def reg(): form = RegForm() user_name = form.username.data password = form.password.data user_model = UserModel(db.get_connection()) existence = '' if (not user_name in [tuply[1] for tuply in user_model.get_all()] and not (user_name is None) and not (password is None)): user_model.insert(user_name, password) return redirect("/login") elif not (user_name is None) and not (password is None): existence = 'This name is taken' return render_template('registration.html', form=form, existence=existence)
def edit(user_name): if 'username' not in session: return redirect('/login') form = EditForm() if session['username'] != user_name: return redirect(('/profile/{}').format(user_name)) user_model = UserModel(db.get_connection()) new_name = form.username.data existence = '' if not new_name in [tuply[1] for tuply in user_model.get_all()] and\ (not new_name is None): user_model.update(new_name, session['user_id']) session['username'] = new_name return redirect(('/profile/{}').format(new_name)) elif not new_name is None: existence = 'This name is taken' return render_template('edit.html', form=form, user_name=user_name, existence=existence)
def get(self): return UserModel.get_all()
class UserHandler(tornado.web.RequestHandler): def __init__(self, application, request, **kwargs): self.session = SessionTools() self.users = UserModel() super(UserHandler, self).__init__(application, request, **kwargs) def get(self): log.debug("get") user_id = self.get_argument("user_id", None) if not user_id: return self.write(json.dumps(self.users.get_all())) return self.write(json.dumps(self.users.get_one(user_id))) def post(self): account = self.get_body_argument("account", None) passwd = self.get_body_argument("passwd", None) if not account or not passwd: return self.write(json.dumps({ u"error": 1, u"content": u"请输入用户名或密码!" })) user_id = self.users.login(account, passwd) if not user_id: return self.write(json.dumps({ u"error": 2, u"content": u"用户名或密码错误" })) self.session.login(self.set_cookie, user_id) return self.redirect('/') def admin_required(fn): @wraps(fn) def func(self): user_id = self.session.logged_user(self.get_cookie) if not user_id: return self.write(json.dumps({ u"error": 3, u"content": u"请先登录" })) user_limits = self.users.get_limits() if user_limits != "admin" and user_limits != "root": return self.write(json.dumps({ u"error": 4, u"content": u"权限不足" })) return fn(self) return func @admin_required def put(self): account = self.get_body_argument("account") passwd = self.get_body_argument("passwd") name = self.get_body_argument("name") limits = self.get_body_argument("limits") result = self.users.add_user({ u"account": account, u"passwd": passwd, u"name": name, u"limits": limits}) result = result if result else "" self.redirect("/results?type=user&operating=add&id={3}&account={0}&name={1}&limits={2}".format(account, name, limits, result)) @admin_required def delete(self): user_id = self.get_body_argument("user_id") self.users.remove(user_id) self.redirect("/results?type=user&operating=delete")