def checkPass(request):
"""
@api {post} /specificApis/user/checkPass checkPass
@apiVersion 1.0.0
@apiDescription checkPass
@apiName checkPass
@apiGroup user
@apiParam {string} password password
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "login"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if request.method == "POST":
password = request.POST.get('password')
username = request.session.get('username')
try:
password = function.hash(password)
if function.check_UserPass(username, password):
return function.retJson(error=0, result='check password success')
else:
return function.retJson(error=3, reason='wrong password')
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=1, reason='please use post')
def changePass(request):
"""
@api {post} /specificApis/admin/changePass changePass
@apiVersion 1.0.0
@apiDescription 修改密码
@apiName changePass
@apiGroup admin
@apiParam {string} password password
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "change admin's password success"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if not function.check_adminSession(request):
return function.retJson(error=-1, reason='have not login')
if request.method == "POST":
password = request.POST.get('password')
username = request.session.get('username_admin')
password = function.hash(password)
try:
admin_Account = Administrator.objects.filter(username=username)
admin_Account.update(password=password)
return function.retJson(error=0, result="change admin's password success")
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=3, reason='needmethod: post')
def GAchangePass(request):
"""
@api {post} /specificApis/gradeAdmin/GAchangePass GAchangePass
@apiVersion 1.0.0
@apiDescription 修改密码
@apiName GAchangePass
@apiGroup gradeAdmin
@apiParam {string} password_new password_new
@apiParam {string} password_old password_old
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "change grade_admin's password success"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if not function.check_gradeAdminSession(request):
return function.retJson(error=-1, reason='have not login')
if request.method == "POST":
try:
username = request.session.get('username_grade')
password_new = request.POST.get('password_new')
password_new = function.hash(password_new)
password_old = request.POST.get('password_old')
password_old = function.hash(password_old)
if not function.check_gradeAdminPass(username, password_old):
return function.retJson(error=3, reason='wrong password')
else:
admin_Account = GradeAdmin.objects.filter(username=username)
admin_Account.update(password=password_new)
return function.retJson(
error=0, result="change grade_admin's password success")
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=1, reason='needmethod: post')
def userAdd(request):
"""
@api {post} /specificApis/user/add userAdd
@apiVersion 1.0.0
@apiDescription userAdd
@apiName userAdd
@apiGroup user
@apiParam {string} username username unique
@apiParam {string} password password
@apiParam {string} classNumber classNumber unique
@apiParam {string} grade grade
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "create user success"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if not function.check_gradeAdminSession(request):
return function.retJson(error=-1, reason='have not login')
if request.method == "POST":
username = request.POST.get('username')
password = request.POST.get('password')
classNumber = request.POST.get('classNumber')
grade = request.POST.get('grade')
# TODO password decode
password = function.hash(password)
try:
gradeAccount = Grade.objects.get(grade=grade)
user_Account = User(username=username,
password=password,
classNumber=classNumber)
user_Account.save()
try:
class_Account = Classes(classNumber=user_Account,
grade=gradeAccount)
class_Account.save()
return function.retJson(error=0, result="create user success")
except Exception as e:
return function.retJson(error=1, reason=str(e))
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=3, reason='needmethod: post')
def GAclassAdd(request):
"""
@api {post} /specificApis/gradeAdmin/GAclassAdd GAclassAdd
@apiVersion 1.0.0
@apiDescription 添加班级,并将会创建一个默认班级负责人,此管理员用户名和初始密码与班号相同。
@apiName GAclassAdd
@apiGroup gradeAdmin
@apiParam {string} classNumber classNumber
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "create class and user success"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if not function.check_gradeAdminSession(request):
return function.retJson(error=-1, reason='have not login')
if request.method == "POST":
try:
grade = GradeAdmin.objects.get(
username=request.session.get('username_grade')).grade.grade
classNumber = request.POST.get('classNumber')
username = classNumber
password = classNumber
password = function.hash(password)
gradeAccount = Grade.objects.get(grade=grade)
user_Account = User(username=username,
password=password,
classNumber=classNumber)
user_Account.save()
try:
class_Account = Classes(classNumber=user_Account,
grade=gradeAccount)
class_Account.save()
return function.retJson(error=0,
result="create class and user success")
except Exception as e:
return function.retJson(error=1, reason=str(e))
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=3, reason='needmethod: post')
def login(request):
"""
@api {post} /specificApis/admin/login login
@apiVersion 1.0.0
@apiDescription 系统管理员和年级管理员 登录
@apiName login
@apiGroup admin
@apiParam {string} username username unique
@apiParam {string} password password
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "grade admin" or "admin"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if request.method == "POST":
username = request.POST.get('username')
password = request.POST.get('password')
try:
request.session.flush()
password = function.hash(password)
res_admin = function.check_adminPass(username, password)
res_grade = function.check_gradeAdminPass(username, password)
if res_admin:
request.session['is_login_admin'] = True
request.session['username_admin'] = username
return function.retJson(error=0, result='admin login success', types='admin')
elif res_grade:
request.session['is_login_grade'] = True
request.session['username_grade'] = username
return function.retJson(error=0, result='grade admin login success', types='grade')
else:
return function.retJson(error=3, reason='wrong username or password')
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=1, reason='wrong method')
def gradeAdminAdd(request):
"""
@api {post} /specificApis/gradeAdmin/gradeAdminAdd gradeAdminAdd
@apiVersion 1.0.0
@apiDescription add grade admin
@apiName gradeAdminAdd
@apiGroup gradeAdmin
@apiParam {string} username username unique
@apiParam {string} password password
@apiParam {string} gradeId gradeId
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "create admin success"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if not function.check_adminSession(request):
return function.retJson(error=-1, reason='have not login')
if request.method == "POST":
username = request.POST.get('username')
gradeId = request.POST.get('gradeId')
password = request.POST.get('password')
password = function.hash(password)
try:
gradeInfo = Grade.objects.get(id=gradeId)
admin_Account = GradeAdmin(username=username,
password=password,
grade=gradeInfo)
admin_Account.save()
return function.retJson(error=0,
result="create grade admin success")
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=3, reason='need method: post')
def login(request):
"""
@api {post} /specificApis/login/login login
@apiVersion 1.0.0
@apiDescription login
@apiName login
@apiGroup user
@apiParam {string} username username unique
@apiParam {string} password password
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "login"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if request.method == 'POST':
try:
username = request.POST.get('username')
password = request.POST.get('password')
request.session.flush()
password = function.hash(password)
if function.check_UserPass(username, password):
request.session['is_login'] = True
request.session['username'] = username
return function.retJson(error=0, result='login')
else:
return function.retJson(error=3, reason='wrong username or password')
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=1, reason='wrong method')
def GAcheckPass(request):
"""
@api {post} /specificApis/gradeAdmin/GAcheckPass GAcheckPass
@apiVersion 1.0.0
@apiDescription 修改密码时检查原密码正确性
@apiName GAcheckPass
@apiGroup gradeAdmin
@apiParam {string} password password
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "check password success"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if not function.check_gradeAdminSession(request):
return function.retJson(error=-1, reason='have not login')
if request.method == "POST":
try:
username = request.session.get('username_grade')
password = request.POST.get('password')
password = function.hash(password)
if function.check_gradeAdminPass(username, password):
return function.retJson(error=0,
result='check password success')
else:
return function.retJson(error=3, reason='wrong password')
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=1, reason='please use post')
def adminAdd(request):
"""
@api {post} /specificApis/admin/add adminAdd
@apiVersion 1.0.0
@apiDescription adminAdd
@apiName adminAdd
@apiGroup admin
@apiParam {string} username username unique
@apiParam {string} password password
@apiSuccessExample {json} Success-Response:
HTTP/1.1 200 OK
{
"error": 0,
"result": "create admin success"
}
@apiErrorExample {json} Error-Response:
HTTP/1.1 200 OK
{
"error": 1,
"reason": "error reason here"
}
"""
if request.method == "POST":
username = request.POST.get('username')
password = request.POST.get('password')
password = function.hash(password)
try:
admin_Account = Administrator(
username=username, password=password)
admin_Account.save()
return function.retJson(error=0, result="create admin success")
except Exception as e:
return function.retJson(error=2, reason=str(e))
else:
return function.retJson(error=3, reason='need method: post')