def post(self): author = self.get_session('username') email = self.get_session('current_email') if not (author and email): self.write_response({},0,'获取作者信息出错!') return post_data = self.request.body try: data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return try: action = data.get("action", None) if not action: self.write_response({}, 0, _err='没有相应的操作方法!') if action == "add_article": title = data.get("title",None) content = data.get("content_html",None) category = data.get("category",None) desc = data.get("desc",None) if not(title and content and category): self.write_response({},0,'获取文章信息出错!') return try: article_coll = BaseMotor().client[MongoBasicInfoDb][ARTICLES] insert_html = { 'title':title, 'pub_time':int(time.time()), 'update_time':'', 'is_top':False, 'is_active':True, 'author':author, 'email':email, 'desc':desc, 'content':content, 'category':category } res = yield article_coll.insert_one(insert_html) if not res: self.write_response({},0,'添加文章失败!') return else: self.write_response({}) except Exception as e: logging.exception(e) else: pass except Exception as e: logging.exception(e)
def post(self): post_data = self.request.body try: data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return try: action = data.get("action", None) if not action: self.write_response({}, 0, _err='没有相应的操作方法!') elif action == 'reset_pwd': email = self.get_session('current_email') if not email: self.write_response({},0,'账户获取出错,无法修改密码!') return try: old_password = data.get('old_password',None) new_password = data.get('new_password',None) repeat_password = data.get('repeat_password',None) if not(old_password and new_password and repeat_password): self.write_response({},0,'获取密码信息出错!') return front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] front_user_doc = yield front_user_coll.find_one({'user_email': email}) password = front_user_doc['password'] if not password: self.write_response({}, 0, '密码验证获取错误!') return if not front_user_doc: self.write_response({}, 0, '此邮箱账户未注册使用!') return if make_password(old_password) != password: self.write_response({},0,'原密码错误!无法修改密码!') return if new_password != repeat_password: self.write_response({},0,'两次密码输入不一致,无法修改密码') res = front_user_coll.update_one({'user_email': email},{ '$set':{ '{0}'.format('password'):make_password(new_password) } }) if not res: self.write_response({},0,'密码修改失败!') self.write_response({}) except Exception as e: logging.exception(e) else: pass except Exception as e: logging.exception(e)
def get(self): try: email = self.get_session("current_email") data = { "role": self.get_session("role"), "email": email, "permission": self.get_session("permission") } if data["permission"] == "super_admin": super_coll = BaseMotor().client[MongoBasicInfoDb][CMS_USER] super_doc = yield super_coll.find_one({"_id": email}) data['roles'] = super_doc['own_roles'] self.write_response(data) except Exception as e: logging.exception(e) self.write_response({}, 0, '获取数据异常')
def get(self): try: email = self.get_session("current_email") args = { "title": "后台管理系统", "role": self.get_session("role"), "email": email, "permission": self.get_session("permission") } user_coll = BaseMotor().client[MongoBasicInfoDb][CMS_USER] user_doc = yield user_coll.find_one({"_id": email}) args['user_name'] = user_doc['user_name'] args['user_email'] = user_doc['user_email'] args['tel'] = user_doc['tel'] args['status'] = str(user_doc['status']) self.render("cms/cms_profile.html", **args) except Exception as e: logging.exception(e)
def post(self): try: gt = GeetestLib(GT_ID, GT_KEY) challenge = self.get_argument(gt.FN_CHALLENGE, "") validate = self.get_argument(gt.FN_VALIDATE, "") seccode = self.get_argument(gt.FN_SECCODE, "") status = int(self.session[gt.GT_STATUS_SESSION_KEY]) user_id = self.session["user_id"] if status: verify_res = gt.success_validate(challenge, validate, seccode, user_id) else: verify_res = gt.failback_validate(challenge, validate, seccode) self.session["user_id"] = user_id if verify_res: email = self.get_argument("email") password = self.get_argument("password") if email and password: password = make_password(password) student_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] stu_doc = yield student_coll.find_one({"user_email": email}) if not stu_doc: msg = '账户不存在,请重新输入或前往注册!' self.render("front/front_signin.html", msg=msg,action_url = '/signin') else: pwd = stu_doc['password'] if password == pwd: self.session['current_email'] = stu_doc['user_email'] self.session['role'] = stu_doc['role'] self.session['username'] = stu_doc['user_name'] if stu_doc['user_name'] != '' else stu_doc['user_email'] self.redirect("/") else: msg = '密码错误,请重新输入!' self.render("front/front_signin.html", msg=msg, action_url='/signin') else: msg = '邮箱或密码值获取错误,请重新输入!' self.render("front/front_signin.html", msg=msg ,action_url = '/signin') else: msg = '验证码验证失败,请重新验证!' self.render("front/front_signin.html",msg=msg ,action_url = '/signin') except Exception as e: print e logging.exception(e) self.render("front/front_signin.html", msg=e,action_url = '/signin')
def get(self): email = self.get_session('current_email') name = self.get_session("username") if self.get_session("username") else email role = self.get_session('role') if self.get_session('role') else '' try: stu_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] stu_doc = yield stu_coll.find_one({'user_email': email }) if stu_doc: stu_info = stu_doc stu_info['id'] = stu_info['_id'] del stu_info['_id'] args = { 'user': email, 'role': role, 'username': name, } for k,v in stu_info.items(): args[k] = v args['create_time'] = time_formatting(args['create_time']) self.render("front/front_profile.html", **args) except Exception as e: logging.exception(e)
def get(self): email = self.get_session('current_email') name = self.get_session("username") if self.get_session("username") else email role = self.get_session('role') if self.get_session('role') else '' article_id = self.get_argument('article_id',None) if not article_id: self.write_response({},0,'文章id获取错误!') return try: article_coll = BaseMotor().client[MongoBasicInfoDb][ARTICLES] article_doc = yield article_coll.find_one({'_id':ObjectId(article_id)}) args = { 'user': email, 'role': role, 'username': name, } if article_doc: for k,v in article_doc.items(): args[k] = v args['pub_time'] = time_formatting(args['pub_time']) self.render("front/front_article_detail.html", **args) except Exception as e: logging.exception(e)
def post(self): try: post_data = self.request.body try: data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return action = data.get('action', None) if not action: self.write_response({}, 0, '获取操作失败!') return if action == 'ban': email = data.get('email', None) if not email: self.write_response({}, 0, '邮箱账户获取出错!') return try: cms = CmsUser(email=email, new_status=False) if cms.ban_cms_user: self.write_response({}) return else: self.write_response({}, 0, '禁用失败!') return except Exception as e: logging.exception(e) elif action == 'start_use': email = data.get('email', None) if not email: self.write_response({}, 0, '邮箱账户获取出错!') return try: cms = CmsUser(email=email, new_status=True) if cms.ban_cms_user: self.write_response({}) return else: self.write_response({}, 0, '启用失败!') return except Exception as e: logging.exception(e) elif action == 'add': email = data.get('email', None) password = data.get('password', None) tel = data.get('tel', None) permission = data.get('permission', None) username = data.get('username', None) if not (email and password and tel and permission and username): self.write_response({}, 0, '缺少用户信息!') return role = '' if permission == 'admin': role = u'管理' elif permission == 'student': role = u'学生' else: role = u'老师' # 学生用户 insert_doc = { "_id": email, "status": True, "password": make_password(password), "avator": "", "create_time": int(time.time()), "permission": permission, "tel": tel, "role": role, "user_name": username, "user_email": email } if permission != 'student': try: cms_coll = BaseMotor( ).client[MongoBasicInfoDb][CMS_USER] cms_doc = yield cms_coll.find_one( {'user_email': email}) if not cms_doc: res = cms_coll.insert_one(insert_doc) if not res: self.write_response({}, 0, '用户添加失败!') return else: self.write_response({}) return else: self.write_response({}, 0, '邮箱账户已存在!') return except Exception as e: logging.exception(e) #学生用户 else: try: stu_coll = BaseMotor( ).client[MongoBasicInfoDb][STUDENTS] stu_doc = yield stu_coll.find_one({'email': email}) if not stu_doc: insert_doc["stu_num"] = "" res = stu_coll.insert_one(insert_doc) if not res: self.write_response({}, 0, '用户添加失败!') else: self.write_response({}) else: self.write_response({}, 0, '邮箱账户已存在!') return except Exception as e: logging.exception(e) except Exception as e: logging.exception(e) self.write_response(response='', _status=0, _err='系统异常') return
def post(self): post_data = self.request.body try: post_data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return get_type = post_data.get('type', None) action = post_data.get('action', None) if not (get_type and action): self.write_response({}, 0, '参数错误') return try: bulletin_coll = BaseMotor( ).client[MongoBasicInfoDb][BULLETIN_INFOS] except Exception as e: logging.exception(e) self.write_response({}, 0, e) return if action == 'add': bulletin_title = post_data.get('bulletin_title', None) bulletin_content = post_data.get('bulletin_content', None) bulletin_author = post_data.get('bulletin_author', None) bulletin_type = post_data.get('bulletin_type', None) if not bulletin_title: self.write_response({}, 0, '公告标题不能为空!') return if not bulletin_content: self.write_response({}, 0, '公告内容不能为空!') return if not bulletin_author: self.write_response({}, 0, '作者获取异常!') return if not bulletin_type: self.write_response({}, 0, '公告类型获取有误!') return res = yield bulletin_coll.find_one({'_id': bulletin_author}) try: insert_info = { 'title': bulletin_title, 'author': bulletin_author, 'type': bulletin_type, 'content': bulletin_content, 'pub_time': int(time.time()), 'update_time': '', 'is_top': False, 'is_active': True } res = bulletin_coll.insert_one(insert_info) if res: self.write_response({}) else: self.write_response({}, 0, '公告创建失败') except Exception as e: logging.exception(e) self.write_response({}, 0, e) return elif action == 'rename': old_title_name = post_data.get('old_name', None) old_title_name = to_string(old_title_name) id = post_data.get('id', None) if not id: self.write_response({}, 0, '标题id获取异常!') return new_title_name = post_data.get('new_name', None) new_title_name = to_string(new_title_name) if not (new_title_name and old_title_name): self.write_response({}, 0, '标题参数错误,无法删除!') return try: res = bulletin_coll.update_one({'_id': ObjectId(id)}, { '$set': { '{0}'.format('title'): new_title_name, '{0}'.format('pub_time'): int(time.time()) } }) if not res: self.write_response({}, 0, '修改公告标题失败!') self.write_response({}) except Exception as e: logging.exception(e) self.write_response({}, 0, '修改公告标题失败!') elif action == 'del': id = post_data.get('id', None) if not id: self.write_response({}, 0, '公告id为空,无法删除!') return try: res = bulletin_coll.update_one({'_id': ObjectId(id)}, { '$unset': { 'title': '', 'author': '', 'type': '', 'content': '', 'pub_time': '', 'update_time': '', 'is_top': '', 'is_active': '' } }) if not res: self.write_response({}, 0, '删除公告失败!') self.write_response({}) except Exception as e: logging.exception(e) self.write_response({}, 0, '删除公告失败!') elif action == 'top': id = post_data.get('id', None) if not id: self.write_response({}, 0, '公告id获取异常,无法操作!') return try: res = bulletin_coll.update({'_id': ObjectId(id)}, { '$set': { '{0}'.format('update_time'): int(time.time()), '{0}'.format('is_top'): True, '{0}'.format('is_active'): True, '{0}'.format('top_time'): int(time.time()) } }) if not res: self.write_response({}, 0, '置顶公告失败!') self.write_response({}) except Exception as e: logging.exception(e) self.write_response({}, 0, '置顶公告失败!!') elif action == 'cancel_top': id = post_data.get('id', None) if not id: self.write_response({}, 0, '公告id获取异常,无法操作!') return try: res = bulletin_coll.update({'_id': ObjectId(id)}, { '$set': { '{0}'.format('update_time'): int(time.time()), '{0}'.format('is_top'): False, '{0}'.format('is_active'): True, '{0}'.format('top_time'): '' } }) if not res: self.write_response({}, 0, '取消操作失败!') self.write_response({}) except Exception as e: logging.exception(e) self.write_response({}, 0, '取消操作失败!') elif action == 'modify': content = post_data.get('content', None) is_active = post_data.get('is_active', None) is_active = bool(is_active) id = post_data.get('id', None) if not id: self.write_response({}, 0, '公告id获取失败,无法修改!') return if not content: self.write_response({}, 0, '公告内容获取失败,无法修改!') return try: res = bulletin_coll.update_one({'_id': ObjectId(id)}, { '$set': { '{0}'.format('update_time'): int(time.time()), '{0}'.format('is_active'): is_active, '{0}'.format('content'): content } }) if res: self.write_response({}) else: self.write_response({}, 0, '修改内容失败!') except Exception as e: logging.exception(e) self.write_response({}, 0, '修改内容失败!') else: pass
def post(self): post_data = self.request.body try: post_data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return try: action = post_data.get("action",None) if not action: self.write_response({},0,_err='没有相应的操作方法!') elif action == 'retrieve_password': email = post_data.get("email", None) if email: subject = '计算机组成与结构教学网站邮箱找回密码服务验证!' captcha = get_captcha(4) self.conn.set("email_captcha", captcha) body = "温馨提示:尊敬的用户,您好!我们的工作人员是不会向您索要邮箱验证码,请务将验证码告诉他人,以免您的账户信息泄漏!\n您的邮箱验证码是:【" + captcha + "】10分钟内有效!" try: message = send_email(self, subject=subject, body=body, to_email=email) has_send = self.get_session('has_send_email') if not has_send: self.session['has_send_email'] = email message.send() self.write_response({}) except Exception as e: print e self.render("front/front_forgetpwd.html", msg=e, action_url='/forgetpwd') else: self.render("front/front_forgetpwd.html", msg='邮箱帐号异常!', action_url='/forgetpwd') elif action == 'verify': email = post_data.get("email", None) captcha = post_data.get("captcha",None) cache_captcha = self.conn.get("email_captcha") if not (cache_captcha and captcha): self.write_response({},0,'缺少邮箱验证码信息!') return if not email: self.write_response({},0,'缺少邮箱帐号信息!') return try: front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] front_user_doc = front_user_coll.find_one({'user_email':email}) if not front_user_doc: self.write_response({},0,'此邮箱账户未注册使用!') return else: if cache_captcha.lower() == captcha.lower(): self.write_response({}) return else: self.write_response({},0,'邮箱验证码错误!') return except Exception as e: logging.exception(e) elif action == 'save': email = post_data.get("email", None) password = post_data.get("password", None) repeat_password = post_data.get("repeat_password",None) if not email: self.write_response({},0,'缺少邮箱帐号信息!') return if not (password and repeat_password): self.write_response({},0,'密码获取错误!') return try: front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] front_user_doc = front_user_coll.find_one({'user_email':email}) if not front_user_doc: self.write_response({},0,'此邮箱账户未注册使用!') return else: if password == repeat_password: res = front_user_coll.update_one({'user_email':email},{ '$set':{ '{0}'.format('password'):make_password(password) } }) if res: self.write_response({}) else: self.write_response({},0,'密码找回失败!') else: self.write_response({},0,'两次密码输入不一致!') return except Exception as e: logging.exception(e) else: pass except Exception as e: logging.exception(e) print e
def post(self): post_data = self.request.body try: post_data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return try: action = post_data.get("action",None) if not action: self.write_response({},0,_err='没有相应的操作方法!') elif action == 'send_email': email = post_data.get("email", None) if email: subject = '计算机组成与结构教学网站邮箱注册服务验证!' captcha = get_captcha(4) self.conn.set("email_captcha",captcha) body = "温馨提示:尊敬的用户,您好!我们的工作人员是不会向您索要邮箱验证码,请务将验证码告诉他人,以免您的账户信息泄漏!\n您的邮箱验证码是:【"+captcha+"】10分钟内有效!" try: message = send_email(self,subject=subject,body=body,to_email=email) has_send = self.get_session('has_send_email') if not has_send: self.session['has_send_email'] = email message.send() self.write_response({}) except Exception as e: print e self.render("front/front_regist.html", msg=e, action_url='/regist') else: self.render("front/front_regist.html", msg='邮箱帐号异常!', action_url='/regist') elif action == 'regist': email = post_data.get("email",None) password = post_data.get("password",None) captcha = post_data.get("captcha",None) if not (email and password and captcha): self.write_response({},0,_err='值获取错误!') cache_captcha = self.conn.get("email_captcha") if cache_captcha.lower() == captcha: password = make_password(password) try: user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] user_doc = yield user_coll.find_one({"user_email": email}) if not user_doc: try: document = { "_id": email, "status": True, "password": password, "avator": "", "create_time": int(time.time()), "permission": "student", "tel": "", "role": "学生", "user_name": "", "user_email": email, "stu_num": "" } res = user_coll.insert(document) if not res: self.write_response({},0,_err='更新数据库出错!') else: self.write_response({}) except Exception as e: print e self.render("front/front_regist.html", msg=e, action_url='/regist') else: self.render("front/front_regist.html", msg='账户已存在,请直接登录!', action_url='/regist') except Exception as e: print e self.write_response({},0,_err='数据库连接异常!') else: self.render("front/front_regist.html", msg='验证码输入不一致!', action_url='/regist') except Exception as e: self.write_response({},0)
def post(self): next_url = self.get_argument('next', '/cms/') try: gt = GeetestLib(GT_ID, GT_KEY) challenge = self.get_argument(gt.FN_CHALLENGE, "") validate = self.get_argument(gt.FN_VALIDATE, "") seccode = self.get_argument(gt.FN_SECCODE, "") status = int(self.session[gt.GT_STATUS_SESSION_KEY]) user_id = self.session["user_id"] password = self.get_argument('password') password = make_password(password) if status: verify_res = gt.success_validate(challenge, validate, seccode, user_id) else: verify_res = gt.failback_validate(challenge, validate, seccode) self.session["user_id"] = user_id if verify_res: try: user_email = self.get_argument('user_email') cms_user_coll = BaseMotor( ).client[MongoBasicInfoDb][CMS_USER] cms_user_doc = yield cms_user_coll.find_one( {"_id": user_email}) if not cms_user_doc: self.render("cms/user_login.html", msg="账户不存在", next_url=next_url) else: pwd = cms_user_doc['password'] status = cms_user_doc['status'] if status == bool(False): self.render("cms/user_login.html", msg="此用户已被禁用", next_url=next_url) if pwd == password: self.session['current_email'] = user_email self.session['role'] = cms_user_doc['role'] self.session['permission'] = cms_user_doc[ 'permission'] self.session['username'] = cms_user_doc[ 'user_name'] self.set_secure_cookie("user", user_email + cms_user_doc['role'], expires_days=1) self.redirect(next_url) else: msg = "此账号密码有误,请重新输入!" self.render("cms/user_login.html", msg=msg, next_url=next_url) except Exception as e: logging.exception(e) msg = "账户出现异常!" self.render("cms/user_login.html", msg=msg, next_url=next_url) else: msg = '验证码验证失败,请重新验证' self.render("cms/user_login.html", msg=msg, next_url=next_url) except Exception as e: logging.exception(e) msg = '验证码参数获取异常,请稍后重试' self.render("cms/user_login.html", msg=msg, next_url=next_url)
def post(self): post_data = self.request.body try: data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return action = data.get('action', None) if not action: self.write_response({}, 0, '操作类型错误!') return author = data.get('author', None) file_name = data.get('file_name', None) if not (author and file_name): self.write_response({}, 0, '值获取错误!') return try: file_coll = BaseMotor().client[MongoBasicInfoDb][FILES] file_name = to_string(file_name) except Exception as e: logging.exception(e) self.write_response({}, 0, '数据库查询异常!') return if action == 'up_file': file_url = data.get('file_url', None) author = self.session.get('username') file_name = data.get('file_name', None) email = self.get_session("current_email") if not (author and email): self.redirect('/cms/login') if not file_url: self.write_response({}, 0, '资料链接获取失败!') return if not file_name: self.write_response({}, 0, '文件名称获取出错') return try: file_docu = { 'filename': file_name, 'up_time': int(time.time()), 'url': file_url, 'is_active': True, 'is_top': False, 'author': author, 'email': email } if file_coll: try: res = file_coll.insert_one(file_docu) if res: self.write_response({}) return else: self.write_response({}, 0, '保存失败!') return except Exception as e: logging.exception(e) self.write_response({}, 0, '保存操作异常!') return else: self.write_response({}, 0, '数据不存在!') return except Exception as e: logging.exception(e) self.write_response({}, 0, '数据库异常!') return elif action == 'del_file': id = data.get('id', None) if not id: self.write_response({}, 0, '文件id有误!') return try: res = file_coll.remove({'_id': ObjectId(id)}) if res: self.write_response({}) return else: self.write_response({}, 0, '删除失败!') return except Exception as e: logging.exception(e) self.write_response({}, 0, '操作数据库时发生异常!') return else: pass