def pay_return(request): if request.method == 'POST': trade_status = request.POST.get('trade_status') if trade_status: # 支付宝支付 if trade_status == 'TRADE_SUCCESS': out_trade_no = request.POST.get('out_trade_no') total = request.POST.get('total_amount') save_order(out_trade_no, total) return resp(msg='支付成功') else: return resp(1001, '支付错误') else: # 微信支付 wechat_result = Wxpay_Result() result = wechat_result.post(request) if result['result_code'] == 'SUCCESS': # 请求成功数据回调 out_trade_no = result['out_trade_no'] total = float(int(result['total_fee']) * 100) save_order(out_trade_no, total) return HttpResponse(trans_dict_to_xml({'return_code': 'SUCCESS', 'return_msg': 'OK'})) else: return HttpResponse(trans_dict_to_xml({'return_code': 'FAIL', 'return_msg': 'SIGNERROR'})) if request.method == "GET": return resp()
def public_transfer(request): """对公转账""" if request.method == 'POST': # 该项记录由管理员进行添加财务信息,添加后,改变用户的权限 login_name = request.POST.get('login_name') # 获取当前用户 u = User.objects.filter(login_name=login_name).first() if not u: return resp(400, '没有该用户') trade_type_id = request.POST.get('trade_type') enable = int(request.POST.get('enable')) # 直接获取当前交易类型的用户分组,获取分组、获取交易天数、交易价格。 t = TradeType.objects.filter(id=trade_type_id).first() g = t.group d = t.days p = t.price m_type = 4 # 对公转账 o = Order() o.id = encode_order(f'{login_name}{g}{d}{p}') o.login_name = login_name o.trade_type = m_type o.trade_group = g.id o.total = p o.days = d o.desc = 1 o.save() # 改变用户行为 u.group = g u.enable = enable u.end_time = datetime.datetime.now() + datetime.timedelta(days=d) u.save() return resp()
def invoice(request): token = request.META.get('HTTP_AUTHENTICATION') obj = check_token(token) u_id = obj['id'] if request.method == 'POST': company = request.POST.get('company') code = request.POST.get('code') addr_tel = request.POST.get('addr_tel') acount = request.POST.get('acount') receive_email = request.POST.get('receive_email') receive_user = request.POST.get('receive_user') receive_addr = request.POST.get('receive_addr') receive_phone = request.POST.get('receive_phone') flag = request.POST.get('flag') # 传递falg :create 代表新建 ,不传值代表修改 i = Invoice() if flag == 'create' else Invoice.objects.filter(u_id=u_id).first() i.u_id = u_id i.company = company i.code = code i.addr_tel = addr_tel i.acount = acount i.receive_email = receive_email i.receive_user = receive_user i.receive_addr = receive_addr i.receive_phone = receive_phone i.save() return resp() if request.method == 'GET': # 确定是否为一对一,一对多,目前采取一对一的形式 i = Invoice.objects.filter(u_id=u_id).first() if i: return resp(data=i.to_dict()) else: return resp(400, '没有资源')
def register(request): """注册用户""" if request.method == 'POST': login_name = request.POST.get('login_name') old_u = User.objects.filter(login_name=login_name).first() if old_u: return resp(1001, '用户名已存在') email = request.POST.get('email') old_u = User.objects.filter(email=email).first() if old_u: return resp(1001, '邮箱已注册') pwd = request.POST.get('pwd') if len(pwd) < 6 or len(pwd) > 16: return resp(1002, '密码长度在6-16') major = request.POST.get('major') user_name = request.POST.get('user_name') qq = request.POST.get('qq') phone = request.POST.get('phone') u = User() u.login_name = login_name u.pwd = pwd u.email = email u.major = major u.user_name = user_name u.qq = qq u.phone = phone u.save() return resp()
def get_resource(request): if request.method == 'POST': # 三级资源id t_id = int(request.POST.get("code")) token = request.POST.get("token") # 1.判断用户token是否有效 if (not token) or token == 'null': return resp(404, '没有token') obj = check_token(token) if not obj: return resp(404, 'token过期') u_id = obj['id'] # 判断 # 2.判断用户是否有权限访问该资源 ,无访问权限返回404 u = User.objects.filter(id=u_id).first() ids = [i.to_one_dict() for i in u.group.go.all()] ids = parsing_list(ids) if t_id not in ids: return resp(404, '无权限访问') # 3.根据三级资源获取cookie数据 t = ThreeSrc.objects.filter(id=t_id).first() cookie = t.four_src.cookie # 4.根据三级资源获取登陆链接 url = t.four_src.url return resp(data={"href": url, "thing": string_encryption(cookie)})
def check_user(request): if request.method == 'GET': token = request.META.get('HTTP_AUTHENTICATION') obj = check_token(token) if not obj: return resp(204, '用户信息过期') u_id = obj['id'] u = User.objects.filter(id=u_id).first() end_time = u.end_time if not end_time: return resp(201, '用户还未购买资源') # 获取用户当前时间是否过期 if datetime.datetime.now() > end_time: # 用户过期 return resp(202, '用户过期') # 查询当前用户的资源权限 group = Group.objects.filter(id=u.group_id).first() # 获取当前用户对应的一级分类id cursor = connection.cursor() sql = f'select a.id from one_src a join one_src_group b on a.id=b.one_src_id join `group` c on ' \ f'c.id=b.group_id join user d on d.group_id=c.id where d.id={u_id}' cursor.execute(sql) one_src_id_list = [str(i[0]) for i in cursor.fetchall()] sql = f'select a.id from one_src a left join two_src b on a.id=b.one_src_id left join three_src c ' \ f'on b.id=c.two_src_id where a.id in ({",".join(one_src_id_list)});' cursor.execute(sql) data = OneSrc.objects.filter( id__in=[i for i in {i[0] for i in cursor.fetchall()}]) cursor.close() data = [i.to_all_dict() for i in data] return resp(data=data)
def get_four_src_info(request): if request.method == 'GET': f_id = request.GET.get('id') if f_id: f = FourSrc.objects.filter(id=f_id).first() return resp(data=f.to_detail_dict() if f else 'not src') else: f_all = FourSrc.objects.all() return resp(data=[i.to_name_dict() for i in f_all])
def get_order_status(request): if request.method == 'GET': """查询订单状态 """ o_id = request.GET.get('order_id') o = Order.objects.filter(id=o_id).first() if o: # 代表已经支付 return resp(200, '已支付') return resp(202, '未支付')
def get_two_src_info(request): if request.method == 'GET': t_id = request.GET.get('id') if t_id: t = TwoSrc.objects.filter(id=t_id).first() return resp(data=t.to_detail_dict() if t else 'not src') else: t_all = TwoSrc.objects.all() return resp(data=[i.to_name_id_dict() for i in t_all])
def get_admins(request): """获取管理员列表""" if request.method == 'GET': a_id = request.GET.get('id') if a_id: a = User.objects.filter(id=a_id).filter(is_admin=1).first() return resp(data=a.to_admin_view_dict()) else: a_all = User.objects.filter(is_admin=1) return resp(data=[i.to_admin_dict() for i in a_all])
def get_trade_type_info(request): if request.method == 'GET': t_id = request.GET.get('id') t = request.GET.get('t') if t_id: t = TradeType.objects.filter(id=t_id).first() return resp(data=t.to_dict() if t else 'not type') else: t_all = TradeType.objects.all() return resp(data=[i.to_front_dict() if t == 'front' else i.to_dict() for i in t_all])
def get_card_info(request): """查看卡密信息""" if request.method == 'GET': id = request.GET.get('id') if id: c = CardRechargeList.objects.filter(id=id).first() return resp(data=c.to_dict() if c else 'not card') else: c_all = CardRechargeList.objects.all() return resp(data=[i.to_dict() for i in c_all])
def get_help_list_info(request): """获取帮助列表信息""" if request.method == 'GET': h_list_id = request.GET.get('id') if h_list_id: h_list = HelpList.objects.filter(id=h_list_id).first() return resp(data=h_list.to_detail_dict() if h_list else 'not data') else: h_list_all = HelpList.objects.all() return resp(data=[i.to_list_dict() for i in h_list_all])
def get_group_info(request): if request.method == 'GET': g_id = request.GET.get('id') if g_id: """返回单条数据""" g = Group.objects.filter(id=g_id).first() return resp(data=g.to_full_dict()) else: """返回所有数据""" g_all = Group.objects.all() return resp(data=[i.to_name_dict() for i in g_all])
def get_three_src_info(request): """获取三级资源""" if request.method == 'GET': tr_id = request.GET.get('id') t = request.GET.get('t') # 查询或者是编辑的获取详情 if tr_id: tr = ThreeSrc.objects.filter(id=tr_id).first() return resp(data=tr.to_simple_back_dict() if t == 'edit' else tr.to_simple_dict() if tr else 'not src') else: tr_all = ThreeSrc.objects.all() return resp(data=[i.to_simple_dict() for i in tr_all])
def get_one_src_info(request): """查询一级分类资源""" if request.method == 'GET': s_id = request.GET.get('id') if s_id: """返回单条数据""" s = OneSrc.objects.filter(id=s_id).first() return resp(data=s.to_detail_dict() if s else 'not src') else: """返回所有数据""" s_all = OneSrc.objects.all() return resp(data=[i.to_list_dict() for i in s_all])
def get_token_info(request): """根据token获取用户信息""" if request.method == 'GET': token = request.META.get('HTTP_AUTHENTICATION') back = request.GET.get('back') # 解析token数据 obj = check_token(token) if obj: u_id = obj['id'] u = User.objects.filter(id=u_id).first() return resp(data=u.to_back_dict() if back else u.to_front_dict()) else: return resp(code=4001, msg='token 失效')
def check_img_code(request): if request.method == 'GET': token = request.GET.get('token') val = int(request.GET.get('val')) # 一:判断是否是某个时刻发送的 # 二:判断验证码是否输入正确 obj = img_code_overdue_decode(token) if not obj: # token通过校验 return resp(code=1001, msg='token过期') if val != obj['val']: return resp(code=1002, msg='验证码错误') return resp()
def process_request(self, request): need_token = [ '/user/get_admins/', '/user/update_admin/', '/user/update_profile/', '/user/get_user_info/', '/user/update_pwd/', '/trade/invoice/' ] if request.path in need_token: # 判断需要token的路由,如果没有token,则不通过 token = request.META.get('HTTP_AUTHENTICATION') if (not token) or token == 'null': return resp(400, '没有token') if not check_token(token): return resp(401, 'token过期')
def update(request): """后台修改信息""" if request.method == 'POST': u_id = request.POST.get("id") group_id = request.POST.get('group_id') login_name = request.POST.get('login_name') pwd = request.POST.get('pwd') email = request.POST.get('email') major = request.POST.get('major') user_name = request.POST.get('user_name') qq = request.POST.get('qq') phone = request.POST.get('phone') end_time = request.POST.get('end_time') enable = int(request.POST.get('enable')) active = int(json.loads(request.POST.get('active'))) u = User.objects.filter(id=u_id).first() u.group_id = group_id u.login_name = login_name u.pwd = pwd u.email = email u.major = major u.user_name = user_name u.qq = qq u.phone = phone u.end_time = end_time u.enable = enable u.active = active u.save() return resp(data=u.to_back_read_dict())
def get_four_src(request): if request.method == 'GET': cursor = connection.cursor() d = request.GET p = int(d.get('p', 1)) n = int(d.get('n', 10)) tmp_d = [i for i in d if d[i]] if len(tmp_d) > 2: # 查询时 标题和编码 tmp_l = [] for i in d: if i not in ['p', 'n']: if d[i]: if i == 'name': tmp_l.append(f'name like "%{d[i]}%"') if i == 'code': tmp_l.append(f'code like "%{d[i]}%"') tmp_sql = ' and '.join(tmp_l) # 代表有检索条件 sql = f'select id,name,code,url,username,pwd,add_time from four_src' \ f' where {tmp_sql} order by id desc limit {(p - 1) * n},{n}' else: # 代表查询所有数据分页 sql = f'select id,name,code,url,username,pwd,add_time from four_src' \ f' order by id desc limit {(p - 1) * n},{n}' cursor.execute(sql) data = [format_four_src_list(i) for i in cursor.fetchall()] sql = re.sub(r'id,.*?add_time', 'count(*)', sql) sql = sql.split("limit")[0].strip() cursor.execute(sql) l = cursor.fetchone() cursor.close() return resp(data=data, count=l[0])
def add_n_card(request): """自动生成n组卡密""" if request.method == 'POST': trade_type_id = request.POST.get('trade_type_id') # 获取需要生成的卡密个数 num = int(request.POST.get('num')) # 获取需要生成的密码位数,密码生成范围在 6-12之间 pwd_num = int(request.POST.get('pwd_num')) if pwd_num < 6 or pwd_num > 12: return resp(201, '长度错误') # 实现唯一卡密,使用uuid1作为卡号,使用uuid4作为卡密 CardRechargeList.objects.bulk_create( [CardRechargeList(card_id=''.join([i for i in str(uuid.uuid1()) if i != '-']), card_pwd=str(uuid.uuid4()).split('-').pop()[:pwd_num], trade_type_id=trade_type_id) for _ in range(num)]) return resp()
def get_order(request): """获取订单数据""" if request.method == "GET": cursor = connection.cursor() d = request.GET p = int(d.get('p', 1)) n = int(d.get('n', 10)) tmp_d = [i for i in d if d[i]] if len(tmp_d) > 2: # 查询时 充值卡号、会员名称 tmp_l = [] for i in d: if i not in ['p', 'n']: if d[i]: if i == 'card': tmp_l.append(f'card_id="{d[i]}"') if i == 'name': tmp_l.append(f'login_name like "%{d[i]}%"') tmp_sql = ' and '.join(tmp_l) # 代表有检索条件 sql = f'select * from `order` where {tmp_sql} limit {(p - 1) * n},{n}' else: # 代表查询所有数据分页 sql = f'select * from `order` limit {(p - 1) * n},{n}' cursor.execute(sql) data = [format_order_list(i) for i in cursor.fetchall()] sql = re.sub(r'\*', 'count(*)', sql) sql = sql.split("limit")[0].strip() cursor.execute(sql) l = cursor.fetchone() cursor.close() return resp(data=data, count=l[0])
def get_two_src(request): if request.method == 'GET': cursor = connection.cursor() d = request.GET p = int(d.get('p', 1)) n = int(d.get('n', 10)) tmp_d = [i for i in d if d[i]] if len(tmp_d) > 2: # 查询时 有一级分类,标题 # 一级分类为 one_src_id tmp_l = [] for i in d: if i not in ['p', 'n']: if d[i]: if i == 'one_src_id': tmp_l.append(f'a.one_src_id={d[i]}') if i == 'name': tmp_l.append(f'a.name like "%{d[i]}%"') tmp_sql = ' and '.join(tmp_l) # 代表有检索条件 sql = f'select a.id,b.name,a.name,a.pos,a.add_time from two_src a join one_src b on b.id=a.one_src_id' \ f' where {tmp_sql} order by a.id desc limit {(p - 1) * n},{n}' else: # 代表查询所有数据分页 sql = f'select a.id,b.name,a.name,a.pos,a.add_time from two_src a join one_src b on b.id=a.one_src_id' \ f' order by a.id desc limit {(p - 1) * n},{n}' cursor.execute(sql) data = [format_two_src_list(i) for i in cursor.fetchall()] sql = re.sub(r'a\.id,.*?add_time', 'count(*)', sql) sql = sql.split("limit")[0].strip() cursor.execute(sql) l = cursor.fetchone() cursor.close() return resp(data=data, count=l[0])
def update_pwd(request): """修改密码""" if request.method == 'POST': token = request.META.get('HTTP_AUTHENTICATION') obj = check_token(token) u_id = obj['id'] u = User.objects.filter(id=u_id).first() old_pwd = request.POST.get('old_pwd') if not u: return resp(201, 'not user') if u.pwd != old_pwd: return resp(202, 'pwd error') new_pwd = request.POST.get('new_pwd') u.pwd = new_pwd u.save() return resp()
def update_four_src(request): """编辑账号资源""" if request.method == "POST": f_id = request.POST.get('id') name = request.POST.get('name') url = request.POST.get('url') code = request.POST.get('code') desc = request.POST.get('desc') username = request.POST.get('username') pwd = request.POST.get('pwd') code_script = request.POST.get('code_script') cookie_time = int(request.POST.get('cookie_time')) cookie = demjson.decode(request.POST.get('cookie')) success_url = request.POST.get('success_url') error_field = request.POST.get('error_field') f = FourSrc.objects.filter(id=f_id).first() f.name = name f.code = code f.url = url f.desc = desc f.username = username f.pwd = pwd f.code_script = code_script f.cookie_time = cookie_time f.cookie = cookie f.success_url = success_url f.error_field = error_field f.save() return resp(data=f.to_detail_dict())
def update_one_src(request): if request.method == 'POST': o_id = request.POST.get('id') name = request.POST.get('name') desc = request.POST.get('desc') pos = request.POST.get('pos') groups = json.loads(request.POST.get('groups')) # 数组 o = OneSrc.objects.filter(id=o_id).first() o.name = name o.desc = desc o.pos = pos o.save() # 获取之前 o_groups = [i.group_id for i in o.og.all()] # 删除的集合 del_set = set(o_groups) - set(groups) # 新增的集合 add_set = set(groups) - set(o_groups) # 修改分组 # 删除 if del_set: OneSrcGroup.objects.filter(group_id__in=del_set).delete() # 新增 if add_set: OneSrcGroup.objects.bulk_create( [OneSrcGroup(group_id=i, one_src_id=o.id) for i in add_set]) return resp()
def get_to_name_info(request): """根据分组名查询分组""" if request.method == 'GET': name = request.GET.get('name') g_all = Group.objects.all() if name: g_all = Group.objects.filter(name__contains=name) return resp(data=[i.to_name_dict() for i in g_all])
def forget_email_pwd(request): """根据注册的邮箱找回密码""" if request.method == 'POST': email = request.POST.get('email') u = User.objects.filter(email=email).first() if not u: return resp(201, '用户不存在') # 获取唯一验证的字符串,过期时间、用户id,创建时间 sequence = img_code_overdue_create(id=u.id, _time=time.time(), ex=30 * 60) if not u.email: return resp(401, '用户未填写邮箱') flag = send_mail(u.email, sequence) if not flag: return resp(402, '发送失败') return resp()
def update_forget_email_pwd(request): if request.method == 'POST': # 获取唯一的标识字符串 sequence = request.POST.get('sequence') pwd = request.POST.get('pwd') # 解析字符串 try: obj = img_code_overdue_decode(sequence) except: obj = '' if not obj: return resp(401, '失效') u_id = obj['id'] u = User.objects.filter(id=u_id).first() u.pwd = pwd u.save() return resp()