为什么我的实体没有出现在devserver上,即使它们出现在仪表板上?

时间:2013-07-04 10:37:50

标签: python google-app-engine google-cloud-datastore

这是一个多部分的问题,我一直在使用Google App Engine开发博客,为了方便起见,我为包含主题和文字的博客创建了一个数据存储类。我想练习实现用户注册,因此为包含用户名,密码哈希,电子邮件和创建日期的用户创建了另一个类

  • 这两个类在应用程序引擎上创建实体并显示在仪表板上,但我的Users表(因为它的NoSql实现我不知道该怎么称呼它)不会显示在我的本地devserver上仪表板

  • 当我在Users表上运行查询时,即使用户名从未注册过,它也会返回true。

  • 我还实现了一个登录功能,它总是返回用户名或密码无效的消息,当然只有当它们无效时才会出现,我知道当我输入它们时它们不会出现。< / p>

这是我的数据存储区实体代码

class Blog(db.Model):
subject = db.StringProperty(required = True)
blog = db.TextProperty(required = True)
time_created = db.DateTimeProperty(auto_now_add = True)
day_created = db.DateProperty(auto_now_add = True)

class Users(db.Model):
username = db.StringProperty(required = True)
pw_hash = db.StringProperty(required = True)
emai = db.StringProperty()
user_since = db.DateTimeProperty(auto_now_add = True)

@classmethod
def by_id(cls, uid):
    return Users.get_by_id(uid)

@classmethod
def by_name(cls, name):
    user = Users.all().filter('name = ', name).get()
    return user

@classmethod
def register(cls, name, pw, email = None):
    pw_h = make_pw_h(name, pw)
    return Users(username = name,
                pw_hash = pw_h,
                email = email)

@classmethod
def login(cls, name, pw):
    u = cls.by_name(name)
    if u and check_pw(pw):
        return u

这是注册新用户的功能

class Signup(BaseHandler):
def get(self):
    self.render("signup-form.html")

def post(self):
    have_error = False
    self.username = self.request.get('username')
    self.password = self.request.get('password')
    self.verify = self.request.get('verify')
    self.email = self.request.get('email')

    params = dict(username = self.username,
                  email = self.email)

    if not valid_username(self.username):
        params['error_username'] = "That's not a valid username."
        have_error = True

    if not valid_password(self.password):
        params['error_password'] = "That wasn't a valid password."
        have_error = True
    elif self.password != self.verify:
        params['error_verify'] = "Your passwords didn't match."
        have_error = True

    if not valid_email(self.email):
        params['error_email'] = "That's not a valid email."
        have_error = True

    if have_error:
        self.render('signup-form.html', **params)
    else:
        u = db.GqlQuery("SELECT username FROM Users WHERE username='self.username'")
        if u:
            msg = "User already exists"
            self.render('signup-form.html', error_username = msg)
        else:
            sing_user = Users.register(self.username, self.password, self.email)
            sing_user.put()

            #self.login(sing_user)


            self.set_sec_coki('user-id', sing_user.key().id())

            self.redirect('/welcome')

这是在

中记录用户的功能
class Login(BlogHandler):
def get(self):
    self.render('login-form.html')

def post(self):
    username = self.request.get('username')
    password = self.request.get('password')

    u = User.login(username, password)
    if u:
        self.login(u)
        self.redirect('/blog')
    else:
        msg = 'Invalid login'
        self.render('login-form.html', error = msg)

这是我的BaseHandler函数,它继承了webapp2类

class BaseHandler(webapp2.RequestHandler):
    def render(self, template, **kw):
        self.response.out.write(render_str(template, **kw))

    def write(self, *a, **kw):
        self.response.out.write(*a, **kw)

    def set_sec_coki(self, name, val):
        sec_val = make_secure_val(str(val))
        self.response.headers.add_header('Set-Cookie', "%s=%s; Path=/" % (name,sec_val))

    def read_secure_cookie(self, name):
        cookie_val = self.request.cookies.get(name)
        return cookie_val and check_secure_val(cookie_val)

    def login(self, user):
        self.set_secure_cookie('user_id', str(user.key().id()))

    def logout(self):
        self.response.headers.add_header('Set-Cookie', 'user_id=; Path=/')

这些是我用来散列和加密cookie和密码的小函数

def make_secure_val(val):
    return '%s|%s' % (val, hmac.new(secret, val).hexdigest())

def check_secure_val(sec_val):
    val = sec_val.split('|')[0]
    if sec_val == make_secure_val(val):
        return val

def make_salt():
    chars = string.ascii_uppercase + string.ascii_lowercase + string.digits
    return ''.join(random.choice(chars) for x in range(5))

def make_pw_h(name, pw, salt = None):
    if salt is None:
        salt = make_salt()
    return "%s,%s" % (salt, hashlib.sha256(name + pw + salt).hexdigest())

def check_pw_h(name, pw, h):
    h = h.split(',')[1]
    return h == make_pw_h(name, pw, h)

1 个答案:

答案 0 :(得分:1)

您获取用户的查询错误:

此:

u = db.GqlQuery("SELECT username FROM Users WHERE username='self.username'")

应该改为这样:

u = db.GqlQuery("SELECT username FROM Users WHERE username = :1", self.username)

查看docs