python开发-权限管理初试
数据库设计
groups表 ----- 存储组信息(组id,组名)
userinfo表 ---- 存储用户信息 (用户id,用户名,密码,组id) ,跟groups表做了外键关联
permisson表----权限表 (权限id,能适应权限的信息,权限对应的函数名,权限对应函数名所在的模块名)
user_to_permisson表----组对应权限表 (id,组id,权限id),与groups表和permisson表做外键关联
应遵循
CREATE table groups( gid INT primary key auto_increment, gname varchar(30))ENGINE = INNODB charset=utf8; CREATE TABLE userinfo( uid INT primary key auto_increment, username varchar(20) not null, passwd varchar(30) not null, groups_id INT not NULL, CONSTRAINT fk_userinfo_groups foreign key userinfo(groups_id) references groups(gid) )ENGINE = INNODB charset=utf8; CREATE table permisson( pid INT PRIMARY KEY auto_increment, func varchar(20) not null, module varchar(30) not null)ENGINE = INNODB charset=utf8; CREATE TABLE user_to_permisson( uid INT primary KEY auto_increment, group_id INT not NULL, permisson_id INT not NULL, KEY fk_u_g (group_id), KEY fk_u_p (permisson_id), CONSTRAINT fk_u_g FOREIGN KEY user_to_permisson(group_id) REFERENCES groups(gid), CONSTRAINT fk_u_p FOREIGN KEY user_to_permisson(permisson_id) REFERENCES permisson(pid) )ENGINE = INNODB charset=utf8; INSERT INTO groups(gname) VALUES('超级管理员'),('普通用户') INSERT INTO userinfo(username,passwd,groups_id) VALUES ('root',password('123'),1),('xieys',password('123'),2) INSERT INTO permisson() ALTER TABLE permisson add msg varchar(30) not null AFTER pid INSERT INTO permisson(msg,func,module) values ('添加用户','add','src.action'), ('查看用户','get','src.action'), ('添加组','addgroup','src.action') INSERT INTO user_to_permisson(group_id,permisson_id) VALUES (1,1),(1,2),(1,3),(2,2); ALTER TABLE userinfo modify passwd varchar(40) NOT NULL UPDATE userinfo set passwd=md5('123')
import os,sys BASEDIR = os.path.dirname(os.path.dirname(__file__)) sys.path.append(BASEDIR) from src import server if __name__ == '__main__': server.main()
USER_PERMISSON = {} USERINFO_LS = {} DBCONN = { "host":"172.16.0.70", "user":'xieys', 'password': '123', 'db':'auth', 'charset':'utf8' }
import hashlib def md5(passwd): data = hashlib.md5() data.update(passwd) return data.hexdigest()
import pymysql from conf import setting class DbConnection: def __init__(self): self.conn = pymysql.connect(**setting.DBCONN) def create_cur(self): return self.conn.cursor(cursor=pymysql.cursors.DictCursor)
from src.sql.groups import Groups from src.sql.userinfo import UserInfo from lib.md5 import md5 def addgroup(): gname = input("请输入组名:") g = Groups() if not g.exist(gname): g.add(gname) print("%s组添加成功!" % gname) else: print("该组已存在!") g.conn.close() def add(): uname = input("请输入用户名:") passwd = input("请输入密码:") g = Groups() group_id = input("请输入组ID:%s" % g.fatch_all()) g.conn.close() passwd = md5(passwd.encode('utf8')) u = UserInfo() if u.add(uname,passwd,group_id): print("%s 用户添加成功!" % uname) else: print("用户添加失败") u.conn.close() def get(): u = UserInfo() print(u.get_all()) u.conn.close
from lib.DbConnection import DbConnection class Groups: def __init__(self): self.db = DbConnection() self.conn = self.db.conn def add(self,gname): self.cursor = self.db.create_cur() sql = """ insert into groups(gname) values (%s) """ self.cursor.execute(sql,gname) self.conn.commit() self.cursor.close() def exist(self,gname): self.cursor = self.db.create_cur() sql = """ select 1 from groups where gname = %s """ r = self.cursor.execute(sql,gname) self.cursor.close() return r def fatch_all(self): self.cursor = self.db.create_cur() sql = """ select * from groups """ self.cursor.execute(sql) data = self.cursor.fetchall() self.cursor.close() return data
from lib.DbConnection import DbConnection from conf import setting from lib.md5 import md5 class UserInfo: def __init__(self): self.db = DbConnection() self.conn = self.db.conn def exist(self,username): self.cursor = self.db.create_cur() sql = """ select 1 from userinfo where username = %s """ r = self.cursor.execute(sql,username) return r def login(self,username,passwd): self.cursor = self.db.create_cur() sql = """ select uid,username,groups_id from userinfo where username = %s and passwd = %s """ # print(passwd) r = self.cursor.execute(sql,[username,passwd]) data = self.cursor.fetchone() self.cursor.close() self.conn.close() return data def add(self,username,passwd,group_id=2): self.cursor = self.db.create_cur() sql = """ insert into userinfo(username,passwd,groups_id) values(%s,%s,%s) """ r = self.cursor.execute(sql,[username,passwd,group_id]) self.conn.commit() self.cursor.close() return r def get_all(self): self.cursor = self.db.create_cur() sql = """ select uid,username from userinfo """ self.cursor.execute(sql) data = self.cursor.fetchall() self.cursor.close() return data def find_pass(self,user,passwd): self.cursor = self.db.create_cur() sql = """ UPDATE userinfo set passwd = %s where username = %s """ r=self.cursor.execute(sql,[passwd,user]) print(r) self.conn.commit() self.cursor.close()
from lib.DbConnection import DbConnection class UserToPermisson: def __init__(self): self.db = DbConnection() self.conn = self.db.conn def get_user_p(self,gid): self.cursor = self.db.create_cur() sql = """ SELECT msg,func,module from user_to_permisson left JOIN permisson ON user_to_permisson.permisson_id = permisson.pid where user_to_permisson.group_id = %s """ r = self.cursor.execute(sql,gid) return self.cursor.fetchall()
from src.sql.userinfo import UserInfo from conf import setting from src.sql.usertopermisson import UserToPermisson from lib.md5 import md5 import importlib def view(): print("欢迎%s登录权限管理系统!" % setting.USERINFO_LS['username']) while True: for index,item in enumerate(setting.USER_PERMISSON,1): print(index,item['msg']) print('q',"退出") choice = input("请选择:").strip().lower()[0] if choice == 'q': setting.USERINFO_LS = {} setting.USER_PERMISSON = {} return if choice.isdigit() and int(choice) != 0 and (int(choice) <= len(setting.USER_PERMISSON)): module = setting.USER_PERMISSON[int(choice)-1]['module'] func_name = setting.USER_PERMISSON[int(choice)-1]['func'] m = importlib.import_module(module) func = getattr(m,func_name) func() else: print("选择有误!") def login(): user = input("username:") passwd = input("password:") passwd = md5(passwd.encode('utf8')) u = UserInfo() result = u.login(user,passwd) if result: setting.USERINFO_LS = result u_p = UserToPermisson() setting.USER_PERMISSON = u_p.get_user_p(result["groups_id"]) view() else: print("账号密码错误!") def regiest(): uname = input("username:") passwd = input("password:") passwd = md5(passwd.encode('utf8')) u = UserInfo() if not u.exist(uname): u.add(uname,passwd) print("添加成功!") else: print("用户已存在!") u.conn.close() def findpass(): user = input("请输入用户名:") u = UserInfo() if not u.exist(user): print("该用户不存在") else: passwd = input("请输入新密码:") passwd = md5(passwd.encode('utf8')) u.find_pass(user,passwd) u.conn.close() def main(): msg = """ 1 登录 2 注册 3 找回密码 q 退出 请选择: """ f_dic = { '1' : login, '2' : regiest, '3' : findpass } while True: choice = input(msg).strip().lower()[0] if choice == 'q':return if choice not in f_dic: print("选择有误,请重新选择!") continue f_dic[choice]()
浙公网安备 33010602011771号