def POST(self):
d = {k: v.strip() for k, v in self.req.input().iteritems()}
if d.get('mobile'):
checkcode = d.get('mobile', '')
if not re.match(MOBILE_PATTERN, checkcode):
raise ParamError('手机号码不合法')
elif d.get('email'):
checkcode = d.get('email', '')
if not re.match(EMAIL_PATTERN, checkcode):
raise ParamError('邮箱不合法')
else:
raise ParamError('参数错误')
code = d.get('code', '')
if not code:
raise ParamError('验证码为空')
# 验证验证码
if check_smscode(code, checkcode):
return self.write(success({}))
raise ParamError('验证码错误')
def POST(self):
params = {k: str(v).strip() for k, v in self.req.input().iteritems()}
passwd = params.get("password", '')
code = params.get("code", '')
if not passwd:
raise ParamError("缺少password参数")
userid = self.user.userid
uinfo = get_userinfo(userid)
mobile = uinfo.get("mobile")
if code and not check_smscode(code, mobile, 1):
raise ParamError('验证码错误')
with get_connection("qf_core") as conn:
row = conn.select_one("extra_mchinfo",
where={"userid": userid},
fields="count(1) as count")
now = time.strftime(DATETIME_FMT)
values = {
"userid": userid,
"manage_password": enc_password(passwd),
"ctime": now
}
try:
if row['count']:
del values['userid'], values['ctime']
conn.update("extra_mchinfo",
values=values,
where={"userid": userid})
else:
conn.insert("extra_mchinfo", values=values)
return self.write(success(data={}))
except:
raise DBError("数据更新失败")
def POST(self):
params = self.req.input()
userid = int(self.user.userid)
new_username = params.get('new_username', '').strip()
if not new_username:
raise ParamError('新账号不能为空')
# 验证grant_code
grant_code = params.get('grant_code') or ''
self.check_grant_code(userid, grant_code)
# 验证verify_code
verify_code = params.get('verify_code') or ''
if not check_smscode(verify_code, new_username, mode=1):
raise ParamError('验证信息错误')
# 验证新账号是否被占用
with get_connection_exception('qf_core') as db:
new_user = db.select_one('auth_user',
where={'username': new_username})
if new_user:
raise ParamError('新账号已经被占用')
# apollo接口修改username
try:
apcli_ex('changeUsername', userid, new_username)
except ApolloException as e:
raise ThirdError(e.respmsg)
# 将现有设备踢下线
kick_user(userid, mode='all')
return success({})
def username_mchnt(self):
'''商户预注册'''
d = {k: v.strip() for k, v in self.req.input().iteritems()}
self.req.inputjson()['password'] = '******'
# 验证用户名
username = d.get('username', '')
if not username:
raise ParamError('用户名为空')
# 验证验证码
code = d.get('code', '')
if not check_smscode(code, username):
raise ParamError('验证码错误')
# 验证是否注册
if UserUtil.check_profile(**{'auth_user.username': username}):
raise ParamError('商户已经注册')
# 获取userid
user = None
with get_connection('qf_core') as db:
user = db.select_one('auth_user',
where={'mobile': username},
fields='id, password')
log.debug(user)
if user:
if (user['password'] and not check_password(
d.get('password', ''), user['password'])):
raise SessionError('该账号已经设置密码')
return d['username'], user['id']
return d['username'], None
def get_userprofile(self):
params = self.req.input()
sls_user = None
if not re_mobile.match(params.get('username', '')):
raise ParamError('请用手机号注册')
user = check_user(params['username'])
if user['is_signup']:
raise ParamError('该用户已经注册,请更换手机号')
if not 6 <= len(params.get('password', '')) <= 20:
raise ParamError('密码需在6-20位')
shopname = remove_emoji(params.get('shopname', ''))
if not shopname:
raise ParamError('店名不能为空')
if 'saleman_mobile' in params:
saleman_mobile = params.get('saleman_mobile', '')
if not saleman_mobile:
raise ParamError('推荐人手机号不能为空')
else:
sls_user = apcli.user_by_mobile(saleman_mobile)
else:
# 签约宝登录信息
if self.check_login():
sls_user = apcli.user_by_id(self.user.userid)
usercates = {i['code'] for i in sls_user.get('userCates', [])}
if 'saleman' in usercates:
saleman_mobile = sls_user.get('mobile', '')
if not saleman_mobile:
raise ParamError('推荐人手机号不能为空')
if not sls_user:
raise ParamError('推荐人身份错误')
sls_usercates = {i['code'] for i in sls_user.get('userCates', [])}
if 'saleman' not in sls_usercates:
raise ParamError('推荐人手机号码错误')
groupid = sls_user['groupid']
self._sls_user = sls_user
# 调解接口商户不验证验证码
if (not ('code' not in params and self.check_ip())
and not check_smscode(params.get('code', ''),
params['username'], 1)):
raise ParamError('验证码错误')
p = {}
p['mobile'] = params['username']
p['password'] = params['password']
p['shopname'] = shopname
p['groupid'] = groupid
p['userCates'] = [UserCate(code='bigmerchant', name='大商户')]
return UserProfile(user=User(**p))
def check_mchnt(self, data):
''' 注册成为商户
来源分为: 商户平台(bigmchnt), 签约宝(salesman), 商户app(mchnt)
1. 都需要验证验证码
2. 只允许指定来源的的商户成为业务员
'''
# 验证验证码
code = data.get('code')
if not code:
raise ParamError('验证码不能为空')
if not check_smscode(code, data['username'], 1):
raise ParamError('验证码错误')
# 注册来源
src = self.get_src()
# 业务员手机号
check_sls_user = False
saleman_mobile = data.get('saleman_mobile')
if saleman_mobile:
sls_user = apcli.user_by_mobile(saleman_mobile) or {}
check_sls_user = True
# 签约宝登录信息
elif self.check_login():
sls_user = apcli.user_by_id(self.user.userid)
check_sls_user = True
self._qd_login = True
if src == 'salesman':
self._data['src'] = '签约宝'
if not check_sls_user: return
# 推荐人信息
sls_usercates = {i['code'] for i in sls_user.get('userCates', [])}
if not ({'saleman', 'qudao'} & sls_usercates):
raise ValueError('推荐人手机号码错误')
self._data['groupid'] = sls_user['groupid']
if 'qudao' in sls_usercates:
allow_sm_signup_src = getattr(config, 'ALLOW_SM_SIGNUP_SRC',
['mchnt', 'salesman'])
if src in allow_sm_signup_src:
self._data['cate'] = 'saleman'
self._data['src'] = self._data['src'] + '-业务员注册'
self._data['saleman_uid'] = sls_user['uid']
elif 'saleman' in sls_usercates:
self._data['saleman_uid'] = sls_user['uid']
self._data['cate'] = 'mchnt'
def check_grant_code(self, userid, code):
# 通过什么方式验证
mode = self.req.input().get('mode', 'mobile')
if mode == 'mobile':
user = apcli_ex('findUserBriefById', userid)
if not user:
raise ParamError('商户不存在')
if not check_smscode(code, user.username, mode=1):
raise ParamError('验证信息错误')
else:
user = apcli_ex('findUserByid', userid)
if not user:
raise ParamError('商户不存在')
if (user.idnumber or '').upper() != code.upper():
raise ParamError('身份证验证失败')
def POST(self):
self.req.inputjson()['password'] = '******'
data = self.validator.data
change_user = data['username'] or data['mobile']
# 重置密码
if data['mode'] == 'reset':
if not data['code']:
raise ParamError('验证码不能为空')
if not change_user:
raise ParamError('修改账号不能为空')
# 验证验证码
if not check_smscode(data['code'], change_user, 1):
raise ParamError('验证码错误')
userid = self.get_userid(change_user)
# 修改密码
else:
if self.check_login():
if data['src'] == 'big-submchnt':
userid = self.get_userid(change_user)
self.check_link(int(self.user.userid), userid)
else:
userid = int(self.user.userid)
else:
raise SessionError('商户未登录')
# 调用apollo修改密码
apcli('changePwd', userid, data['password'])
# 剔除所有正在登陆的商户
kick_user(userid, mode='not_opuser')
# 将商户从名单剔除
self.kick_sign_tag(userid)
return self.write(success({}))