def user_icon_up_file():
is_login()
file = request.files['picfile']
if g.user and file and allowed_file( file.filename ):
#user = session.query( Users_icon ).filter_by( uid = uid ).first()
#0-9是随机的目录
tmp = str(random.randrange(0,9))
filename = tmp+'/'+str( g.user.id ) + "-" + str( int(time.time()) ) + "." + file.filename.rsplit( '.', 1 )[1]
file.save( os.path.join( app.config['AVATAR_IMAGE_PATH'], filename ) )
try:
ed_icon = Users_icon.query.filter_by( uid = g.user.id ).first()
except:
ed_icon = Users_icon()
ed_icon.image_name = filename
import Image
iconname = str( g.user.id ) + "-"+ str( int(time.time()) ) + file.filename.rsplit( '.', 1 )[1]
im = Image.open( image_path + "/" + filename )
image2 = pic_square( im, 48 )
image2.save( os.path.join( app.config['AVATAR_PATH'], filename ) )
ed_user = User.query.filter_by( id = g.user.id ).first()
ed_user.avatar = filename
db.session.commit()
flash(u"图片上传成功,请编辑头像。", "success")
#清除缓存
cache.delete('session_login_uid_'+str(session['user_id']))
return redirect(url_for("account.user_icon") )
def user_icon():
is_login()
if request.method == 'POST':
xyh = request.form['imgpos'].split('_')
ed_icon = Users_icon.query.filter_by( uid = g.user.id ).first()
ed_icon.x = x = int(xyh[0])
ed_icon.y = y = int(xyh[1])
ed_icon.h = h = int(xyh[2])
db.session.commit()
#处理图片并保存
import Image
im = Image.open( app.config['AVATAR_IMAGE_PATH'] + "/" + ed_icon.image_name )
box = (x,y,x+h,y+h)
#裁剪图片
image = im.crop(box)
#缩略图片
image2 = pic_square( image, 48)
del image
tmp = str(random.randrange(0,9))
filename = tmp+'/'+str( g.user.id ) + "-" + str( int(time.time()) ) + "." + ed_icon.image_name.rsplit( '.', 1 )[1]
image2.save( os.path.join( app.config['AVATAR_PATH'], filename ) )
#更新用户资料
ed_user = User.query.filter_by( id = g.user.id ).first()
ed_user.avatar = filename
db.session.commit()
flash(u"头像编辑成功。", "success")
#清除缓存
cache.delete('session_login_uid_'+str(session['user_id']))
d = {}
ed_icon = Users_icon.query.filter_by( uid = g.user.id ).first()
d['icon_image_url'] = "avatar/image/" + ed_icon.image_name
d['icon_x'] = ed_icon.x
d['icon_y'] = ed_icon.y
d['icon_h'] = ed_icon.h
return render_template( 'account/user_icon.html',**d)
def change_password():
is_login()
user = None
if g.user:
user = User.query.filter_by( id = g.user.id ).first()
elif 'activation_key' in request.values:
user = User.query.filter_by(
activation_key=request.values['activation_key']).first()
if user is None:
abort(403)
form = ChangePasswordForm(activation_key=user.activation_key)
if form.validate_on_submit():
user.password = form.password.data
user.activation_key = None
db.session.commit()
#登出
session.pop('user_id', None)
flash(u"密码修改成功,请重新登录。", "success")
#清除缓存
cache.delete('session_login_uid_'+str(session['user_id']))
return redirect(url_for("account.login"))
return render_template("account/change_password.html", form=form)
def namecard():
is_login()
form = EditNameCardForm(g.user)
if form.validate_on_submit():
userinfo = User.query.filter_by( id = g.user.id ).first()
form.populate_obj(userinfo)
db.session.commit()
flash(u'资料已经更新', "success")
#清除缓存
cache.delete('session_login_uid_'+str(session['user_id']))
return redirect(url_for("account.namecard"))
return render_template("account/edit_namecard.html", form=form)
def notice_read(username,notice_id):
peopleinfo = User.query.username_get_info(username)
viewname = 'notece'
msg = User_Message.query.get_or_404(notice_id)
if msg.unread == 1:
user = User.query.get_or_404(g.user.id)
user.unread_message = user.unread_message - 1
#清除缓存
cache.delete('session_login_uid_'+str(session['user_id']))
msg.unread = 0
db.session.commit()
return render_template("people/read_notice.html",peopleinfo=peopleinfo,\
viewname=viewname,msg=msg)
def login():
form = LoginForm(login=request.args.get("login", None),
next=request.args.get("next", None))
# TBD: ensure "next" field is passed properly
if form.validate_on_submit():
user, authenticated = User.query.authenticate(form.login.data,form.password.data)
if user and authenticated:
session['user_id'] = user.id
flash(u"欢迎回来", "success")
next_url = form.next.data
if not next_url or next_url == request.path:
next_url = url_for('frontend.index')
#清除缓存
cache.delete('session_login_uid_'+str(session['user_id']))
return redirect(next_url)
else:
time.sleep(3)#安全性延时
flash(u"对不起,登陆出错", "error")
return render_template("account/login.html", form=form)
