def get():
"""返回登录界面
"""
if session.get("name"):
return redirect(url_for("base.get_all"))
print request.args.get("next", None)
form = LoginForm(
login=request.args.get("username", None),
next=request.args.get("next", None))
if form.validate_on_submit():
userInfo = db.user.find_one(
{
"name": form.username.data,
"password": binary.Binary(
md5.md5(form.password.data).digest())
}, {"_id": 0})
if userInfo is None:
return jsonify(message=u"用户名字或密码错误")
session["logined"] = True
session["name"] = userInfo["name"]
#if "/user/" == url_for(request.url_rule, **request.view_args):
# return "121212"
print request.url
return redirect(form.next.data)
return jsonify(message="ok")
return render_template("login.html", form=form)
def get():
"""返回登录界面
"""
if session.get("name"):
return redirect(url_for("base.get_all"))
form = LoginForm(login=request.args.get("username", None),
next=request.args.get("next", None))
if form.validate_on_submit():
userInfo = db.user.find_one({"name": form.username.data,
"password": binary.Binary(md5.md5(form.password.data).digest())},
{"_id": 0})
if userInfo is None:
return jsonify(message=u"用户名字或密码错误") # 应该返回错误编码不是直接的文字
session["logined"] = True
session["name"] = userInfo["name"]
# g.power = userInfo["power"]
return jsonify(message="ok")
#return redirect(url_for("user.show", name=form.username.data))
return render_template("login.html", form=form)
def login():
# send_reg_mail.delay("*****@*****.**")
# send_reg_mail.apply_async(("*****@*****.**",), queue="qblog_async")
if hasattr(g, 'user') and hasattr(g.user, 'uid') \
and request.method == 'GET':
# flash(u'您已登陆成功,但不允许访问,请联系管理员!', 'danger')
return redirect(url_for('index.home'))
form = LoginForm(login=request.args.get('login', None),
next=request.args.get('next', None),
password=request.args.get("password", None),
verification=request.args.get('verification', None))
form_regist = RegistForm(login=request.args.get('login', None),
password=request.args.get('password', None),
nickname=request.args.get('nickname', None),
mobile=request.args.get('mobile', None),
employee_id=request.args.get('employee_id', None),
department=request.args.get('department', None),
next=request.args.get('next', None),
verification=request.args.get(
'verification', None))
user = None
authenticated = False
account_manager = Account_Manager()
if not account_manager.ip_limit():
flash(u"由于您的操作错误太过频繁,请于30分钟之后再做尝试!", "danger")
return render_template("account/login.html",
form=form,
form_regist=form_regist,
action="login")
current_app.logger.info(form.validate_on_submit())
if form.validate_on_submit():
gm = GeetestManage()
if not gm.validata_captcha():
# if not account_manager.verification_code(form.verification.data):
flash(u"验证码错误!", "danger")
account_manager.regist_failed()
return render_template("account/login.html",
form=form,
form_regist=form_regist)
if not account_manager.can_login(form.login.data):
flash(u"密码错误次数太多,请于24小时后再尝试登陆 或 联系管理员!", "danger")
return render_template("account/login.html",
form=form,
form_regist=form_regist)
user, authenticated = User.query.authenticate(form.login.data,
form.password.data)
if not authenticated:
logined_num = account_manager.login_failed(form.login.data)
if logined_num is None:
flash(u"账号或密码错误!", "danger")
else:
flash(u"账号或密码错误!还可以登录{0}次。".format(logined_num), "danger")
return render_template("account/login.html",
form=form,
form_regist=form_regist)
if request.method == "POST" and user and authenticated:
session.permanent = form.remember.data
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.uid))
user.logined_num = 0
db.session.commit()
next_url = form.next.data
current_app.logger.info(next_url)
if not next_url or next_url == request.path:
next_url = url_for('index.home')
return redirect(next_url)
elif request.method == "POST":
flash(u"登陆失败,请重试!", "danger")
return render_template("account/login.html",
form=form,
form_regist=form_regist)
return dict(form=form, form_regist=form_regist)
