登录相关:
后端Flask代码:
import re
from flask import request, jsonify, session
from info.response_code import RET
from info.models import User
from . import blue_passport
@blue_passport.route("/login", methods=["POST"])
def login():
"""
登录相关
1.接收参数(mobile, password)
2.校验参数(mobile, password)
2.1 tel_number是否合法(re)
2.2 MySQL中是否有tel_number
2.3 MySQL中对应password是否正确
3.实现状态保持(session)
4.返回结果
:return:
"""
# 1.接收参数(mobile, password)
mobile = request.json.get("mobile")
password = request.json.get("password")
# 2.校验参数(mobile, password)
# 2.1 tel_number是否合法(re)
if not re.findall("^(13[0-9]|14[5|7]|15[0|1|2|3|4|5|6|7|8|9]|18[0|1|2|3|5|6|7|8|9])d{8}$", mobile.strip()):
return jsonify(errno=RET.PARAMERR, errmsg="手机号格式错误")
# 2.2 MySQL中是否有tel_number
user = User.query.filter_by(mobile=mobile).first()
if not user:
return jsonify(errno=RET.PARAMERR, errmsg="账号不存在")
# 2.3 MySQL中对应password是否正确
flag = user.check(password)
if not flag:
return jsonify(errno=RET.PARAMERR, errmsg="密码错误")
# 3.实现状态保持(session)
session["id"] = user.id
session["mobile"] = user.mobile
session["nick_name"] = user.nick_name
# 4.返回结果
return jsonify(errno=RET.OK, errmsg="登陆成功")
JS代码:
// TODO 登录表单提交
$(".login_form_con").submit(function (e) {
e.preventDefault()
var mobile = $(".login_form #mobile").val()
var password = $(".login_form #password").val()
if (!mobile) {
$("#login-mobile-err").show();
return;
}
if (!password) {
$("#login-password-err").show();
return;
}
// 发起登录请求
var params = {
'mobile':mobile,
'password':password
};
$.ajax({
url:'/passport/login',
type:'post',
data:JSON.stringify(params),
contentType:'application/json',
headers:{'X-CSRFToken':getcookie('csrf_token')}, // 在请求头中带上csrf_token
success:function (response) {
if (response.errno == '0') {
// 登录成功后刷新当前界面
location.reload();
} else {
alert(response.errmsg);
}
}
});
})
数据库模型类:
class User(baseModel, db.Model):
"""用户"""
__tablename__ = "info_user"
id = db.Column(db.Integer, primary_key=True) # 用户编号
nick_name = db.Column(db.String(32), unique=True, nullable=False) # 用户昵称
password_hash = db.Column(db.String(128), nullable=False) # 加密的密码
mobile = db.Column(db.String(11), unique=True, nullable=False) # 手机号
avatar_url = db.Column(db.String(256)) # 用户头像路径
last_login = db.Column(db.DateTime, default=datetime.now) # 最后一次登录时间
is_admin = db.Column(db.Boolean, default=False)
signature = db.Column(db.String(512)) # 用户签名
gender = db.Column( # 订单的状态
db.Enum(
"MAN", # 男
"WOMAN" # 女
),
default="MAN")
# 当前用户收藏的所有新闻
collection_news = db.relationship("News", secondary=tb_user_collection, lazy="dynamic") # 用户收藏的新闻
# 用户所有的粉丝,添加了反向引用followed,代表用户都关注了哪些人
followers = db.relationship('User',
secondary=tb_user_follows,
primaryjoin=id == tb_user_follows.c.followed_id,
secondaryjoin=id == tb_user_follows.c.follower_id,
backref=db.backref('followed', lazy='dynamic'),
lazy='dynamic')
# 当前用户所发布的新闻
news_list = db.relationship('News', backref='user', lazy='dynamic')
def to_dict(self):
resp_dict = {
"id": self.id,
"nick_name": self.nick_name,
"avatar_url": constants.QINIU_DOMIN_PREFIX + self.avatar_url if self.avatar_url else "",
"mobile": self.mobile,
"gender": self.gender if self.gender else "MAN",
"signature": self.signature if self.signature else "",
"followers_count": self.followers.count(),
"news_count": self.news_list.count()
}
return resp_dict
def to_admin_dict(self):
resp_dict = {
"id": self.id,
"nick_name": self.nick_name,
"mobile": self.mobile,
"register": self.create_time.strftime("%Y-%m-%d %H:%M:%S"),
"last_login": self.last_login.strftime("%Y-%m-%d %H:%M:%S"),
}
return resp_dict
@property
def pwd(self):
raise Exception("You can't read")
@pwd.setter
def pwd(self, value):
self.password_hash = generate_password_hash(value)
def check(self, value):
return check_password_hash(self.password_hash, value)
