def test_invalid_confirmation_token(self):
u1 = User(password='******')
u2 = User(password='******')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_confirmation_token()
self.assertFalse(u2.confirm(token))
def test_invalid_reset_token(self):
u1 = User(password='******')
u2 = User(password='******')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_reset_token()
self.assertFalse(u2.reset_password(token, 'horse'))
self.assertTrue(u2.verify_password('dog'))
def test_duplicate_email_change_token(self):
u1 = User(email='*****@*****.**', password='******')
u2 = User(email='*****@*****.**', password='******')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u2.generate_email_change_token('*****@*****.**')
self.assertFalse(u2.change_email(token))
self.assertTrue(u2.email == '*****@*****.**')
def user():
User(user_id=1,
first_name="Chaitanya",
last_name="Dokara",
email="*****@*****.**",
password="******").save()
User(user_id=2,
first_name="Lokesh",
last_name="Dokara",
email="*****@*****.**",
password="******").save()
users = User.objects.all()
return render_template("users.html", users=users)
def register():
if session.get('username'):
return redirect(url_for('index'))
form = RegistrationForm()
if form.validate_on_submit():
user_id = User.objects.count()
user_id += 1
email = form.email.data
password = form.password.data
first_name = form.first_name.data
last_name = form.last_name.data
user = User(user_id=user_id,
email=email,
first_name=first_name,
last_name=last_name)
user.set_password(password)
user.save()
flash("You are successfully registered", "success")
return redirect(url_for('index'))
return render_template("register.html",
title="Register",
form=form,
register=True)
def test_group_user():
roles = ['FrontUser', 'Operator', 'Administrator', 'Super']
msg = {}
for r in roles:
role = Role(group=r)
u = User()
u.telephone = fake.phone_number()
u.username = r + '-test'
u.email = fake.ascii_free_email()
u.password = '******'
u.confirm = True
u.realname = fake.name()
with open('mxavatar.json', 'r') as f:
avatar_list = json.load(f)
u.avatar = choice(avatar_list)
u.signature = fake.paragraph(nb_sentences=3,
variable_nb_sentences=True)
u.gender = GenderEnum(randint(1, 3))
u.join_time = fake.date_this_year(before_today=True, after_today=False)
u.role = role
db.session.add(u)
msg[r] = u.telephone
try:
db.session.commit()
except Exception as e:
print(e)
db.session.rollback()
print('测试用户生成失败!')
return
print('测试用户生成成功!')
print(msg)
def test_permission_user():
ps = [
'LOGIN', 'VIEW_POST', 'PUBLISH_POST', 'PUBLISH_COMMENT', 'LOGIN_CMS',
'MANAGE_POST', 'MANAGE_COMMENTE', 'BOARDER', 'BANNER', 'FRONTUSER',
'CMSUSER', 'ADMINER'
]
msg = {}
for p in ps:
permissions = Permission.ALL_PERMISSION - getattr(Permission, p)
role = Role(name='FrontUser', permissions=permissions)
u = User()
u.telephone = fake.phone_number()
u.username = '******' + p
u.email = fake.ascii_free_email()
u.password = '******'
u.confirm = True
u.realname = 'NOT-' + p
with open('mxavatar.json', 'r') as f:
avatar_list = json.load(f)
u.avatar = choice(avatar_list)
u.signature = fake.paragraph(nb_sentences=3,
variable_nb_sentences=True)
u.gender = GenderEnum(randint(1, 4))
u.join_time = fake.date_this_year(before_today=True, after_today=False)
u.role = role
db.session.add(u)
msg[u.username] = u.telephone
try:
db.session.commit()
except Exception:
db.session.rollback()
print('测试用户生成成功!')
print(msg)
def front_user(count=10):
fake = Faker(locale='zh_CN')
n = 0
for i in range(count):
u = User()
u.telephone = fake.phone_number()
u.username = fake.user_name()
u.email = fake.ascii_free_email()
u.password = '******'
u.confirm = choice([True, False])
u.realname = fake.name()
with open('mxavatar.json', 'r') as f:
avatar_list = json.load(f)
u.avatar = choice(avatar_list)
u.signature = fake.paragraph(nb_sentences=3,
variable_nb_sentences=True)
u.gender = GenderEnum(randint(1, 4))
u.join_time = fake.date_this_year(before_today=True, after_today=False)
role = Role()
u.role = role
db.session.add(u)
try:
db.session.commit()
n += 1
except Exception:
db.session.rollback()
print('Front用户添加成功,共同添加%d个用户' % n)
def user_login():
"""
Login an user
"""
if 'user' in session:
return redirect('/dashboard')
form = LoginUserForm(csrf_enabled=False)
if form.validate_on_submit():
email = form.email.data
password = form.password.data
user = User()
result = user.find_one({'email': email})
if result is not None:
if bcrypt.hashpw(password,
result['password']) == result['password']:
return auth.login(id=result['_id'], active=result['is_active'])
else:
flash('Password incorrecto', 'error')
else:
flash('El usuario no existe', 'error')
return render_template('users/login.html', form=form)
def create_user():
"""User registration in the system."""
try:
data = request.json
first_name = request.json['first_name']
last_name = request.json['last_name']
email = request.json['email']
password = request.json['password']
user_info = User.query.filter_by(email=email).first()
print(user_info)
if user_info:
message = "User already exits"
code = 400
else:
password = generate_password_hash(password)
user = User()
user.first_name = first_name
user.last_name = last_name
user.email = email
user.password = password
db.session.add(user)
db.session.commit()
message = "User create successfully"
code = 200
except Exception as error:
return jsonify({'message': str(error)}), 400
return jsonify({'message': message}), code
def tambah_user():
'''Menambah user'''
form = UserForm()
if form.validate_on_submit():
username = request.values.get('username')
password = request.values.get('password')
password2 = request.values.get('password2')
# check if username is available
if User.query.filter_by(username=username).first():
flash('Username tidak tersedia !', 'danger')
return render_template('kejadian/tambah_user.html', form=form, user=current_user)
# check if password2 is the same as password
if password != password2:
flash('Verifikasi Password gagal !', 'danger')
return render_template('kejadian/tambah_user.html', form=form, user=current_user)
# save new user data
new_user = User(
username=username
)
# hash password as md5
new_user.set_password(password)
db.session.add(new_user)
db.session.flush()
db.session.commit()
flash('Tambah User berhasil !', 'success')
return redirect(url_for('admin.users'))
return render_template('kejadian/tambah_user.html', form=form, user=current_user)
def add_user(self, data):
new_user = User(username=data['username'],
password=data['password'],
email=data['email'],
role=data.get('role', 'user'))
self.save_changes(new_user)
return self.get_a_user(data['username'])
def user_register():
"""
Register an user
"""
if 'user' in session:
return redirect('/dashboard/')
form = RegisterUserForm(csrf_enabled=False)
if form.validate_on_submit():
name = form.name.data
email = form.email.data
password = form.password.data
user = User()
result = user.find_one({'email': email})
if result is None:
data = {
'name': name,
'email': email,
'password': bcrypt.hashpw(password, bcrypt.gensalt()),
'is_active': True
}
id = user.insert(data)
return auth.login(id=id, active=data['is_active'])
else:
flash('El correo esta registrado, prueba con otro', 'error')
return render_template('users/register.html', form=form)
def test_expired_confirmation_token(self):
u = User(password='******')
db.session.add(u)
db.session.commit()
token = u.generate_confirmation_token(1)
time.sleep(2)
self.assertFalse(u.confirm(token))
def test_valid_reset_token(self):
u = User(password='******')
db.session.add(u)
db.session.commit()
token = u.generate_reset_token()
self.assertTrue(u.reset_password(token, 'dog'))
self.assertTrue(u.verify_password('dog'))
def test_valid_email_change_token(self):
u = User(email='*****@*****.**', password='******')
db.session.add(u)
db.session.commit()
token = u.generate_email_change_token('*****@*****.**')
self.assertTrue(u.change_email(token))
self.assertTrue(u.email == '*****@*****.**')
def user_regist():
form = RegistForm()
if form.validate_on_submit():
# 查看用户名是否已经存在
user_name = form.user_name.data
user_x = User.query.filter_by(name=user_name).first()
if user_x:
flash("用户名已经存在!", category='err')
return render_template('user_regist.html', form=form)
# 如果用户不存在,创建一个用户类的实例
user = User()
user.name = form.user_name.data
user.pwd = generate_password_hash(form.user_pwd.data)
user.email = form.data['user_email']
user.phone = form.user_phone.data
user.jianjie = form.user_jianjie.data
user.uuid = str(uuid.uuid4().hex)[0:10] # 给每个用户分配一个10个字符的身份标识符
filestorage = request.files["user_face"]
user.face = secure_filename_with_uuid(filestorage.filename)
# 保存用户头像文件,执行插入操作
try:
photosSet.save(storage=filestorage,
folder=user.name,
name=user.face)
db.session.add(user)
db.session.commit()
flash("用户注册成功!", category='ok')
return redirect(url_for("user_login", username=user.name))
except UploadNotAllowed:
flash("头像文件格式不对!", category='err')
return render_template('user_regist.html', form=form)
return render_template('user_regist.html', form=form)
def test_token_auth(self):
# add a user
r = Role.query.filter_by(name='User').first()
self.assertIsNotNone(r)
u = User(email='*****@*****.**', password='******', confirmed=True,
role=r)
db.session.add(u)
db.session.commit()
# issue a request with a bad token
response = self.client.get(
url_for('api.get_posts'),
headers=self.get_api_headers('bad-token', ''))
self.assertTrue(response.status_code == 401)
# get a token
response = self.client.get(
url_for('api.get_token'),
headers=self.get_api_headers('*****@*****.**', 'cat'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertIsNotNone(json_response.get('token'))
token = json_response['token']
# issue a request with the token
response = self.client.get(
url_for('api.get_posts'),
headers=self.get_api_headers(token, ''))
self.assertTrue(response.status_code == 200)
def adduser(request):
user = User()
arr = ['张三', '李四', '王五', '赵柳', '田七']
temp = random.randrange(0, len(arr))
user.u_name = arr[temp] + '-' + str(random.randrange(10, 100))
user.save()
return HttpResponse('添加用户成功:' + user.u_name)
def test_ping(self):
u = User(password='******')
db.session.add(u)
db.session.commit()
time.sleep(2)
last_seen_before = u.last_seen
u.ping()
self.assertTrue(u.last_seen > last_seen_before)
def test_timestamps(self):
u = User(password='******')
db.session.add(u)
db.session.commit()
self.assertTrue(
(datetime.utcnow() - u.member_since).total_seconds() < 3)
self.assertTrue(
(datetime.utcnow() - u.last_seen).total_seconds() < 3)
def post(self):
data = api.payload
user = User(user_id=data['user_id'],
email=data['email'],
first_name=data['first_name'],
last_name=data['last_name'])
user.set_password(data['password'])
# user.save()
return jsonify(User.objects(user_id=data['user_id']))
def prepare_user(self, telephone="15020202200"):
user = User.query.filter_by(telephone=telephone).first()
if not user:
user = User(telephone=telephone, status="normal")
db.session.add(user)
db.session.commit()
Auth().authenticate(user, self.app.config['USER_TOKEN_USEFUL_DATE'],
self.app.config['SECRET_KEY'])
return user
def generate_users():
user1 = User(telephone='1111111111',
nickname='user1',
status='normal',
city='广州')
user2 = User(telephone='1111111112',
nickname='user2',
status='normal',
city='上海')
user3 = User(telephone='1111111113',
nickname='user3',
status='normal',
city='天津')
user4 = User(telephone='1111111114',
nickname='user4',
status='normal',
city='深圳')
user5 = User(telephone='1111111115',
nickname='user5',
status='normal',
city='背景')
user6 = User(telephone='1111111116',
nickname='user6',
status='normal',
city='厦门')
user7 = User(telephone='1111111117',
nickname='user7',
status='normal',
city='浙江')
user8 = User(telephone='1111111118',
nickname='user8',
status='normal',
city='杭州')
user9 = User(telephone='1111111119',
nickname='user9',
status='normal',
city='安徽')
db.session.add(user1)
db.session.add(user2)
db.session.add(user3)
db.session.add(user4)
db.session.add(user5)
db.session.add(user6)
db.session.add(user7)
db.session.add(user8)
db.session.add(user9)
db.session.commit()
def create_user(nickname, login_id, password):
try:
alreadyCreated = User.query.filter_by(login_id=login_id).first()
if alreadyCreated:
raise Exception("유저 아이디가 이미 존재합니다.", 409)
except Exception as e:
print(e)
return e
try:
alreadyCreated = User.query.filter_by(nickname=nickname).first()
if alreadyCreated:
raise Exception("닉네임이 이미 사용중입니다.", 409)
except Exception as e:
print(e)
return e
try:
newUser = User(str(nickname), login_id, str(password))
db.session.add(newUser)
db.session.commit()
createdUser = User.query.filter_by(login_id=login_id).first()
except Exception as e:
print(e)
return e
try:
payload = {
"iss": "minsim.net",
"user": {
"id": createdUser.id,
"login_id": login_id,
"nickname": createdUser.nickname
}
}
return {
"id":
createdUser.id,
"nickname":
createdUser.nickname,
"login_id":
createdUser.login_id,
"token":
str(
unicode(
jwt.encode(payload,
app.config["SECRET_KEY"],
algorithm="HS256"), "utf-8")),
"msg":
"성공적으로 가입하셨습니다."
}
except Exception as e:
print(e)
return e
def user_join():
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
name = request.form['name']
user = User(email=email,
password=generate_password_hash(password),
name=name)
db.session.add(user)
db.session.commit()
def login():
app = current_app._get_current_object()
form = LoginForm()
if form.validate_on_submit():
if form.name.data == app.config[
'ADMIN_USER'] and form.password.data == app.config['ADMIN_PWD']:
login_user(User(app.config['ADMIN_USER']))
return redirect(request.args.get('next') or url_for('home.index'))
else:
flash(u'无效的用户名或密码')
return render_template('login.html', form=form)
def create_user(self, data, is_active=True):
valid_input, valid_input_message = self.validate_signup_payload(data)
if not valid_input:
return {"success": valid_input, "message": valid_input_message}
is_exists, exists_message = self.check_user_existence(
data["email"], data["phone"])
if is_exists:
return {"success": True, "message": exists_message}
try:
hash_text = data["email"] + data["phone"] + data["full_name"]
hash_object = hashlib.md5(hash_text)
unique_hash = hash_object.hexdigest()
try:
validation = Schema({
'full_name':
And(basestring,
lambda n: 30 >= len(n) >= 3,
error="Minimum 3 Characters are Required"),
'email':
And(basestring,
lambda n: len(n) >= 3,
error="Minimum 3 Characters are Required"),
'phone':
And(basestring,
lambda n: len(n) >= 6,
error="Minimum 6 Characters are Required"),
"password":
And(basestring,
lambda n: len(n) >= 6,
error="Minimum 6 Characters are Required")
}).validate(data)
except SchemaError as e:
error = e.message
return {"success": False, "message": error}
account_create = User()
user_id = str(uuid.uuid4())
account_create.username = user_id
account_create.email = data['email']
account_create.phone = data['phone']
account_create.full_name = data['full_name']
account_create.is_active = is_active
account_create.password = self.pwd_context.encrypt(
data['password'])
account_create.token = self.generate_api_token(unique_hash)
account_create.save()
return {"success": True, "message": "Created User Successfully"}
except Exception as e:
print(traceback.format_exc())
def register():
form = RegisterForm()
if form.validate_on_submit():
user = User(name=form.name.data,
email=form.email.data.lower(),
password=form.password.data)
db.session.add(user)
db.session.commit()
token = user.generate_confirmation_token()
send_mail(user.email, '激活账号', 'mail/confirm', user=user, token=token)
flash('一封确认邮件已经发送到您的邮箱,请及时激活账号!')
return redirect(url_for('main.hello_world'))
return render_template('auth/register.html', form=form)
def post(self):
account = request.json.get('account')
username = request.json.get('username')
password = request.json.get('password')
if account is None or password is None or username is None:
return jsonify({'code': 400, "msg": "账户密码不能为空"})
if User.query.filter_by(account=account).first() is not None:
return jsonify({'code': 400, "msg": "账户已存在"})
user = User(account=account, username=username)
user.hash_password(password)
db.session.add(user)
db.session.commit()
return jsonify({'code': 200, "msg": "账户添加成功"})
