Merge branch 'master' of https://github.com/TaleLin/lin-cms-flask

Author: colorful3

add_super.py

@@ -2,19 +2,30 @@
     :copyright: © 2019 by the Lin team.
     :license: MIT, see LICENSE for more details.
 """
+from sqlalchemy.exc import IntegrityError
 
 from app.app import create_app
 from lin.db import db
 from lin.core import User
 
-app = create_app()
-with app.app_context():
-    with db.auto_commit():
-        # 创建一个超级管理员
-        user = User()
-        user.nickname = 'super'
-        user.password = '123456'
-        user.email = '1234995678@qq.com'
-        # admin 2 的时候为超级管理员，普通用户为 1
-        user.admin = 2
-        db.session.add(user)
+
+def main():
+    app = create_app()
+    with app.app_context():
+        with db.auto_commit():
+            # 创建一个超级管理员
+            user = User()
+            user.nickname = 'super'
+            user.password = '123456'
+            user.email = '1234995678@qq.com'
+            # admin 2 的时候为超级管理员，普通用户为 1
+            user.admin = 2
+            db.session.add(user)
+
+
+if __name__ == '__main__':
+    try:
+        main()
+        print("新增超级管理员成功")
+    except Exception as e:
+        raise e

app/api/cms/__init__.py

@@ -13,11 +13,9 @@ def create_cms():
     from .admin import admin_api
     from .user import user_api
     from .log import log_api
-    from .notify import notify_api
     from .test import test_api
     admin_api.register(cms)
     user_api.register(cms)
     log_api.register(cms)
-    notify_api.register(cms)
     test_api.register(cms)
     return cms

app/api/cms/notify.py

@@ -7,15 +7,16 @@
 from operator import and_
 
 from flask import jsonify
-from flask_jwt_extended import create_access_token, jwt_refresh_token_required, get_jwt_identity, get_current_user, \
-    create_refresh_token
+from flask_jwt_extended import create_access_token, get_jwt_identity, get_current_user, \
+    create_refresh_token, verify_jwt_refresh_token_in_request
 from lin.core import manager, route_meta, Log
 from lin.db import db
 from lin.exception import NotFound, Success, Failed, RepeatException, ParameterException
 from lin.jwt import login_required, admin_required, get_tokens
 from lin.log import Logger
 from lin.redprint import Redprint
 
+from app.libs.error_code import RefreshException
 from app.validators.forms import LoginForm, RegisterForm, ChangePasswordForm, UpdateInfoForm
 
 user_api = Redprint('user')
@@ -100,8 +101,13 @@ def get_information():
 
 @user_api.route('/refresh', methods=['GET'])
 @route_meta(auth='刷新令牌', module='用户', mount=False)
-@jwt_refresh_token_required
 def refresh():
+
+    try:
+        verify_jwt_refresh_token_in_request()
+    except Exception:
+        return RefreshException()
+
     identity = get_jwt_identity()
     if identity:
         access_token = create_access_token(identity=identity)
@@ -110,6 +116,7 @@ def refresh():
             'access_token': access_token,
             'refresh_token': refresh_token
         })
+
     return NotFound(msg='refresh_token未被识别')
 
 

app/api/cms/user.py

@@ -12,6 +12,9 @@
 # 令牌配置
 JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=1)
 
+# 屏蔽 sql alchemy 的 FSADeprecationWarning
+SQLALCHEMY_TRACK_MODIFICATIONS = False
+
 # 插件模块暂时没有开启，以下配置可忽略
 # plugin config写在字典里面
 PLUGIN_PATH = {

app/config/setting.py

@@ -10,3 +10,9 @@ class BookNotFound(APIException):
     code = 404  # http状态码
     msg = '没有找到相关图书'  # 异常信息
     error_code = 80010  # 约定的异常码
+
+    
+class RefreshException(APIException):
+    code = 401
+    msg = "refresh token 获取失败"
+    error_code = 10100

app/libs/error_code.py

@@ -2,7 +2,7 @@
     :copyright: © 2019 by the Lin team.
     :license: MIT, see LICENSE for more details.
 """
-
+from lin import manager
 from wtforms import DateTimeField, PasswordField, FieldList, IntegerField, StringField
 from wtforms.validators import DataRequired, Regexp, EqualTo, length, Optional, NumberRange
 import time
@@ -27,6 +27,11 @@ class RegisterForm(Form):
         Optional()
     ])
 
+    def validate_group_id(self, value):
+        exists = manager.group_model.get(id=value.data)
+        if not exists:
+            raise ValueError('分组不存在')
+
 
 # 登陆校验
 class LoginForm(Form):

app/validators/forms.py

@@ -24,6 +24,8 @@
 
 10070 禁止操作
 
+10100 refresh token 获取失败
+
 20000 werkzeug 中的HTTP EXCEPTION，error_code统一为1007，前端应读取msg
 
 ## 项目使用的状态码

code.md

@@ -10,7 +10,7 @@ Flask-WTF==0.14.2
 idna==2.6
 itsdangerous==1.1.0
 Jinja2==2.10
-Lin-CMS==0.1.1a4
+Lin-CMS==0.1.1a6
 MarkupSafe==1.1.1
 pipfile==0.0.2
 PyJWT==1.7.1
@@ -21,3 +21,4 @@ toml==0.10.0
 urllib3==1.22
 Werkzeug==0.14.1
 WTForms==2.2.1
+oss2==2.6.1