def update_user_by_id(uid):
in_json = request.json
name = in_json['name']
gender = in_json['gender']
phone = in_json['phone']
email = in_json['email']
modify_time = datetime.datetime.now().replace(microsecond=0)
if request.method == 'PUT':
token, u_id = get_token_and_id()
if not TokenOperate.check_token(token, u_id):
return ResponseResult.get_result('Declined')
rs = db.session.execute(
'select u_phone from app.users where u_phone = :phone and u_id != :u_id',
{
'phone': phone,
'u_id': u_id
}).fetchall()
if len(rs) >= 1:
return ResponseResult.get_result('Error', [{'msg': '手机号已存在'}])
sql = '''update app.users
set u_name = :u_name, u_gender = :u_gender, u_phone = :u_phone, u_email = :u_email, u_modify_time = :u_modify_time
where u_id = :u_id
'''
db.session.execute(
sql, {
'u_name': name,
'u_gender': gender,
'u_phone': phone,
'u_email': email,
'u_id': uid,
'u_modify_time': modify_time
})
return ResponseResult.get_result('Success')
def set_reviewer():
if request.method == 'PUT':
token, u_id = get_token_and_id()
if not TokenOperate.check_token(token, u_id):
return ResponseResult.get_result('Declined')
tgt_uid = request.json['new_reviewer']
db.session.execute(
'update app.users set u_role = 2 where u_id = :tgt_uid',
{'tgt_uid': tgt_uid})
return ResponseResult.get_result('Success')
def cancel_demand_by_id():
if request.method == 'POST':
token, u_id = get_token_and_id()
if not TokenOperate.check_token(token, u_id):
return ResponseResult.get_result('Declined')
d_id = int(request.json['id'])
sql = '''
update app.demands set d_is_cancel = true where d_id = :d_id
'''
db.session.execute(sql, {'d_id': d_id})
return ResponseResult.get_result('Success')
def modify_demand_by_id():
if request.method == 'POST':
token, u_id = get_token_and_id()
if not TokenOperate.check_token(token, u_id):
return ResponseResult.get_result('Declined')
# 验证通过,更新数据库
d_id, d_content = int(request.json['id']), json.dumps(request.json['content'], ensure_ascii=False)
sql = '''
update app.demands set d_content = :d_content where d_id = :d_id
'''
db.session.execute(sql, {'d_content': d_content, 'd_id': d_id})
return ResponseResult.get_result('Success')
def do_review():
if request.method == 'PUT':
token, u_id = get_token_and_id()
if not TokenOperate.check_token(token, u_id):
return ResponseResult.get_result('Declined')
d_id = int(request.json['d_id'])
reviewer = int(request.headers['uid'])
review_time = datetime.datetime.now().replace(microsecond=0)
sql = '''
update app.demands set d_is_review = true, d_reviewer = :reviewer, d_review_time = :review_time where d_id = :d_id
'''
db.session.execute(sql, {'reviewer': reviewer, 'd_id': d_id, 'review_time':review_time})
return ResponseResult.get_result('Success')
def get_my_cancel_demands():
if request.method == 'GET':
# token验证
token, u_id = get_token_and_id()
if not TokenOperate.check_token(token, u_id):
return ResponseResult.get_result('Declined')
# 验证通过
num = int(request.args['num'])
page = int(request.args['num']) * int(request.args['page'])
# 查询sql
sql = '''
select
t2.d_id,
t2.d_title,
t2.d_content,
coalesce(t1.u_name, t1.u_nick),
t1.u_phone,
t2.d_pub_time,
t2.d_is_review,
t2.d_is_cancel
from
(select u_id, u_nick, u_name, u_phone from app.users) as t1
right join
(select d_id, d_title, d_content, d_publisher, d_pub_time, d_is_review, d_is_cancel from app.demands where d_publisher = :u_id and d_is_cancel = true) as t2
on
t1.u_id = t2.d_publisher and
t2.d_publisher = :u_id
order by
d_pub_time desc
limit :num
offset :page
'''
rs = db.session.execute(sql, {'num': num, 'page': page, 'u_id': u_id}).fetchall()
data = [
{
'id': r[0],
'title': r[1],
'content': json.loads(r[2]),
'publisher': r[3],
'phone': r[4],
'pub_time': str(r[5]),
'is_review': r[6],
'is_cancel': r[7]
} for r in rs
]
return ResponseResult.get_result('Success', data)
def reset_user_password():
if request.method == 'PUT':
token, u_id = get_token_and_id()
if not TokenOperate.check_token(token, u_id):
return ResponseResult.get_result('Declined')
reset_u_id = request.json['u_id']
rs = db.session.execute(
'select u_nick, u_phone from app.users where u_id = :u_id', {
'u_id': reset_u_id
}).fetchall()
u_nick, u_phone = rs[0][0], rs[0][1]
sha256 = hashlib.sha256()
sha256.update((u_nick + '12345678' + u_phone + '5A!t').encode('utf-8'))
password_hash = sha256.hexdigest()
sql = 'update app.users set u_pwd = :pwd where u_id = :u_id'
db.session.execute(sql, {'pwd': password_hash, 'u_id': reset_u_id})
return ResponseResult.get_result('Success')
def do_publish():
if request.method == 'POST':
token, u_id = get_token_and_id()
if not TokenOperate.check_token(token, u_id):
return ResponseResult.get_result('Declined')
if len((request.json['title']).strip()) == 0:
return ResponseResult.get_result('Error', [{'msg': ''}])
d_title = request.json['title']
d_publisher = int(request.json['publisher'])
d_content = json.dumps(request.json['content'], ensure_ascii=False)
d_pub_time = str(datetime.datetime.now().replace(microsecond=0))
# print(d_title,d_publisher,d_content,d_pub_time)
sql = '''
insert into app.demands(d_title, d_content, d_publisher, d_pub_time) values(:d_title, :d_content, :d_publisher, :d_pub_time)
'''
db.session.execute(sql, {'d_title': d_title, 'd_content': d_content, 'd_publisher': d_publisher,
'd_pub_time': d_pub_time})
return ResponseResult.get_result('Success')
def do_login():
# 初始化sql结果集
sql_res = None
if request.method == 'POST':
# 获取页面传来的登录信息json
in_json = json.loads(request.data)
# 当前时间
login_time = datetime.datetime.now().replace(microsecond=0)
# 用户名登录
if in_json['logby'] == 'username':
# 获取页面传来的数据
username, password = in_json['username'], in_json['password']
# 获取该用户的手机号
rs = db.session.execute(
'select u_phone from app.users where u_nick = :username', {
'username': username
}).fetchall()
if len(rs) == 0:
return ResponseResult.get_result('Error', [{
'msg': '用户名或密码错误'
}])
phone = rs[0][0]
# 创建sha256对象对传入的密码进行加密
sha256 = hashlib.sha256()
sha256.update(
(username + password + phone + '5A!t').encode('utf-8'))
password_hash = sha256.hexdigest()
# 登录验证
sql = '''
select
u_id,
u_nick,
u_name,
u_gender,
u_phone,
u_email,
u_role,
u_last_login_time
from app.users
where u_nick = :username and u_pwd = :pwd
'''
sql_res = db.session.execute(sql, {
'username': username,
'pwd': password_hash
}).fetchall()
db.session.execute(
'update app.users set u_last_login_time = :login_time where u_nick = :username',
{
'login_time': login_time,
'username': username
})
# 手机号登录
elif in_json['logby'] == 'phone':
phone, password = in_json['username'], in_json['password']
# 获取该用户的用户名
rs = db.session.execute(
'select u_nick from app.users where u_phone = :phone', {
'phone': phone
}).fetchall()
if len(rs) == 0:
return ResponseResult.get_result('Error', [{
'msg': '手机号或密码错误'
}])
username = rs[0][0]
# 创建sha256对象对传入的密码进行加密
sha256 = hashlib.sha256()
sha256.update(
(username + password + phone + '5A!t').encode('utf-8'))
password_hash = sha256.hexdigest()
sql = '''
select
u_id,
u_nick,
u_name,
u_gender,
u_phone,
u_email,
u_role,
u_last_login_time
from app.users
where u_phone = :phone and u_pwd = :pwd
'''
sql_res = db.session.execute(sql, {
'phone': phone,
'pwd': password_hash
}).fetchall()
db.session.execute(
'update app.users set u_last_login_time = :login_time where u_phone = :phone',
{
'login_time': login_time,
'phone': phone
})
# 结果集不为空,即账号密码正确
if len(sql_res):
data = [{
'id': i[0],
'nick': i[1],
'name': i[2],
'gender': i[3],
'phone': i[4],
'email': i[5],
'role': i[6],
'last_login_time': str(i[7]),
'token': TokenOperate.gen_token(i[0], i[1])
} for i in sql_res]
# print(data)
return ResponseResult.get_result('Success', data)
else:
return ResponseResult.get_result('Error')