def post(self):
post_data = self.request.body
try:
data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
try:
action = data.get("action", None)
if not action:
self.write_response({}, 0, _err='没有相应的操作方法!')
elif action == 'reset_pwd':
email = self.get_session('current_email')
if not email:
self.write_response({},0,'账户获取出错,无法修改密码!')
return
try:
old_password = data.get('old_password',None)
new_password = data.get('new_password',None)
repeat_password = data.get('repeat_password',None)
if not(old_password and new_password and repeat_password):
self.write_response({},0,'获取密码信息出错!')
return
front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
front_user_doc = yield front_user_coll.find_one({'user_email': email})
password = front_user_doc['password']
if not password:
self.write_response({}, 0, '密码验证获取错误!')
return
if not front_user_doc:
self.write_response({}, 0, '此邮箱账户未注册使用!')
return
if make_password(old_password) != password:
self.write_response({},0,'原密码错误!无法修改密码!')
return
if new_password != repeat_password:
self.write_response({},0,'两次密码输入不一致,无法修改密码')
res = front_user_coll.update_one({'user_email': email},{
'$set':{
'{0}'.format('password'):make_password(new_password)
}
})
if not res:
self.write_response({},0,'密码修改失败!')
self.write_response({})
except Exception as e:
logging.exception(e)
else:
pass
except Exception as e:
logging.exception(e)
def post(self):
post_data = self.request.body
try:
data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
action = data.get('action', None)
if not action:
self.write_response({}, 0, '获取操作失败!')
return
if action == 'reset_pwd':
email = self.get_session("current_email")
old_password = data.get('old_password', None)
new_password = data.get('new_password', None)
repeat_password = data.get('repeat_password', None)
if not (old_password and new_password and repeat_password):
self.write_response({}, 0, '获取密码出错!')
return
if not email:
self.write_response({}, 0, '账户信息异常!')
return
try:
cms_user = CmsUser(email=email)
old_password = make_password(old_password)
new_password = make_password(new_password)
repeat_password = make_password(repeat_password)
if new_password != repeat_password:
self.write_response({}, 0, '两次密码输入不一致!')
return
if old_password == cms_user._password:
res = CmsUser(email=email, raw_password=new_password)
if res.reset_pwd:
self.write_response({})
return
else:
self.write_response({}, 0, '密码修改失败!')
return
else:
self.write_response({}, 0, '原密码错误,无法修改!')
return
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '数据库查询发生异常!')
def post(self):
try:
gt = GeetestLib(GT_ID, GT_KEY)
challenge = self.get_argument(gt.FN_CHALLENGE, "")
validate = self.get_argument(gt.FN_VALIDATE, "")
seccode = self.get_argument(gt.FN_SECCODE, "")
status = int(self.session[gt.GT_STATUS_SESSION_KEY])
user_id = self.session["user_id"]
if status:
verify_res = gt.success_validate(challenge, validate, seccode, user_id)
else:
verify_res = gt.failback_validate(challenge, validate, seccode)
self.session["user_id"] = user_id
if verify_res:
email = self.get_argument("email")
password = self.get_argument("password")
if email and password:
password = make_password(password)
student_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
stu_doc = yield student_coll.find_one({"user_email": email})
if not stu_doc:
msg = '账户不存在,请重新输入或前往注册!'
self.render("front/front_signin.html", msg=msg,action_url = '/signin')
else:
pwd = stu_doc['password']
if password == pwd:
self.session['current_email'] = stu_doc['user_email']
self.session['role'] = stu_doc['role']
self.session['username'] = stu_doc['user_name'] if stu_doc['user_name'] != '' else stu_doc['user_email']
self.redirect("/")
else:
msg = '密码错误,请重新输入!'
self.render("front/front_signin.html", msg=msg, action_url='/signin')
else:
msg = '邮箱或密码值获取错误,请重新输入!'
self.render("front/front_signin.html", msg=msg ,action_url = '/signin')
else:
msg = '验证码验证失败,请重新验证!'
self.render("front/front_signin.html",msg=msg ,action_url = '/signin')
except Exception as e:
print e
logging.exception(e)
self.render("front/front_signin.html", msg=e,action_url = '/signin')
def post(self):
try:
post_data = self.request.body
try:
data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
action = data.get('action', None)
if not action:
self.write_response({}, 0, '获取操作失败!')
return
if action == 'ban':
email = data.get('email', None)
if not email:
self.write_response({}, 0, '邮箱账户获取出错!')
return
try:
cms = CmsUser(email=email, new_status=False)
if cms.ban_cms_user:
self.write_response({})
return
else:
self.write_response({}, 0, '禁用失败!')
return
except Exception as e:
logging.exception(e)
elif action == 'start_use':
email = data.get('email', None)
if not email:
self.write_response({}, 0, '邮箱账户获取出错!')
return
try:
cms = CmsUser(email=email, new_status=True)
if cms.ban_cms_user:
self.write_response({})
return
else:
self.write_response({}, 0, '启用失败!')
return
except Exception as e:
logging.exception(e)
elif action == 'add':
email = data.get('email', None)
password = data.get('password', None)
tel = data.get('tel', None)
permission = data.get('permission', None)
username = data.get('username', None)
if not (email and password and tel and permission
and username):
self.write_response({}, 0, '缺少用户信息!')
return
role = ''
if permission == 'admin':
role = u'管理'
elif permission == 'student':
role = u'学生'
else:
role = u'老师'
# 学生用户
insert_doc = {
"_id": email,
"status": True,
"password": make_password(password),
"avator": "",
"create_time": int(time.time()),
"permission": permission,
"tel": tel,
"role": role,
"user_name": username,
"user_email": email
}
if permission != 'student':
try:
cms_coll = BaseMotor(
).client[MongoBasicInfoDb][CMS_USER]
cms_doc = yield cms_coll.find_one(
{'user_email': email})
if not cms_doc:
res = cms_coll.insert_one(insert_doc)
if not res:
self.write_response({}, 0, '用户添加失败!')
return
else:
self.write_response({})
return
else:
self.write_response({}, 0, '邮箱账户已存在!')
return
except Exception as e:
logging.exception(e)
#学生用户
else:
try:
stu_coll = BaseMotor(
).client[MongoBasicInfoDb][STUDENTS]
stu_doc = yield stu_coll.find_one({'email': email})
if not stu_doc:
insert_doc["stu_num"] = ""
res = stu_coll.insert_one(insert_doc)
if not res:
self.write_response({}, 0, '用户添加失败!')
else:
self.write_response({})
else:
self.write_response({}, 0, '邮箱账户已存在!')
return
except Exception as e:
logging.exception(e)
except Exception as e:
logging.exception(e)
self.write_response(response='', _status=0, _err='系统异常')
return
def post(self):
post_data = self.request.body
try:
post_data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
try:
action = post_data.get("action",None)
if not action:
self.write_response({},0,_err='没有相应的操作方法!')
elif action == 'retrieve_password':
email = post_data.get("email", None)
if email:
subject = '计算机组成与结构教学网站邮箱找回密码服务验证!'
captcha = get_captcha(4)
self.conn.set("email_captcha", captcha)
body = "温馨提示:尊敬的用户,您好!我们的工作人员是不会向您索要邮箱验证码,请务将验证码告诉他人,以免您的账户信息泄漏!\n您的邮箱验证码是:【" + captcha + "】10分钟内有效!"
try:
message = send_email(self, subject=subject, body=body, to_email=email)
has_send = self.get_session('has_send_email')
if not has_send:
self.session['has_send_email'] = email
message.send()
self.write_response({})
except Exception as e:
print e
self.render("front/front_forgetpwd.html", msg=e, action_url='/forgetpwd')
else:
self.render("front/front_forgetpwd.html", msg='邮箱帐号异常!', action_url='/forgetpwd')
elif action == 'verify':
email = post_data.get("email", None)
captcha = post_data.get("captcha",None)
cache_captcha = self.conn.get("email_captcha")
if not (cache_captcha and captcha):
self.write_response({},0,'缺少邮箱验证码信息!')
return
if not email:
self.write_response({},0,'缺少邮箱帐号信息!')
return
try:
front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
front_user_doc = front_user_coll.find_one({'user_email':email})
if not front_user_doc:
self.write_response({},0,'此邮箱账户未注册使用!')
return
else:
if cache_captcha.lower() == captcha.lower():
self.write_response({})
return
else:
self.write_response({},0,'邮箱验证码错误!')
return
except Exception as e:
logging.exception(e)
elif action == 'save':
email = post_data.get("email", None)
password = post_data.get("password", None)
repeat_password = post_data.get("repeat_password",None)
if not email:
self.write_response({},0,'缺少邮箱帐号信息!')
return
if not (password and repeat_password):
self.write_response({},0,'密码获取错误!')
return
try:
front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
front_user_doc = front_user_coll.find_one({'user_email':email})
if not front_user_doc:
self.write_response({},0,'此邮箱账户未注册使用!')
return
else:
if password == repeat_password:
res = front_user_coll.update_one({'user_email':email},{
'$set':{
'{0}'.format('password'):make_password(password)
}
})
if res:
self.write_response({})
else:
self.write_response({},0,'密码找回失败!')
else:
self.write_response({},0,'两次密码输入不一致!')
return
except Exception as e:
logging.exception(e)
else:
pass
except Exception as e:
logging.exception(e)
print e
def post(self):
post_data = self.request.body
try:
post_data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
try:
action = post_data.get("action",None)
if not action:
self.write_response({},0,_err='没有相应的操作方法!')
elif action == 'send_email':
email = post_data.get("email", None)
if email:
subject = '计算机组成与结构教学网站邮箱注册服务验证!'
captcha = get_captcha(4)
self.conn.set("email_captcha",captcha)
body = "温馨提示:尊敬的用户,您好!我们的工作人员是不会向您索要邮箱验证码,请务将验证码告诉他人,以免您的账户信息泄漏!\n您的邮箱验证码是:【"+captcha+"】10分钟内有效!"
try:
message = send_email(self,subject=subject,body=body,to_email=email)
has_send = self.get_session('has_send_email')
if not has_send:
self.session['has_send_email'] = email
message.send()
self.write_response({})
except Exception as e:
print e
self.render("front/front_regist.html", msg=e, action_url='/regist')
else:
self.render("front/front_regist.html", msg='邮箱帐号异常!', action_url='/regist')
elif action == 'regist':
email = post_data.get("email",None)
password = post_data.get("password",None)
captcha = post_data.get("captcha",None)
if not (email and password and captcha):
self.write_response({},0,_err='值获取错误!')
cache_captcha = self.conn.get("email_captcha")
if cache_captcha.lower() == captcha:
password = make_password(password)
try:
user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
user_doc = yield user_coll.find_one({"user_email": email})
if not user_doc:
try:
document = {
"_id": email,
"status": True,
"password": password,
"avator": "",
"create_time": int(time.time()),
"permission": "student",
"tel": "",
"role": "学生",
"user_name": "",
"user_email": email,
"stu_num": ""
}
res = user_coll.insert(document)
if not res:
self.write_response({},0,_err='更新数据库出错!')
else:
self.write_response({})
except Exception as e:
print e
self.render("front/front_regist.html", msg=e, action_url='/regist')
else:
self.render("front/front_regist.html", msg='账户已存在,请直接登录!', action_url='/regist')
except Exception as e:
print e
self.write_response({},0,_err='数据库连接异常!')
else:
self.render("front/front_regist.html", msg='验证码输入不一致!', action_url='/regist')
except Exception as e:
self.write_response({},0)
def set_password(self,raw_password):
if not raw_password:
return None
self.password = hashers.make_password(raw_password,self.email)
self.save()
def post(self):
next_url = self.get_argument('next', '/cms/')
try:
gt = GeetestLib(GT_ID, GT_KEY)
challenge = self.get_argument(gt.FN_CHALLENGE, "")
validate = self.get_argument(gt.FN_VALIDATE, "")
seccode = self.get_argument(gt.FN_SECCODE, "")
status = int(self.session[gt.GT_STATUS_SESSION_KEY])
user_id = self.session["user_id"]
password = self.get_argument('password')
password = make_password(password)
if status:
verify_res = gt.success_validate(challenge, validate, seccode,
user_id)
else:
verify_res = gt.failback_validate(challenge, validate, seccode)
self.session["user_id"] = user_id
if verify_res:
try:
user_email = self.get_argument('user_email')
cms_user_coll = BaseMotor(
).client[MongoBasicInfoDb][CMS_USER]
cms_user_doc = yield cms_user_coll.find_one(
{"_id": user_email})
if not cms_user_doc:
self.render("cms/user_login.html",
msg="账户不存在",
next_url=next_url)
else:
pwd = cms_user_doc['password']
status = cms_user_doc['status']
if status == bool(False):
self.render("cms/user_login.html",
msg="此用户已被禁用",
next_url=next_url)
if pwd == password:
self.session['current_email'] = user_email
self.session['role'] = cms_user_doc['role']
self.session['permission'] = cms_user_doc[
'permission']
self.session['username'] = cms_user_doc[
'user_name']
self.set_secure_cookie("user",
user_email +
cms_user_doc['role'],
expires_days=1)
self.redirect(next_url)
else:
msg = "此账号密码有误,请重新输入!"
self.render("cms/user_login.html",
msg=msg,
next_url=next_url)
except Exception as e:
logging.exception(e)
msg = "账户出现异常!"
self.render("cms/user_login.html",
msg=msg,
next_url=next_url)
else:
msg = '验证码验证失败,请重新验证'
self.render("cms/user_login.html", msg=msg, next_url=next_url)
except Exception as e:
logging.exception(e)
msg = '验证码参数获取异常,请稍后重试'
self.render("cms/user_login.html", msg=msg, next_url=next_url)