def SearchArticleList(ActionInfo):
try:
ActionInfo = CheckParamet(("uid","name","keyword"),ActionInfo,("page","eachpage","order","author"))
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"state":e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"SearchArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({"state":"SearchArticleList UnKnowErr"})
ActionInfo["keyword"] = ActionInfo["keyword"].strip()
try:
result = sqllib.SearchArticle (ActionInfo)
for article in result:
article["lastesttime"]=article["lastesttime"].strftime('%Y-%m-%d %H:%M:%S')
article["pubtime"]=article["pubtime"].strftime('%Y-%m-%d %H:%M:%S')
if article["name"]==PUBLICUSER:
del article["name"]
return({'state':'success','keyword':ActionInfo["keyword"],'articlelist':result})
except (SqlError,PermissionError) as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return({'state':e.err,'keyword':ActionInfo["keyword"]})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"SearchArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
return({'state':'SearchArticleList UnknowErr','keyword':ActionInfo["keyword"]})
def ChangeUserPassword(ActionInfo):#更改密码,要求登录
#ActionInfo should have name password newpassword
try:
ActionInfo = CheckParamet(["name","password","newpassword"],ActionInfo)
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({'state':e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"ChangeUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({'state':"ChangeUserPassword UnKnowErr"})
userinfo = CheckUser(ActionInfo)
if userinfo["state"] == "success":
try:
info = sqllib.GetUserInfo (ActionInfo)
info["password"] = ActionInfo["newpassword"]
info = CreateSaltAndPassword(info)
mail.Send(info["mail"],MAIL_TITLE_CGPASSWORD,MAIL_ARTICLE_CGPASSWORD)
sqllib.ResetPassword (info)
return {'state':"success"}
except (SqlError,PermissionError,MailError) as e:
return {'state':e.err}
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"ChangeUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({'state':"ChangeUserPassword UnKnowErr"})
else:
return {'state':userinfo["state"]}
def GetArticleList(ActionInfo):
try:
ActionInfo = CheckParamet(["uid"],ActionInfo,["name","page","eachpage","order","author"])
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"state":e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"GetArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({"state":"GetArticleList UnKnowErr"})
try:
res = sqllib.GetArticleList (ActionInfo)
count = res["count"]
result = res["result"]
except (SqlError,PermissionError) as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return {'state':e.err}
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"GetArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
return {'state':'GetArticleList UnKnowErr'}
for article in result:
article["lastesttime"]=article["lastesttime"].strftime('%Y-%m-%d %H:%M:%S')
article["pubtime"]=article["pubtime"].strftime('%Y-%m-%d %H:%M:%S')
if article["saltpassword"]==None:
article["password"]=0
else:
article["password"]=1
del article["saltpassword"]
return {'state':'success','articlelist':result,'count':count}
def EditArticle(ActionInfo):#修改文章
#ActionInfo=('title','name','essay','permission','password')
try:
ActionInfo = CheckParamet(["title","rawtitle","essay","type"],ActionInfo,["author","uid","name","password"])
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"state":e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"EditArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({"state":"EditArticle UnKnowErr"})
if "password" in ActionInfo:
if ActionInfo["password"]==str(RESETARTCALPASSWORD):#如果取消密码
ActionInfo["saltpassword"]=None
ActionInfo["salt"]=None
del ActionInfo["password"]
else:
ActionInfo = CreateSaltAndPassword(ActionInfo)
try:
if sqllib.EditArticle(ActionInfo) is True:
return ({"state":"success"})
except (SqlError,PermissionError) as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return({"state": e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"EditArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
return({"state": "EditArticle UnkonwErr"})
def GetArticle(ActionInfo):#快速获取文章内容,用于主页展示和文章编辑
pprint(ActionInfo)
try:
ActionInfo = CheckParamet(("title","mode"),ActionInfo,("author","name","password"))
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"title":"Paramet Error","essay":e.err,"state":"Failed"})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"GetArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({"title":"GetArticle UnKnowErr","essay":"GetArticle UnKnowErr","state":"Failed"})
#ActionInfo["title"] = CleanTitle(ActionInfo["title"])#id title共用关键字
ActionInfo["id"] = 0
if ActionInfo["title"].isdigit():
ActionInfo["id"] = ActionInfo["title"]
del ActionInfo["title"]
try:
article = sqllib.GetArticle(ActionInfo)
except PermissionError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"title":"Permission Denied","essay":e.err,"state":"Failed"})
except SqlError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"title":"No Such Title","essay":e.err,"state":"Failed"})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"GetArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({"title":"GetArticle UnkonwErr","essay":"GetArticle UnkonwErr","state":"Failed"})
if article["saltpassword"] is not None:#如果有密码
article["havepassword"]=True
if ActionInfo["mode"]=="edit":#如果有传入密码
article["state"]="success"
elif ActionInfo.get("password",None) is None:#如果没有传入密码
return {"state":"Need Password","title":"Permission Denied","essay":"Need Password"}
elif CheckArticlePassword({"saltpassword":article["saltpassword"],"salt":article["salt"],"password":ActionInfo.get("password","None")}):#如果有传入密码
article["state"]="success"
else:#传入密码错误
return {"state":"Failed","title":"Get Title Error","essay":"Get Essay Error"}
else:
article["havepassword"]=False
article["state"]="success"
del article["saltpassword"]
del article["salt"]
del article["uid"]
article["lastesttime"]=article["lastesttime"].strftime('%Y-%m-%d %H:%M:%S')
article["pubtime"]=article["pubtime"].strftime('%Y-%m-%d %H:%M:%S')
return article
def DeleteArticleByNameTitle (ActionInfo):
try:
ActionInfo = CheckParamet(["uid","name","author","title"],ActionInfo)
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"state":e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"EditArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({"state":"EditArticle UnKnowErr"})
try:
sqllib.DeleteArticleByNameTitle(ActionInfo)
return ({"state":"success"})
except (SqlError,PermissionError) as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return({"state":e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"DeleteArticleByNameTitle","Info":ActionInfo,"Detial":traceback.format_exc()})
return({"state":"DeleteArticle Unknow Error"})
def SubmitArticle(ActionInfo):
try:
ActionInfo = CheckParamet(["title","essay","type"],ActionInfo,["uid","name","author","articlepermissions","articlegroup"])
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"state":e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"SubmitArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({"state":"SubmitArticle UnKnowErr"})
#检查文章种类
try:
sqllib.CreatArticle (ActionInfo)
return({"state":"success"})
except (SqlError,PermissionError) as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"state":e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"SubmitArticle","Info":ActionInfo,"Detial":traceback.format_exc()})
return("未知错误")
def CheckUser(uf):#检查用户能否登录
try:
uf = CheckParamet(["name","password"],uf)
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"state":e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"CheckUser","Info":uf,"Detial":traceback.format_exc()})
return ({"state":"CheckUser UnKnowErr"})
try:
userinfo = sqllib.GetLoginInfo ({'name':uf["name"]})
except (SqlError,PermissionError) as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({"state":"Failed"})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"CheckUser","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({"state":"Failed"})
shapassword = hashlib.sha256()
shapassword.update((str(uf["password"])+userinfo['salt']).encode('utf-8'))
t = time.mktime(userinfo["now"].timetuple())-time.mktime(userinfo["lastfailedtime"].timetuple())
t = (t/3600)
waitetime=WAITETIME*(WAITENUM**(userinfo["lgnfailedtimes"]-LOGINFAILEDTIMES+1))
if userinfo["lgnfailedtimes"]>=LOGINFAILEDTIMES and t<waitetime:
return ({"state":"Login Failed Too Many Times Try After %s Hour"%(float('%0.3f'%(waitetime-t)))})
elif shapassword.hexdigest()==userinfo['saltpassword']:
sqllib.CleanFailedTimes ({'name':uf["name"]})
res = {}
res["name"] = userinfo["name"]
res["uid"] = userinfo["uid"]
res["group"] = userinfo["group"]
res["permission"] = userinfo["permission"]
res["permissions"] = userinfo["permissions"]
res["state"] = "success"
return (res)
else:
sqllib.LoginFailed ({'name':uf["name"]})
return ({"state":"Failed"})
def ReCreateUserPassword(ActionInfo):#重置密码用户名
import uuid
#ActionInfo should have ('uid','name','mail','salt','saltpassword')
try:
ActionInfo = CheckParamet(["name","mail"],ActionInfo)
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({'state':e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"ChangeUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({'state':"ChangeUserPassword UnKnowErr"})
try:
info = sqllib.GetUserInfo(ActionInfo)
except (SqlError,PermissionError,MailError) as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return {'state':e.err}
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"ReCreateUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({'state':"ReCreateUserPassword UnKnowErr"})
if ActionInfo["mail"] == info["mail"]:
newpassword = str(uuid.uuid3(uuid.uuid1(), ActionInfo['mail']))
info["password"] = newpassword
info = CreateSaltAndPassword(info)
try:
mail.Send(ActionInfo["mail"],MAIL_TITLE_RSPASSWORD,MAIL_ARTICLE_RSPASSWORD%(newpassword))
sqllib.ResetPassword (info)#重置密码
sqllib.CleanFailedTimes (info)#清空登录计数
return {'state':"success"}
except (SqlError,PermissionError,MailError) as e:
return {'state':e.err}
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"ReCreateUserPassword","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({'state':"ReCreateUserPassword UnKnowErr"})
else:
return {'state':"Mail Not Match"}
def CreateUser(ActionInfo):#生成用户,生成uid,生成盐
import uuid
try:
ActionInfo = CheckParamet(["name","mail","password","group"],ActionInfo)
except NoteError as e:
logger.Record("INFO",e.err,{"Function":e.function,"Info":e.info})
return ({'state':e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"SearchArticleList","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({'state':"SearchArticleList UnKnowErr"})
t = str(int(time.time()))
#生成salt
salt = hashlib.sha256()
salt.update((ActionInfo['password'][0:5]+t+ActionInfo['name'][0:4]).encode('utf-8'))
ActionInfo["salt"] = salt.hexdigest()
#生成hash256password
hash256password = hashlib.sha256()
hash256password.update((ActionInfo['password']).encode('utf-8'))
ActionInfo['hash256password'] = hash256password.hexdigest()
#生成saltpassword
saltpassword = hashlib.sha256()
saltpassword.update((ActionInfo['hash256password']+ActionInfo["salt"]).encode('utf-8'))
ActionInfo['saltpassword'] = saltpassword.hexdigest()
#生成uid
ActionInfo['uid'] = str(uuid.uuid3(uuid.uuid1(), ActionInfo['mail']))
try:
mail.Send(ActionInfo["mail"],MAIL_TITLE_SIGNIN,MAIL_ARTICLE_SIGNIN)
info = sqllib.CreateUser(ActionInfo)
return ({'state':"success"})
except (SqlError,PermissionError,MailError) as e:
return ({'state':e.err})
except Exception as e:
logger.Record("ERROR",str(e),{"Function":"CreateUser","Info":ActionInfo,"Detial":traceback.format_exc()})
return ({'state':"CreateUser UnkonwErr"})
