def before_request(): ignore_urls = app.config['IGNORE_URLS'] ignore_check_login_urls = app.config['IGNORE_CHECK_LOGIN_URLS'] path = request.path # app.logger.debug(path) # 登录前需要忽视的 URL pattern = re.compile("|".join(ignore_check_login_urls)) if pattern.match(path): return # 登录后需要忽视的URL pattern = re.compile("|".join(ignore_urls)) # 判断是否登录 user_info = check_login() g.current_user = None if user_info: # 如果已经登录,则将用户信息存储到全局变量 g 中的 current_user g.current_user = user_info if pattern.match(path): return redirect(UrlManager.build_url('/')) if pattern.match(path): return # 如果没有登录,则重定向到登录页 if not user_info: return redirect(UrlManager.build_url('/user/login')) return
def before_request(): ignore_urls = app.config['IGNORE_URLS'] ignore_check_login_urls = app.config['IGNORE_CHECK_LOGIN_URLS'] path = request.path # 如果是静态文件就不要查询用户信息了 pattern = re.compile('%s' % "|".join(ignore_check_login_urls)) if pattern.match(path): return if '/api' in path: return user_info = check_login() g.current_user = None if user_info: g.current_user = user_info # 加入日志 LogService.add_access_log() pattern = re.compile('%s' % "|".join(ignore_urls)) if pattern.match(path): return if not user_info: return redirect(UrlManager.build_url("/user/login")) return
def info(): values = request.values app.logger.info(values) id = values['id'] if 'id' in values else None if id is None: return redirect(UrlManager.build_url("/account/index")) user = User.query.get(id) if user is None: return redirect(UrlManager.build_url("/account/index")) return render_template("account/info.html", data=user)
def before_request(): """拦截器,登陆限制""" ignore_urls = app.config['IGNORE_URLS'] ignore_check_login_urls = app.config['IGNORE_CHECK_LOGIN_URLS'] path = request.path pattern = re.compile('%s' % "|".join(ignore_check_login_urls)) # 不需要验证就能够登陆的静态页面 if pattern.match(path): return if "/api" in path: return user_info = check_login() # 登陆成功 g.current_user = None if user_info: g.current_user = user_info # 加入访问日志 LogService.addAccessLog() pattern = re.compile('%s' % "|".join(ignore_urls)) # login页面无重定向 if pattern.match(path): return if not user_info: return redirect(UrlManager.build_url('/user/login')) return
def login(): # 如果是POST请求,进行登录处理 if request.method == "POST": # 实现登录功能 # 1、接收表单提交过来的数据 username = request.form['username'] # 接收的账号 password = request.form['password'] # 接收的密码 # 2、根据接收用户名到user数据表进行查询 user = User.query.filter_by(login_name=username, status=1).first() # 查询一个不存在的用户名返回None # 3、判断用户是否存在,如果存在,则进一步需要检测密码是否正确,如果密码检测通过,则登录成功 if user and check_password_hash(user.login_pwd, password): # 登录成功,使用session保存id,同时重定向到首页 session['isLogged'] = 1 session['userid'] = user.id session['username'] = user.login_name return redirect(UrlManager.build_url("/")) else: # 登录失败,通过flash进行消息提示 flash("账户或密码不对!") return render_template("login.html")
def info(): resp_data = {} req = request.args uid = int(req.get('id', 0)) reback_url = UrlManager.build_url('/account/index') if uid < 1: return redirect(reback_url) info = User.query.filter_by(uid=uid).first() if not info: return redirect(reback_url) resp_data['info'] = info return ops_render("account/info.html", resp_data)
def info(): resp_data = {} req = request.args id = int(req.get('id', 0)) reback_url = UrlManager.build_url("/member/index") if id < 1: return redirect(reback_url) info = Member.query.filter_by(id=id).first() if not info: return redirect(reback_url) resp_data['info'] = info resp_data['current'] = 'index' return ops_render("member/info.html", resp_data)
def login(): """ 登录控制器处理 :return: 登录页面视图 """ if request.method == "GET": if g.current_user: return redirect(UrlManager.build_url("/")) return ops_render("user/login.html") resp = {'code': 200, 'msg': '登录成功~~', 'data': {}} req = request.values login_name = req['login_name'] if 'login_name' in req else '' login_pwd = req['login_pwd'] if 'login_pwd' in req else '' if login_name is None or len(login_name) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的登录用户名~~" return jsonify(resp) if login_pwd is None or len(login_pwd) < 1: resp['code'] = -1 resp['msg'] = "请输入正确的邮箱密码~~" return jsonify(resp) user_info = User.query.filter_by(login_name=login_name).first() if not user_info: resp['code'] = -1 resp['msg'] = "请输入正确的登录用户名和密码-1~~" return jsonify(resp) if user_info.login_pwd != UserService.generate_password( login_pwd, user_info.login_salt): resp['code'] = -1 resp['msg'] = "请输入正确的登录用户名和密码-2~~" return jsonify(resp) if user_info.status != 1: resp['code'] = -1 resp['msg'] = "账号已被禁用,请联系管理员处理~~" return jsonify(resp) response = make_response(json.dumps({'code': 200, 'msg': '登录成功~~'})) response.set_cookie( app.config['AUTH_COOKIE_NAME'], '%s#%s' % (UserService.generate_auth_code(user_info), user_info.uid), 60 * 60 * 24 * 120) # 保存120天 return response
def info(): resp_data = {} req = request.args uid = int(req.get('id', 0)) reback_url = UrlManager.build_url('/account/index') if uid < 1: return redirect(reback_url) info = User.query.filter_by(uid=uid).first() if not info: return redirect(reback_url) resp_data['info'] = info error_log = AppAccessLog.query.filter_by(uid=uid).order_by( AppAccessLog.created_time.desc()).limit(10).all() resp_data['error_log'] = error_log return ops_render("account/info.html", resp_data)
def info(): """获取账号信息""" resp_data = {} req = request.args uid = int(req.get('id', 0)) reback_url = UrlManager.build_url("/account/index") if uid < 1: return redirect(reback_url) info = User.query.filter_by(uid=uid).first() if not info: return redirect(reback_url) access_list = AppAccessLog.query.filter_by(uid=uid).order_by(AppAccessLog.id.desc()).limit(10).all() resp_data['info'] = info resp_data['access_list'] = access_list return ops_render("account/info.html", resp_data)
def info(): resp_data = {} req = request.values id = int(req['id']) if 'id' in req else 0 reback_url = UrlManager.build_url("/finance/index") if id < 1: return redirect(reback_url) pay_order_info = PayOrder.query.filter_by(id=id).first() if not pay_order_info: return redirect(reback_url) member_info = Member.query.filter_by(id=pay_order_info.member_id).first() if not member_info: return redirect(reback_url) order_item_list = PayOrderItem.query.filter_by( pay_order_id=pay_order_info.id).all() data_order_item_list = [] if order_item_list: food_map = get_dict_filter_field( Food, Food.id, "id", select_filter_obj(order_item_list, "food_id")) for item in order_item_list: tmp_food_info = food_map[item.food_id] tmp_data = { "quantity": item.quantity, "price": item.price, "name": tmp_food_info.name } data_order_item_list.append(tmp_data) address_info = {} if pay_order_info.express_info: address_info = json.loads(pay_order_info.express_info) resp_data['pay_order_info'] = pay_order_info resp_data['pay_order_items'] = data_order_item_list resp_data['member_info'] = member_info resp_data['address_info'] = address_info resp_data['current'] = 'index' return ops_render("finance/pay_info.html", resp_data)
def info(): resp_data = {} req = request.args id = int(req.get("id", 0)) reback_url = UrlManager.build_url("/food/index") if id < 1: return redirect(reback_url) info = Food.query.filter_by(id=id).first() if not info: return redirect(reback_url) stock_change_list = FoodStockChangeLog.query.filter(FoodStockChangeLog.food_id == id) \ .order_by(FoodStockChangeLog.id.desc()).all() resp_data['info'] = info resp_data['stock_change_list'] = stock_change_list resp_data['current'] = 'index' return ops_render("food/info.html", resp_data)
def set(): if request.method == 'GET': resp_data = {} req = request.args id = int(req.get('id', 0)) reback_url = UrlManager.build_url('/member/index') if id < 1: return redirect(reback_url) info = Member.query.filter_by(id=id).first() if not info: return redirect(reback_url) if info.status != 1: return redirect(reback_url) resp_data['info'] = info resp_data['current'] = 'index' return ops_render("member/set.html", resp_data) resp = {'code': 200, 'msg': '操作成功', 'data': {}} req = request.values id = req['id'] if 'id' in req else 0 nickname = req['nickname'] if 'nickname' in req else '' if nickname is None or len(nickname) < 1: resp['code'] = -1 resp['msg'] = '请输入规范的姓名!' return jsonify(resp) member_info = Member.query.filter_by(id=id).first() if not member_info: resp['code'] = -1 resp['msg'] = '指定的会员不存在!' return jsonify(resp) member_info.nickname = nickname member_info.updated_time = getCurrentDate() db.session.add(member_info) db.session.commit() return jsonify(resp)
def info(): resp_data = {} req = request.args id = int(req.get("id", 0)) reback_url = UrlManager.build_url("/member/index") if id < 1: return redirect(reback_url) info = Member.query.filter_by(id=id).first() if not info: return redirect(reback_url) pay_order_list = PayOrder.query.filter_by(member_id=id).filter(PayOrder.status.in_([-8, 1])) \ .order_by(PayOrder.id.desc()).all() comment_list = MemberComments.query.filter_by(member_id=id).order_by( MemberComments.id.desc()).all() resp_data['info'] = info resp_data['pay_order_list'] = pay_order_list resp_data['comment_list'] = comment_list resp_data['current'] = 'index' return ops_render("member/info.html", resp_data)
def login(): response = {"result": 0, "reason": "登录成功!", "data": {}} if request.method == "GET": # 判断全局变量g中的current_user是否为None if g.current_user: # 如果不为None,说明已经登录了,则重定向到后台首页 return redirect(UrlManager.build_url("/")) return render_template("user/login.html") login_name = request.values[ 'login_name'] if 'login_name' in request.values else '' login_pwd = request.values[ 'login_pwd'] if 'login_pwd' in request.values else '' # return "{}:{}".format(login_name, login_pwd) user = User.query.filter_by(login_name=login_name).first() # 判断是否登陆成功 if user and check_password_hash(user.login_pwd, login_pwd): # 判断账户是否正常 if user.status == 0: response['result'] = -1 response['reason'] = "此账户暂停使用,请联系管理员!" return jsonify(response) # 如果账户是正常的,则保存登录账号的ID到session里面 session['user_id'] = user.uid session.permanent = True # 设置会话长期有效,默认有效期为31天 return jsonify(response) else: response['result'] = -1 response['reason'] = "账号或密码不对!" return jsonify(response)
def logout(): response = make_response(redirect(UrlManager.build_url('/user/login'))) response.delete_cookie(app.config['AUTH_COOKIE_NAME']) return response
def set(): if request.method == "GET": resp_data = {} req = request.args id = int(req.get('id', 0)) info = Food.query.filter_by(id=id).first() if info and info.status != 1: return redirect(UrlManager.build_url('/food/index ')) cat_list = FoodCat.query.all() resp_data['info'] = info resp_data['cat_list'] = cat_list resp_data['current'] = 'index' return ops_render("food/set.html", resp_data) resp = {'code': 200, 'msg': '操作成功!', 'data': {}} req = request.values id = int(req['id']) if 'id' in req else 0 cat_id = int(req['cat_id']) if 'cat_id' in req else 0 name = req['name'] if 'name' in req else '' price = req['price'] if 'price' in req else '' main_image = req['main_image'] if 'main_image' in req else '' summary = req['summary'] if 'summary' in req else '' stock = int(req['stock']) if 'stock' in req else '' tags = req['tags'] if 'tags' in req else '' price = Decimal(price).quantize(Decimal('0.00')) if cat_id < 1: resp['code'] = -1 resp['msg'] = '请选择分类' return jsonify(resp) if name is None or len(name) < 1: resp['code'] = -1 resp['msg'] = '请输入符合规范的名称' return jsonify(resp) if price <= 0: resp['code'] = -1 resp['msg'] = '请输入符合规范的售货价格' return jsonify(resp) if main_image is None or len(main_image) < 3: resp['code'] = -1 resp['msg'] = '请上传封面图' return jsonify(resp) if summary is None or len(summary) < 3: resp['code'] = -1 resp['msg'] = '请输入图片面熟,并不能少于10个字符' return jsonify(resp) if stock < 1: resp['code'] = -1 resp['msg'] = '请输入符合规范的库存量' return jsonify(resp) if tags is None or len(tags) < 1: resp['code'] = -1 resp['msg'] = '请输入图书,便于搜索' return jsonify(resp) food_info = Food.query.filter_by(id=id).first() before_stock = 0 if food_info: model_food = food_info before_stock = model_food.stock else: model_food = Food() model_food.status = 1 model_food.created_time = getCurrentDate() model_food.cat_id = cat_id model_food.name = name model_food.price = price model_food.main_image = main_image model_food.summary = summary model_food.stock = stock model_food.tags = tags model_food.updated_time = getCurrentDate() db.session.add(model_food) ret = db.session.commit() model_stock_change = FoodStockChangeLog() model_stock_change.food_id = model_food.id model_stock_change.unit = int(stock) - int(before_stock) model_stock_change.total_stock = stock model_stock_change.note = '' model_stock_change.created_time = getCurrentDate() db.session.add(model_stock_change) db.session.commit() return jsonify(resp)
def logout(): session.clear() return redirect(UrlManager.build_url("/user/login"))
def set(): if request.method == "GET": resp_data = {} req = request.args id = int(req.get('id', 0)) info = Food.query.filter_by(id=id).first() if info and info.status != 1: return redirect(UrlManager.build_url("/food/index")) cat_list = FoodCat.query.all() resp_data['info'] = info resp_data['cat_list'] = cat_list resp_data['current'] = 'index' return ops_render("food/set.html", resp_data) resp = {'code': 200, 'msg': '操作成功~~', 'data': {}} req = request.values id = int(req['id']) if 'id' in req and req['id'] else 0 cat_id = int(req['cat_id']) if 'cat_id' in req else 0 name = req['name'] if 'name' in req else '' price = req['price'] if 'price' in req else '' main_image = req['main_image'] if 'main_image' in req else '' summary = req['summary'] if 'summary' in req else '' stock = int(req['stock']) if 'stock' in req else '' tags = req['tags'] if 'tags' in req else '' if cat_id < 1: resp['code'] = -1 resp['msg'] = "全部分类~~" return jsonify(resp) if name is None or len(name) < 1: resp['code'] = -1 resp['msg'] = "请输入符合规范的名称~~" return jsonify(resp) if not price or len(price) < 1: resp['code'] = -1 resp['msg'] = "请输入符合规范的售卖价格~~" return jsonify(resp) price = Decimal(price).quantize(Decimal('0.00')) if price <= 0: resp['code'] = -1 resp['msg'] = "请输入符合规范的售卖价格~~" return jsonify(resp) if main_image is None or len(main_image) < 3: resp['code'] = -1 resp['msg'] = "请上传封面图~~" return jsonify(resp) if summary is None or len(summary) < 3: resp['code'] = -1 resp['msg'] = "请输入图书描述,并不能少于10个字符~~" return jsonify(resp) if stock < 1: resp['code'] = -1 resp['msg'] = "请输入符合规范的库存量~~" return jsonify(resp) if tags is None or len(tags) < 1: resp['code'] = -1 resp['msg'] = "请输入标签,便于搜索~~" return jsonify(resp) food_info = Food.query.filter_by(id=id).first() before_stock = 0 if food_info: model_food = food_info before_stock = model_food.stock else: model_food = Food() model_food.status = 1 model_food.created_time = get_current_date() model_food.cat_id = cat_id model_food.name = name model_food.price = price model_food.main_image = main_image model_food.summary = summary model_food.stock = stock model_food.tags = tags model_food.updated_time = get_current_date() db.session.add(model_food) db.session.commit() FoodService.setStockChangeLog(model_food.id, int(stock) - int(before_stock), "后台修改") return jsonify(resp)