def pic_info(): """ 修改头像页面 :return: 'POST'=json """ user = g.user if not user: return redirect('/') if request.method == 'GET': data = {'user': user.to_dict()} return render_template('news/user_pic_info.html', data=data) elif request.method == 'POST': # 获取参数 try: avatar = request.files.get('avatar').read() except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg='数据错误') # 上传图片 try: url = storage(avatar) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.THIRDERR, errmsg='上传失败') # 将url保存到数据库 user.avatar_url = url db_commit(db) data = {'avatar_url': constants.QINIU_DOMIN_PREFIX + url} return jsonify(errno=RET.OK, errmsg='上传成功', data=data)
def pass_info(): """ 修改密码页面 :return: 'POST'=json """ user = g.user if not user: return redirect('/') if request.method == 'GET': return render_template('news/user_pass_info.html') elif request.method == 'POST': # 获取参数 resp = request.json old_password = resp.get('old_password') new_password = resp.get('new_password') # 校验参数 if not all(['old_password', 'new_password']): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') # 校验密码 if user.check_password(old_password): user.password = new_password else: return jsonify(errno=RET.PWDERR, errmsg='密码错误') db_commit(db) # 密码修改成功后,修改session中的信息 session['id'] = user.id session['password'] = user.password_hash return jsonify(errno=RET.OK, errmsg='密码修改成功')
def do_edit(): """ 确认审核:accept/reject :return: json """ # 接收参数 resp = request.form news_id = resp.get("news_id") title = resp.get("title") digest = resp.get("digest") content = resp.get("content") index_image = request.files.get("index_image") category_id = resp.get("category_id") # 校验参数 if not all([news_id, title, digest, content, category_id]): return jsonify(errno=RET.PARAMERR, errmsg="参数错误") try: news_id = int(news_id) category_id = int(category_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.PARAMERR, errmsg="参数错误") # 查询新闻 news = News try: news = News.query.get(news_id) except Exception as e: current_app.logger.error(e) if not news: return jsonify(errno=RET.NODATA, errmsg="未查询到数据") if index_image: try: index_image = index_image.read() key = storage(index_image) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.THIRDERR, errmsg='图片上传错误') news.index_image_url = constants.QINIU_DOMIN_PREFIX + key news.title = title news.digest = digest news.category_id = category_id news.content = content news.update_time = datetime.datetime.now() db_commit(db) return jsonify(errno=RET.OK, errmsg='操作成功')
def category_edit(): """ 新闻分类管理 :return: """ if request.method == 'GET': try: categories = Category.query.filter(Category.id != 1).all() except Exception as e: current_app.logger.error(e) return redirect(url_for('admin.index')) data = {'categories': categories} return render_template('admin/news_type.html', data=data) elif request.method == 'POST': # 接收参数 resp = request.json category_id = resp.get('id') category_name = resp.get('name') if not category_name: return jsonify(errno=RET.PARAMERR, errmsg='参数错误') if category_id: try: category_id = int(category_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.PARAMERR, errmsg='参数错误') try: category = Category.query.get(category_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='数据库错误') if category: category.name = category_name else: return jsonify(errno=RET.NODATA, errmsg='数据错误') else: category = Category() category.name = category_name db.session.add(category) db_commit(db) return jsonify(errno=RET.OK, errmsg='操作成功')
def register(): """ 点击注册实现验证并注册 :return: """ # 获取参数和判断是否有值 resp = request.json mobile = resp.get('mobile') sms_code = resp.get('sms_code') password = resp.get('password') if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') # 从Redis中获取指定手机号对应的短信验证码的 try: real_sms_code = redis_store.get('SMSCode_' + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg='查询失败') # 判断验证码是否过期 if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg='验证码已失效') # 校验验证码 if sms_code != real_sms_code: return jsonify(errno=RET.DATAERR, errmsg='验证码错误') # 初始化user模型,并设置数据并添加到数据库 user = User() user.mobile = mobile user.nick_name = mobile user.create_time = datetime.now() user.last_login = datetime.now() # 设置password属性会自动设置password_hash user.password = password # 保存当前用户的状态 db.session.add(user) db_commit(db) # 保存用户登录状态 session['id'] = user.id session['password'] = user.password_hash session['is_admin'] = user.is_admin # 返回注册的结果 return jsonify(errno=RET.OK, errmsg='注册成功')
def make_review(): """ 确认审核:accept/reject :return: json """ # 接收参数 resp = request.json news_id = resp.get('news_id') action = resp.get('action') reason = resp.get('reason') # 校验参数 if not all([news_id, action]): return jsonify(errno=RET.PARAMERR, errmsg='参数错误') if action not in ['accept', 'reject']: return jsonify(errno=RET.PARAMERR, errmsg='参数错误') try: news_id = int(news_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.PARAMERR, errmsg='参数错误') # 根据news_id查询新闻 try: news = News.query.get(news_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='查询错误') if not news: return jsonify(errno=RET.NODATA, errmsg='新闻不存在') if news.status != 1: return redirect(url_for('admin.news_review')) if action == 'accept': news.status = 0 elif action == 'reject': if not reason: jsonify(errno=RET.PARAMERR, errmsg='参数错误') else: news.status = -1 news.reason = reason db_commit(db) return jsonify(errno=RET.OK, errmsg='操作成功')
def news_comment(): """ 评论新闻 :return: json """ # 判断是否登录 user = g.user if not user: return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录') # 获取参数 resp = request.json news_id = resp.get('news_id') comment_info = resp.get('comment') parent_id = resp.get('parent_id') # 校验参数 if not all([news_id, comment_info]): return jsonify(errno=RET.PARAMERR, errmsg='参数错误') # 根据新闻id查询新闻,校验是否存在 get_news(news_id) # 初始化评论模型 comment = Comment() comment.user_id = user.id comment.news_id = news_id comment.content = comment_info if parent_id: try: parent_id = int(parent_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.PARAMERR, errmsg='参数错误') comment.parent_id = parent_id # 将数据添加到数据库 db.session.add(comment) db_commit(db) data = comment.to_dict() return jsonify(errno=RET.OK, errmsg='评论成功', data=data)
def login(): """ 登录功能逻辑 :return: """ # 获取参数和判断是否有值 resp = request.json mobile = resp.get('mobile') password = resp.get('password') if not all([mobile, password]): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') # 判断手机号是否合法 if not re.match(r'^1[3456789]\d{9}$', mobile): return jsonify(errno=RET.DATAERR, errmsg='用户不存在') # 从数据库查询出指定的用户 try: user = User.query.filter(User.mobile == mobile).first() except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='查询失败') # 判断用户是否存在 if not user: return jsonify(errno=RET.NODATA, errmsg='用户不存在') # 校验密码 if not user.check_password(password): return jsonify(errno=RET.PWDERR, errmsg='用户名或密码错误') # 保存用户登录状态 session['id'] = user.id session['password'] = user.password_hash session['is_admin'] = user.is_admin # 记录用户最后一次登录时间 # FIXME: 逻辑需要修正 user.last_login = datetime.now() db_commit(db) return jsonify(errno=RET.OK, errmsg='登陆成功')
def followed_user(): """ 关注与取消关注 :return: """ # 判断登录 user = g.user if not user: return jsonify(errno=RET.SESSIONERR, errmsg="未登录") # 获取参数 author_id = request.json.get("user_id") action = request.json.get("action") # 校验参数 if not all([author_id, action]): return jsonify(errno=RET.PARAMERR, errmsg="参数错误") if action not in ("follow", "unfollow"): return jsonify(errno=RET.PARAMERR, errmsg="参数错误") # 查询作者 try: author = User.query.get(author_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库错误") if not author: return jsonify(errno=RET.NODATA, errmsg="数据错误") if action == "follow" and author not in user.followed: user.followed.append(author) elif action == "unfollow" and author in user.followed: user.followed.remove(author) else: return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作') db_commit(db) return jsonify(errno=RET.OK, errmsg="操作成功")
def base_info(): """ 修改个人信息页面 :return: 'POST'=json """ user = g.user if not user: return redirect('/') if request.method == 'GET': data = {'user': user.to_dict()} return render_template('news/user_base_info.html', data=data) elif request.method == 'POST': # 获取参数 resp = request.json nick_name = resp.get('nick_name') signature = resp.get('signature') gender = resp.get('gender') # 校验参数 if not all([nick_name, signature, gender]): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') if len(nick_name) > 32 or len(signature) > 128 or gender not in [ 'MAN', 'WOMAN' ]: return jsonify(errno=RET.PARAMERR, errmsg='参数错误') user.nick_name = nick_name user.signature = signature user.gender = gender db_commit(db) return jsonify(errno=RET.OK, errmsg='更新成功')
def news_collect(): """ 收藏和取消收藏 :return: json """ # 判断是否登录 user = g.user if not user: return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录') # 获取参数 resp = request.json news_id = resp.get('news_id') action = resp.get('action') # 校验参数 if not all([news_id, action]): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') if action not in ['collect', 'cancel_collect']: return jsonify(errno=RET.PARAMERR, errmsg='参数错误') # 根据新闻id查询新闻 news = get_news(news_id) # 代码执行到此说明用户已经登录,且新闻存在 if action == 'cancel_collect' and news in user.collection_news: user.collection_news.remove(news) elif action == 'collect' and news not in user.collection_news: user.collection_news.append(news) else: return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作') db_commit(db) return jsonify(errno=RET.OK, errmsg='收藏成功')
def news_release(): """ 用户中心发布新闻页 :return: 'POST'=json """ if request.method == 'GET': # 查询新闻种类 categories = list() try: categories = Category.query.filter(Category.id != 1).all() except Exception as e: current_app.logger.error(e) category_dict_li = list() for item in categories: category_dict_li.append(item.to_dict()) data = {'categories': category_dict_li} return render_template('news/user_news_release.html', data=data) elif request.method == 'POST': # 校验登录 user = g.user if not user: return redirect('/') # 获取参数 resp = request.form title = resp.get('title') category_id = resp.get('category_id') digest = resp.get('digest') index_image = request.files.get('index_image') content = resp.get('content') # 校验参数 if not all([title, category_id, digest, index_image, content]): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') try: category_id = int(category_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.PARAMERR, errmsg='参数错误') if len(title) > 256 or len(digest) > 512: return jsonify(errno=RET.PARAMERR, errmsg='参数错误') # 读取图片, 存入七牛 try: index_image = index_image.read() index_image_url = constants.QINIU_DOMIN_PREFIX + storage( index_image) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.THIRDERR, errmsg='上传图片错误') # 初始化新闻对象 news = News() news.title = title news.category_id = category_id news.digest = digest news.index_image_url = index_image_url news.content = content news.source = '个人发布' news.user_id = user.id news.status = 1 # 将对象保存到数据库 db.session.add(news) db_commit(db) return jsonify(errno=RET.OK, errmsg='新闻发布成功等待审核')
def comment_like(): """ 点赞和取消点赞功能 :return: json """ # 校验用户是否登录 user = g.user if not user: return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录') # 获取参数 resp = request.json comment_id = resp.get('comment_id') action = resp.get('action') # 校验参数 if not all([comment_id, action]): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') if action not in ['add', 'remove']: return jsonify(errno=RET.PARAMERR, errmsg='参数错误') try: comment_id = int(comment_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.PARAMERR, errmsg='参数错误') # 根据comment_id查询评论,校验是否存在 comment = None try: comment = Comment.query.get(comment_id) except Exception as e: current_app.logger.error(e) if not comment: return jsonify(errno=RET.NODATA, errmsg='评论不存在') # 代码执行到此说明用户登录,且评论存在 # 查询当前评论是否被当前用户点攒 try: comment_like = CommentLike.query.filter( CommentLike.user_id == user.id, CommentLike.comment_id == comment_id).first() except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='查询错误') if action == 'add' and not comment_like: # 生成点攒 new_comment_like = CommentLike() new_comment_like.user_id = user.id new_comment_like.comment_id = comment_id db.session.add(new_comment_like) # 点赞数+1 comment.like_count += 1 elif action == 'remove' and comment_like: # 删除点攒 db.session.delete(comment_like) # 点赞数-1 comment.like_count -= 1 else: return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作') db_commit(db) return jsonify(errno=RET.OK, errmsg="操作成功")