def user_login(**arg):
'''用户登录成功记录Cookie'''
_arg = Dict(arg)
_uid = str(_arg.uid)
_salt = short_by_hex(_uid)[1]
_hash = hashlib.md5('%s%s'%(_uid, _salt)).hexdigest()
response.set_cookie('user_id', _uid, secret=SECRET, path='/', domain=COOKIE_DOMAIN)
response.set_cookie('user_hash', _hash, secret=SECRET, path='/', domain=COOKIE_DOMAIN)
def wrapper(*args, **kargs):
_user_id = str(BaseHandler().current_user)
_user_hash = BaseHandler().current_user_hash
_salt = short_by_hex(_user_id)[1]
_hash = hashlib.md5('%s%s' % (_user_id, _salt)).hexdigest()
if not _user_id or _user_hash != _hash:
redirect('/admin/login', 302)
check_user_status(_user_id) #检查用户的状态是否是正常
return f(*args, **kargs)
def wrapper(*args, **kargs):
_user_id = str(BaseHandler().current_user)
_user_hash = BaseHandler().current_user_hash
_salt = short_by_hex(_user_id)[1]
_hash = hashlib.md5('%s%s'%(_user_id, _salt)).hexdigest()
if not _user_id or _user_hash != _hash:
redirect('/admin/login', 302)
check_user_status(_user_id) #检查用户的状态是否是正常
return f(*args, **kargs)
def change_password(cls):
'''修改密码'''
_oldPWD = request.POST.get('old_password', '')
_newPWD = request.POST.get('password', '')
_user = cls()._get_user_by_id()
if _user:
_salt = short_by_hex(_user['email'])[0]
if hashlib.md5('%s%s' % (_oldPWD, _salt)).hexdigest() == _user['pwd']:
UsersHandler().change_pwd(pwd=hashlib.md5('%s%s' % (_newPWD, _salt)).hexdigest(), email=_user['email'])
cls().log_out()
return json.dumps(dict(change = True, message = u'密码已更新'))
return json.dumps(dict(change = False, message = u'旧密码错误'))
return json.dumps(dict(change = False, message = u'无此用户'))
def change_password(cls):
'''修改密码'''
_oldPWD = request.POST.get('old_password', '')
_newPWD = request.POST.get('password', '')
_user = cls()._get_user_by_id()
if _user:
_salt = short_by_hex(_user['email'])[0]
if hashlib.md5('%s%s' %
(_oldPWD, _salt)).hexdigest() == _user['pwd']:
UsersHandler().change_pwd(pwd=hashlib.md5(
'%s%s' % (_newPWD, _salt)).hexdigest(),
email=_user['email'])
cls().log_out()
return json.dumps(dict(change=True, message=u'密码已更新'))
return json.dumps(dict(change=False, message=u'旧密码错误'))
return json.dumps(dict(change=False, message=u'无此用户'))
def user_login(**arg):
'''用户登录成功记录Cookie'''
_arg = Dict(arg)
_uid = str(_arg.uid)
_salt = short_by_hex(_uid)[1]
_hash = hashlib.md5('%s%s' % (_uid, _salt)).hexdigest()
response.set_cookie('user_id',
_uid,
secret=SECRET,
path='/',
domain=COOKIE_DOMAIN)
response.set_cookie('user_hash',
_hash,
secret=SECRET,
path='/',
domain=COOKIE_DOMAIN)
def register(cls):
'''注册用户'''
_email = request.POST.get('email', '')
_password = request.POST.get('password', '')
if '' == _email:
return json.dumps(dict(reg = False, uid = -2, message = u'请输入Email'))
if '' == _password:
return json.dumps(dict(reg = False, uid = -3, message = u'请输入密码'))
_user = UsersHandler().check_is_registered(email=_email)
if _user:
return json.dumps(dict(reg = False, uid = _user["id"], message = u'用户已经注册,请直接登陆'))
_salt = short_by_hex(_email)[0] #根据email计算密码盐
_pwd = hashlib.md5('%s%s'%(_password, _salt)).hexdigest()
_u_name = _email.split('@')[0]
_uid = UsersHandler().insert(u_name=_u_name, email=_email, pwd=_pwd)
user_login(uid = _uid)
return json.dumps(dict(reg = True, uid = _uid, message = u'注册成功'))
def register(cls):
'''注册用户'''
_email = request.POST.get('email', '')
_password = request.POST.get('password', '')
if '' == _email:
return json.dumps(dict(reg=False, uid=-2, message=u'请输入Email'))
if '' == _password:
return json.dumps(dict(reg=False, uid=-3, message=u'请输入密码'))
_user = UsersHandler().check_is_registered(email=_email)
if _user:
return json.dumps(
dict(reg=False, uid=_user["id"], message=u'用户已经注册,请直接登陆'))
_salt = short_by_hex(_email)[0] #根据email计算密码盐
_pwd = hashlib.md5('%s%s' % (_password, _salt)).hexdigest()
_u_name = _email.split('@')[0]
_uid = UsersHandler().insert(u_name=_u_name, email=_email, pwd=_pwd)
user_login(uid=_uid)
return json.dumps(dict(reg=True, uid=_uid, message=u'注册成功'))
def login(cls):
'''登陆'''
_email = request.POST.get('email', '')
_password = request.POST.get('password', '')
if '' == _email:
return json.dumps(dict(login = False, uid = -2, message = u'请输入Email'))
if '' == _password:
return json.dumps(dict(login = False, uid = -3, message = u'请输入密码'))
_salt = short_by_hex(_email)[0] #根据email计算密码盐
_pwd = hashlib.md5('%s%s'%(_password, _salt)).hexdigest()
_user = UsersHandler().get_pwd_by_email(email=_email)
if not _user:
return json.dumps(dict(login = False, uid = -1, message = u'用户不存在'))
if 0 == _user['status']:
return json.dumps(dict(login = False, uid = -4, message = u'请等待审核通知'))
if 2 == _user['status']:
return json.dumps(dict(login = False, uid = -4, message = u'异常用户'))
if _pwd == _user['pwd']:
user_login(uid = _user['id']) #记录登陆用户Cookie
return json.dumps(dict(login = True, uid = _user['id'], message = u'登录成功'))
return json.dumps(dict(login = False, uid = -5, message = u'密码错误'))
def login(cls):
'''登陆'''
_email = request.POST.get('email', '')
_password = request.POST.get('password', '')
if '' == _email:
return json.dumps(dict(login=False, uid=-2, message=u'请输入Email'))
if '' == _password:
return json.dumps(dict(login=False, uid=-3, message=u'请输入密码'))
_salt = short_by_hex(_email)[0] #根据email计算密码盐
_pwd = hashlib.md5('%s%s' % (_password, _salt)).hexdigest()
_user = UsersHandler().get_pwd_by_email(email=_email)
if not _user:
return json.dumps(dict(login=False, uid=-1, message=u'用户不存在'))
if 0 == _user['status']:
return json.dumps(dict(login=False, uid=-4, message=u'请等待审核通知'))
if 2 == _user['status']:
return json.dumps(dict(login=False, uid=-4, message=u'异常用户'))
if _pwd == _user['pwd']:
user_login(uid=_user['id']) #记录登陆用户Cookie
return json.dumps(
dict(login=True, uid=_user['id'], message=u'登录成功'))
return json.dumps(dict(login=False, uid=-5, message=u'密码错误'))