def forget_password(request):
if request.method == "POST":
username = request.POST.get("username", "")
try:
User.objects.get(username=username)
except:
return TemplateResponse(request, "message.html", {"message": "noexistusername"})
else:
user = User.objects.get(username=username)
# 判断发送方式
if user.userprofile.phone:
sending_type = "sms"
elif user.userprofile.email:
sending_type = "email"
else:
return TemplateResponse(request, "message.html", {"message": "nobinding"})
temp_password = generate_phone_code()
temp_pwd_data, created = AccountTempPassword.objects.get_or_create(
user=user, defaults={"temp_password": temp_password, "sending_type": sending_type}
)
if not created:
temp_pwd_data.sending_type = sending_type
temp_pwd_data.save()
if sending_type == "sms":
return TemplateResponse(request, "message.html", {"message": "sendtophone"})
if sending_type == "email":
return TemplateResponse(request, "message.html", {"message": "sendtoemail"})
return TemplateResponse(request, "accounts/forget_password.html")
def apply_phone_unbingding_ajax(request): # 申请手机解绑定
# 是否延时1min
exist = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").count() > 0
if exist:
userbindingtemp = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").order_by("-id")[0]
create_time = userbindingtemp.created_time
now = datetime.datetime.now()
dt = datetime.timedelta(minutes=1)
if (create_time + dt) > now:
time = (now - create_time).total_seconds()
time = 60 - int(time)
return HttpResponse("time:" + str(time))
profile = request.user.get_profile()
cphone = request.POST.get("phone", "")
phone = profile.phone
bindstatus = profile.phone_binding_status
if cphone == phone and bindstatus == "bind":
userkey = generate_phone_code()
userbindingtemp, create = UserBindingTemp.objects.get_or_create(
user=request.user, binding_address=phone, binding_type="phone", defaults={"key": userkey}
)
if not create:
userbindingtemp.key = userkey
userbindingtemp.save()
response = HttpResponse("success")
else:
response = HttpResponse("flush")
return response
def apply_phone_bingding_ajax(request): # 申请手机绑定
# 1.收到手机号码(发送间歇1min)
# 2.产生验证码
# 3.保存到UserBindingTemp
phone = request.POST.get("phone", "")
phone_re = re.compile(r"1\d{10}")
match = phone_re.search(phone)
if (not match.group()) or (len(phone) != 11):
return HttpResponse("invalidate")
# 是否有用户已经绑定,该手机号码
exist = UserProfile.objects.filter(phone=phone, phone_binding_status="bind").count() > 0
if exist:
return HttpResponse("used")
# 是否延时1min
user_binding_temp = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").order_by("-id")
if user_binding_temp:
userbindingtemp = user_binding_temp[0]
create_time = userbindingtemp.created_time
now = datetime.datetime.now()
dt = datetime.timedelta(minutes=1)
if (create_time + dt) > now:
time = (now - create_time).total_seconds()
time = 60 - int(time)
return HttpResponse("time:" + str(time))
userkey = generate_phone_code()
userbindingtemp, created = UserBindingTemp.objects.get_or_create(
user=request.user, binding_type="phone", defaults={"binding_address": phone, "key": userkey}
)
if not created:
userbindingtemp.binding_address = phone
userbindingtemp.key = userkey
userbindingtemp.save()
profile = request.user.get_profile()
profile.phone = userbindingtemp.binding_address
profile.phone_binding_status = "waitingbind"
profile.save()
response = HttpResponse("success")
return response
def unbindContact(request, type):
if request.method == "POST":
value = request.POST["value"]
uid = request.POST["uid"]
try:
user = User.objects.get(pk=uid)
except Exception:
raise myException(ERROR_BINDING_NO_USER)
if type == "email":
userkey = hashlib.md5(value).hexdigest()
else:
userkey = generate_phone_code()
data = {
"latest_status": {
"email": user.userprofile.email,
"email_binding_status": user.userprofile.email_binding_status,
"phone": user.userprofile.phone,
"phone_binding_status": user.userprofile.phone_binding_status,
}
}
# 确定当前用户状态是已绑定
if (type == "email" and user.userprofile.email_binding_status != "bind") or (
type == "phone" and user.userprofile.phone_binding_status != "bind"
):
raise myException(ERROR_UNBINDING, status=ERROR_STATUS_DIFFERENT_UNBINDED, data=data)
# 确定app端的绑定信息是用户最新的绑定信息
if (type == "email" and user.userprofile.email != value) or (
type == "phone" and user.userprofile.phone != value
):
raise myException(ERROR_UNBINDING, status=ERROR_STATUS_DIFFERENT_UNBINDED, data=data)
# 发送验证码
binding_temp, created = UserBindingTemp.objects.get_or_create(
user=user, binding_type=type, defaults={"binding_address": value, "key": userkey}
)
if not created:
binding_temp.binding_addres = value
binding_temp.key = userkey
binding_temp.save()
data = {
"latest_status": {
"email": user.userprofile.email,
"email_binding_status": user.userprofile.email_binding_status,
"phone": user.userprofile.phone,
"phone_binding_status": user.userprofile.phone_binding_status,
}
}
return data
def forgetPassword(request):
if request.method == "POST" and "value" in request.POST:
value = request.POST["value"]
if re_email.match(value):
try:
user = User.objects.get(userprofile__email=value, userprofile__email_binding_status="bind")
except Exception:
raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_EMAIL)
sending_type = "email"
elif re_username.match(value):
try:
user = User.objects.get(username=value)
except Exception:
raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME)
if user.userprofile.phone and user.userprofile.phone_binding_status == "bind":
sending_type = "sms"
value = user.userprofile.phone
elif user.userprofile.email and user.userprofile.email_binding_status == "bind":
sending_type = "email"
value = user.userprofile.email
else:
raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME_NO_BINDING)
elif re_phone.match(regPhoneNum(value)):
try:
user = User.objects.get(userprofile__phone=regPhoneNum(value), userprofile__phone_binding_status="bind")
except Exception:
raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_SMS)
sending_type = "sms"
else:
raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME)
temp_password = generate_phone_code()
temp_pwd_data, created = AccountTempPassword.objects.get_or_create(
user=user, defaults={"temp_password": temp_password, "sending_type": sending_type}
)
if not created:
temp_pwd_data.sending_type = sending_type
temp_pwd_data.save()
def bindContact(request, type):
if request.method == "POST":
value = request.POST["value"]
uid = request.POST["uid"]
try:
user = User.objects.get(pk=uid)
except Exception:
raise myException(ERROR_BINDING_NO_USER)
if type == "email":
userkey = hashlib.md5("%s:%s" % (uid, value)).hexdigest()
else:
userkey = generate_phone_code()
data = {
"latest_status": {
"email": user.userprofile.email,
"email_binding_status": user.userprofile.email_binding_status,
"phone": user.userprofile.phone,
"phone_binding_status": user.userprofile.phone_binding_status,
}
}
# 数据有效性验证
if type == "email" and not re_email.match(value):
raise myException(ERROR_BINDING_INVAILID_EMAIL_FORMMAT)
if type == "phone" and not re_phone.match(regPhoneNum(value)):
raise myException(ERROR_BINDING_INVAILID_PHONE_FORMMAT)
# 用户已经绑定了
if type == "email" and user.userprofile.email_binding_status == "bind":
if user.userprofile.email == value:
raise myException("", status=ERROR_STATUS_HAS_BINDED, data=data)
else:
raise myException(
ERROR_BINDING_BY_EMAIL_DIFFERENT_BINDED, status=ERROR_STATUS_DIFFERENT_BINDED, data=data
)
elif type == "phone" and user.userprofile.phone_binding_status == "bind":
if user.userprofile.email == value:
raise myException("", status=ERROR_STATUS_HAS_BINDED, data=data)
else:
raise myException(
ERROR_BINDING_BY_PHONE_DIFFERENT_BINDED, status=ERROR_STATUS_DIFFERENT_BINDED, data=data
)
# 被别人绑定
if (
type == "email"
and UserProfile.objects.filter(email=value, email_binding_status="bind").exclude(user=user).count() != 0
):
raise myException(
ERROR_BINDING_BY_EMAIL_HAS_BINDED_BY_OTHER, status=ERROR_STATUS_HAS_BINDED_BY_OTHER, data=data
)
elif (
type == "phone"
and UserProfile.objects.filter(phone=value, phone_binding_status="bind").exclude(user=user).count() != 0
):
raise myException(
ERROR_BINDING_BY_PHONE_HAS_BINDED_BY_OTHER, status=ERROR_STATUS_HAS_BINDED_BY_OTHER, data=data
)
if type == "phone":
value = regPhoneNum(value)
with transaction.commit_on_success():
profile = user.userprofile
if type == "phone":
profile.phone = value
profile.phone_binding_status = "waitingbind"
else:
profile.email = value
profile.email_binding_status = "waitingbind"
profile.save()
with transaction.commit_on_success():
binding_temp, created = UserBindingTemp.objects.get_or_create(
user=user, binding_type=type, defaults={"binding_address": value, "key": userkey}
)
if not created:
binding_temp.binding_address = value
binding_temp.key = userkey
binding_temp.save()
data = {
"latest_status": {
"email": user.userprofile.email,
"email_binding_status": user.userprofile.email_binding_status,
"phone": user.userprofile.phone,
"phone_binding_status": user.userprofile.phone_binding_status,
}
}
return data