Beispiel #1
0
def update():
    token = request.args["token"]
    key = "csrf_token_{}".format(token)
    username = request.form["username"]
    user = User.one(username=username)
    log("reset update:", user.id, cache.get(key))
    new_ps = request.form['password']
    if cache.exists(key) and int(cache.get(key)) == user.id:
        user.password = User.salted_password(new_ps)
        user.save()
        return redirect('/')
    else:
        return abort(401)
Beispiel #2
0
def replied_topic(user_id):
    # O(k)+O(m*n)
    # rs = Reply.all(user_id=user_id)
    # ts = []
    # for r in rs:
    #     t = Topic.one(id=r.topic_id)
    #     ts.append(t)
    # return ts
    #
    #     sql = """
    # select * from topic
    # join reply on reply.topic_id=topic.id
    # where reply.user_id=1
    # """
    k = 'replied_topic_{}'.format(user_id)
    if cache.exists(k):
        v = cache.get(k)
        ts = json.loads(v)
        return ts
    else:
        rs = Reply.all(user_id=user_id)
        ts = []
        for r in rs:
            t = Topic.one(id=r.topic_id)
            ts.append(t)

        v = json.dumps([t.json() for t in ts])
        cache.set(k, v)

        return ts
Beispiel #3
0
def reset():
    token = request.form.get('token')
    password = request.form.get('password')
    if cache.exists(token):
        u = User.one(id=cache.get(token))
        u.reset_password(password)
        cache.delete(token)
        return redirect(url_for('index.index'))
    else:
        redirect('404')
Beispiel #4
0
def update():
    form = request.form.to_dict()
    password = form['password']
    token = form['token']
    if cache.exists(token):
        u = User.one(id=int(cache.get(token)))
        form['password'] = User.salted_password(password)
        form['updated_time'] = int(time.time())
        form.pop('token')
        User.update(u.id, **form)
    return redirect(url_for('.index'))
Beispiel #5
0
def reset_update(token):
    if token is not None:
        user_id = cache.get(token)
        log('user_id:', user_id)
        u = User.one(id=int(user_id))
        new_password = request.form['password']

        u.update(id=user_id, password=u.salted_password(new_password))
        log('重置密码成功')

    return redirect(url_for('.index'))
Beispiel #6
0
def reset_view():
    token = request.args["token"]
    key = "csrf_token_{}".format(token)
    if cache.exists(key):
        user_id = cache.get(key)
        cache.delete(key)
        user = User.one(id=user_id)
        token = new_csrf_token(user)
        return render_template('reset.html', token=token, user=user)
    else:
        return abort(401)
Beispiel #7
0
def created_topic(user_id):
    k = 'created_topic_{}'.format(user_id)
    if cache.exists(k):
        v = cache.get(k)
        ts = json.loads(v)
        ts = [Topic(**t) for t in ts]
        return ts
    else:
        ts = Topic.all(user_id=user_id)
        v = json.dumps([t.json() for t in ts])
        cache.set(k, v)
        return ts
Beispiel #8
0
def update(token):
    k = 'csrf_tokens_{}'.format(token)
    v = cache.get(k)
    uid = v
    if uid is None:
        abort(401)

    u = User.one(id=uid)
    new_pass = request.form['password']
    u.update(id=u.id, password=User.salted_password(new_pass))

    return redirect(url_for('login.login'))
Beispiel #9
0
def update():
    form = request.form.to_dict()
    log('form', form)
    token = str(request.referrer).split('=')[-1]
    # log('token', token, request.referrer, csrf_tokens)
    # user_id = csrf_tokens[token]
    user_id = cache.get(token)
    u = User.one(id=user_id)
    new_password = User.salted_password(form['password'])
    User.update(u.id, password=new_password)

    return render_template('login.html')
Beispiel #10
0
def reset_post(token):
    u_id = json.loads(cache.get(token))
    password = request.form['password']
    if u_id is not None and len(password) > 2:
        u = User.one(id=u_id)
        u.password = u.salted_password(password)
        User.update(u_id, password=u.password)
        flash('重置密码成功!')
        return redirect(url_for('index.index'))
    else:
        flash('密码格式错误!')
        return redirect(url_for('.reset', token=token))
Beispiel #11
0
def replied_topic(user_id):
    k = 'replied_topic_{}'.format(user_id)
    if cache.exists(k):
        v = cache.get(k)
        ts = json.loads(v)
        return ts
    else:
        rs = Reply.all(user_id=user_id)
        ts = []
        for r in rs:
            t = Topic.one(id=r.topic_id)
            ts.append(t)

        v = json.dumps([t.json() for t in ts])
        cache.set(k, v)

        return ts
Beispiel #12
0
def reset():
    token = request.args.get('token', None)
    try:
        u_id = json.loads(cache.get(token))
    except:
        return abort(Response('无效的token验证码!'))
    if u_id is not None:
        u = User.one(id=u_id)
        # 删除使用后的token
        cache.delete(token)
        # 生成新的token
        token = new_csrf_token(u)
        # 帮用户进行登陆
        session_id = session_user(u.id)
        res = current_app.make_response(render_template('forget/reset.html', token=token))
        res.set_cookie('cache_session', session_id)
        return res
    else:
        return abort(Response('无效的token验证码!'))
Beispiel #13
0
def replied_topic(user_id):
    # 避免ORM的n+1问题
    k = 'replied_topic_{}'.format(user_id)
    if cache.exists(k):
        v = cache.get(k)
        ts = json.loads(v, object_hook=topichook)
        return ts
    else:
        # 调用SQLAlchemy join拼接table;filter查询;order_by排序;desc()倒序
        # 解决ORM的n+1问题
        ts = Topic.query.join(Reply, Reply.topic_id == Topic.id)\
                        .filter(Reply.user_id == user_id)\
                        .order_by(Reply.created_time.desc())\
                        .all()
        # rs = Reply.all(user_id=user_id)
        # ts = []
        # for r in rs:
        #     t = Topic.one(id=r.topic_id)
        #     ts.append(t)
        # ts = sorted(ts, key=lambda x: x.updated_time, reverse=True)
        v = json.dumps([t.json() for t in ts])
        cache.set(k, v)
        return ts