Beispiel #1
0
    def post(self):
        """用户注册"""
        form = request.form
        mobile = form.get('id', '')
        smscode = form.get('smscode', '')

        # 校验手机和短信验证码
        res = checkMobileAndCode(mobile, smscode)
        if not res[0]:
            return res[1], 233

        if User.query.get(mobile) is not None:
            return {'message': '手机号码已被注册'}, 233

        password = form.get('password', '')
        if not checkPassword(password):
            return {'message': '密码非法'}, 233

        pay_password = form.get('payPassword', '')
        if not checkPassword(pay_password):
            return {'message': '支付密码非法'}, 233

        user = User()
        user.id = mobile
        user.password = MD5(password)
        user.payPassword = MD5(pay_password)
        db.session.add(user)
        db.session.commit()
        login_user(user, True)
        return {'message': '注册成功'}, 200
Beispiel #2
0
    def patch(self):
        """修改支付密码(需登录)"""
        form = request.form
        payPassword = form.get('payPassword', '')
        new_payPassword = form.get('new_payPassword', '')

        if MD5(payPassword) != current_user.payPassword:
            return {'message': '支付密码错误'}, 233

        if not checkPassword(new_payPassword):
            return {'message': '新的支付密码非法'}, 233

        current_user.payPassword = MD5(new_payPassword)
        db.session.commit()

        return {'message': '支付密码修改成功'}, 200
Beispiel #3
0
    def validate_username(self, field):
        """登录校验"""
        user = self.get_user()

        if user is None:
            raise ValidationError('Invalid user')
        if MD5(self.password.data) != user.password:
            raise ValidationError('Invalid password')
Beispiel #4
0
    def patch(self):
        """修改密码(需登录)"""
        form = request.form
        password = form.get('password', '')
        new_password = form.get('new_password', '')

        if MD5(password) != current_user.password:
            return {'message': '密码错误'}, 233

        if not checkPassword(new_password):
            return {'message': '新的密码非法'}, 233

        if not current_user.isAdmin:
            current_user.password = MD5(new_password)
            db.session.commit()
            logout_user()

        return {'message': '密码修改成功,请重新登录'}, 200
Beispiel #5
0
    def post(self):
        """用户登入"""
        form = request.form
        mobile = form.get('id', '')

        user = User.query.get(mobile)
        if user is None:
            return {'message': '用户不存在'}, 233

        password = form.get('password', '')
        if user.password != MD5(password):
            return {'message': '密码错误'}, 233

        login_user(user, True)
        return {'message': '登录成功'}, 200
Beispiel #6
0
    def patch(self, id):
        """订单支付(需登录)"""
        if current_user.payPassword != MD5(request.form.get('payPassword',
                                                            '')):
            return {'message': '支付密码错误'}, 233

        order = current_user.orders.filter_by(id=id).first()
        if order is None:
            return {'message': '订单不存在'}, 233

        if order.status:
            return {'message': '订单已支付'}, 233

        seats = order.seat
        price = len(seats) * Screen.query.get(order.screenId).price
        order.totalPrice = price
        coupon = None
        cid = request.form.get('couponId', None)
        if cid is not None:
            coupon = current_user.coupons.filter_by(id=cid).first()
            if coupon is None:
                return {'message': '优惠券不存在'}, 233
            if coupon.status:
                return {'message': '优惠券已使用'}, 233
            if price < coupon.condition:
                return {'message': '未达到优惠金额'}, 233
            price = max(0, price - coupon.discount)

        if current_user.money < price:
            return {'message': '账户余额不足'}, 233

        if coupon is not None:
            coupon.status = True
            order.couponId = coupon.id

        order.status = True
        order.payPrice = price
        current_user.money -= price

        db.session.commit()
        return {'message': '支付成功', 'coupon': new_coupon()}, 200