def __init__(self, login_name, mobile, login_pwd, inst_id, referral_code,
nickname):
self.login_name = login_name # or utils.genereate_random_string(20, 20)
self.mobile = mobile
self.nickname = nickname
self.salt = utils.genereate_random_string(8, 32)
self.login_pwd = utils.encrypt_password(
utils.decrypt_password(login_pwd), self.salt)
self.inst_id = inst_id
self.referral_code = referral_code
self.try_login_times = 0
def change_pwd():
form = ChangePwdForm()
if form.validate_on_submit():
# 验证码
session['vcode:count'] += 1
if session['vcode:count'] >= 5 or form.captcha.data != session['vcode']:
return jsonify(errors.error_handler(errors.ERROR_INVALID_VCODE))
# 用户
user = Userinfo.query.with_for_update().get(
flask_login.current_user.userid)
if user is None:
return jsonify(errors.error_handler(errors.ERROR_INVALID_SESSION))
#ciphertext = hashlib.md5(utils.tobytes(user.login_pwd + form.captcha.data)).hexdigest()
#logger.info(ciphertext)
#if ciphertext != form.login_pwd.data:
# logger.info(form.login_name.data + '原密码错误')
# return jsonify(errors.error_handler(errors.ERROR_USER_AUTH))
ciphertext = utils.encrypt_password(
utils.decrypt_password(form.login_pwd.data), user.salt)
logger.info(ciphertext)
if ciphertext != user.login_pwd:
logger.info(user.login_name + '原密码错误')
return jsonify(errors.error_handler(errors.ERROR_PASSWORD))
user.login_pwd = utils.encrypt_password(
utils.decrypt_password(form.new_login_pwd.data), user.salt)
db.session.commit()
return jsonify({'errcode': 0})
else:
for field in form:
if field.errors:
logger.info(field)
logger.info(field.errors)
for error in field.errors:
logger.info(error)
return jsonify(errors.error_handler(errors.ERROR_INVALID_FORM_DATA))
def login(self, username, password):
'''
login via user name
'''
en_password = encrypt_password(password)
user = self.db().find_one({
User.USER_NAME: username,
User.PASSWORD: en_password
})
if user is None:
return
user[User.ID] = str(user[User.ID])
return user
def register(self, user):
'''
register a new user
'''
if self.db().find_one({User.USER_NAME: user[User.USER_NAME]}) is None:
user[User.PASSWORD] = encrypt_password(user[User.PASSWORD])
if 'role' not in user:
user[User.ROLE] = 'member'
if 'interest' not in user:
user[User.INTEREST] = []
user_id = self.db().save(user)
user[User.ID] = str(user_id)
return user
else:
return
def login():
form = LoginForm()
if form.validate_on_submit():
session['vcode:count'] += 1
if session['vcode:count'] >= 5 or form.captcha.data != session['vcode']:
return jsonify(errors.error_handler(errors.ERROR_INVALID_VCODE))
user = Userinfo.query.with_for_update().filter_by(
login_name=form.login_name.data).first()
if user is None:
user = Userinfo.query.with_for_update().filter_by(
mobile=form.login_name.data).first()
if user is None:
logger.info(form.login_name.data + '用户不存在')
return jsonify(errors.error_handler(errors.ERROR_USER_AUTH))
#if len(user.login_pwd) == 32:
# ciphertext = hashlib.md5(utils.tobytes(user.login_pwd + form.captcha.data)).hexdigest()
# logger.info(ciphertext)
# if ciphertext != form.login_pwd.data:
# logger.info(form.login_name.data + '登录密码错误')
# return jsonify(errors.error_handler(errors.ERROR_USER_AUTH))
#else:
ciphertext = utils.encrypt_password(
utils.decrypt_password(form.login_pwd.data), user.salt)
logger.info(ciphertext)
if ciphertext != user.login_pwd:
logger.info(form.login_name.data + '登录密码错误')
return jsonify(errors.error_handler(errors.ERROR_USER_AUTH))
user.try_login_times = user.try_login_times + 1
db.session.flush()
db.session.commit()
# 存储会话
flask_login.login_user(user)
return jsonify({'errcode': 0, 'data': {'userid': user.userid}})
else:
for field in form:
if field.errors:
logger.info(field)
for error in field.errors:
logger.info(error)
return jsonify(errors.error_handler(errors.ERROR_INVALID_FORM_DATA))
def change_password(self, ctx, step, request_data, response_data):
if not self.test_value(ctx, step["test"]):
return 0
params = step["param_list"].split(",")
params_len = len(params)
userid = request_data.get("userid")
login_pwd = request_data.get("login_pwd")
if login_pwd:
salt = utils.genereate_random_string(8, 32)
ciphertext = utils.encrypt_password(login_pwd, salt)
ctx.conn.execute(
"update userinfo set login_pwd=:login_pwd, salt=:salt where userid=:userid",
[ciphertext, salt, userid])
return 0
from app.validator import User
from app.utils import encrypt_password
from app.service import UserService
if __name__ == "__main__":
__user_service = UserService()
user = {}
user[User.FIRST_NAME] = 'kumar'
user[User.LAST_NAME] = 'mrigendra'
user[User.USER_NAME] = 'kumar'
user[User.PASSWORD] = encrypt_password("1234")
user[User.INTEREST] = ["Internet", "Science", "Music", "Logic"]
__user_service.db().save(user)
print "User created successfully"
def test_encrypt_password(self):
password = '******'
self.assertNotEqual(encrypt_password(password), password)
def test_verify_password(self):
password = '******'
encrypted_password = encrypt_password(password)
self.assertTrue(verify_password(password, encrypted_password))
