def handle(self, *args, **options): path = options['path'][0] list_multiple = [] list_doesnt_exist = [] with open(path, 'r') as csvfile: spamreader = csv.reader(csvfile, delimiter=' ') list_wrong_date = [] for row in spamreader: full_name = row[0] full_name_list = full_name.split(" ") first_name = full_name_list[0].lower() last_name = ' '.join(full_name_list[1:]).lower() username = row[1].split("@")[0].lower() if username == 'contato': username = first_name + last_name.split(" ")[0] email = row[1].lower() password = '******' user = User(first_name=first_name, last_name=last_name, username=username, email=email, password=password) user.save()
def register(): params = request.get_json() mobile = params.get('mobile') email = params.get('email') nickname = params.get('nickname') sex = params.get('sex') password = params.get('password') if not (email and password): return JSONResponse.error('email and password must be provided') else: user = User.query.filter_by(email=email).first() if user: return JSONResponse.error('username has already registered!') user = User( mobile=mobile, email=email, nickname=nickname, sex=sex, password=generate_password_hash(password) ) user.save() return JSONResponse.success()
def post(self): args = self.parser.parse_args() username = args.get('username') password = args.get('password') if username and password: try: user = User() user.username = username user.password = password db.session.add(user) db.session.commit() except: db.session.rollback()
def register(): if request.method == 'GET': return render_template('register.html') else: username = request.values.get('username') password = request.values.get('password') user = User.query.filter(User.username == username).first() if user: return render_template('register.html', msg='用户存在,请重新注册') else: user = User(username=username) user.password = password db.session.add(user) db.session.commit() return render_template('register.html', msg='注册成功')
def post(self, request): form, error = JsonParser( Argument('id', type=int, required=False), Argument('username', help='请输入登录名'), Argument('password', help='请输入密码'), Argument('nickname', help='请输入姓名'), Argument('role_ids', type=list, default=[]), Argument('wx_token', required=False), ).parse(request.body) if error is None: user = User.objects.filter(username=form.username, deleted_by_id__isnull=True).first() if user and (not form.id or form.id != user.id): return json_response(error=f'已存在登录名为【{form.username}】的用户') role_ids, password = form.pop('role_ids'), form.pop('password') if form.id: user = User.objects.get(pk=form.id) user.update_by_dict(form) else: user = User.objects.create( password_hash=User.make_password(password), created_by=request.user, **form) user.roles.set(role_ids) user.set_perms_cache() return json_response(error=error)
def patch(self, request): form, error = JsonParser( Argument('old_password', required=False), Argument('new_password', required=False), Argument('nickname', required=False, help='请输入昵称'), Argument('wx_token', required=False), ).parse(request.body) if error is None: print(form) if form.old_password and form.new_password: if request.user.type == 'ldap': return json_response(error='LDAP账户无法修改密码') if len(form.new_password) < 6: return json_response(error='请设置至少6位的新密码') if request.user.verify_password(form.old_password): request.user.password_hash = User.make_password( form.new_password) request.user.token_expired = 0 request.user.save() return json_response() else: return json_response(error='原密码错误,请重新输入') if form.nickname is not None: request.user.nickname = form.nickname if form.wx_token is not None: request.user.wx_token = form.wx_token request.user.save() return json_response(error=error)
def authenticate_credentials(payload, request): user_id = payload.get('user_id', '') role = payload.get('role', '') if '' in (user_id, role): msg = _('Invalid payload.') raise exceptions.AuthenticationFailed(msg) if role == 'commerce': v = cache.hget('user:user', user_id) try: obj = json.loads(v) user = User.init_from_dict(obj) except json.JSONDecodeError: return None elif role == 'proxy': try: user = Proxy.objects.get(id=user_id) except Proxy.DoesNotExist: return None else: try: user = Channel.objects.get(id=user_id) except Channel.DoesNotExist: return None return user
def handle(self, *args, **options): User.objects.create( username=options['u'], nickname=options['n'], password_hash=User.make_password(options['p']), is_supper=options['s'], ) self.stdout.write(self.style.SUCCESS('创建成功'))
def login(): code = request.values.get("code") if code is None: # Authorize the client from SSO, redirect as a query with "code" sl = "?".join([config.sso_params.get("cootek.authorize"), urlencode(config.authorize_params)]) return redirect(sl) else: config.token_params.update({"code": code}) ret = requests.post(config.sso_params.get("cootek.token"), data=config.token_params) token = json.loads(ret.text) if "access_token" in token and "id_token" in token: # Analyse username from id_token user_info = token['id_token'].split(".")[1] missing_padding = 4 - len(user_info) % 4 if missing_padding: user_info += '=' * missing_padding temp_user_info = base64.b64decode(user_info) user_info = json.loads(bytes.decode(temp_user_info)) username = user_info['upn'].split("@")[0] sid = user_info['sid'].split("@")[0] token = uuid.uuid4().hex user = User.query.filter_by(username=username).first() if not user: user = User() user.username = username user.access_token = token user.token_expired = time.time() + 8 * 60 * 60 user.save() login_user(user) return app.send_static_file('index.html') else: sl = "?".join([config.sso_params.get("cootek.authorize"), urlencode(config.authorize_params)]) return redirect(sl)
def handle(self, *args, **options): action = options['action'] if action == 'add': if not all((options['u'], options['p'], options['n'])): self.echo_error('缺少参数') self.print_help() elif User.objects.filter(username=options['u'], deleted_by_id__isnull=True).exists(): self.echo_error(f'已存在登录名为【{options["u"]}】的用户') else: User.objects.create( username=options['u'], nickname=options['n'], password_hash=User.make_password(options['p']), is_supper=options['s'], ) self.echo_success('创建用户成功') elif action == 'enable': if not options['u']: self.echo_error('缺少参数') self.print_help() user = User.objects.filter(username=options['u'], deleted_by_id__isnull=True).first() if not user: return self.echo_error(f'未找到登录名为【{options["u"]}】的账户') user.is_active = True user.save() cache.delete(user.username) self.echo_success('账户已启用') elif action == 'reset': if not all((options['u'], options['p'])): self.echo_error('缺少参数') self.print_help() user = User.objects.filter(username=options['u'], deleted_by_id__isnull=True).first() if not user: return self.echo_error(f'未找到登录名为【{options["u"]}】的账户') user.password_hash = User.make_password(options['p']) user.save() self.echo_success('账户密码已重置') else: self.echo_error('未识别的操作') self.print_help()
def post(): form, error = JsonParser('nickname', 'username', 'password', Argument('role_id', type=int, help='请选择角色'), Argument('email', nullable=True), Argument('mobile', nullable=True)).parse() if error is None: username_is_exist = User.query.filter_by(username=form.username).first() if username_is_exist: return json_response(message="用户名已存在") User(**form).save() return json_response() return json_response(message=error)
def post(self, request): form, error = JsonParser( Argument('username', help='请输入登录名'), Argument('password', help='请输入密码'), Argument('nickname', help='请输入姓名'), Argument('role_id', type=int, help='请选择角色'), ).parse(request.body) if error is None: form.password_hash = User.make_password(form.pop('password')) form.created_by = request.user User.objects.create(**form) return json_response(error=error)
def create(self, validated_data): profile_data = validated_data.pop('profile') password = validated_data.pop('password') user = User(**validated_data) user.set_password(password) user.save() UserProfile.objects.create(user=user, **profile_data) return user
def post(self, request): form, error = JsonParser( Argument('username', help='请输入登录名'), Argument('password', help='请输入密码'), Argument('nickname', help='请输入姓名'), Argument('role_id', type=int, help='请选择角色'), ).parse(request.body) if error is None: if User.objects.filter(username=form.username, deleted_by_id__isnull=True).exists(): return json_response(error=f'已存在登录名为【{form.username}】的用户') form.password_hash = User.make_password(form.pop('password')) form.created_by = request.user User.objects.create(**form) return json_response(error=error)
def handle(self, *args, **options): if User.objects.filter(username=options['u'], deleted_by_id__isnull=True).exists(): return self.stderr.write( self.style.ERROR(f'已存在登录名为【{options["u"]}】的用户')) User.objects.create( username=options['u'], nickname=options['n'], password_hash=User.make_password(options['p']), is_supper=options['s'], ) self.stdout.write(self.style.SUCCESS('创建成功')) self.stdout.write( self.style.WARNING( '废弃警告,v3.0.0之后将会移除该命令,请使用 python manage.py user add 来代替!'))
def patch(self, request): form, error = JsonParser( Argument('id', type=int, help='请指定操作对象'), Argument('username', required=False), Argument('password', required=False), Argument('nickname', required=False), Argument('role_id', required=False), Argument('is_active', type=bool, required=False), ).parse(request.body, True) if error is None: if form.get('password'): form.token_expired = 0 form.password_hash = User.make_password(form.pop('password')) User.objects.filter(pk=form.pop('id')).update(**form) return json_response(error=error)
def authenticate(self, **credentials): try: username = credentials['username'] password = credentials['password'] except KeyError: return None t = int(time.time()) salt = User._get_user_salt(login_name=username, t=t) if salt is None: return None user = User._get_user(login_name=username, login_password=password, t=t, salt=salt) if user is None: return None # 缓存用户信息 cache.hset('user:user', user.user_id, json.dumps(user._raw_objects)) return user
def patch(self, request): form, error = JsonParser( Argument('id', type=int, help='参数错误'), Argument('password', required=False), Argument('is_active', type=bool, required=False), ).parse(request.body) if error is None: user = User.objects.get(pk=form.id) if form.password: user.token_expired = 0 user.password_hash = User.make_password(form.pop('password')) if form.is_active is not None: user.is_active = form.is_active cache.delete(user.username) user.save() return json_response(error=error)
def create_admin(): from apps.account.models import User admin = User.query.filter_by(is_supper=True).first() if admin: user_input = input('已存在管理员账户 <%s>,需要重置密码[y|n]?' % admin.username) if user_input.strip() == 'y': password = check_input_password(getpass('请输入新的管理员账户密码:')) admin.password = password admin.token_expired = 0 admin.save() print('重置管理员密码成功!') else: username = check_input_username(input('请输入管理员账户登录名:')) password = check_input_password(getpass('请输入管理员账户密码:')) User(username=username, password=password, nickname='管理员', is_supper=True).save() print('创建管理员账户成功!')
def patch(self, request): form, error = JsonParser( Argument('id', type=int, help='请指定操作对象'), Argument('username', required=False), Argument('password', required=False), Argument('nickname', required=False), Argument('role_id', required=False), Argument('is_active', type=bool, required=False), ).parse(request.body, True) if error is None: if form.get('password'): form.token_expired = 0 form.password_hash = User.make_password(form.pop('password')) if User.objects.filter( username=form.username, deleted_by_id__isnull=True).exclude(id=form.id).exists(): return json_response(error=f'已存在登录名为【{form.username}】的用户') User.objects.filter(pk=form.pop('id')).update(**form) return json_response(error=error)
def handle(self, *args, **options): # https://pypi.org/project/names/ User.objects.exclude(is_superuser=True).delete() result = [] cities = [] for name in ('Kiev', 'Odessa', 'Lviv', 'Dnipro'): city, _ = City.objects.get_or_create(name=name) cities.append(city) for i in range(10_000): username = str(uuid4()) user = User( username=username, email=username + '@example.com', age=random.randint(12, 100), salary=random.randint(100, 1000), city=random.choice(cities), ) result.append(user)
def handle(self, *args, **options): User.objects.exclude(username='******').delete() result = [] # fill list cities = [] for name in ('Kiev', 'Odessa', 'Lviv', 'Dnipro'): city, _ = City.objects.get_or_create(name=name) cities.append(city) for i in range(10_000): a = str(i) username = names.get_first_name() + a user = User( username=username, email=username + '@example.com', age=random.randint(18, 65), first_name=names.get_first_name(), last_name=names.get_last_name(), city=random.choice(cities), ) result.append(user)
def create_user_by_parameters(parameters): """ Method for create a User model Object populated with a dict of parameters. :param parameters: Dict of values, this key are( first_name last_name username email password is_active ) :return: populated user """ user = User() user.first_name = parameters['first_name'] user.last_name = parameters['last_name'] user.username = parameters['username'] user.email = parameters['email'].lower() user.password = make_password(parameters['password']) user.is_active = parameters['is_active'] return user
def patch(self, request): form, error = JsonParser( Argument('old_password', required=False), Argument('new_password', required=False), Argument('nickname', required=False), ).parse(request.body, True) if error is None: if form.get('old_password') and form.get('new_password'): if len(form.new_password) < 6: return json_response(error='请设置至少6位的新密码') if request.user.verify_password(form.old_password): request.user.password_hash = User.make_password( form.new_password) request.user.token_expired = 0 request.user.save() else: return json_response(error='原密码错误,请重新输入') if form.get('nickname'): request.user.nickname = form.nickname request.user.save() return json_response(error=error)
def createsuperuser(username, password): if not all([username, password]): print("参数不足,请指定用户名和密码") from apps.account.models import User user = User() user.nick_name = username user.mobile = username user.password = password user.is_admin = True try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() print(e) return "添加成功"
def post(self, request, *args, **kwargs): email = request.data.get('email', None) first_name = request.data.get('first_name', None) middle_name = request.data.get('middle_name', None) last_name = request.data.get('last_name', None) password = request.data.get('password', None) name = request.data.get('institution', None) logo = request.data.get('logo', None) phone_number = request.data.get('phone_number', None) domain = request.data.get('domain', None) gps = request.data.get('gps', None) try: User.objects.get(username=email) return Response({'detail': 'Email already exist'}, status=HTTP_400_BAD_REQUEST) except User.DoesNotExist: pass try: School.objects.get(domain=domain) return Response( { 'detail': "There's already a school with this domain registered" }, status=HTTP_400_BAD_REQUEST) except School.DoesNotExist: pass inst_count = School.objects.count() inst_count = '{0:04}'.format(inst_count) user_count = User.objects.filter( school_id=institution_id(name, inst_count)).count() user_count = '{0:04}'.format(user_count) user = User( username=email, email=email, first_name=first_name, middle_name=middle_name, last_name=last_name, slug="-".join((slugify(first_name), slugify(last_name))), user_type='SAD', account_id=account_id(name, first_name, last_name, user_count), school_id=institution_id(name, inst_count), ) user.set_password(password) school = School( name=name, logo=logo, gps_address=gps, phone_number=phone_number, slug=slugify(name), created_by=user, domain=domain, school_id=institution_id(name, inst_count), ) user.save() school.save() user = UserSerializer(user, context={'request': request}) school = SchoolSerializer(school, context={'request': request}) return Response({ 'user': user.data, 'institution': school.data }, status=HTTP_201_CREATED)
def login(): form, error = JsonParser('username', 'password', 'type').parse() if error is None: if form.type == 'ldap': ldap_login = ldap.bind_user(form.username, form.password) if ldap_login: token = uuid.uuid4().hex # user = User.query.filter_by(username=form.username).filter_by(type='LDAP').first() user = User.query.filter_by(username=form.username).first() if not user: form.nickname = form.username form.type = 'LDAP' form.role_id = 1 form.is_supper = False is_supper = False nickname = form.username permissions = [] User(**form).save() else: user.access_token = token user.token_expired = time.time() + 80 * 60 * 6000 is_supper = user.is_supper, nickname = user.nickname, permissions = list(user.permissions) user.save() return json_response({ 'token': token, 'is_supper': is_supper, 'nickname': nickname, 'permissions': permissions }) else: return json_response(message='用户名或密码错误,确认输入的是LDAP的账号密码?') else: user = User.query.filter_by(username=form.username).filter_by( type='系统用户').first() if user: if user.is_active: if user.verify_password(form.password): login_limit.pop(form.username, None) token = uuid.uuid4().hex user.access_token = token user.token_expired = time.time() + 80 * 60 * 6000 user.save() return json_response({ 'token': token, 'is_supper': user.is_supper, 'nickname': user.nickname, 'permissions': list(user.permissions) }) else: login_limit[form.username] += 1 if login_limit[form.username] >= 3: user.update(is_active=False) return json_response(message='用户名或密码错误,连续3次错误将会被禁用') else: return json_response(message='用户已被禁用,请联系管理员') elif login_limit[form.username] >= 3: return json_response(message='用户已被禁用,请联系管理员') else: login_limit[form.username] += 1 return json_response(message='用户名不存在,请确认用户名')
def signup_school(request): # ss1 = None try: ss1 = request.session['ss1'] except: return redirect(reverse_lazy('account:register-user')) context = {'errors': '', 'ss1': ss1} if request.method == 'POST': name = request.POST.get('institution', None) logo = request.FILES.get('logo', None) phone_number = request.POST.get('phone_number', None) domain = request.POST.get('domain', None) gps = request.POST.get('gps', None) try: School.objects.get(domain=domain) context[ 'errors'] = "There's already a school with this domain registered" return render(request, 'account/signup2.html', context, status=400) except School.DoesNotExist: pass try: User.objects.get(username=ss1['email']) context['errors'] = "This email has already been registered" return render(request, 'account/signup2.html', context) except User.DoesNotExist: pass inst_count = School.objects.count() + 1 inst_count = '{0:04}'.format(inst_count) user_count = User.objects.filter( school_id=institution_id(name, inst_count)).count() + 1 user_count = '{0:04}'.format(user_count) user = User( username=ss1['email'], email=ss1['email'], first_name=ss1['first_name'], middle_name=ss1['middle_name'], last_name=ss1['last_name'], slug="-".join( (slugify(ss1['first_name']), slugify(ss1['last_name']))), user_type='SAD', account_id=account_id(name, ss1['first_name'], ss1['last_name'], user_count), school_id=institution_id(name, inst_count), ) user.set_password(ss1['password']) school = School( name=name, logo=logo, gps_address=gps, phone_number=phone_number, slug=slugify(name), created_by=user, domain=domain, school_id=institution_id(name, inst_count), ) user.save() school.save() request.session['ss1'] = {} return redirect('login') return render(request, 'account/signup2.html', context)
import apps.configuration.models import apps.deploy.models import apps.assets.models import apps.schedule.models import apps.setting.models # init database db.drop_all() db.create_all() with open(os.path.join(BASE_DIR, 'libs', 'sql', 'permissions.sql'), 'r') as f: line = f.readline() while line: if line.startswith('INSERT INTO'): db.engine.execute(line.strip()) line = f.readline() # create default admin username = '******' password = '******' User(username=username, password=password, nickname='Administrator', is_supper=True).save() print('*' * 80) print('Database name: ' + (os.getenv('MYSQL_DATABASE') or 'spug')) print('Database username: '******'MYSQL_USER') or 'spuguser')) print('Database password: '******'MYSQL_PASSWORD') or 'spugpwd')) print('Login web site account: %s %s' % (username, password)) print('*' * 80)
def staffs(request): staff = Staff.objects.filter(school_id=request.user.school_id) head = None try: head = User.objects.get(user_type='SH', school_id=request.user.school_id) except User.DoesNotExist: pass context = { 'object_list': staff, 'head': head, 'errors': '' } if request.method == 'POST': form = request.POST.get('form') if form == 'head': fname = request.POST.get('first_name') lname = request.POST.get('last_name') mname = request.POST.get('middle_name') email = request.POST.get('email') try: User.objects.get(username=email, school_id=request.user.school_id) context['errors'] = 'This email already exist' return render(request, 'staff/index.html', context) except User.DoesNotExist:pass uc = User.objects.filter(school_id=request.user.school_id).count() + 1 uc = '{0:04}'.format(uc) inst = School.objects.get(school_id=request.user.school_id) user = User( username=email, email=email, first_name=fname, middle_name=mname, last_name=lname, slug="-".join((slugify(fname), slugify(lname))), user_type='SH', account_id=account_id(inst.name, fname, lname, uc), school_id=request.user.school_id ) user.set_password('password') mystaff = Staff( staff_type='SH', first_name=fname, middle_name=mname, last_name=lname, created_by=request.user, slug="-".join((slugify(fname), slugify(lname))), account_activated=True, school_id=request.user.school_id, ) user.save() mystaff.save() return redirect('staff:list') elif form == 'activate': staff_id = request.POST.get('staff') staff_obj = Staff.objects.get(id=staff_id) email = request.POST.get('email') try: User.objects.get(username=email, school_id=staff_obj.school_id) context['errors'] = 'This email already exist' return render(request, 'staff/index.html', context) except User.DoesNotExist:pass uc = User.objects.filter(school_id=request.user.school_id).count() + 1 uc = '{0:04}'.format(uc) inst = School.objects.get(school_id=request.user.school_id) user = User( username=email, email=email, first_name=staff_obj.first_name, middle_name=staff_obj.middle_name, last_name=staff_obj.last_name, slug="-".join((slugify(staff_obj.first_name), slugify(staff_obj.last_name))), user_type=staff_obj.staff_type, account_id=account_id(inst.name, staff_obj.first_name, staff_obj.last_name, uc), school_id=request.user.school_id, profile=staff_obj.profile ) user.set_password('password') staff_obj.account_activated = True user.save() staff_obj.user = user staff_obj.save() return redirect('staff:list') return render(request, 'staff/index.html', context)