def post(self):
author = self.get_session('username')
email = self.get_session('current_email')
if not (author and email):
self.write_response({},0,'获取作者信息出错!')
return
post_data = self.request.body
try:
data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
try:
action = data.get("action", None)
if not action:
self.write_response({}, 0, _err='没有相应的操作方法!')
if action == "add_article":
title = data.get("title",None)
content = data.get("content_html",None)
category = data.get("category",None)
desc = data.get("desc",None)
if not(title and content and category):
self.write_response({},0,'获取文章信息出错!')
return
try:
article_coll = BaseMotor().client[MongoBasicInfoDb][ARTICLES]
insert_html = {
'title':title,
'pub_time':int(time.time()),
'update_time':'',
'is_top':False,
'is_active':True,
'author':author,
'email':email,
'desc':desc,
'content':content,
'category':category
}
res = yield article_coll.insert_one(insert_html)
if not res:
self.write_response({},0,'添加文章失败!')
return
else:
self.write_response({})
except Exception as e:
logging.exception(e)
else:
pass
except Exception as e:
logging.exception(e)
def post(self):
post_data = self.request.body
try:
data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
try:
action = data.get("action", None)
if not action:
self.write_response({}, 0, _err='没有相应的操作方法!')
elif action == 'reset_pwd':
email = self.get_session('current_email')
if not email:
self.write_response({},0,'账户获取出错,无法修改密码!')
return
try:
old_password = data.get('old_password',None)
new_password = data.get('new_password',None)
repeat_password = data.get('repeat_password',None)
if not(old_password and new_password and repeat_password):
self.write_response({},0,'获取密码信息出错!')
return
front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
front_user_doc = yield front_user_coll.find_one({'user_email': email})
password = front_user_doc['password']
if not password:
self.write_response({}, 0, '密码验证获取错误!')
return
if not front_user_doc:
self.write_response({}, 0, '此邮箱账户未注册使用!')
return
if make_password(old_password) != password:
self.write_response({},0,'原密码错误!无法修改密码!')
return
if new_password != repeat_password:
self.write_response({},0,'两次密码输入不一致,无法修改密码')
res = front_user_coll.update_one({'user_email': email},{
'$set':{
'{0}'.format('password'):make_password(new_password)
}
})
if not res:
self.write_response({},0,'密码修改失败!')
self.write_response({})
except Exception as e:
logging.exception(e)
else:
pass
except Exception as e:
logging.exception(e)
def get(self):
try:
email = self.get_session("current_email")
data = {
"role": self.get_session("role"),
"email": email,
"permission": self.get_session("permission")
}
if data["permission"] == "super_admin":
super_coll = BaseMotor().client[MongoBasicInfoDb][CMS_USER]
super_doc = yield super_coll.find_one({"_id": email})
data['roles'] = super_doc['own_roles']
self.write_response(data)
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '获取数据异常')
def get(self):
try:
email = self.get_session("current_email")
args = {
"title": "后台管理系统",
"role": self.get_session("role"),
"email": email,
"permission": self.get_session("permission")
}
user_coll = BaseMotor().client[MongoBasicInfoDb][CMS_USER]
user_doc = yield user_coll.find_one({"_id": email})
args['user_name'] = user_doc['user_name']
args['user_email'] = user_doc['user_email']
args['tel'] = user_doc['tel']
args['status'] = str(user_doc['status'])
self.render("cms/cms_profile.html", **args)
except Exception as e:
logging.exception(e)
def post(self):
try:
gt = GeetestLib(GT_ID, GT_KEY)
challenge = self.get_argument(gt.FN_CHALLENGE, "")
validate = self.get_argument(gt.FN_VALIDATE, "")
seccode = self.get_argument(gt.FN_SECCODE, "")
status = int(self.session[gt.GT_STATUS_SESSION_KEY])
user_id = self.session["user_id"]
if status:
verify_res = gt.success_validate(challenge, validate, seccode, user_id)
else:
verify_res = gt.failback_validate(challenge, validate, seccode)
self.session["user_id"] = user_id
if verify_res:
email = self.get_argument("email")
password = self.get_argument("password")
if email and password:
password = make_password(password)
student_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
stu_doc = yield student_coll.find_one({"user_email": email})
if not stu_doc:
msg = '账户不存在,请重新输入或前往注册!'
self.render("front/front_signin.html", msg=msg,action_url = '/signin')
else:
pwd = stu_doc['password']
if password == pwd:
self.session['current_email'] = stu_doc['user_email']
self.session['role'] = stu_doc['role']
self.session['username'] = stu_doc['user_name'] if stu_doc['user_name'] != '' else stu_doc['user_email']
self.redirect("/")
else:
msg = '密码错误,请重新输入!'
self.render("front/front_signin.html", msg=msg, action_url='/signin')
else:
msg = '邮箱或密码值获取错误,请重新输入!'
self.render("front/front_signin.html", msg=msg ,action_url = '/signin')
else:
msg = '验证码验证失败,请重新验证!'
self.render("front/front_signin.html",msg=msg ,action_url = '/signin')
except Exception as e:
print e
logging.exception(e)
self.render("front/front_signin.html", msg=e,action_url = '/signin')
def get(self):
email = self.get_session('current_email')
name = self.get_session("username") if self.get_session("username") else email
role = self.get_session('role') if self.get_session('role') else ''
try:
stu_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
stu_doc = yield stu_coll.find_one({'user_email': email })
if stu_doc:
stu_info = stu_doc
stu_info['id'] = stu_info['_id']
del stu_info['_id']
args = {
'user': email,
'role': role,
'username': name,
}
for k,v in stu_info.items():
args[k] = v
args['create_time'] = time_formatting(args['create_time'])
self.render("front/front_profile.html", **args)
except Exception as e:
logging.exception(e)
def get(self):
email = self.get_session('current_email')
name = self.get_session("username") if self.get_session("username") else email
role = self.get_session('role') if self.get_session('role') else ''
article_id = self.get_argument('article_id',None)
if not article_id:
self.write_response({},0,'文章id获取错误!')
return
try:
article_coll = BaseMotor().client[MongoBasicInfoDb][ARTICLES]
article_doc = yield article_coll.find_one({'_id':ObjectId(article_id)})
args = {
'user': email,
'role': role,
'username': name,
}
if article_doc:
for k,v in article_doc.items():
args[k] = v
args['pub_time'] = time_formatting(args['pub_time'])
self.render("front/front_article_detail.html", **args)
except Exception as e:
logging.exception(e)
def post(self):
try:
post_data = self.request.body
try:
data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
action = data.get('action', None)
if not action:
self.write_response({}, 0, '获取操作失败!')
return
if action == 'ban':
email = data.get('email', None)
if not email:
self.write_response({}, 0, '邮箱账户获取出错!')
return
try:
cms = CmsUser(email=email, new_status=False)
if cms.ban_cms_user:
self.write_response({})
return
else:
self.write_response({}, 0, '禁用失败!')
return
except Exception as e:
logging.exception(e)
elif action == 'start_use':
email = data.get('email', None)
if not email:
self.write_response({}, 0, '邮箱账户获取出错!')
return
try:
cms = CmsUser(email=email, new_status=True)
if cms.ban_cms_user:
self.write_response({})
return
else:
self.write_response({}, 0, '启用失败!')
return
except Exception as e:
logging.exception(e)
elif action == 'add':
email = data.get('email', None)
password = data.get('password', None)
tel = data.get('tel', None)
permission = data.get('permission', None)
username = data.get('username', None)
if not (email and password and tel and permission
and username):
self.write_response({}, 0, '缺少用户信息!')
return
role = ''
if permission == 'admin':
role = u'管理'
elif permission == 'student':
role = u'学生'
else:
role = u'老师'
# 学生用户
insert_doc = {
"_id": email,
"status": True,
"password": make_password(password),
"avator": "",
"create_time": int(time.time()),
"permission": permission,
"tel": tel,
"role": role,
"user_name": username,
"user_email": email
}
if permission != 'student':
try:
cms_coll = BaseMotor(
).client[MongoBasicInfoDb][CMS_USER]
cms_doc = yield cms_coll.find_one(
{'user_email': email})
if not cms_doc:
res = cms_coll.insert_one(insert_doc)
if not res:
self.write_response({}, 0, '用户添加失败!')
return
else:
self.write_response({})
return
else:
self.write_response({}, 0, '邮箱账户已存在!')
return
except Exception as e:
logging.exception(e)
#学生用户
else:
try:
stu_coll = BaseMotor(
).client[MongoBasicInfoDb][STUDENTS]
stu_doc = yield stu_coll.find_one({'email': email})
if not stu_doc:
insert_doc["stu_num"] = ""
res = stu_coll.insert_one(insert_doc)
if not res:
self.write_response({}, 0, '用户添加失败!')
else:
self.write_response({})
else:
self.write_response({}, 0, '邮箱账户已存在!')
return
except Exception as e:
logging.exception(e)
except Exception as e:
logging.exception(e)
self.write_response(response='', _status=0, _err='系统异常')
return
def post(self):
post_data = self.request.body
try:
post_data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
get_type = post_data.get('type', None)
action = post_data.get('action', None)
if not (get_type and action):
self.write_response({}, 0, '参数错误')
return
try:
bulletin_coll = BaseMotor(
).client[MongoBasicInfoDb][BULLETIN_INFOS]
except Exception as e:
logging.exception(e)
self.write_response({}, 0, e)
return
if action == 'add':
bulletin_title = post_data.get('bulletin_title', None)
bulletin_content = post_data.get('bulletin_content', None)
bulletin_author = post_data.get('bulletin_author', None)
bulletin_type = post_data.get('bulletin_type', None)
if not bulletin_title:
self.write_response({}, 0, '公告标题不能为空!')
return
if not bulletin_content:
self.write_response({}, 0, '公告内容不能为空!')
return
if not bulletin_author:
self.write_response({}, 0, '作者获取异常!')
return
if not bulletin_type:
self.write_response({}, 0, '公告类型获取有误!')
return
res = yield bulletin_coll.find_one({'_id': bulletin_author})
try:
insert_info = {
'title': bulletin_title,
'author': bulletin_author,
'type': bulletin_type,
'content': bulletin_content,
'pub_time': int(time.time()),
'update_time': '',
'is_top': False,
'is_active': True
}
res = bulletin_coll.insert_one(insert_info)
if res:
self.write_response({})
else:
self.write_response({}, 0, '公告创建失败')
except Exception as e:
logging.exception(e)
self.write_response({}, 0, e)
return
elif action == 'rename':
old_title_name = post_data.get('old_name', None)
old_title_name = to_string(old_title_name)
id = post_data.get('id', None)
if not id:
self.write_response({}, 0, '标题id获取异常!')
return
new_title_name = post_data.get('new_name', None)
new_title_name = to_string(new_title_name)
if not (new_title_name and old_title_name):
self.write_response({}, 0, '标题参数错误,无法删除!')
return
try:
res = bulletin_coll.update_one({'_id': ObjectId(id)}, {
'$set': {
'{0}'.format('title'): new_title_name,
'{0}'.format('pub_time'): int(time.time())
}
})
if not res:
self.write_response({}, 0, '修改公告标题失败!')
self.write_response({})
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '修改公告标题失败!')
elif action == 'del':
id = post_data.get('id', None)
if not id:
self.write_response({}, 0, '公告id为空,无法删除!')
return
try:
res = bulletin_coll.update_one({'_id': ObjectId(id)}, {
'$unset': {
'title': '',
'author': '',
'type': '',
'content': '',
'pub_time': '',
'update_time': '',
'is_top': '',
'is_active': ''
}
})
if not res:
self.write_response({}, 0, '删除公告失败!')
self.write_response({})
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '删除公告失败!')
elif action == 'top':
id = post_data.get('id', None)
if not id:
self.write_response({}, 0, '公告id获取异常,无法操作!')
return
try:
res = bulletin_coll.update({'_id': ObjectId(id)}, {
'$set': {
'{0}'.format('update_time'): int(time.time()),
'{0}'.format('is_top'): True,
'{0}'.format('is_active'): True,
'{0}'.format('top_time'): int(time.time())
}
})
if not res:
self.write_response({}, 0, '置顶公告失败!')
self.write_response({})
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '置顶公告失败!!')
elif action == 'cancel_top':
id = post_data.get('id', None)
if not id:
self.write_response({}, 0, '公告id获取异常,无法操作!')
return
try:
res = bulletin_coll.update({'_id': ObjectId(id)}, {
'$set': {
'{0}'.format('update_time'): int(time.time()),
'{0}'.format('is_top'): False,
'{0}'.format('is_active'): True,
'{0}'.format('top_time'): ''
}
})
if not res:
self.write_response({}, 0, '取消操作失败!')
self.write_response({})
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '取消操作失败!')
elif action == 'modify':
content = post_data.get('content', None)
is_active = post_data.get('is_active', None)
is_active = bool(is_active)
id = post_data.get('id', None)
if not id:
self.write_response({}, 0, '公告id获取失败,无法修改!')
return
if not content:
self.write_response({}, 0, '公告内容获取失败,无法修改!')
return
try:
res = bulletin_coll.update_one({'_id': ObjectId(id)}, {
'$set': {
'{0}'.format('update_time'): int(time.time()),
'{0}'.format('is_active'): is_active,
'{0}'.format('content'): content
}
})
if res:
self.write_response({})
else:
self.write_response({}, 0, '修改内容失败!')
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '修改内容失败!')
else:
pass
def post(self):
post_data = self.request.body
try:
post_data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
try:
action = post_data.get("action",None)
if not action:
self.write_response({},0,_err='没有相应的操作方法!')
elif action == 'retrieve_password':
email = post_data.get("email", None)
if email:
subject = '计算机组成与结构教学网站邮箱找回密码服务验证!'
captcha = get_captcha(4)
self.conn.set("email_captcha", captcha)
body = "温馨提示:尊敬的用户,您好!我们的工作人员是不会向您索要邮箱验证码,请务将验证码告诉他人,以免您的账户信息泄漏!\n您的邮箱验证码是:【" + captcha + "】10分钟内有效!"
try:
message = send_email(self, subject=subject, body=body, to_email=email)
has_send = self.get_session('has_send_email')
if not has_send:
self.session['has_send_email'] = email
message.send()
self.write_response({})
except Exception as e:
print e
self.render("front/front_forgetpwd.html", msg=e, action_url='/forgetpwd')
else:
self.render("front/front_forgetpwd.html", msg='邮箱帐号异常!', action_url='/forgetpwd')
elif action == 'verify':
email = post_data.get("email", None)
captcha = post_data.get("captcha",None)
cache_captcha = self.conn.get("email_captcha")
if not (cache_captcha and captcha):
self.write_response({},0,'缺少邮箱验证码信息!')
return
if not email:
self.write_response({},0,'缺少邮箱帐号信息!')
return
try:
front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
front_user_doc = front_user_coll.find_one({'user_email':email})
if not front_user_doc:
self.write_response({},0,'此邮箱账户未注册使用!')
return
else:
if cache_captcha.lower() == captcha.lower():
self.write_response({})
return
else:
self.write_response({},0,'邮箱验证码错误!')
return
except Exception as e:
logging.exception(e)
elif action == 'save':
email = post_data.get("email", None)
password = post_data.get("password", None)
repeat_password = post_data.get("repeat_password",None)
if not email:
self.write_response({},0,'缺少邮箱帐号信息!')
return
if not (password and repeat_password):
self.write_response({},0,'密码获取错误!')
return
try:
front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
front_user_doc = front_user_coll.find_one({'user_email':email})
if not front_user_doc:
self.write_response({},0,'此邮箱账户未注册使用!')
return
else:
if password == repeat_password:
res = front_user_coll.update_one({'user_email':email},{
'$set':{
'{0}'.format('password'):make_password(password)
}
})
if res:
self.write_response({})
else:
self.write_response({},0,'密码找回失败!')
else:
self.write_response({},0,'两次密码输入不一致!')
return
except Exception as e:
logging.exception(e)
else:
pass
except Exception as e:
logging.exception(e)
print e
def post(self):
post_data = self.request.body
try:
post_data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
try:
action = post_data.get("action",None)
if not action:
self.write_response({},0,_err='没有相应的操作方法!')
elif action == 'send_email':
email = post_data.get("email", None)
if email:
subject = '计算机组成与结构教学网站邮箱注册服务验证!'
captcha = get_captcha(4)
self.conn.set("email_captcha",captcha)
body = "温馨提示:尊敬的用户,您好!我们的工作人员是不会向您索要邮箱验证码,请务将验证码告诉他人,以免您的账户信息泄漏!\n您的邮箱验证码是:【"+captcha+"】10分钟内有效!"
try:
message = send_email(self,subject=subject,body=body,to_email=email)
has_send = self.get_session('has_send_email')
if not has_send:
self.session['has_send_email'] = email
message.send()
self.write_response({})
except Exception as e:
print e
self.render("front/front_regist.html", msg=e, action_url='/regist')
else:
self.render("front/front_regist.html", msg='邮箱帐号异常!', action_url='/regist')
elif action == 'regist':
email = post_data.get("email",None)
password = post_data.get("password",None)
captcha = post_data.get("captcha",None)
if not (email and password and captcha):
self.write_response({},0,_err='值获取错误!')
cache_captcha = self.conn.get("email_captcha")
if cache_captcha.lower() == captcha:
password = make_password(password)
try:
user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
user_doc = yield user_coll.find_one({"user_email": email})
if not user_doc:
try:
document = {
"_id": email,
"status": True,
"password": password,
"avator": "",
"create_time": int(time.time()),
"permission": "student",
"tel": "",
"role": "学生",
"user_name": "",
"user_email": email,
"stu_num": ""
}
res = user_coll.insert(document)
if not res:
self.write_response({},0,_err='更新数据库出错!')
else:
self.write_response({})
except Exception as e:
print e
self.render("front/front_regist.html", msg=e, action_url='/regist')
else:
self.render("front/front_regist.html", msg='账户已存在,请直接登录!', action_url='/regist')
except Exception as e:
print e
self.write_response({},0,_err='数据库连接异常!')
else:
self.render("front/front_regist.html", msg='验证码输入不一致!', action_url='/regist')
except Exception as e:
self.write_response({},0)
def post(self):
next_url = self.get_argument('next', '/cms/')
try:
gt = GeetestLib(GT_ID, GT_KEY)
challenge = self.get_argument(gt.FN_CHALLENGE, "")
validate = self.get_argument(gt.FN_VALIDATE, "")
seccode = self.get_argument(gt.FN_SECCODE, "")
status = int(self.session[gt.GT_STATUS_SESSION_KEY])
user_id = self.session["user_id"]
password = self.get_argument('password')
password = make_password(password)
if status:
verify_res = gt.success_validate(challenge, validate, seccode,
user_id)
else:
verify_res = gt.failback_validate(challenge, validate, seccode)
self.session["user_id"] = user_id
if verify_res:
try:
user_email = self.get_argument('user_email')
cms_user_coll = BaseMotor(
).client[MongoBasicInfoDb][CMS_USER]
cms_user_doc = yield cms_user_coll.find_one(
{"_id": user_email})
if not cms_user_doc:
self.render("cms/user_login.html",
msg="账户不存在",
next_url=next_url)
else:
pwd = cms_user_doc['password']
status = cms_user_doc['status']
if status == bool(False):
self.render("cms/user_login.html",
msg="此用户已被禁用",
next_url=next_url)
if pwd == password:
self.session['current_email'] = user_email
self.session['role'] = cms_user_doc['role']
self.session['permission'] = cms_user_doc[
'permission']
self.session['username'] = cms_user_doc[
'user_name']
self.set_secure_cookie("user",
user_email +
cms_user_doc['role'],
expires_days=1)
self.redirect(next_url)
else:
msg = "此账号密码有误,请重新输入!"
self.render("cms/user_login.html",
msg=msg,
next_url=next_url)
except Exception as e:
logging.exception(e)
msg = "账户出现异常!"
self.render("cms/user_login.html",
msg=msg,
next_url=next_url)
else:
msg = '验证码验证失败,请重新验证'
self.render("cms/user_login.html", msg=msg, next_url=next_url)
except Exception as e:
logging.exception(e)
msg = '验证码参数获取异常,请稍后重试'
self.render("cms/user_login.html", msg=msg, next_url=next_url)
def post(self):
post_data = self.request.body
try:
data = json.loads(post_data)
except (TypeError, ValueError):
self.write_response({}, 0, '参数格式错误')
return
action = data.get('action', None)
if not action:
self.write_response({}, 0, '操作类型错误!')
return
author = data.get('author', None)
file_name = data.get('file_name', None)
if not (author and file_name):
self.write_response({}, 0, '值获取错误!')
return
try:
file_coll = BaseMotor().client[MongoBasicInfoDb][FILES]
file_name = to_string(file_name)
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '数据库查询异常!')
return
if action == 'up_file':
file_url = data.get('file_url', None)
author = self.session.get('username')
file_name = data.get('file_name', None)
email = self.get_session("current_email")
if not (author and email):
self.redirect('/cms/login')
if not file_url:
self.write_response({}, 0, '资料链接获取失败!')
return
if not file_name:
self.write_response({}, 0, '文件名称获取出错')
return
try:
file_docu = {
'filename': file_name,
'up_time': int(time.time()),
'url': file_url,
'is_active': True,
'is_top': False,
'author': author,
'email': email
}
if file_coll:
try:
res = file_coll.insert_one(file_docu)
if res:
self.write_response({})
return
else:
self.write_response({}, 0, '保存失败!')
return
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '保存操作异常!')
return
else:
self.write_response({}, 0, '数据不存在!')
return
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '数据库异常!')
return
elif action == 'del_file':
id = data.get('id', None)
if not id:
self.write_response({}, 0, '文件id有误!')
return
try:
res = file_coll.remove({'_id': ObjectId(id)})
if res:
self.write_response({})
return
else:
self.write_response({}, 0, '删除失败!')
return
except Exception as e:
logging.exception(e)
self.write_response({}, 0, '操作数据库时发生异常!')
return
else:
pass