登录接口和支付接口
1、登录接口 login
(1)通过user表查询username password是否匹配
(2)登陆成功,产生 seesionid, 1102a245b59af9c783bb8c18948ef96d# username+当前时间戳+salt
(3)seesionid 存到redis里面,key的失效时间
2、支付接口,
(1)支付需要登录
post请求,参数:seesionId,money
(2)连接数据库获取表信息
user id username password balance
a、session不正确,提示请登录
b、校验money的类型
c、balance必须大于等于money才可以支付
tools.py
import pymysql,hashlib,time def op_mysql(sql,many=True): db_info = {'user': 'xxx', 'password': '123456', 'host': '127.0.0.1', 'db': 'xxx', 'port': 3306, 'charset': 'utf8', 'autocommit': True} conn = pymysql.connect(**db_info) # 建立连接 cur = conn.cursor(pymysql.cursors.DictCursor) # 游标 cur.execute(sql) # 执行sql语句,insert 、update 、delete if many: result = cur.fetchall() else: result = cur.fetchone() # {''} cur.close() conn.close() return result def md5(s,salt=''): new_s = str(s) + salt m = hashlib.md5(new_s.encode()) return m.hexdigest() def check_money(s): s = str(s) if s.isdigit(): return True if s.count('.') == 1: left, right = s.split('.') if left.isdigit() and right.isdigit(): return True return False
登录支付接口
import flask,json,tools,time,redis server = flask.Flask(__name__) @server.route('/api/login',methods=['post','get']) def login(): username = flask.request.values.get('username') password = flask.request.values.get('password') if not username or not password: data = {'error': '-1', 'msg': '失败', 'data': '用户名密码不能为空'} else: new_password = tools.md5(password) sql = 'select username,password from user where username="%s";'%(username) result = tools.op_mysql(sql,False) if result: if new_password == result.get('password'): sessionid = tools.md5(username+str(time.time()),salt='fds32#$@') user_session ={'sessionid':sessionid,'username':username} data = {'error': '0', 'msg': '成功', 'data': user_session} r = redis.Redis(host='127.0.0.1', password='123456', port=6379, db=0, decode_responses=True) r.set('session:%s'%sessionid,result.get('username'),60*5) else: data = {'error': '-2', 'msg': '失败', 'data': '密码错误'} else: data = {'error': '-3', 'msg': '失败', 'data': '用户名不存在'} return json.dumps(data, ensure_ascii=False) data1 = {'error': '0', 'msg': '成功', 'data': '扣款成功'} data2 = {'error': '-4', 'msg': '失败', 'data': '余额不足'} data3 = {'error': '-5', 'msg': '失败', 'data': '请开通支付功能'} def check_balance(username,money): check_balance_sql='select balance from user where username="%s";'%username result = tools.op_mysql(check_balance_sql) balance = float(result[0].get('balance')) if balance: #校验balance是否为空 if balance>=float(money): #校验余额是否大于支付金额 new_balance = balance-float(money) update_balance_sql = 'update user set balance="%s" where username="%s";'%(new_balance,username) tools.op_mysql(update_balance_sql) return data1 else: return data2 else: return data3 @server.route('/api/pay',methods=['post']) def pay(): sessionId = flask.request.values.get('sessionId') money = flask.request.values.get('money') r = redis.Redis(host='127.0.0.1', password='123456', port=6379, db=0, decode_responses=True) sessioninfo='session:'+sessionId username = r.get(sessioninfo) if username: #如果用户名不为空,则代表取到session,用户处于登录状态 if tools.check_money(money): #校验支付的金额是否为正数 data =check_balance(username,money) #校验余额是否足够 else: data = {'error': '-7', 'msg': '失败', 'data': '输入的金额必须为正数'} else: #用户名为空,则代表未取到session,用户未登录 data = {'error': '-6', 'msg': '失败', 'data': '用户未登录'} return json.dumps(data, ensure_ascii=False) server.run(port = 8000,debug=True)
posted on 2019-11-06 13:55 cathyg1234 阅读(345) 评论(0) 收藏 举报
浙公网安备 33010602011771号