def deleteInfo():
if 'g-recaptcha-response' in request.args:
g_recaptcha_response = request.args['g-recaptcha-response']
if recaptcha.verify(g_recaptcha_response):
u_mail = request.args['mail']
u_password = request.args['password']
if database.is_exist(u_mail):
d_status, d_password = database.query_password(u_mail)
if d_status:
if database.check_password(
u_password,
base64.b64decode(d_password).decode()):
id_status, u_id = database.find_ID(u_mail)
if id_status:
database.delete(u_id)
status, msg = database.reformat_id()
if status:
return {'status': True, 'data': '重新排序成功'}
else:
return {'status': True, 'data': msg}
return {'status': True, 'data': '删除成功'}
else:
return {'status': False, 'data': '服务器错误'}
else:
return {'status': False, 'data': '密码错误'}
else:
return {'status': False, 'data': '服务器错误'}
else:
{'status': False, 'data': '邮箱不存在'}
else:
return errors.recaptcha_verify_failed
else:
return errors.recaptcha_not_found
def update():
if 'g-recaptcha-response' in request.form:
g_recaptcha_response = request.form['g-recaptcha-response']
if recaptcha.verify(g_recaptcha_response):
u_name = request.form['name']
u_mail = request.form['mail']
u_password = request.form['password']
origin_mail = request.form['originMail']
origin_password = request.form['originPassword']
has_new_password = False if u_password == '' else True
# 过滤异常请求,分为更改了密码和未更改密码
if has_new_password: # 更改了密码
u_repeat_password = request.form['repeat-password']
password = u_password if u_password == u_repeat_password else False
if not password:
return redirect(f'/updateInfo.html?msg=输入的密码不相同', 302)
if database.is_exist(origin_mail):
d_status, d_password = database.query_password(origin_mail)
if d_status:
if not database.check_password(
origin_password,
base64.b64decode(d_password).decode()):
return redirect(f'/updateInfo.html?msg=认证失败', 302)
else:
u_password = database.encrypt_password(
u_password.encode()) # 成功
else:
return redirect(f'/updateInfo.html?msg=原密码查询失败', 302)
else:
return redirect(f'/updateInfo.html?msg=邮箱不存在', 302)
else: # 未更改密码
qp_status, p_data = database.query_password(origin_mail)
if qp_status:
# 成功
u_password = base64.b64decode(p_data).decode()
else:
return redirect(f'/updateInfo.html?msg=原密码查询失败', 302)
# 执行 update
u_pubkey = request.form['pubkey']
u_uuid = database.get_u_uuid(u_mail)
u_date = database.get_u_date()
id_status, u_id = database.find_ID(origin_mail)
if id_status:
status, msg = database.update(u_uuid, u_name, u_mail,
u_password, u_pubkey, u_date,
u_id)
if status:
return redirect(f'/searchKey.html?mail={u_mail}&msg=更改成功',
302)
else:
return redirect(f'/searchKey.html?mail={u_mail}&msg={msg}',
302)
else:
return redirect(f'/updateInfo.html?msg=停止你的黑客行为!', 302)
else:
return redirect(f'/updateInfo.html?msg=reCAPTCHA 令牌无效,请尝试刷新页面',
302)
else:
return redirect(f'/updateInfo.html?msg=reCAPTCHA 令牌未找到,停止你的黑客行为!', 302)
def process_image():
content = request.get_json()
recaptcha_token = content.get("token")
if recaptcha_token:
assessment = verify(recaptcha_token)
print("assessment results: {}".format(assessment))
if 'error' not in assessment and assessment.get('tokenProperties').get("action") == recaptcha_action_name and \
assessment.get('score') >= recaptcha_pass_threshold:
response = jsonify(process_request(content))
return response
response = jsonify({"error": "recaptcha assessment failed"})
response.status_code = 403
return response
def submit_notification(event):
body = json.loads(event["body"])
data = get_classutil()
captcha = body["captcha"]
ip = event["requestContext"]["identity"]["sourceIp"]
if not recaptcha.verify(captcha, ip):
return send_error("CaptchaFailed", 400)
if len(body["sections"]) > MAX_COURSES:
return send_error("TooManySections", 400)
for i in body["sections"]:
if not validate_section(data, i):
return send_error("InvalidSection", 400)
# commit to dynamodb
add_to_db(body["email"], body["sections"])
return send_response(True)
def addNew():
g_recaptcha_response = request.form['g-recaptcha-response']
if recaptcha.verify(g_recaptcha_response):
u_name = request.form['name']
u_mail = request.form['mail']
password = request.form['password'] if request.form[
'password'] == request.form['repeat-password'] else False
if not password:
return redirect(f'/newKey.html?msg=输入的密码不相同', 302)
u_password = database.encrypt_password(
request.form['password'].encode()) # BASE64 交给 database.py
u_pubkey = request.form['pubkey']
u_uuid = database.get_u_uuid(u_mail)
u_date = database.get_u_date()
status, msg = database.add_new(u_uuid, u_name, u_mail, u_password,
u_pubkey, u_date)
if status:
return redirect(f'/searchKey.html?mail={u_mail}&msg=添加成功', 302)
else:
return redirect(f'/searchKey.html?mail={u_mail}&msg={msg}', 302)
else:
return redirect(f'/newKey.html?msg=reCAPTCHA 令牌无效', 302)
def verifyPassword():
if 'g-recaptcha-response' in request.args:
g_recaptcha_response = request.args['g-recaptcha-response']
if recaptcha.verify(g_recaptcha_response):
u_mail = request.args['mail']
u_password = request.args['password']
if database.is_exist(u_mail):
d_status, d_password = database.query_password(u_mail)
if d_status:
if database.check_password(
u_password,
base64.b64decode(d_password).decode()):
return {'status': True, 'data': '认证成功'}
else:
return {'status': False, 'data': '认证失败'}
else:
return {'status': False, 'data': '服务器错误'}
else:
return {'status': False, 'data': '邮箱不存在'}
else:
return errors.recaptcha_verify_failed
else:
return errors.recaptcha_not_found