]
class login(object):
def POST(self, username, password):
password = hashlib.sha1(password).hexdigest()
if _account_exists(username):
result = _check_login(username, password)
else:
result = _register_account(username, password)
return json.dumps(result)
class logout(object):
def POST(self):
try:
sessionid, username = _check_session()
web.setcookie('sessionid', sessionid, -1)
del _session[sessionid]
return json.dumps(dict(code=200, message='logout ok'))
except LoginException, le:
return json.dumps(dict(code=400, message=le.message))
class userinfo(object):
def GET(self):
try:
sessionid, username = _check_session()
account = _accounts[username].copy()
del account['password']
return json.dumps(dict(code=200, message='ok', data=account))
except LoginException, le:
return json.dumps(dict(code=400, message=le.message))
def POST(self):
try:
sessionid, username = _check_session()
account = _accounts[username]
account.update(web.data())
except LoginException, le:
return json.dumps(dict(code=400, message=le.message))
urls = ["/login", login,
"/logout", logout,
"/userinfo", userinfo
]
def __del__():
_session.close()
_accounts.close()