def __setitem__(self, k, v):
value = json.dumps(v, default=json_default_trans)
expire = min(v.get('expire') or 0, 10 * 60)
try:
redis_pool.set(k, value, expire)
except:
redis_pool.set(k, value)
redis_pool.expire(k, expire)
def password_error(self, userid, password, opuid=None):
'''密码错误'''
log.debug('[userid:%s opuid:%s password:%s]错误密码' %
(userid, opuid, password))
if self.pwderr_conf.get('can_many_pwderr'): return
redis_key = self.pwderr_fmt.format(userid=userid,
opuid=opuid or 0,
udid=self.req.input().get('udid'))
if not redis_pool.get(redis_key):
redis_pool.set(redis_key, 1, self.pwderr_conf['time'])
else:
redis_pool.incr(redis_key)
def GET(self):
params = self.req.input()
for i in ('client_id', 'redirect_uri'):
if not params.get(i):
raise ParamError('%s is must' % i)
if params['client_id'] != config.LST_CONF['client_id']:
raise MacError('client_id 错误')
code = str(uuid.uuid1())
rkey = config.LST_CONF['code_fmt'].format(code)
redis_pool.set(
rkey, self.user.userid, config.LST_CONF['code_expire']
)
redirect_url = url_add_query(params['redirect_uri'], {'code': code})
log.debug('redirect_url:%s' % redirect_url)
self.redirect(redirect_url)
def is_new_card(userid, customer_id, src):
'''将用户设置为新用户'''
is_new = 0
TIME_LIMIT = 24 * 3600
with get_connection('qf_mchnt') as db:
member = db.select_one('member',
where={
'customer_id': customer_id,
'userid': userid,
},
fields='id, ctime') or []
key = '_mchnt_api_is_new_{}_{}_{}__'.format(
userid, customer_id, src)
now = int(time.time())
if (not member or (now - member['ctime'] < TIME_LIMIT
and not redis_pool.get(key))):
is_new = 1
redis_pool.set(key, 1, TIME_LIMIT)
return is_new
class Send(BaseHandler):
'''
获取验证码, 发验证码
'''
_base_err = '获取验证码失败'
def check_signup(self, mobile):
'''
登录验证码验证
'''
# 验证手机号是否注册
user = apcli.user_by_mobile(mobile)
if user:
raise ParamError('该手机已经注册')
# 验证登录信息
if self.check_login():
self._groupid = self.get_groupid()
# saleman_mobile
d = self.req.input()
if (not getattr(self, '_groupid', None) and 'saleman_mobile' in d
and d['saleman_mobile']):
user = apcli.user_by_mobile(d['saleman_mobile'])
if user:
self._groupid = user['groupid']
def check_reset_pwd(self, mobile):
user = apcli.user_by_mobile(mobile)
if not user:
raise ParamError('该手机号还未注册')
self._groupid = user['groupid']
def check_customer(self, mobile):
'''
消费者补充会员休息
'''
enuserid = self.req.input().get('enuserid')
if enuserid:
try:
userid = hids.decode(enuserid)[0]
except:
if not is_valid_int(enuserid):
return
userid = int(enuserid)
user = apcli('findUserBriefById', userid)
if user:
self._groupid = user.groupid
@login
def check_modify_username_grant(self, mobile):
userid = int(self.user.userid)
user = apcli_ex('findUserBriefById', userid)
if not user:
raise ParamError('商户不存在')
if mobile != user.mobile:
raise ParamError('账号信息错误, 联系客服更改')
self._groupid = user.groupid
@login
def check_modify_username_verify(self, mobile):
with get_connection_exception('qf_core') as db:
new_user = db.select_one('auth_user', where={'mobile': mobile})
if new_user:
raise ParamError('该手机已经注册')
userid = int(self.user.userid)
user = apcli_ex('findUserBriefById', userid)
if not user:
raise ParamError('商户不存在')
self._groupid = user.groupid
def check(self, mobile, mode):
if not is_valid_mobile(mobile):
raise ParamError('手机号码不合法')
if mode not in PRESMS_FMT:
raise ParamError('发送验证码模式错误')
# 验证ip是否受限
ip = self.req.clientip()
log.debug('ip:%s' % ip)
if redis_pool.sismember('_mchnt_api_sms_code_ip_', ip):
raise ParamError('ip受限')
# 手机号码是不是频繁获取验证码
key = '_mchnt_api_sms_code_get_{}_'.format(mobile)
if int(redis_pool.get(key)
or 0) >= config.SMS_CODE_RULE['count_limit']:
raise ParamError('该手机号频繁获取验证码')
self._rkey = key
self._groupid = None
if mode.startswith('signup'):
self.check_signup(mobile)
elif callable(getattr(self, 'check_' + mode, None)):
getattr(self, 'check_' + mode)(mobile)
@dec_check()
def GET(self):
d = {k: v.strip() for k, v in self.req.input().iteritems()}
mobile = d.get('mobile')
mode = d.get('mode', 'signup')
# 验证信息
self.check(mobile, mode)
# 获取验证码
try:
smsexpires = config.SMS_CODE_RULE.get('expires', 6 * 50)
smslength = config.SMS_CODE_RULE.get('length', 6)
smsmode = config.SMS_CODE_RULE.get('mode', 1)
limit_time = config.SMS_CODE_RULE.get('limit_time', 60)
code = thrift_callex(config.CAPTCHA_SERVERS,
CaptchaServer,
'captcha_get_ex',
ucode=mobile,
src=config.CAPTCHA_SRC,
expires=smsexpires,
length=smslength,
mode=smsmode,
limit_time=limit_time)
log.debug('获取验证码:%s' % code)
except CaptchaException, e:
raise ParamError(str(e.respmsg))
# 短信内容
groupid = getattr(self, '_groupid', None)
if 'group' in d and d['group']:
group = d['group']
else:
group = redis_pool.get(
'_mchnt_api_group_{}_'.format(groupid)) or 'hjsh'
log.debug('groupid:{} group:{}'.format(groupid, group))
fmt = PRESMS_FMT.get(mode + '_' + group, PRESMS_FMT[mode])
csinfo = get_qd_conf_value(
userid=None, mode=None, key='csinfo', groupid=groupid) or {}
csinfo = {k: unicode_to_utf8_ex(v) for k, v in csinfo.iteritems()}
content = fmt.format(code=code, **csinfo)
log.debug('content:%s' % content)
# 短信tag
tags = config.PRESMS_TAG
tag = tags.get(groupid or group, tags['hjsh'])
r, respmsg = smscli.sendSms(mobile=mobile,
content=str(content),
tag=tag,
source='merchant',
target=mode)
if not r:
log.debug('调起发送短信服务失败:%s' % respmsg)
raise ThirdError('发送验证码失败')
# 设置获取验证码限制
if not redis_pool.exists(self._rkey):
redis_pool.set(self._rkey, 0, config.SMS_CODE_RULE['expire_limit'])
redis_pool.incr(self._rkey)
return self.write(success({}))