Beispiel #1
0
def forget_password(request):
    if request.method == "POST":
        username = request.POST.get("username", "")
        try:
            User.objects.get(username=username)
        except:
            return TemplateResponse(request, "message.html", {"message": "noexistusername"})
        else:
            user = User.objects.get(username=username)
        # 判断发送方式
        if user.userprofile.phone:
            sending_type = "sms"
        elif user.userprofile.email:
            sending_type = "email"
        else:
            return TemplateResponse(request, "message.html", {"message": "nobinding"})

        temp_password = generate_phone_code()
        temp_pwd_data, created = AccountTempPassword.objects.get_or_create(
            user=user, defaults={"temp_password": temp_password, "sending_type": sending_type}
        )
        if not created:
            temp_pwd_data.sending_type = sending_type
            temp_pwd_data.save()
        if sending_type == "sms":
            return TemplateResponse(request, "message.html", {"message": "sendtophone"})
        if sending_type == "email":
            return TemplateResponse(request, "message.html", {"message": "sendtoemail"})

    return TemplateResponse(request, "accounts/forget_password.html")
Beispiel #2
0
def apply_phone_unbingding_ajax(request):  # 申请手机解绑定
    # 是否延时1min
    exist = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").count() > 0
    if exist:
        userbindingtemp = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").order_by("-id")[0]
        create_time = userbindingtemp.created_time
        now = datetime.datetime.now()
        dt = datetime.timedelta(minutes=1)
        if (create_time + dt) > now:
            time = (now - create_time).total_seconds()
            time = 60 - int(time)
            return HttpResponse("time:" + str(time))

    profile = request.user.get_profile()
    cphone = request.POST.get("phone", "")
    phone = profile.phone
    bindstatus = profile.phone_binding_status

    if cphone == phone and bindstatus == "bind":
        userkey = generate_phone_code()
        userbindingtemp, create = UserBindingTemp.objects.get_or_create(
            user=request.user, binding_address=phone, binding_type="phone", defaults={"key": userkey}
        )
        if not create:
            userbindingtemp.key = userkey
            userbindingtemp.save()

        response = HttpResponse("success")

    else:
        response = HttpResponse("flush")

    return response
Beispiel #3
0
def apply_phone_bingding_ajax(request):  # 申请手机绑定

    # 1.收到手机号码(发送间歇1min)
    # 2.产生验证码
    # 3.保存到UserBindingTemp
    phone = request.POST.get("phone", "")
    phone_re = re.compile(r"1\d{10}")
    match = phone_re.search(phone)
    if (not match.group()) or (len(phone) != 11):
        return HttpResponse("invalidate")

    # 是否有用户已经绑定,该手机号码
    exist = UserProfile.objects.filter(phone=phone, phone_binding_status="bind").count() > 0
    if exist:
        return HttpResponse("used")

    # 是否延时1min
    user_binding_temp = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").order_by("-id")
    if user_binding_temp:
        userbindingtemp = user_binding_temp[0]
        create_time = userbindingtemp.created_time
        now = datetime.datetime.now()
        dt = datetime.timedelta(minutes=1)

        if (create_time + dt) > now:
            time = (now - create_time).total_seconds()
            time = 60 - int(time)

            return HttpResponse("time:" + str(time))

    userkey = generate_phone_code()
    userbindingtemp, created = UserBindingTemp.objects.get_or_create(
        user=request.user, binding_type="phone", defaults={"binding_address": phone, "key": userkey}
    )
    if not created:
        userbindingtemp.binding_address = phone
        userbindingtemp.key = userkey
        userbindingtemp.save()

    profile = request.user.get_profile()

    profile.phone = userbindingtemp.binding_address
    profile.phone_binding_status = "waitingbind"
    profile.save()

    response = HttpResponse("success")

    return response
Beispiel #4
0
def unbindContact(request, type):
    if request.method == "POST":
        value = request.POST["value"]
        uid = request.POST["uid"]
        try:
            user = User.objects.get(pk=uid)
        except Exception:
            raise myException(ERROR_BINDING_NO_USER)
        if type == "email":
            userkey = hashlib.md5(value).hexdigest()
        else:
            userkey = generate_phone_code()
        data = {
            "latest_status": {
                "email": user.userprofile.email,
                "email_binding_status": user.userprofile.email_binding_status,
                "phone": user.userprofile.phone,
                "phone_binding_status": user.userprofile.phone_binding_status,
            }
        }
        # 确定当前用户状态是已绑定
        if (type == "email" and user.userprofile.email_binding_status != "bind") or (
            type == "phone" and user.userprofile.phone_binding_status != "bind"
        ):
            raise myException(ERROR_UNBINDING, status=ERROR_STATUS_DIFFERENT_UNBINDED, data=data)
        # 确定app端的绑定信息是用户最新的绑定信息
        if (type == "email" and user.userprofile.email != value) or (
            type == "phone" and user.userprofile.phone != value
        ):
            raise myException(ERROR_UNBINDING, status=ERROR_STATUS_DIFFERENT_UNBINDED, data=data)
        # 发送验证码
        binding_temp, created = UserBindingTemp.objects.get_or_create(
            user=user, binding_type=type, defaults={"binding_address": value, "key": userkey}
        )
        if not created:
            binding_temp.binding_addres = value
            binding_temp.key = userkey
            binding_temp.save()
        data = {
            "latest_status": {
                "email": user.userprofile.email,
                "email_binding_status": user.userprofile.email_binding_status,
                "phone": user.userprofile.phone,
                "phone_binding_status": user.userprofile.phone_binding_status,
            }
        }
        return data
Beispiel #5
0
def forgetPassword(request):
    if request.method == "POST" and "value" in request.POST:
        value = request.POST["value"]
        if re_email.match(value):
            try:
                user = User.objects.get(userprofile__email=value, userprofile__email_binding_status="bind")
            except Exception:
                raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_EMAIL)
            sending_type = "email"
        elif re_username.match(value):
            try:
                user = User.objects.get(username=value)
            except Exception:
                raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME)
            if user.userprofile.phone and user.userprofile.phone_binding_status == "bind":
                sending_type = "sms"
                value = user.userprofile.phone
            elif user.userprofile.email and user.userprofile.email_binding_status == "bind":
                sending_type = "email"
                value = user.userprofile.email
            else:
                raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME_NO_BINDING)
        elif re_phone.match(regPhoneNum(value)):
            try:
                user = User.objects.get(userprofile__phone=regPhoneNum(value), userprofile__phone_binding_status="bind")
            except Exception:
                raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_SMS)
            sending_type = "sms"
        else:
            raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME)
        temp_password = generate_phone_code()
        temp_pwd_data, created = AccountTempPassword.objects.get_or_create(
            user=user, defaults={"temp_password": temp_password, "sending_type": sending_type}
        )
        if not created:
            temp_pwd_data.sending_type = sending_type
            temp_pwd_data.save()
Beispiel #6
0
def bindContact(request, type):
    if request.method == "POST":
        value = request.POST["value"]
        uid = request.POST["uid"]
        try:
            user = User.objects.get(pk=uid)
        except Exception:
            raise myException(ERROR_BINDING_NO_USER)
        if type == "email":
            userkey = hashlib.md5("%s:%s" % (uid, value)).hexdigest()
        else:
            userkey = generate_phone_code()
        data = {
            "latest_status": {
                "email": user.userprofile.email,
                "email_binding_status": user.userprofile.email_binding_status,
                "phone": user.userprofile.phone,
                "phone_binding_status": user.userprofile.phone_binding_status,
            }
        }
        # 数据有效性验证
        if type == "email" and not re_email.match(value):
            raise myException(ERROR_BINDING_INVAILID_EMAIL_FORMMAT)
        if type == "phone" and not re_phone.match(regPhoneNum(value)):
            raise myException(ERROR_BINDING_INVAILID_PHONE_FORMMAT)
        # 用户已经绑定了
        if type == "email" and user.userprofile.email_binding_status == "bind":
            if user.userprofile.email == value:
                raise myException("", status=ERROR_STATUS_HAS_BINDED, data=data)
            else:
                raise myException(
                    ERROR_BINDING_BY_EMAIL_DIFFERENT_BINDED, status=ERROR_STATUS_DIFFERENT_BINDED, data=data
                )
        elif type == "phone" and user.userprofile.phone_binding_status == "bind":
            if user.userprofile.email == value:
                raise myException("", status=ERROR_STATUS_HAS_BINDED, data=data)
            else:
                raise myException(
                    ERROR_BINDING_BY_PHONE_DIFFERENT_BINDED, status=ERROR_STATUS_DIFFERENT_BINDED, data=data
                )
        # 被别人绑定
        if (
            type == "email"
            and UserProfile.objects.filter(email=value, email_binding_status="bind").exclude(user=user).count() != 0
        ):
            raise myException(
                ERROR_BINDING_BY_EMAIL_HAS_BINDED_BY_OTHER, status=ERROR_STATUS_HAS_BINDED_BY_OTHER, data=data
            )
        elif (
            type == "phone"
            and UserProfile.objects.filter(phone=value, phone_binding_status="bind").exclude(user=user).count() != 0
        ):
            raise myException(
                ERROR_BINDING_BY_PHONE_HAS_BINDED_BY_OTHER, status=ERROR_STATUS_HAS_BINDED_BY_OTHER, data=data
            )
        if type == "phone":
            value = regPhoneNum(value)
        with transaction.commit_on_success():
            profile = user.userprofile
            if type == "phone":
                profile.phone = value
                profile.phone_binding_status = "waitingbind"
            else:
                profile.email = value
                profile.email_binding_status = "waitingbind"
            profile.save()
        with transaction.commit_on_success():
            binding_temp, created = UserBindingTemp.objects.get_or_create(
                user=user, binding_type=type, defaults={"binding_address": value, "key": userkey}
            )
            if not created:
                binding_temp.binding_address = value
                binding_temp.key = userkey
                binding_temp.save()
        data = {
            "latest_status": {
                "email": user.userprofile.email,
                "email_binding_status": user.userprofile.email_binding_status,
                "phone": user.userprofile.phone,
                "phone_binding_status": user.userprofile.phone_binding_status,
            }
        }
        return data