Example #1
0
def pic_info():
    """
    修改头像页面
    :return: 'POST'=json
    """
    user = g.user
    if not user:
        return redirect('/')

    if request.method == 'GET':
        data = {'user': user.to_dict()}
        return render_template('news/user_pic_info.html', data=data)

    elif request.method == 'POST':
        # 获取参数
        try:
            avatar = request.files.get('avatar').read()
        except Exception as e:
            current_app.logger.error(e)
            return jsonify(errno=RET.DATAERR, errmsg='数据错误')

        # 上传图片
        try:
            url = storage(avatar)
        except Exception as e:
            current_app.logger.error(e)
            return jsonify(errno=RET.THIRDERR, errmsg='上传失败')

        # 将url保存到数据库
        user.avatar_url = url
        db_commit(db)

        data = {'avatar_url': constants.QINIU_DOMIN_PREFIX + url}

        return jsonify(errno=RET.OK, errmsg='上传成功', data=data)
Example #2
0
def pass_info():
    """
    修改密码页面
    :return: 'POST'=json
    """
    user = g.user
    if not user:
        return redirect('/')

    if request.method == 'GET':
        return render_template('news/user_pass_info.html')

    elif request.method == 'POST':
        # 获取参数
        resp = request.json
        old_password = resp.get('old_password')
        new_password = resp.get('new_password')

        # 校验参数
        if not all(['old_password', 'new_password']):
            return jsonify(errno=RET.PARAMERR, errmsg='参数不全')

        # 校验密码
        if user.check_password(old_password):
            user.password = new_password
        else:
            return jsonify(errno=RET.PWDERR, errmsg='密码错误')

        db_commit(db)

        # 密码修改成功后,修改session中的信息
        session['id'] = user.id
        session['password'] = user.password_hash

        return jsonify(errno=RET.OK, errmsg='密码修改成功')
Example #3
0
def do_edit():
    """
    确认审核:accept/reject
    :return: json
    """
    # 接收参数
    resp = request.form
    news_id = resp.get("news_id")
    title = resp.get("title")
    digest = resp.get("digest")
    content = resp.get("content")
    index_image = request.files.get("index_image")
    category_id = resp.get("category_id")

    # 校验参数
    if not all([news_id, title, digest, content, category_id]):
        return jsonify(errno=RET.PARAMERR, errmsg="参数错误")

    try:
        news_id = int(news_id)
        category_id = int(category_id)
    except Exception as e:
        current_app.logger.error(e)
        return jsonify(errno=RET.PARAMERR, errmsg="参数错误")

    # 查询新闻
    news = News
    try:
        news = News.query.get(news_id)
    except Exception as e:
        current_app.logger.error(e)

    if not news:
        return jsonify(errno=RET.NODATA, errmsg="未查询到数据")

    if index_image:
        try:
            index_image = index_image.read()
            key = storage(index_image)
        except Exception as e:
            current_app.logger.error(e)
            return jsonify(errno=RET.THIRDERR, errmsg='图片上传错误')

        news.index_image_url = constants.QINIU_DOMIN_PREFIX + key

    news.title = title
    news.digest = digest
    news.category_id = category_id
    news.content = content
    news.update_time = datetime.datetime.now()

    db_commit(db)

    return jsonify(errno=RET.OK, errmsg='操作成功')
Example #4
0
def category_edit():
    """
    新闻分类管理
    :return:
    """
    if request.method == 'GET':
        try:
            categories = Category.query.filter(Category.id != 1).all()
        except Exception as e:
            current_app.logger.error(e)
            return redirect(url_for('admin.index'))

        data = {'categories': categories}

        return render_template('admin/news_type.html', data=data)

    elif request.method == 'POST':
        # 接收参数
        resp = request.json
        category_id = resp.get('id')
        category_name = resp.get('name')

        if not category_name:
            return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

        if category_id:
            try:
                category_id = int(category_id)
            except Exception as e:
                current_app.logger.error(e)
                return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

            try:
                category = Category.query.get(category_id)
            except Exception as e:
                current_app.logger.error(e)
                return jsonify(errno=RET.DBERR, errmsg='数据库错误')

            if category:
                category.name = category_name
            else:
                return jsonify(errno=RET.NODATA, errmsg='数据错误')
        else:
            category = Category()
            category.name = category_name
            db.session.add(category)

        db_commit(db)

        return jsonify(errno=RET.OK, errmsg='操作成功')
Example #5
0
def register():
    """
    点击注册实现验证并注册
    :return:
    """
    # 获取参数和判断是否有值
    resp = request.json
    mobile = resp.get('mobile')
    sms_code = resp.get('sms_code')
    password = resp.get('password')

    if not all([mobile, sms_code, password]):
        return jsonify(errno=RET.PARAMERR, errmsg='参数不全')

    # 从Redis中获取指定手机号对应的短信验证码的
    try:
        real_sms_code = redis_store.get('SMSCode_' + mobile)
    except Exception as e:
        current_app.logger.error(e)
        return jsonify(errno=RET.DATAERR, errmsg='查询失败')

    # 判断验证码是否过期
    if not real_sms_code:
        return jsonify(errno=RET.NODATA, errmsg='验证码已失效')

    # 校验验证码
    if sms_code != real_sms_code:
        return jsonify(errno=RET.DATAERR, errmsg='验证码错误')

    # 初始化user模型,并设置数据并添加到数据库
    user = User()
    user.mobile = mobile
    user.nick_name = mobile
    user.create_time = datetime.now()
    user.last_login = datetime.now()
    # 设置password属性会自动设置password_hash
    user.password = password

    # 保存当前用户的状态
    db.session.add(user)
    db_commit(db)

    # 保存用户登录状态
    session['id'] = user.id
    session['password'] = user.password_hash
    session['is_admin'] = user.is_admin

    # 返回注册的结果
    return jsonify(errno=RET.OK, errmsg='注册成功')
Example #6
0
def make_review():
    """
    确认审核:accept/reject
    :return: json
    """
    # 接收参数
    resp = request.json
    news_id = resp.get('news_id')
    action = resp.get('action')
    reason = resp.get('reason')

    # 校验参数
    if not all([news_id, action]):
        return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
    if action not in ['accept', 'reject']:
        return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

    try:
        news_id = int(news_id)
    except Exception as e:
        current_app.logger.error(e)
        return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

    # 根据news_id查询新闻
    try:
        news = News.query.get(news_id)
    except Exception as e:
        current_app.logger.error(e)
        return jsonify(errno=RET.DBERR, errmsg='查询错误')

    if not news:
        return jsonify(errno=RET.NODATA, errmsg='新闻不存在')

    if news.status != 1:
        return redirect(url_for('admin.news_review'))

    if action == 'accept':
        news.status = 0
    elif action == 'reject':
        if not reason:
            jsonify(errno=RET.PARAMERR, errmsg='参数错误')
        else:
            news.status = -1
            news.reason = reason

    db_commit(db)

    return jsonify(errno=RET.OK, errmsg='操作成功')
Example #7
0
def news_comment():
    """
    评论新闻
    :return: json
    """
    # 判断是否登录
    user = g.user
    if not user:
        return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录')

    # 获取参数
    resp = request.json
    news_id = resp.get('news_id')
    comment_info = resp.get('comment')
    parent_id = resp.get('parent_id')

    # 校验参数
    if not all([news_id, comment_info]):
        return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

    # 根据新闻id查询新闻,校验是否存在
    get_news(news_id)

    # 初始化评论模型
    comment = Comment()
    comment.user_id = user.id
    comment.news_id = news_id
    comment.content = comment_info
    if parent_id:
        try:
            parent_id = int(parent_id)
        except Exception as e:
            current_app.logger.error(e)
            return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

        comment.parent_id = parent_id

    # 将数据添加到数据库
    db.session.add(comment)
    db_commit(db)

    data = comment.to_dict()

    return jsonify(errno=RET.OK, errmsg='评论成功', data=data)
Example #8
0
def login():
    """
    登录功能逻辑
    :return:
    """
    # 获取参数和判断是否有值
    resp = request.json
    mobile = resp.get('mobile')
    password = resp.get('password')

    if not all([mobile, password]):
        return jsonify(errno=RET.PARAMERR, errmsg='参数不全')

    # 判断手机号是否合法
    if not re.match(r'^1[3456789]\d{9}$', mobile):
        return jsonify(errno=RET.DATAERR, errmsg='用户不存在')

    # 从数据库查询出指定的用户
    try:
        user = User.query.filter(User.mobile == mobile).first()
    except Exception as e:
        current_app.logger.error(e)
        return jsonify(errno=RET.DBERR, errmsg='查询失败')

    # 判断用户是否存在
    if not user:
        return jsonify(errno=RET.NODATA, errmsg='用户不存在')

    # 校验密码
    if not user.check_password(password):
        return jsonify(errno=RET.PWDERR, errmsg='用户名或密码错误')

    # 保存用户登录状态
    session['id'] = user.id
    session['password'] = user.password_hash
    session['is_admin'] = user.is_admin

    # 记录用户最后一次登录时间  # FIXME: 逻辑需要修正
    user.last_login = datetime.now()
    db_commit(db)

    return jsonify(errno=RET.OK, errmsg='登陆成功')
Example #9
0
def followed_user():
    """
    关注与取消关注
    :return:
    """
    # 判断登录
    user = g.user
    if not user:
        return jsonify(errno=RET.SESSIONERR, errmsg="未登录")

    # 获取参数
    author_id = request.json.get("user_id")
    action = request.json.get("action")

    # 校验参数
    if not all([author_id, action]):
        return jsonify(errno=RET.PARAMERR, errmsg="参数错误")

    if action not in ("follow", "unfollow"):
        return jsonify(errno=RET.PARAMERR, errmsg="参数错误")

    # 查询作者
    try:
        author = User.query.get(author_id)
    except Exception as e:
        current_app.logger.error(e)
        return jsonify(errno=RET.DBERR, errmsg="数据库错误")

    if not author:
        return jsonify(errno=RET.NODATA, errmsg="数据错误")

    if action == "follow" and author not in user.followed:
        user.followed.append(author)
    elif action == "unfollow" and author in user.followed:
        user.followed.remove(author)
    else:
        return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作')

    db_commit(db)

    return jsonify(errno=RET.OK, errmsg="操作成功")
Example #10
0
def base_info():
    """
    修改个人信息页面
    :return: 'POST'=json
    """
    user = g.user
    if not user:
        return redirect('/')

    if request.method == 'GET':
        data = {'user': user.to_dict()}
        return render_template('news/user_base_info.html', data=data)

    elif request.method == 'POST':
        # 获取参数
        resp = request.json
        nick_name = resp.get('nick_name')
        signature = resp.get('signature')
        gender = resp.get('gender')

        # 校验参数
        if not all([nick_name, signature, gender]):
            return jsonify(errno=RET.PARAMERR, errmsg='参数不全')

        if len(nick_name) > 32 or len(signature) > 128 or gender not in [
                'MAN', 'WOMAN'
        ]:
            return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

        user.nick_name = nick_name
        user.signature = signature
        user.gender = gender

        db_commit(db)

        return jsonify(errno=RET.OK, errmsg='更新成功')
Example #11
0
def news_collect():
    """
    收藏和取消收藏
    :return: json
    """
    # 判断是否登录
    user = g.user
    if not user:
        return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录')

    # 获取参数
    resp = request.json
    news_id = resp.get('news_id')
    action = resp.get('action')

    # 校验参数
    if not all([news_id, action]):
        return jsonify(errno=RET.PARAMERR, errmsg='参数不全')

    if action not in ['collect', 'cancel_collect']:
        return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

    # 根据新闻id查询新闻
    news = get_news(news_id)

    # 代码执行到此说明用户已经登录,且新闻存在
    if action == 'cancel_collect' and news in user.collection_news:
        user.collection_news.remove(news)
    elif action == 'collect' and news not in user.collection_news:
        user.collection_news.append(news)
    else:
        return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作')

    db_commit(db)

    return jsonify(errno=RET.OK, errmsg='收藏成功')
Example #12
0
def news_release():
    """
    用户中心发布新闻页
    :return: 'POST'=json
    """
    if request.method == 'GET':
        # 查询新闻种类
        categories = list()
        try:
            categories = Category.query.filter(Category.id != 1).all()
        except Exception as e:
            current_app.logger.error(e)

        category_dict_li = list()
        for item in categories:
            category_dict_li.append(item.to_dict())

        data = {'categories': category_dict_li}

        return render_template('news/user_news_release.html', data=data)

    elif request.method == 'POST':
        # 校验登录
        user = g.user
        if not user:
            return redirect('/')

        # 获取参数
        resp = request.form
        title = resp.get('title')
        category_id = resp.get('category_id')
        digest = resp.get('digest')
        index_image = request.files.get('index_image')
        content = resp.get('content')

        # 校验参数
        if not all([title, category_id, digest, index_image, content]):
            return jsonify(errno=RET.PARAMERR, errmsg='参数不全')

        try:
            category_id = int(category_id)
        except Exception as e:
            current_app.logger.error(e)
            return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

        if len(title) > 256 or len(digest) > 512:
            return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

        # 读取图片, 存入七牛
        try:
            index_image = index_image.read()
            index_image_url = constants.QINIU_DOMIN_PREFIX + storage(
                index_image)
        except Exception as e:
            current_app.logger.error(e)
            return jsonify(errno=RET.THIRDERR, errmsg='上传图片错误')

        # 初始化新闻对象
        news = News()
        news.title = title
        news.category_id = category_id
        news.digest = digest
        news.index_image_url = index_image_url
        news.content = content
        news.source = '个人发布'
        news.user_id = user.id
        news.status = 1

        # 将对象保存到数据库
        db.session.add(news)
        db_commit(db)

        return jsonify(errno=RET.OK, errmsg='新闻发布成功等待审核')
Example #13
0
def comment_like():
    """
    点赞和取消点赞功能
    :return: json
    """
    # 校验用户是否登录
    user = g.user
    if not user:
        return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录')

    # 获取参数
    resp = request.json
    comment_id = resp.get('comment_id')
    action = resp.get('action')

    # 校验参数
    if not all([comment_id, action]):
        return jsonify(errno=RET.PARAMERR, errmsg='参数不全')

    if action not in ['add', 'remove']:
        return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

    try:
        comment_id = int(comment_id)
    except Exception as e:
        current_app.logger.error(e)
        return jsonify(errno=RET.PARAMERR, errmsg='参数错误')

    # 根据comment_id查询评论,校验是否存在
    comment = None

    try:
        comment = Comment.query.get(comment_id)
    except Exception as e:
        current_app.logger.error(e)

    if not comment:
        return jsonify(errno=RET.NODATA, errmsg='评论不存在')

    # 代码执行到此说明用户登录,且评论存在
    # 查询当前评论是否被当前用户点攒
    try:
        comment_like = CommentLike.query.filter(
            CommentLike.user_id == user.id,
            CommentLike.comment_id == comment_id).first()
    except Exception as e:
        current_app.logger.error(e)
        return jsonify(errno=RET.DBERR, errmsg='查询错误')

    if action == 'add' and not comment_like:
        # 生成点攒
        new_comment_like = CommentLike()
        new_comment_like.user_id = user.id
        new_comment_like.comment_id = comment_id
        db.session.add(new_comment_like)
        # 点赞数+1
        comment.like_count += 1

    elif action == 'remove' and comment_like:
        # 删除点攒
        db.session.delete(comment_like)
        # 点赞数-1
        comment.like_count -= 1

    else:
        return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作')

    db_commit(db)

    return jsonify(errno=RET.OK, errmsg="操作成功")