def post(self):
username = self.validated_arguments['username']
verify_code = self.validated_arguments['verify_code']
new_password = self.validated_arguments['new_password']
if is_mobile(username):
if not self.verify_mobile(username, verify_code):
raise ApiException(400, "验证码错误,请重新输入")
user = User.get_or_none(mobile=username)
if not user:
raise ApiException(400, "手机号还没有注册")
User.update(password=User.create_password(new_password)).where(
User.id == user.id).execute()
elif username.find("@") > 0:
user = User.get_or_none(email=username)
if not user:
raise ApiException(400, "邮箱还没有注册")
User.update(password=User.create_password(new_password)).where(
User.id == user.id).execute()
else:
raise ApiException(400, "用户名格式有误,请填写手机号或电子邮箱")
self.write_success()
def test_refresh_token(self):
self.auth_user = User.create(name='test3',
mobile="13838003803",
password=User.create_password("123456"))
url = "api/2/auth/refresh_token"
response = self.fetch(url)
self.assertEqual(200, response.code, response.body.decode())
result = json.loads(response.body.decode())
self.assertIn("session", result, result)
self.assertIn("current_user", result, result)
def post(self):
form = MobileResetPasswordForm(self.arguments)
if form.validate() and self.validate_verify_code(form):
User.update(password=User.create_password(
self.get_argument("password"))).where(
User.mobile == self.get_argument("mobile")).execute()
self.flash("重置密码成功,请使用新密码登录")
self.redirect(self.reverse_url("club_auth_login"))
self.render("password/mobile_reset_password.html", form=form)
def test_login(self):
user = User.create(name='test2',
mobile="13838003802",
password=User.create_password("123456"))
url = "api/2/auth/login"
body = {"username": "******", "password": "******"}
response = self.fetch(url, method="POST", body=json.dumps(body))
self.assertEqual(200, response.code, response.body.decode())
result = json.loads(response.body.decode())
self.assertIn("session", result, result)
self.assertIn("current_user", result, result)
def post(self):
form = RegisterForm(self.arguments)
if form.validate() and self.verify_register_form_data(form):
user = User()
form.populate_obj(user)
user.password = User.create_password(user.password)
user.save()
self.login(user)
self.redirect(self.reverse_url("club_create"))
else:
self.render("register.html", form=form)
def post(self):
form = ChangePasswordForm(self.arguments)
if form.validate() and self.validate_password(form):
User.update(
password=User.create_password(self.get_argument("newPassword"))
).where(
User.id == self.current_user.id
).execute()
self.flash("修改密码成功!", category='success')
self.redirect(self.reverse_url("club_account_change_password"))
return
self.render("account/change_password.html", form=form)
def test_reset_password(self):
user = User.create(name='test4',
mobile="13838003804",
password=User.create_password("123456"))
new_password = "******"
url = "api/2/auth/reset_password"
body = {
"username": "******",
"verify_code": "8888",
"new_password": new_password
}
response = self.fetch(url, method="POST", body=json.dumps(body))
self.assertEqual(200, response.code, response.body.decode())
user = User.get(id=user.id)
result = User.check_password(user.password, new_password)
self.assertEqual(True, result, result)
def post(self):
form = EmailResetPasswordForm(self.arguments)
messages = self.get_flashed_messages()
if form.validate():
user = self.have_user(form.email.data)
key = self.get_reset_password_mail_cache_key(form.email.data)
verify_code = self.redis.get(key)
if not user:
messages = [('danger', '邮箱未注册')]
elif not verify_code or verify_code != form.verify_code.data:
messages = [('danger', '重置密码邮箱验证失败,请重新验证')]
else:
user.password = User.create_password(form.new_password.data)
user.save()
self.redis.delete(key)
messages = [('info', '密码修改成功')]
return self.redirect(self.reverse_url('club_auth_login'))
self.render("password/reset_password.html",
form=form,
messages=messages)
