def p_password_reset(old_pass, new_pass): """ 用户密码修改 :param old_pass: :param new_pass: :return: """ r, s = password_format_ver(new_pass) if not r: data = {"msg_type": "w", "msg": s, "http_status": 400} return data if current_user.verify_password(old_pass) or current_user.no_password: password_hash = generate_password_hash(new_pass) # 将jwt_login_time设为{}退出所有jwt登录的用户 r = update_one_user( user_id=current_user.str_id, updata={"$set": { "password": password_hash, "jwt_login_time": {} }}) if r.modified_count: oplog = { 'op_type': 'set_password', 'time': time.time(), 'status': 's', 'info': '', 'ip': request.remote_addr } insert_op_log(oplog) data = { "msg_type": "s", "msg": gettext("Password change is successful, please login again"), "http_status": 201 } logout_user() data['to_url'] = get_config("login_manager", "LOGIN_VIEW") else: data = { "msg_type": "w", "msg": gettext("Password change failed(unknown error)"), "http_status": 400 } return data data = { "msg_type": "e", "http_status": 400, "msg": gettext("Now use the password mistake") } return data
def add_user(mdb_user): """ 初始化root用户角色, 管理员, 管理员基本资料 :return: """ from werkzeug.security import generate_password_hash from apps.utils.validation.str_format import email_format_ver, password_format_ver from apps.modules.user.models.user import user_model print(' * [User] add') is_continue = False while True: username = input("Input username:"******"[\.\*#\?]+", username): print( "[Warning]: The name format is not correct,You can't use '.','*','#','?'\n") else: break while not is_continue: email = input("Input email:") s, r = email_format_ver(email) if not s: print("[Warning]: {}".format(r)) else: break while not is_continue: password = getpass("Input password(Password at least 8 characters):") s, r = password_format_ver(password) if not s: print("[Warning]: {}\n".format(r)) else: break try: mdb_user.db.create_collection("role") print(' * Created role collection') except BaseException: pass try: mdb_user.db.create_collection("user") print(' * Created user collection') except BaseException: pass # 初始化角色 root_per = SUPER_PER role_root = mdb_user.db.role.find_one({"permissions": root_per}) if not role_root: print(" * Create root role...") r = mdb_user.db.role.insert_one({"name": "Root", "default": 0, "permissions": root_per, "instructions": 'Root'}) if r.inserted_id: print("Create root user role successfully") else: print("[Error] Failed to create superuser role") sys.exit(-1) root_id = r.inserted_id else: root_id = role_root['_id'] password_hash = generate_password_hash(password) user = get_one_user_mfilter(username=username, email=email, op="or") if user: update_one_user(user_id=str(user["_id"]), updata={"$set": {"password": password_hash, "role_id": str(root_id)}}) print(" * This user already exists, updated password.") else: print(' * Create root user...') user = user_model( username=username, email=email, password=password, custom_domain=-1, role_id=str(root_id), active=True) r = insert_one_user(updata=user) if r.inserted_id: print(" * Create a root user role successfully") else: print(" * [Error] Failed to create a root user role") sys.exit(-1) # To create the average user role average_user = mdb_user.db.role.find_one({"permissions": 1}) if not average_user: print(" * Create the average user role...") r = mdb_user.db.role.insert_one({ "name": "User", "default": 1, "permissions": 1, "instructions": 'The average user', }) if r.inserted_id: print(" * Create a generic user role successfully") else: print(" * Failed to create a generic user role") role = mdb_user.db.role.find_one({"_id": root_id}) hidden_password = "******".format(password[0:2], password[6:]) print('The basic information is as follows') print('Username: {}\nEmail: {}\nUser role: {}\nPassword: {}'.format( username, email, role["name"], hidden_password)) print('End')
def p_retrieve_password(email, code, password, password2): """ 密码重设 :param account: :param code: :param password: :param password2: :return: """ data = {} if not email: data = { 'msg': gettext('Account does not exist'), 'msg_type': 'e', "http_status": 404 } return data s, r = email_format_ver(email=email) if s: user = get_one_user(email=email) else: data = {"msg": r, "msg_type": "e", "http_status": 403} return data if user: r = verify_code(code, email=user["email"]) else: data = { 'msg': gettext('Account does not exist'), 'msg_type': 'e', "http_status": 404 } return data if not r: data = { 'msg': gettext('Email or SMS verification code error'), 'msg_type': 'e', "http_status": 401 } else: if user: r = password_format_ver(password) if not r: data = {"msg": r, "msg_type": "e", "http_status": "403"} return data elif password != password2: data = { 'msg': gettext('Two password is not the same'), 'msg_type': 'w', "http_status": 400 } else: password_hash = generate_password_hash(password) # 将jwt_login_time设为{}退出所有jwt登录的用户 r = update_one_user(user_id=str(user["_id"]), updata={ "$set": { "password": password_hash, "jwt_login_time": {} } }) if r.modified_count: oplog = { 'op_type': 'retrieve_pass', 'time': time.time(), 'status': 's', 'info': '', 'ip': request.remote_addr } insert_op_log(oplog, user_id=user["_id"]) # 发送邮件 subject = gettext("Password reset notification") body = "Your account <a>{}</a> has reset your password. <br>Please keep it safe.".format( user["email"]) data = { "title": subject, "body": body, "other_info": gettext("End"), } html = get_email_html(data) send_email(subject=subject, recipients=[user["email"]], html_msg=html) data = { 'msg': gettext( 'Password reset successfully.Please return to login page to login' ), 'msg_type': 's', "http_status": 201 } logout_user() else: data = { "msg_type": "w", "msg": gettext("Reset password failed(unknown error)"), "http_status": 400 } return data return data
def p_sign_up(username, password, password2, code, email=None, mobile_phone_number=None): ''' 普通用户注册函数 :return: ''' data = {} if current_user.is_authenticated: data['msg'] = gettext("Is logged in") data["msg_type"] = "s" data["http_status"] = 201 data['to_url'] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO") return data # 用户名格式验证 s1, r1 = short_str_verifi(username, project="username") # 密码格式验证 s2, r2 = password_format_ver(password) if not s1: data = {'msg':r1, 'msg_type':"e", "http_status":422} elif mdb_user.db.user.find_one({"username": username}): # 是否存在用户名 data = {'msg': gettext("Name has been used"), 'msg_type': "w", "http_status": 403} elif not s2: data = {'msg': r2, 'msg_type': "e", "http_status": 400} return data elif password2 != password: # 检验两次密码 data = {'msg': gettext("The two passwords don't match"), 'msg_type': "e", "http_status": 400} if data: return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg':r, 'msg_type':"e", "http_status":422} elif mdb_user.db.user.find_one({"email": email}): # 邮箱是否注册过 data = {'msg': gettext("This email has been registered in the site oh, please login directly."), 'msg_type': "w", "http_status": 403} if data: return data # 检验验证码 r = verify_code(code=code, email=email) if not r: data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401} return data elif mobile_phone_number: # 手机注册 s, r = mobile_phone_format_ver(mobile_phone_number) if not s: data = {'msg': r, 'msg_type': "e", "http_status": 422} elif mdb_user.db.user.find_one({"mphone_num": mobile_phone_number}): # 手机是否注册过 data = {'msg': gettext("This number has been registered in the site oh, please login directly."), 'msg_type': "w", "http_status": 403} if data: return data # 检验验证码 r = verify_code(code=code, tel_number=True) if not r: data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401} return data if not data: # 用户基本信息 role_id = mdb_user.db.role.find_one({"default":{"$in":[True, 1]}})["_id"] user = user_model(username=username, email=email, mphone_num = mobile_phone_number, password=password, custom_domain=-1, role_id=str(role_id), active=True) r = mdb_user.db.user.insert_one(user) if r.inserted_id: if email: # 发送邮件 subject = gettext("Registration success notification") body = "Welcome to register <b>{}</b>.<br><a>{}</a> registered the account successfully.".format( get_config("site_config", "APP_NAME"), email ) data = {"title": subject, "body": body, "other_info": gettext("End"), } html = get_email_html(data) send_email(subject=subject, recipients=[email], html_msg=html) elif mobile_phone_number: # 发送短信 content = "[{}] Successful registration account.".format( get_config("site_config", "APP_NAME")) send_mobile_msg(mobile_phone_number, content) data = {'msg':gettext('Registered successfully'), 'to_url':'/sign-in', 'msg_type':'s',"http_status":201} else: data = {'msg': gettext('Data saved incorrectly, please try again'), 'msg_type': 'e', "http_status": 201} return data return data
def add_user(): email = request.argget.all('email') mobile_phone_number = str_to_num( request.argget.all('mobile_phone_number', 0)) username = request.argget.all('username', '').strip() password = request.argget.all('password', '').strip() password2 = request.argget.all('password2', '').strip() data = {} # 用户名格式验证 s1, r1 = short_str_verifi(username, project="username") # 密码格式验证 s2, r2 = password_format_ver(password) if not s1: data = {'msg': r1, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"username": username}): # 是否存在用户名 data = { 'msg': gettext("Name has been used"), 'msg_type': "w", "custom_status": 403 } elif not s2: data = {'msg': r2, 'msg_type': "e", "custom_status": 400} return data elif password2 != password: # 检验两次密码 data = { 'msg': gettext("The two passwords don't match"), 'msg_type': "e", "custom_status": 400 } if data: return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"email": email}): # 邮箱是否注册过 data = { 'msg': gettext( "This email has been registered in the site oh, please login directly." ), 'msg_type': "w", "custom_status": 403 } if data: return data elif mobile_phone_number: # 手机注册 s, r = mobile_phone_format_ver(mobile_phone_number) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"mphone_num": mobile_phone_number}): # 手机是否注册过 data = { 'msg': gettext( "This number has been registered in the site oh, please login directly." ), 'msg_type': "w", "custom_status": 403 } if data: return data if not data: # 用户基本信息 role_id = mdbs["user"].db.role.find_one( {"default": { "$in": [True, 1] }})["_id"] if not email: email = None if not mobile_phone_number: mobile_phone_number = None user = user_model(username=username, email=email, mphone_num=mobile_phone_number, password=password, custom_domain=-1, role_id=str(role_id), active=True, is_adm_add_user=True) r = insert_one_user(updata=user) if r.inserted_id: if email: # 发送邮件 subject = gettext("Registration success notification") body = [ gettext("Welcome to register {}.").format( get_config("site_config", "APP_NAME")), gettext("{} registered the account successfully.").format( email) ] data = { "title": subject, "body": body, "username": username, "site_url": get_config("site_config", "SITE_URL") } html = get_email_html(data) msg = { "subject": subject, "recipients": [email], "html_msg": html } send_email(msg=msg, ctype="nt") elif mobile_phone_number: # 发送短信 content = gettext( "[{}] Successful registration account.").format( get_config("site_config", "APP_NAME")) send_mobile_msg(mobile_phone_number, content) data = { 'msg': gettext('Added successfully'), 'msg_type': 's', "custom_status": 201 } return data
def user_edit(): """ 用户编辑 :return: """ tid = request.argget.all('id') role_id = request.argget.all('role_id') email = request.argget.all('email') password = request.argget.all('password') active = str_to_num(request.argget.all('active', 0)) s, r = arg_verify(reqargs=[("id", tid), ("role_id", role_id)], required=True) if not s: return r data = { 'msg': gettext("Update success"), 'msg_type': "s", "custom_status": 201 } if not email: email = None update_data = {'role_id': role_id, 'active': active, "email": email} user = get_one_user(user_id=str(tid)) if user: # 权限检查 current_user_role = mdbs["user"].db.role.find_one( {"_id": ObjectId(current_user.role_id)}) edit_user_role = mdbs["user"].db.role.find_one( {"_id": ObjectId(user["role_id"])}) if edit_user_role \ and get_num_digits(current_user_role["permissions"]) \ <= get_num_digits(edit_user_role["permissions"]): # 没有权限修改 data = { "msg_type": "w", "msg": gettext("No permission modification"), "custom_status": 401 } return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} return data elif mdbs["user"].db.user.find_one({ "email": email, "_id": { "$ne": ObjectId(tid) } }): # 邮箱是否注册过 data = { 'msg': gettext( "This email has been registered in the site oh, please login directly." ), 'msg_type': "w", "custom_status": 403 } return data if password: # 密码格式验证 s, r = password_format_ver(password) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} return data if password: password = generate_password_hash(password) update_data["password"] = password r = update_one_user(user_id=str(tid), updata={"$set": update_data}) if not r.modified_count: data = { 'msg': gettext("No changes"), 'msg_type': "w", "custom_status": 201 } return data