def get_reset_password_email_verify(self):
session = Session()
if session.get("logged_in") == " true":
session.extend()
return redirect("/homepage")
if session.get("email_verified") == "true":
return redirect("/auth/reset_password")
return render_template("reset_password_email_verify.html")
def get_register(self):
session = Session()
if session.get("logged_in") == "true":
session.extend()
return redirect("/homepage")
if session.get("email_verified") != "true":
return redirect("/auth/email_verify")
return render_template("auth_register.html")
def post_email_verify(self):
session = Session()
if session.get("login"):
session.extend()
return redirect("/homepage")
token = request.form.get("token")
stored_token = session.get("token")
if stored_token is not None and stored_token == token:
session["email_verified"] = "true"
session.expire(900)
return {"status": True, "message": "Email verify succeeds"}
else:
return {"status": False, "message": "Wrong token"}
def get_email_verify(self):
session = Session()
if session.get("logged_in") == "true":
session.extend()
return redirect("/homepage")
return render_template("auth_email_verify.html")
def post_reset_password_email_verify(self):
session = Session()
if session.get("logged_in") == " true":
session.extend()
return redirect("/homepage")
if session.get("reset_password_email_verified") == "true":
return redirect("/auth/reset_password")
token = request.form.get("token")
stored_token = session.get("token")
if stored_token is not None and stored_token == token:
session["reset_password_email_verified"] = "true"
session.expire(900)
return redirect("/auth/reset_password")
else:
return {"status": False, "message": "Wrong token"}
def post_token(self):
session = Session()
if session.get("logged_in") == "true":
session.extend()
return redirect("/auth/login")
from utils.format_checker import nyu_email_check
email = request.form.get("email")
print("email_received:", email)
if not nyu_email_check(email):
logbook.info("[GET EMAIL TOKEN] Wrong email format")
return {"status": False, "message": "Email is of wrong format. Please provide NYU email"}
query = User.select().where(User.email == email)
if request.form.get("reset_password") == "true" and not(query.exists()):
return {"status": False, "message": "This email has not been registered yet. Please register first"}
if request.form.get("reset_password") != "true" and query.exists():
return {"status": False, "message": "This email has been registered"}
token = TokenGenerator.generate()
session["token"] = token
session["email"] = email
session.expire(600)
email_helper = EmailHelper(receiver_email=email)
email_helper.send_token(token)
return {"status": True, "message": "A token has been sent to your mail box"}
def get_reset_password(self):
session = Session()
if session.get("logged_in") == " true":
session.extend()
return redirect("/homepage")
if session.get("reset_password_email_verified") != "true":
return redirect("/auth/reset_password_email_verify")
email = session.get("email")
password = request.form.get("password")
from utils.format_checker import (
password_checker
)
password_check = password_checker(password)
if not password_check:
return {"status": False, "message": "Bad password format"}
hashed_pwd = MD5Helper.hash(password)
User.update(password=hashed_pwd).where(User.email == email).execute()
def get_page(self):
session = Session()
if session.get("logged_in") != "true":
return {"status": False, "message": "permission denied"}
image_id = request.args.get("id")
if image_id is None:
return {"status": False, "message": "no image_id"}
query = Image.select().where(Image.id == image_id)
if query.exists():
image_ins = query.get()
if image_ins.user.email == session.get("email"):
with open(f"{image_id}.{image_ins.image_format}", "wb") as fp:
fp.write(image_ins.content)
return Response(fp, mimetype=f"image/{image_ins.image_format}")
else:
return {"status": False, "message": "permission denied"}
else:
return {"status": False, "message": "image does not exist"}
def wrapper(RequestHandler, *args, **kwargs):
# 首选缓存中获取用户信息,没有的按照游客角色id“000000”处理
roleid = '000000'
session_data = Session(RequestHandler).data
if session_data:
roleid = session_data.get('roleid') if session_data.get(
'roleid') else '000000'
# 获取角色的接口
roleapi = RequestHandler.redis.hget('roleapi_cache', roleid) #开发阶段屏蔽
# roleapi = None
if not roleapi:
sql = 'SELECT (SELECT sa_uri FROM sys_api WHERE a.ra_apiid = sa_id) AS ra_uri, ra_get,ra_post,ra_put,ra_delete FROM sys_roleapi AS a WHERE ra_roleid=%s'
ret = yield db.fetchall(sql, args=(roleid,))
ret = json.dumps(ret)
RequestHandler.redis.hset('roleapi_cache', roleid, ret)
roleapi = ret
# 接口权限
roleapi = json.loads(roleapi)
request_uri = RequestHandler.request.uri.split('?')[0]
accordapi = None
for api in roleapi:
if re.match(r'^%s$' % api.get('ra_uri'), request_uri):
accordapi = api
break
# 接口请求方式权限
if accordapi:
request_method = 'ra_%s' % RequestHandler.request.method.lower()
rm_power = accordapi.get(request_method, 0)
if str(rm_power) == '1':
fun(RequestHandler, *args, **kwargs)
else:
RequestHandler.send_error(
403, msg='服务器拒绝了你,原因:%s无权访问或登录过期' % (RequestHandler.request.method))
raise gen.Return()
else:
RequestHandler.send_error(403, msg='服务器拒绝了你,原因:无权访问或登录过期')
raise gen.Return()
def post_register(self):
session = Session()
if session.get("logged_in") == " true":
session.extend()
return redirect("/homepage")
if session.get("email_verified") != "true":
return redirect("/auth/email_verify")
username = request.form.get("username")
password = request.form.get("password")
email = session.get("email")
from utils.format_checker import (
password_checker,
username_checker
)
username_check = username_checker(username)
password_check = password_checker(password)
if not username_check["status"]:
return {"status": False, "message": username_check["error"]}
if not password_check:
return {"status": False, "message": "Bad password format"}
from utils.MD5_helper import MD5Helper
user_id = User.insert(
email=email,
password=MD5Helper.hash(password)
).execute()
Profile.insert(
username=username,
user=user_id
).execute()
print(f"[REGISTER] Register Success. username: {username}, email: {email}")
session["logged_in"] = "true"
session.extend()
return redirect("/auth/login")
def post(self):
session = Session()
email = session.get("email")
username = request.form.get("username"),
grade = request.form.get("grade"),
contact_info = request.form.get("contact_info"),
avatar = request.file.get("avatar")
file_format = self.profile_service.avatar_format_check(
avatar.file_name)
if not file_format:
return {"status": False, "message": "wrong image format"}
image_content = avatar.read()
avatar_id = self.profile_service.add_avatar(email=email,
content=image_content,
file_format=file_format)
data = {
"username": username,
"grade": grade,
"contact_info": contact_info,
"avatar_id": avatar_id,
}
self.profile_service.update_user_profile(email=email, data=data)
def post_login(self):
session = Session()
if session.get("logged_in") == "true":
session.extend()
return redirect("/homepage")
email = request.form.get("email")
input_password = request.form.get("password")
query = User.select().where(User.email == email)
if query.exists():
stored_password_hash = [ _ for _ in query][0].password
if MD5Helper.evaluate(input_password, stored_password_hash):
session["logged_in"] = "true"
session["email"] = email
session.extend()
logbook.info(f"[LOGIN] Login Succeed: [user_email: {email}]")
print(f"[LOGIN] Login Succeed: [user_email: {email}]")
return redirect("/homepage")
else:
logbook.info("[LOGIN] Login Failed: wrong password.")
return {"status": False, "message": "wrong password"}
else:
logbook.info("[LOGIN] Login Failed: user not found.")
return {"status": False, "message": "Email not found"}
def get(self):
sesson = Session()
if sesson.get("logged-in") == "true":
return redirect("/homepage")
return render_template("index.html")
def inner(*args, **kwargs):
session = Session()
if session.get("logged_in") != "true":
return redirect("/auth/login")
session.extend()
return func(*args, **kwargs)
