def user_register():
"""
Register an user
"""
if 'user' in session:
return redirect('/dashboard/')
form = RegisterUserForm(csrf_enabled=False)
if form.validate_on_submit():
name = form.name.data
email = form.email.data
password = form.password.data
user = User()
result = user.find_one({'email': email})
if result is None:
data = {
'name': name,
'email': email,
'password': bcrypt.hashpw(password, bcrypt.gensalt()),
'is_active':True
}
id = user.insert(data)
return auth.login(id=id, active=data['is_active'])
else:
flash('El correo esta registrado, prueba con otro', 'error')
return render_template('users/register.html', form=form)
def post(self, request, *args, **kwargs):
print "post received"
data = request.DATA
print "data received"
try:
print "trying to get data"
fb_id = data['fb_id']
oauth = data['oauth']
email = data['email']
except KeyError:
error = {'error': "Invalid request"}
return Response(error,
status=status.HTTP_400_BAD_REQUEST)
print "trying to get User"
try:
user = User(fb_id=fb_id, email=email)
user.save()
except Exception:
content = {'content': 'account already exists'}
return Response(content, status=status.HTTP_200_OK)
print("starting redis queue")
django_rq.enqueue(run_queue, fb_id, oauth, email, user)
print("redis queue started")
return Response(status=status.HTTP_201_CREATED)
def decorated_view(*args, **kwargs):
user = User.query(User.username == g.user).get()
if not user:
return redirect(url_for('login', next=request.url))
elif not user.is_admin_user():
return redirect(url_for('login', next=request.url))
return f(*args, **kwargs)
def post(self, uk):
user_data = self.get_data()
user_data['deviceid'] = "test-test-test"
user = User()
user.from_dict(user_data)
user.generate_secret()
user.generate_avatar_path()
if user.save():
self.set_status(201)
self.set_header('Location', user.get_link())
else:
raise HTTPError(500, 'Save avatar user info error.')
self.finish()
def createuser():
'''Creates a new user for the website.'''
name = prompt('Username')
raw_pwd = prompt_pass('Password')
confirm_pwd = prompt_pass('Confirm Password')
user = User()
data = MultiDict(dict(name=name, raw_pwd=raw_pwd, confirm_pwd=confirm_pwd))
form = SignupForm(data, obj=user, csrf_enabled=False)
if form.validate():
form.populate_obj(user)
user.save()
print('User was successfully created.')
else:
for field, errors in form.errors.iteritems():
field_text = getattr(form, field).label.text
for error in errors:
print('[Error] {0}: {1}'.format(field_text, error))
def user_join():
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
name = request.form['name']
user = User(email=email,
password=generate_password_hash(password),
name=name)
db.session.add(user)
db.session.commit()
def login():
app = current_app._get_current_object()
form = LoginForm()
if form.validate_on_submit():
if form.name.data == app.config[
'ADMIN_USER'] and form.password.data == app.config['ADMIN_PWD']:
login_user(User(app.config['ADMIN_USER']))
return redirect(request.args.get('next') or url_for('home.index'))
else:
flash(u'无效的用户名或密码')
return render_template('login.html', form=form)
def createSuperUser():
from apps.models import User, Role
from apps.forms import checkEmail, checkUsername, checkPassword
# 从数据库绑定admin id
role_admin = Role.select(Role.id).where(Role.name == "admin").get().id
if not role_admin:
return ("必须先在Role表中创建管理员角色")
email = click.prompt("请输入邮箱")
checkEmail(email)
name = click.prompt("请输入用户名")
checkUsername(name)
password = click.prompt("请输入密码", hide_input=True, confirmation_prompt=True)
checkPassword(password)
password = User.generalPassword(password)
User.create(email=email,
name=name,
password=password,
sex=User.sex.choices.unknown,
role_id=role_admin,
signature="I am super admin")
print("成功创建超级管理员账户;%s" % name)
def matkul_update(matkul_id):
matkul = MataKuliah.get(MataKuliah.id == matkul_id)
form = MataKuliahForm(request.form, obj=matkul)
form.dosen.choices = get_dosen()
form.action = url_for('admin:matkul:update', matkul_id=matkul.id)
if form.validate_on_submit():
form.populate_obj(matkul)
matkul.dosen = User.get(User.id == form.dosen.data)
matkul.save()
flash('Sukses memperbarui mata kuliah')
return redirect(url_for('admin:matkul:list'))
return render_template('admin/matkul/update.html', form=form)
def matkul_create():
form = MataKuliahForm(request.form)
form.dosen.choices = get_dosen()
form.action = url_for('admin:matkul:create')
if form.validate_on_submit():
matkul = MataKuliah()
form.populate_obj(matkul)
matkul.dosen = User.get(User.id == form.dosen.data)
matkul.save()
flash('Sukses menambah mata kuliah')
return redirect(url_for('admin:matkul:list'))
return render_template('admin/matkul/create.html', form=form)
def register():
form = RegisterForm(csrf_enabled=False)
if request.method == 'POST' and form.validate_on_submit():
info = User.create_user(form)
if info == 'OK':
flash(u'您注册成功!')
return redirect(url_for('main.login'))
elif info == 'REPRAT':
flash(u'您注册的用户名已经存在!')
elif info == 'FAIL':
flash(u'您注册失败!')
return render_template('register.html', form=form, title=u'欢迎注册')
def user_delete(user_id):
if g.user and g.user.level.name == 'admin':
try:
user = User.get(User.id == user_id)
except User.DoesNotExist:
flash('Tidak bisa menghapus user', 'error')
return redirect(url_for('admin:user:list'))
if user:
user.delete_instance(True)
return redirect(url_for('admin:user:list'))
else:
return redirect(url_for('login'))
def setUpClass(cls):
# start Firefox
try:
cls.client = webdriver.Firefox()
except:
pass
# skip these tests if the browser could not be started
if cls.client:
# create the application
cls.app = create_app('testing')
cls.app_context = cls.app.app_context()
cls.app_context.push()
# suppress logging to keep unittest output clean
import logging
logger = logging.getLogger('werkzeug')
logger.setLevel("ERROR")
# create the database and populate with some fake data
db.create_all()
Role.insert_roles()
User.generate_fake(10)
Post.generate_fake(10)
# add an administrator user
admin_role = Role.query.filter_by(permissions=0xff).first()
admin = User(email='*****@*****.**',
username='******',
password='******',
role=admin_role,
confirmed=True)
db.session.add(admin)
db.session.commit()
# start the Flask server in a thread
threading.Thread(target=cls.app.run).start()
# give the server a second to ensure it is up
time.sleep(1)
def create_user():
"""User registration in the system."""
try:
data = request.json
first_name = request.json['first_name']
last_name = request.json['last_name']
email = request.json['email']
password = request.json['password']
user_info = User.query.filter_by(email=email).first()
print(user_info)
if user_info:
message = "User already exits"
code = 400
else:
password = generate_password_hash(password)
user = User()
user.first_name = first_name
user.last_name = last_name
user.email = email
user.password = password
db.session.add(user)
db.session.commit()
message = "User create successfully"
code = 200
except Exception as error:
return jsonify({'message': str(error)}), 400
return jsonify({'message': message}), code
def register():
if session.get('username'):
return redirect(url_for('index'))
form = RegistrationForm()
if form.validate_on_submit():
user_id = User.objects.count()
user_id += 1
email = form.email.data
password = form.password.data
first_name = form.first_name.data
last_name = form.last_name.data
user = User(user_id=user_id,
email=email,
first_name=first_name,
last_name=last_name)
user.set_password(password)
user.save()
flash("You are successfully registered", "success")
return redirect(url_for('index'))
return render_template("register.html",
title="Register",
form=form,
register=True)
def user_join():
form = joinForm()
if request.method == 'POST':
if form.validate_on_submit():
user = User(user_nick=form.user_nick.data,
password=generate_password_hash(form.password.data),
email=form.email.data)
db.session.add(user) #user에 add SQL문
db.session.commit() #user datatabase에 올림
flash(u'시너지 회원이 된 것을 축하드립니다.', 'success')
return redirect(url_for('show_home'))
return render_template('User/join.html', form=form)
def user_join():
form = JoinForm()
if form.validate_on_submit():
user = User(
email = form.email.data,
password = generate_password_hash(form.password.data),
name = form.name.data,
birthday = form.birthday.data
)
year=datetime.date.today().strftime("%Y")
user.age = int(year)-int(user.birthday.year) +1
db.session.add(user)
db.session.commit()
session.permanent = True
session['user_email'] = user.email
session['user_name'] = user.name
return redirect(url_for('index'))
else:
return render_template("login.html", form = form, joinModalOn='True')
def register():
form = RegisterFrom()
if form.validate_on_submit():
u = User(
username=form.username.data,
password=form.password.data,
email=form.email.data,
)
db.session.add(u)
db.session.commit()
# 生产一个加密字符串,保存该用户注册成功后的信息
token = u.generate_token()
# 发送一封邮箱
send_mail(u.email,
subject='账户激活',
template='email/activate',
username=u.username,
token=token)
# print(u.email)
return redirect(url_for('users.login'))
return render_template('users/register.html', form=form)
def verify_password(email_or_token, password):
if email_or_token == '':
return False
if password == '':
g.current_user = User.verify_auth_token(email_or_token)
g.token_used = True
return g.current_user is not None
user = User.query.filter_by(email=email_or_token).first()
if not user:
return False
g.current_user = user
g.token_used = False
return user.verify_password(password)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user is not None:
flag = User.verity_password(form.password.data, user.password_hash)
if flag:
login_user(user, form.remember_me.data)
return redirect(
request.args.get('next') or url_for("admin.index"))
flash('无效的用户名或者密码')
return render_template("login.html", form=form)
def test_invalid_confirmation_token(self):
u1 = User(password='******')
u2 = User(password='******')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_confirmation_token()
self.assertFalse(u2.confirm(token))
def put(self):
"""
修改账户密码
:return:
"""
data = request.json
account = data.get('account')
old_password = data.get('oldPassword')
new_password = data.get('newPassword')
sure_password = data.get('surePassword')
_data = User.query.filter(User.account == account).first()
if not _data:
return jsonify({"code": 400, "msg": "账户不存在"})
if not User.hash_password(old_password):
return jsonify({'msg': '旧密码错误', 'code': 400})
if not new_password:
return jsonify({'msg': '新密码不能为空', 'code': 400})
if new_password != sure_password:
return jsonify({'msg': '新密码和确认密码不一致', 'code': 400})
User.password_hash = User.hash_password(new_password)
db.session.add()
db.session.commit()
return jsonify({'msg': '密码修改成功', 'code': 200})
def login():
"""
:params: str :user_name
:params: str :password
:return:
"""
input_json = request.json
res = Response()
try:
if input_json and input_json['user_name']:
user = User.filter(User.user_name == input_json['user_name']).first()
if not user:
res.Code = 400
res.Message = 'username password do not match'
return jsonify(res.object_to_dict())
password = input_json['password']
if isinstance(password, str):
password = bytes(password, 'utf-8')
user_password = bytes(user.password, 'utf-8')
if len(user.password) < 16:
# 检查是不是 bcrypt 保存的密码 考虑到可能会直接操作数据库进行user信息的写入
user.password = bcrypt.hashpw(user_password, bcrypt.gensalt())
is_valid = bcrypt.checkpw(password, user.password)
else:
is_valid = bcrypt.checkpw(password, user_password)
if not is_valid:
logging.info('%s %s login failed', user.user_name, user.id)
res.Code = 400
res.Message = 'username password do not match'
return jsonify(res.object_to_dict())
logging.info('%s %s login successed', user.user_name, user.id)
user.last_login_at = datetime.now()
user.save()
res.Code = 200
res.Message = "login success"
res.Result = {
'jwt': encode_auth_token(user.id, user.account_id)
}
else:
res.Code = 400
res.Message = "no user name"
return jsonify(res.object_to_dict())
except Exception as e:
logging.info("user %s login error. %s", input_json['user_name'], e)
res.Code = 500
res.Message = 'Internal service error'
return jsonify(res.object_to_dict())
def test_unconfirmed_account(self):
# add an unconfirmed user
r = Role.query.filter_by(name='User').first()
self.assertIsNotNone(r)
u = User(email='*****@*****.**', password='******', confirmed=False,
role=r)
db.session.add(u)
db.session.commit()
# get list of posts with the unconfirmed account
response = self.client.get(
url_for('api.get_posts'),
headers=self.get_api_headers('*****@*****.**', 'cat'))
self.assertTrue(response.status_code == 403)
def register():
form = RegisterForm()
if form.validate_on_submit():
user = User(username=form.username.data,
email=form.email.data.lower(),
password=form.password.data)
try:
db.session.add(user)
db.session.commit()
except:
db.session.rollback()
flash('注册失败,请重试')
return render_template('auth/register.html', form=form)
token = user.generate_confirmation_token()
send_mail(user.email,
'激活账号',
'mail/confirm',
user=user,
token=token,
email=user.email)
flash('一封确认邮件已经发送到您的邮箱,请及时激活账号!')
return redirect(url_for('main.index'))
return render_template('auth/register.html', form=form)
def blog():
if request.method == "POST":
username = request.form["username"]
title = request.form["title"]
email = request.form["email"]
content = request.form["content"]
user = User(username, title, email, content)
db.session.add(user)
db.session.commit()
return redirect(url_for("index"))
return redirect(url_for("about"))
def test_bad_auth(self):
# add a user
r = Role.query.filter_by(name='User').first()
self.assertIsNotNone(r)
u = User(email='*****@*****.**', password='******', confirmed=True,
role=r)
db.session.add(u)
db.session.commit()
# authenticate with bad password
response = self.client.get(
url_for('api.get_posts'),
headers=self.get_api_headers('*****@*****.**', 'dog'))
self.assertTrue(response.status_code == 401)
def register():
form = RegisterForm()
if form.validate_on_submit():
data = form.data
user = User(name=data["name"],
pwd=generate_password_hash(data["pwd"]),
email=data["email"],
phone=data["phone"],
uuid=uuid.uuid4().hex)
db.session.add(user)
db.session.commit()
flash("注册成功,请登录!", "ok")
return redirect(url_for("home.login"))
return render_template("home/register.html", form=form)
def signup():
if request.method == "POST":
username = request.form["username"]
email = request.form["email"]
password = request.form["password"]
user = User(username, email, password)
db.session.add(user)
db.session.commit()
return render_template("signup.html")
else:
return render_template("signup.html")
def test_invalid_email_change_token(self):
u1 = User(email='*****@*****.**', password='******')
u2 = User(email='*****@*****.**', password='******')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
token = u1.generate_email_change_token('*****@*****.**')
self.assertFalse(u2.change_email(token))
self.assertTrue(u2.email == '*****@*****.**')
def user_update(user_id):
user = User.get(User.id == user_id)
form = UserForm(request.form, obj=user)
form.action = url_for('admin:user:update', user_id=user.id)
form.level.choices = get_level()
form.level.data = user.level.id
form.profile.jenis_kelamin.data = user.profile.jenis_kelamin
if form.validate_on_submit():
form.populate_obj(user)
user.level = Level.get(Level.id == form.level.data)
user.profile.nama = form.profile.nama.data
user.profile.save()
user.save()
return redirect(url_for('admin:user:list'))
return render_template('admin/user/update.html', form=form, user=user)
def test_users(self):
# add two users
r = Role.query.filter_by(name='User').first()
self.assertIsNotNone(r)
u1 = User(email='*****@*****.**', username='******',
password='******', confirmed=True, role=r)
u2 = User(email='*****@*****.**', username='******',
password='******', confirmed=True, role=r)
db.session.add_all([u1, u2])
db.session.commit()
# get users
response = self.client.get(
url_for('api.get_user', id=u1.id),
headers=self.get_api_headers('*****@*****.**', 'dog'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertTrue(json_response['username'] == 'john')
response = self.client.get(
url_for('api.get_user', id=u2.id),
headers=self.get_api_headers('*****@*****.**', 'dog'))
self.assertTrue(response.status_code == 200)
json_response = json.loads(response.data.decode('utf-8'))
self.assertTrue(json_response['username'] == 'susan')
def join():
if request.method == 'GET':
return render_template('join.html')
if request.method == 'POST':
user_exist = None
user_exist = User.query(User.username == request.form['username']).get()
print user_exist
user = User(
username=request.form['username'], password=generate_password_hash(request.form['password']), email=request.form['email']
)
exist = False
if not user_exist:
user_create_result = user.put()
logging.info(user_create_result)
flash(u'회원가입을 하였습니다.', 'success')
return redirect(url_for('home'))
else:
flash(u'중복되는 아이디가 존재합니다.', 'danger')
return redirect(url_for('join'))
def post(self):
"""
修改添加用户
:return:
"""
account = request.json.get('account')
username = request.json.get('username')
password = request.json.get('password')
new_password = request.json.get('new_password')
user_id = request.json.get('id')
if user_id:
old_data = User.query.filter_by(id=user_id).first()
if User.query.filter_by(username=username).first(
) and username != old_data.username:
return jsonify({'msg': '名字已存在', 'code': 400})
elif User.query.filter_by(
account=account).first() and account != old_data.account:
return jsonify({'msg': '账号已存在', 'code': 400})
if new_password:
if not password:
return jsonify({"code": 400, "msg": "密码不能为空"})
else:
old_data.password = password
old_data.username = username
db.session.commit()
return jsonify({"code": 200, "msg": "修改成功"})
else:
if account is None or password is None or username is None:
return jsonify({'code': 400, "msg": "账户密码不能为空"})
if User.query.filter_by(account=account).first() is not None:
return jsonify({'code': 400, "msg": "账户已存在"})
user = User(account=account, username=username)
user.hash_password(password)
db.session.add(user)
db.session.commit()
return jsonify({'code': 200, "msg": "账户添加成功"})
def user_login():
"""
Login an user
"""
if 'user' in session:
return redirect('/dashboard')
form = LoginUserForm(csrf_enabled=False)
if form.validate_on_submit():
email = form.email.data
password = form.password.data
user = User()
result = user.find_one({'email': email})
if result is not None:
if bcrypt.hashpw(password, result['password']) == result['password']:
return auth.login(id=result['_id'], active=result['is_active'])
else:
flash('Password incorrecto', 'error')
else:
flash('El usuario no existe', 'error')
return render_template('users/login.html', form=form)
def user_regist():
form = RegistForm()
if form.validate_on_submit():
# 查看用户名是否已经存在
user_name = form.user_name.data
user_x = User.query.filter_by(name=user_name).first()
if user_x:
flash("用户名已经存在!", category='err')
return render_template('user_regist.html', form=form)
user_x = User.query.filter_by(email=form.user_email.data).first()
if user_x:
flash("邮箱已经被注册过!", category='err')
return render_template('user_regist.html', form=form)
user_x = User.query.filter_by(phone=form.user_phone.data).first()
if user_x:
flash("手机号已经被注册过!", category='err')
return render_template('user_regist.html', form=form)
# 如果用户不存在,创建一个用户类的实例
user = User()
user.name = form.user_name.data
user.pwd = generate_password_hash(form.user_pwd.data)
user.email = form.user_email.data
user.phone = form.user_phone.data
user.jianjie = form.user_jianjie.data
user.uuid = str(uuid.uuid4().hex)[0:10] # 给每个用户分配一个10个字符的身份标识符
filestorage = request.files["user_face"]
user.face = secure_filename_with_uuid(filestorage.filename)
# 保存用户头像文件,执行插入操作
try:
photosSet.save(storage=filestorage,
folder=user.name,
name=user.face)
db.session.add(user)
db.session.commit()
flash("用户注册成功!", category='ok')
return redirect(url_for("user_login", username=user.name))
except UploadNotAllowed:
flash("头像文件格式不对!", category='err')
return render_template('user_regist.html', form=form)
return render_template('user_regist.html', form=form)
def user_signup():
if request.method == 'POST':
user_data = request.form
user = User(email=user_data['email'],
password=generate_password_hash(user_data['password']),
name=user_data['name'],
join_date=kstime(9))
db.session.add(user)
db.session.commit()
flash(u'가입이 완료 되었습니다.', 'success')
return redirect(url_for('article_list'))
#if GET
return render_template('user/join.html', form=form, active_tab='user_join')
def user_join():
form = JoinForm()
if request.method == 'POST':
user = User(email=form.email.data,
password=generate_password_hash(form.password.data),
name=form.name.data)
db.session.add(user)
db.session.commit()
flash(u'가입이 승인되었습니다. 비밀번호는 암호화되어 저장되어 관리자도 알 수 없습니다.', 'success')
return redirect(url_for('article_list'))
else:
flash(u'비밀코드가 맞지 않습니다. 관리자에게 문의하세요.', 'danger')
return render_template('user/join.html', form=form, active_tab='user_join')
def test_gravatar(self):
u = User(email='*****@*****.**', password='******')
with self.app.test_request_context('/'):
gravatar = u.gravatar()
gravatar_256 = u.gravatar(size=256)
gravatar_pg = u.gravatar(rating='pg')
gravatar_retro = u.gravatar(default='retro')
with self.app.test_request_context('/', base_url='https://example.com'):
gravatar_ssl = u.gravatar()
self.assertTrue('http://www.gravatar.com/avatar/' +
'd4c74594d841139328695756648b6bd6'in gravatar)
self.assertTrue('s=256' in gravatar_256)
self.assertTrue('r=pg' in gravatar_pg)
self.assertTrue('d=retro' in gravatar_retro)
self.assertTrue('https://secure.gravatar.com/avatar/' +
'd4c74594d841139328695756648b6bd6' in gravatar_ssl)
def login():
if session.get('username'):
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
email = form.email.data
password = form.password.data
user = User.objects(email=email).first()
if user and user.get_password(password):
flash(f"{user.first_name} You are logged in successfully!!!",
"success")
session['user_id'] = user.user_id
session['username'] = user.first_name
return redirect(url_for('index'))
else:
flash("Something went wrong!", "danger")
return render_template("login.html", form=form, title="Log In", login=True)
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
email = form.email.data
password = form.password.data
try:
user = User.get(User.email == email)
if user and user.check_password(password):
session['user_id'] = user.id
session.permanent = True
return redirect(url_for('home'))
else:
flash('Email atau password salah', 'error')
return render_template('login.html', form=form)
except User.DoesNotExist:
flash('Email atau password salah', 'error')
return render_template('login.html', form=form)
return render_template('login.html', form=form)
def verify_code():
# 验证手机号和验证码
phone = request.form.get('phone')
msg_code = request.form.get('msg_code')
print(phone)
# 校验参数是否为空
if not all([phone, msg_code]):
return jsonify(phone=phone, msg_code=msg_code, msg='有参数为空')
# 校验手机号码是否合法
if not re.match(r'1[3456789]\d{9}', phone):
return jsonify(msg='手机号码不合法')
# 校验验证码是否一致
try:
# 取到是bytes类型
save_code = redis_store.get('msg_%s' % phone).decode()
print(save_code)
if save_code == msg_code:
print('与本地一致')
else:
return jsonify(err_msg='msg_code error')
except Exception as e:
logging.error(e)
return jsonify(msg='redis error')
# 如果不存在则创建用户
user_obj = User.query.filter_by(phone=phone).first()
try:
if user_obj:
print('用户已存在')
else:
print('用户不存在则创建')
user_obj = User(phone=phone)
db.session.add(user_obj)
db.session.commit()
except Exception as e:
print(e)
db.session.rollback()
return jsonify(msg='mysql error')
# 添加到session,也就是存在不存在都登录
session['user_id'] = user_obj.id
session['user_phone'] = phone
# 响应
return jsonify(msg='ok')
def user_create():
form = UserForm(request.form)
form.action = url_for('admin:user:create')
form.level.choices = get_level()
if form.validate_on_submit():
user = User()
user.email = form.email.data
user.password = form.password.data
user.no_induk = form.no_induk.data
level = Level.get(Level.id == form.level.data)
jenkel = form.profile.jenis_kelamin.data
nama = form.profile.nama.data
profile = Profile.create(nama=nama, jenis_kelamin=jenkel)
user.level = level
user.profile = profile
user.save()
return redirect(url_for('admin:user:list'))
if form.errors:
print form.errors
return render_template('admin/user/create.html', form=form)
def post(self, phn):
user = User()
data = self.get_data()
user.from_dict(data)
# after the phone set in
user.generate_avatar_path()
if user.save():
self.set_status(201)
self.set_header('Location', user.get_link())
msg = self.message("Created Success.")
else:
self.set_status(400)
msg = self.message("name,phone,password field are required.")
self.render_json(msg)
def bill_add(bill_request, user_id):
bill_type = bill_request.get('type', '')
bill_amount = bill_request.get('amount', '')
bill_create_time = bill_request.get('create_time', '')
bill_remark = bill_request.get('remark', '')
consumption_type = ConsumptionType(id=bill_type)
user = User(id=user_id)
if bill_type and bill_amount and bill_create_time and bill_remark:
bill = Bill(amount=float(bill_amount),
create_time=bill_create_time,
remark=bill_remark,
is_delete=False,
type=consumption_type,
user=user)
try:
bill.save()
except ValueError:
return u'数据存储异常,请联系管理员'
return u'1'
def home():
dosens = (User.select(User, MataKuliah)
.join(MataKuliah)
.join(Level, JOIN.LEFT_OUTER, on=(User.level == Level.id))
.join(Tugas, JOIN.LEFT_OUTER,
on=(Tugas.mata_kuliah == MataKuliah.id))
.join(Profile, on=(User.profile == Profile.id))
.group_by(User)
.where(Level.name == 'dosen')
.order_by(Profile.nama.asc()))
dosen_id = request.args.get('dosen_id', None)
if dosen_id:
dosen = dosens.filter(User.id == dosen_id).get()
else:
dosen = dosens.first()
dosen_id = dosen.id
posts = Post.select().order_by(Post.id.desc())
user = g.user
return render_template('mhs/home.html', dosen=dosen, dosens=dosens,
posts=posts, dosen_id=dosen_id)
def update_info(user_id):
if not g.user.id == user_id:
return abort(401)
user = User.select().join(Profile).where(User.id == user_id).get()
form = UpdateInfoForm(request.form, obj=user)
form.action = url_for('update-info', user_id=user_id)
if form.validate_on_submit():
user.profile.nama = form.profile.nama.data
user.profile.no_telpon = form.profile.no_telpon.data
user.profile.tanggal_lahir = form.profile.tanggal_lahir.data
user.profile.alamat = form.profile.alamat.data
path = get_user_media_path(user)
phile = request.files['profile-image']
if phile:
path = os.path.join(path, secure_filename(phile.filename))
phile.save(path)
user.profile.image = url_for('media', filepath=path)
user.profile.save()
user.save()
return redirect(url_for('mhs:home'))
return render_template('update_info.html', form=form, user=user)
def login():
if request.method == 'GET':
return render_template('login.html')
if request.method == 'POST':
user = User.query(User.username == request.form['username']).get()
if user:
if user.check_password(request.form['password']):
session['logged_in'] = True
if user.is_superuser:
session['is_superuser'] = True
session['user'] = request.form['username']
flash(u'로그인 하였습니다.', 'success')
return redirect(url_for('home'))
else:
flash(u'잘못된 비밀번호 입니다.', 'danger')
return redirect(url_for('home'))
else:
flash(u'사용자가 존재하지 않습니다.', 'danger')
return redirect(url_for('home'))
def current_user():
user = None
if 'user_id' in session:
user_id = session['user_id']
user = User.get(User.id == user_id)
return user
def get_dosen():
level = Level.select().where(Level.name == 'dosen')
users = [(user.id, user.profile.nama) for user in
User.select().where(User.level == level)]
return users
def _on_auth(self, outer_user):
if not outer_user:
raise HTTPError(500, "Douban auth failed.")
auth_id = "%s_%s" % (Auth.DOUBAN, outer_user['access_token']['douban_user_id'])
auth = Auth.query.get(auth_id)
user = User.query.get_by_userkey(self.get_secure_cookie('userkey', None)) or auth and auth.user
self.clear_cookie('userkey')
# create or update the user
if user is None and auth is None:
did = self.get_secure_cookie('uid', None)
self.clear_cookie('uid')
if not did:
raise HTTPError(500, "Douban auth failed.")
# user data
user_data = {}
user_data['userkey'] = auth_id
user_data['name'] = outer_user['name']
user_data['avatar'] = outer_user['avatar']
user_data['brief'] = outer_user['brief']
user_data['deviceid'] = did
user = User()
user.from_dict(user_data)
user.generate_secret()
if not user.save():
raise HTTPError(500, 'Save auth user info error.')
# auth data
auth_data = {}
auth_data['site_label'] = Auth.DOUBAN
auth_data['access_token'] = outer_user['access_token']['key']
auth_data['access_secret'] = outer_user['access_token']['secret']
auth_data['expired'] = outer_user['expired']
auth_data['user_id'] = user.id
auth_data['site_user_id'] = auth_id
# create or update the auth
if auth is None:
auth = Auth()
auth.from_dict(auth_data)
if not auth.save():
raise HTTPError(500, "Failed auth with douban account.")
# send to douban
#sns_data = {
# 'token': auth.access_token,
# 'secret': auth.access_secret,
# 'label': auth.DOUBAN,
# 'content': u"我正在使用乐帮,乐帮是一款基于LBS的帮助应用, 旨在让你在有困难时能更容易地得到帮助。请关注乐帮小站http://site.douban.com/135015/"
# }
#http_client = httpclient.HTTPClient()
#try:
# http_client.fetch(
# options.mquri,
# body="queue=snspost&value=%s" % self.json(sns_data),
# method='POST',
# )
#except httpclient.HTTPError, e:
# pass
self.render_json(auth.user.user2dict4auth() if auth.user.id>0 else {})
self.finish()
def user_list():
users = User.select()
_level = request.args.get('level', None)
if _level:
users = users.join(Level).where(Level.name == _level)
return object_list('admin/user/list.html', users, 'users', paginate_by=10)
