def authCheck(self, username, password, req):
with Session() as session:
user = models.getUserByName(session, username)
if not user or user and not user.password:
return
if ("t" in list(req.params.keys()) and
"s" in list(req.params.keys())):
sum = hashlib.md5()
sum.update(user.password.encode("utf-8"))
sum.update(req.params["s"].encode("utf-8"))
if sum.hexdigest() == req.params["t"]:
# Stash the user for easy access
req.authed_user = user
return req.authed_user.roles
else:
return
elif password.startswith("enc:"):
try:
decode_hex = codecs.getdecoder("hex_codec")
password = decode_hex(password[4:])[0]
password = password.decode("utf-8")
except:
return
if user and password == user.password:
# Stash the user for easy access
req.authed_user = user
return req.authed_user.roles
评论列表
文章目录