def follow():
req_json = request.get_json()
following_user_id = req_json.get("user_id")
my_user_id = g.get("user_id")
my_username = session.get("username")
if not following_user_id:
return jsonify(re_code=400, msg="参数不完整")
try:
user = User.query.get(following_user_id)
except Exception as e:
current_app.logger.error(e)
user = None
if not user:
return jsonify(re_code=400, msg="查询不到当前要关注的用户")
try:
ip_addr = request.remote_addr # 获取用户的ip
operate_detail = "用户id:%r,用户名:%s,关注了id:%r,用户名:%s" % (
my_user_id, my_username, user.id, user.username)
user_operate_log = UserOperateLog(user_id=user.id,
ip=ip_addr,
detail=operate_detail)
try_follow = Follow(follower_id=my_user_id,
followed_id=following_user_id)
db.session.add(user_operate_log)
db.session.add(try_follow)
db.session.commit()
return jsonify(re_code=200, msg="关注用户成功 !")
except Exception as e:
current_app.logger.error(e)
db.session.rollback()
return jsonify(re_code=400, msg="数据库失败,关注用户失败,请稍后重试")
def change_password():
""" 修改密码 """
# 获取参数
req_dict = request.get_json()
username = session.get("username")
password = req_dict.get("password")
new_password = req_dict.get("new_password")
# 校验参数
# 参数完整的校验
if not all([new_password, password, username]):
return jsonify(re_code=400, msg="参数不完整.")
try:
user = User.query.filter_by(username=username).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(re_code=400, msg="获取用户信息失败")
# 用数据库的密码与用户填写的密码进行对比验证
if user is None or user.password != password:
return jsonify(re_code=400, msg="原密码密码错误")
# 修改密码
user.password = new_password
# 添加用户操作日志
ip_addr = request.remote_addr # 获取管理员登录的ip
operate_detail = "用户id:%r 用户名:%s,修改了密码" % (user.id, username)
user_operate_log = UserOperateLog(user_id=user.id,
ip=ip_addr,
detail=operate_detail)
try:
db.session.add(user)
db.session.add(user_operate_log)
db.session.commit()
except:
db.session.rollback()
return jsonify(re_code=400, msg="修改密码失败,请稍后重试!")
return jsonify(re_code=200, msg="修改密码成功!")
def update_user_avatar():
"""
设置用户的头像
参数: 图片(多媒体表单格式)
用户id (g.user_id)
"""
# 装饰器的代码中已经将user_id保存到g对象中,所以视图中可以直接读取
user_id = g.user_id
# 获取图片
image_file = request.files.get("avatar")
ip_addr = request.remote_addr
if image_file is None:
return jsonify(code=400, msg="未上传图片")
try:
path = "ossPath"
file_name = upload.upload_pic(path, image_file)
except Exception as e:
current_app.logger.error(e)
return jsonify(code=400, msg="上传图片失败")
# 保存图片路由到数据库中
try:
User.query.filter_by(id=user_id).update({"avatar": file_name})
detail = "更改了头像"
user_log = UserOperateLog(user_id=user_id, ip=ip_addr, detail=detail)
db.session.add(user_log)
db.session.commit()
except Exception as e:
db.session.rollback()
current_app.logger.error(e)
return jsonify(code=400, msg="保存图片信息失败")
avatar_url = file_name
# 保存成功返回
session["avatar"] = avatar_url
return jsonify(code=200, msg="保存成功", data={"avatar": avatar_url})
def un_follow():
"""
先查询是否已经有关注表
如关注了就删除
:return:
"""
req_json = request.get_json()
following_user_id = req_json.get("user_id")
my_user_id = g.get("user_id")
my_username = session.get("username")
if not following_user_id:
return jsonify(re_code=400, msg="参数不完整")
find_follow = Follow.query.filter_by(
follower_id=my_user_id, followed_id=following_user_id).first()
if not find_follow:
return jsonify(re_code=400, msg="还未关注对方!")
following_user = User.query.get(following_user_id)
if not following_user:
return jsonify(re_code=400, msg="查询不到当前用户")
try:
ip_addr = request.remote_addr # 获取用户的ip
operate_detail = "用户id:%r,用户名:%s,取消关注了id:%r,用户名:%s" % (
my_user_id, my_username, following_user.id,
following_user.username)
user_operate_log = UserOperateLog(user_id=my_user_id,
ip=ip_addr,
detail=operate_detail)
db.session.add(user_operate_log)
db.session.delete(find_follow)
db.session.commit()
return jsonify(re_code=200, msg="取消关注用户成功!")
except Exception as e:
current_app.logger.error(e)
db.session.rollback()
return jsonify(re_code=400, msg="数据库失败,取消关注用户失败,请稍后重试")
def update_username():
"""
设置用户的用户名
参数:
username 要更改的用户名
用户id (g.user_id)
"""
# 装饰器的代码中已经将user_id保存到g对象中,所以视图中可以直接读取
user_id = g.user_id
req_json = request.get_json()
ip_addr = request.remote_addr
username = req_json.get("username")
if username is None:
return jsonify(code=400, msg="用户名不可为空")
# 查询数据库是否有这个用户
find_user = User.query.filter_by(username=username).first()
if find_user is not None:
return jsonify(code=400, msg="用户名已被占用,无法执行本次修改")
# 更新用户名到数据库中
try:
User.query.filter_by(id=user_id).update({"username": username})
detail = "更改了用户名: %s" % username
user_log = UserOperateLog(user_id=user_id, ip=ip_addr, detail=detail)
db.session.add(user_log)
db.session.commit()
except Exception as e:
db.session.rollback()
current_app.logger.error(e)
return jsonify(code=400, msg="更改用户名失败")
# 保存成功返回
session["username"] = username
return jsonify(code=200, msg="保存成功", data={"username": username})
def find_password():
"""
发送手机号验证码
验证成功之后就能填写个新密码
:return:
"""
req_dict = request.get_json()
phone = req_dict.get("phone")
password = req_dict.get("password")
password2 = req_dict.get("password2")
sms_code = req_dict.get("sms_code")
phone = str(phone)
sms_code = str(sms_code)
# 校验参数
if not all([phone, password, password2, sms_code]):
return jsonify(code=400, msg="参数不完整")
if password != password2:
return jsonify(code=400, msg="两次密码不一致")
# 从redis中取出短信验证码
try:
real_sms_code = redis_store.get("sms_code_%s" % phone)
except Exception as e:
current_app.logger.error(e)
return jsonify(code=4001, msg="读取真实短信验证码异常")
# 判断短信验证码是否过期
if real_sms_code is None:
return jsonify(code=4002, msg="短信验证码失效")
# 删除redis中的短信验证码,防止重复使用校验
try:
redis_store.delete("sms_code_%s" % phone)
except Exception as e:
current_app.logger.error(e)
# 判断用户填写短信验证码的正确性
if real_sms_code != sms_code:
return jsonify(code=4003, msg="短信验证码错误")
# 判断用户是否存在
try:
user = User.query.filter_by(phone=phone).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=400, msg="数据库异常")
else:
if user is None or not user.is_normal():
# 不存在用户
return jsonify(code=400, msg="用户不存在或账号异常,请注册")
# 更改用户的密码到数据库中
user.password = password
try:
# 添加用户操作日志
ip_addr = request.remote_addr # 获取管理员登录的ip
operate_detail = "找回了密码"
user_operate_log = UserOperateLog(user_id=user.id,
ip=ip_addr,
detail=operate_detail)
db.session.add(user)
db.session.add(user_operate_log)
db.session.commit()
except Exception as e:
db.session.rollback()
current_app.logger.error(e)
return jsonify(code=400, msg="查询数据库异常")
# 返回结果
return jsonify(code=200, msg="找回密码成功!")