def post(self):
username = self.validated_arguments['username']
verify_code = self.validated_arguments['verify_code']
new_password = self.validated_arguments['new_password']
if is_mobile(username):
if not self.verify_mobile(username, verify_code):
raise ApiException(400, "验证码错误,请重新输入")
user = User.get_or_none(mobile=username)
if not user:
raise ApiException(400, "手机号还没有注册")
User.update(password=User.create_password(new_password)).where(
User.id == user.id).execute()
elif username.find("@") > 0:
user = User.get_or_none(email=username)
if not user:
raise ApiException(400, "邮箱还没有注册")
User.update(password=User.create_password(new_password)).where(
User.id == user.id).execute()
else:
raise ApiException(400, "用户名格式有误,请填写手机号或电子邮箱")
self.write_success()
def post(self):
username = self.validated_arguments['username'].lower()
password = self.validated_arguments['password']
if len(username) == 0 or len(password) == 0:
raise ApiException(400, "用户名和密码不能为空")
fail_times_key = "yiyun:user:%s:login_fail_times" % username
if intval(self.redis.get(fail_times_key)) >= 5:
raise ApiException(403, "密码错误次数太多,请休息10分钟再试")
if is_mobile(username):
user = User.get_or_none(mobile=username)
elif username.find('@') > 0:
user = User.get_or_none(email=username)
else:
raise ApiException(400, "用户名格式不正确,请填写手机号或电子邮箱")
if not password or not user \
or not User.check_password(user.password, password):
fail_times = intval(self.redis.incr(fail_times_key))
if fail_times == 1:
self.redis.expire(fail_times_key, 600)
raise ApiException(403, "密码有误,如果没有设置密码请使用手机号找回密码")
# 重试次数归零
self.redis.delete(fail_times_key)
if not user.is_active():
raise ApiException(403, "你的账户不可用,无法登录")
update = {"last_login": datetime.now()}
if self.device_id > 0:
update["last_device_id"] = self.device_id
User.update(**update).where(User.id == user.id).execute()
if user and self.device_id:
Device.update(owner_id=user.id).where(
Device.id == self.device_id).execute()
self.write(self.create_session(user))
def __init__(self, *args, **kwargs):
super(CreateActivityFrom, self).__init__(*args, **kwargs)
obj = kwargs.get("obj", None)
team = kwargs.get("team", None)
if not isinstance(team, Team):
raise AssertionError("must a team")
if obj and obj.province:
province = obj.province
else:
province = self.province.choices[0][0]
if province:
self.city.choices = ChinaCity.get_cities(province)
leaders = team.get_members(role="leader")
leaders.insert(0, User.get_or_none(id=team.owner_id))
if leaders:
self.leader.choices = [(str(user.id), user.name or user.mobile)
for user in leaders]
groups = team.groups
if groups:
self.allow_groups.choices = [(str(group.id), group.name)
for group in groups]
def validate_email_existed(form):
user = User.get_or_none(email=form.new_email.data)
if user:
form.new_email.errors.append('邮箱已存在')
return False
else:
return True
def post(self):
form = LoginVerifyCodeForm(self.arguments)
fail = False
if form.validate() and self.validate_verify_code(form):
user = User.get_or_none(mobile=self.get_argument("mobile"))
if user:
remember_me = self.get_argument("remember", "off")
if remember_me == "on":
expires_days = 30
else:
expires_days = None
self.login(user, expires_days)
team = Team.get_or_none(owner_id=user.id)
if team is None:
self.redirect(self.reverse_url("club_create"))
return
if team.state == 0:
self.redirect(self.reverse_url("club_wait_approve"))
return
if self.next_url:
self.redirect(self.next_url)
else:
self.redirect(self.reverse_url("club_home"))
return
fail = True
self.render("login-by-sms.html", form=form, fail=fail)
def post(self):
email = self.validated_arguments['email']
if email.find("@") <= 0:
raise ApiException(400, "电子邮箱格式有误")
user = User.get_or_none(email=email)
if not user:
raise ApiException(404, "你还没有注册或用户名有误")
verify_code = self.redis.get("yiyun:email:verify_code:%s" % email)
if not verify_code:
verify_code = random.randint(1000, 9999)
# 验证码两小时内有效
self.redis.set("yiyun:email:verify_code:%s" % email, verify_code)
self.redis.expire("yiyun:email:verify_code:%s" % email, 3600 * 24)
# 发送验证邮件
tasks.user.send_forgot_email.delay(user.name or email, email,
verify_code)
self.write_success()
def post(self):
mobile = self.validated_arguments['mobile']
verify_code = self.validated_arguments['verify_code']
if not self.verify_mobile(mobile, verify_code):
raise ApiException(400, "验证码错误,请重新输入")
user = User.get_or_none(mobile=mobile)
if not user:
with self.db.transaction() as txn:
user = User.create(
mobile=mobile,
mobile_verifyed=True,
reg_device_id=self.device_id,
last_device_id=self.device_id,
last_login=datetime.now(),
)
else:
update = {"last_login": datetime.now()}
if self.device_id > 0:
update["last_device_id"] = self.device_id
User.update(**update).where(User.id == user.id).execute()
if user and self.device_id:
User.update_device(user.id, self.device_id)
self.write(self.create_session(user))
def have_user(cls, name: str) -> User:
"""
检查用户是否存在,如果存在返回用户实例,否则返回None
Args:
name: email or mobile
"""
if is_mobile(name):
data = {"mobile": name}
elif is_email(name):
data = {"email": name}
else:
return None
return User.get_or_none(**data)
def get_current_user(self):
user = self.get_secure_cookie("club_session")
if not user:
return None
try:
userinfo = json.loads(user.decode("utf-8"))
if userinfo and userinfo.get("id", None):
user = User.get_or_none(id=userinfo['id'])
if user is not None:
return user
except:
return None
def owner(self):
return User.get_or_none(id=self.owner_id)
