数据库设计
groups表 ----- 存储组信息(组id,组名)
userinfo表 ---- 存储用户信息 (用户id,用户名,密码,组id) ,跟groups表做了外键关联
permisson表----权限表 (权限id,能适应权限的信息,权限对应的函数名,权限对应函数名所在的模块名)
user_to_permisson表----组对应权限表 (id,组id,权限id),与groups表和permisson表做外键关联
应遵循
CREATE table groups(
gid INT primary key auto_increment,
gname varchar(30))ENGINE = INNODB charset=utf8;
CREATE TABLE userinfo(
uid INT primary key auto_increment,
username varchar(20) notnull,
passwd varchar(30) notnull,
groups_id INTnotNULL,
CONSTRAINT fk_userinfo_groups foreign key userinfo(groups_id) references groups(gid)
)ENGINE= INNODB charset=utf8;
CREATE table permisson(
pid INT PRIMARY KEY auto_increment,
func varchar(20) notnull,
module varchar(30) not null)ENGINE = INNODB charset=utf8;
CREATE TABLE user_to_permisson(
uid INT primary KEY auto_increment,
group_id INTnotNULL,
permisson_id INTnotNULL,
KEY fk_u_g (group_id),
KEY fk_u_p (permisson_id),
CONSTRAINT fk_u_g FOREIGN KEY user_to_permisson(group_id) REFERENCES groups(gid),
CONSTRAINT fk_u_p FOREIGN KEY user_to_permisson(permisson_id) REFERENCES permisson(pid)
)ENGINE= INNODB charset=utf8;
INSERT INTO groups(gname) VALUES('超级管理员'),('普通用户')
INSERT INTO userinfo(username,passwd,groups_id) VALUES ('root',password('123'),1),('xieys',password('123'),2)
INSERT INTO permisson()
ALTER TABLE permisson add msg varchar(30) notnull AFTER pid
INSERT INTO permisson(msg,func,module) values
('添加用户','add','src.action'),
('查看用户','get','src.action'),
('添加组','addgroup','src.action')
INSERT INTO user_to_permisson(group_id,permisson_id) VALUES (1,1),(1,2),(1,3),(2,2);
ALTER TABLE userinfo modify passwd varchar(40) NOT NULL
UPDATE userinfo set passwd=md5('123')
importos,sys
BASEDIR= os.path.dirname(os.path.dirname(__file__))
sys.path.append(BASEDIR)from src importserverif __name__ == '__main__':
server.main()
bin\app.py程序入口
USER_PERMISSON ={}
USERINFO_LS={}
DBCONN={"host":"172.16.0.70","user":'xieys','password': '123','db':'auth','charset':'utf8'}
conf\setting.py 程序配置信息
importhashlibdefmd5(passwd):
data=hashlib.md5()
data.update(passwd)return data.hexdigest()
lib\md5.py 公共方法(MD5方法)
importpymysqlfrom conf importsettingclassDbConnection:def __init__(self):
self.conn= pymysql.connect(**setting.DBCONN)defcreate_cur(self):return self.conn.cursor(cursor=pymysql.cursors.DictCursor)
lib\DcConnection.py 公共类(连接数据库,创建cursor)
from src.sql.groups importGroupsfrom src.sql.userinfo importUserInfofrom lib.md5 importmd5defaddgroup():
gname= input("请输入组名:")
g=Groups()if notg.exist(gname):
g.add(gname)print("%s组添加成功!" %gname)else:print("该组已存在!")
g.conn.close()defadd():
uname= input("请输入用户名:")
passwd= input("请输入密码:")
g=Groups()
group_id= input("请输入组ID:%s" %g.fatch_all())
g.conn.close()
passwd= md5(passwd.encode('utf8'))
u=UserInfo()ifu.add(uname,passwd,group_id):print("%s 用户添加成功!" %uname)else:print("用户添加失败")
u.conn.close()defget():
u=UserInfo()print(u.get_all())
u.conn.close
src\auth\action.py 业务访问方法
from lib.DbConnection importDbConnectionclassGroups:def __init__(self):
self.db=DbConnection()
self.conn=self.db.conndefadd(self,gname):
self.cursor=self.db.create_cur()
sql= """insert into groups(gname) values (%s)"""self.cursor.execute(sql,gname)
self.conn.commit()
self.cursor.close()defexist(self,gname):
self.cursor=self.db.create_cur()
sql= """select 1 from groups where gname = %s"""r=self.cursor.execute(sql,gname)
self.cursor.close()returnrdeffatch_all(self):
self.cursor=self.db.create_cur()
sql= """select * from groups"""self.cursor.execute(sql)
data=self.cursor.fetchall()
self.cursor.close()return data
src\sql\groups.py groups表的数据库操作,相当于数据逻辑层
from lib.DbConnection importDbConnectionfrom conf importsettingfrom lib.md5 importmd5classUserInfo:def __init__(self):
self.db=DbConnection()
self.conn=self.db.conndefexist(self,username):
self.cursor=self.db.create_cur()
sql= """select 1 from userinfo where username = %s"""r=self.cursor.execute(sql,username)returnrdeflogin(self,username,passwd):
self.cursor=self.db.create_cur()
sql= """select uid,username,groups_id from userinfo where username = %s and passwd = %s"""
#print(passwd)
r =self.cursor.execute(sql,[username,passwd])
data=self.cursor.fetchone()
self.cursor.close()
self.conn.close()returndatadef add(self,username,passwd,group_id=2):
self.cursor=self.db.create_cur()
sql= """insert into userinfo(username,passwd,groups_id) values(%s,%s,%s)"""r=self.cursor.execute(sql,[username,passwd,group_id])
self.conn.commit()
self.cursor.close()returnrdefget_all(self):
self.cursor=self.db.create_cur()
sql= """select uid,username from userinfo"""self.cursor.execute(sql)
data=self.cursor.fetchall()
self.cursor.close()returndatadeffind_pass(self,user,passwd):
self.cursor=self.db.create_cur()
sql= """UPDATE userinfo set passwd = %s where username = %s"""r=self.cursor.execute(sql,[passwd,user])print(r)
self.conn.commit()
self.cursor.close()
src\sql\userinfo userinfo表的数据库操作,相当于数据逻辑层
from lib.DbConnection importDbConnectionclassUserToPermisson:def __init__(self):
self.db=DbConnection()
self.conn=self.db.conndefget_user_p(self,gid):
self.cursor=self.db.create_cur()
sql= """SELECT msg,func,module from user_to_permisson
left JOIN permisson ON user_to_permisson.permisson_id = permisson.pid
where user_to_permisson.group_id = %s"""r=self.cursor.execute(sql,gid)return self.cursor.fetchall()
src\sql\usertopermisson usertopermisson表的数据库操作,相当于数据逻辑层
from src.sql.userinfo importUserInfofrom conf importsettingfrom src.sql.usertopermisson importUserToPermissonfrom lib.md5 importmd5importimportlibdefview():print("欢迎%s登录权限管理系统!" % setting.USERINFO_LS['username'])whileTrue:for index,item in enumerate(setting.USER_PERMISSON,1):print(index,item['msg'])print('q',"退出")
choice= input("请选择:").strip().lower()[0]if choice == 'q':
setting.USERINFO_LS={}
setting.USER_PERMISSON={}return
if choice.isdigit() and int(choice) != 0 and (int(choice) <=len(setting.USER_PERMISSON)):
module= setting.USER_PERMISSON[int(choice)-1]['module']
func_name= setting.USER_PERMISSON[int(choice)-1]['func']
m=importlib.import_module(module)
func=getattr(m,func_name)
func()else:print("选择有误!")deflogin():
user= input("username:")
passwd= input("password:")
passwd= md5(passwd.encode('utf8'))
u=UserInfo()
result=u.login(user,passwd)ifresult:
setting.USERINFO_LS=result
u_p=UserToPermisson()
setting.USER_PERMISSON= u_p.get_user_p(result["groups_id"])
view()else:print("账号密码错误!")defregiest():
uname= input("username:")
passwd= input("password:")
passwd= md5(passwd.encode('utf8'))
u=UserInfo()if notu.exist(uname):
u.add(uname,passwd)print("添加成功!")else:print("用户已存在!")
u.conn.close()deffindpass():
user= input("请输入用户名:")
u=UserInfo()if notu.exist(user):print("该用户不存在")else:
passwd= input("请输入新密码:")
passwd= md5(passwd.encode('utf8'))
u.find_pass(user,passwd)
u.conn.close()defmain():
msg= """1 登录
2 注册
3 找回密码
q 退出
请选择:"""f_dic={'1': login,'2': regiest,'3': findpass
}whileTrue:
choice=input(msg).strip().lower()[0]if choice == 'q':return
if choice not inf_dic:print("选择有误,请重新选择!")continuef_dic[choice]()
src\server.py 所有用户都能访问的方法