def login():
form = LoginForm(request.form)
if request.method == 'POST':
if not form.validate_on_submit():
abort(400)
user = User.query.filter(User.email.ilike(f"{form.email.data}")).first()
if not user:
flash("شما ثبت نام نکرده اید", category='error')
return render_template('khadamati/login.html', form=form)
if not user.check_password(form.password.data):
flash("نام کاربری / رمز ورود نادرست است", category='error')
return render_template('khadamati/login.html', form=form)
# if user:
# flash("شما از قبل وارد شده اید", category='error')
# return(redirect(url_for('index')))
session['email'] = user.email
session['user_id'] = user.id
session['username'] = user.username
# return redirect(url_for('index'))
if session.get('email') is not None:
flash("ورود با موفقیت انجام شد", category='')
return redirect(url_for('khadamati.khadamat_mdf'))
return render_template('khadamati/login.html', form=form)
def update_user(*,
db_session: Session = Depends(get_db),
current_user: DispatchUser = Depends(get_current_user),
user_id: int,
user_in: UserUpdate):
"""
Update a user.
"""
user = get(db_session=db_session, user_id=user_id)
if not user:
raise HTTPException(status_code=404,
detail="The user with this id does not exist.")
# print(user.org_code, user.is_org_owner)
if user_in.old_password and not user.check_password(user_in.old_password):
raise HTTPException(status_code=400, detail="old password is wrong.")
if user_in.email == current_user.email:
if user_in.role != user.role and user.role == UserRoles.WORKER:
raise HTTPException(status_code=400,
detail="No modification role permission.")
else:
if current_user.role != UserRoles.OWNER or user_in.old_password:
raise HTTPException(status_code=400,
detail="No modification permission.")
user = update(db_session=db_session, user=user, user_in=user_in)
redis_conn = redis.Redis(connection_pool=redis_pool)
redis_conn.delete(f"user:{user_in.email}")
return user
def pass_info():
if request.method == "GET":
return render_template('news/user_pass_info.html')
# 1. 获取到传入参数
data_dict = request.json
old_password = data_dict.get("old_password")
new_password = data_dict.get("new_password")
if not all([old_password, new_password]):
return jsonify(errno=RET.PARAMERR, errmsg="参数有误!")
# 2. 获取当前登录用户的信息
user = g.user
if not user.check_password(old_password):
return jsonify(errno=RET.PWDERR, errmsg="原密码错误!")
user.password = new_password
try:
db.session.commit()
except Exception as e:
current_app.logger.error(e)
db.session.rollback()
return jsonify(errno=RET.DBERR, errmsg="保存数据失误!")
return jsonify(errno=RET.OK, errmsg="保存成功!")
def login():
if current_user.is_authenticated:
print("ICH BIN IN LOGIN")
return redirect('/searchafterlogin')
if request.method == 'POST':
email = request.form['email']
user = UserModel.query.filter_by(email=email).first()
print("ICH BIN IN LOGIN - IF die Methode POST")
if user is not None and user.check_password(request.form['password']):
login_user(user)
print("DU BIST EINGELOGGT :)")
return redirect('/searchafterlogin')
else:
return redirect('/error')
return render_template('login.html')
def login_user(
req: Request,
user_in: UserLogin,
db_session: Session = Depends(get_db),
):
user = get_by_email(db_session=db_session, email=user_in.email)
# print(user.org_code, user.is_org_owner)
if user and user.check_password(user_in.password):
# NOT for authorization purpose
# req.state.code = user.code
# req.state.org_code = user.org_code
if not user.is_active:
raise HTTPException(
status_code=400,
detail=f"User {user_in.email} is not activated...")
log.info(f"user login success: email = {user.email}")
return {"token": user.token}
raise HTTPException(status_code=400, detail="Invalid username or password")
def login():
"""
登陆功能
:return:
"""
# 1. 获取参数和判断是否有值
mobile = request.json.get('mobile') # 手机号
password = request.json.get('password') # 密码
if not all([mobile, password]):
return jsonify(errno=RET.PARAMERR, errmsg='账户不存在')
# 2. 从数据库查询出指定的用户
user = User.query.filter(User.mobile == mobile).first()
if not user:
return jsonify(errno=RET.USERERR, errmsg='用户不存在')
# 3. 校验密码 User中的一个方法check_password验证密码
if not user.check_password(password):
return jsonify(errno=RET.DBERR, errmsg='密码输入错误')
# 4. 保存用户登录状态
session['user_id'] = user.id
# session['user_nick_name'] = user.nick_name
# 5. 登录成功返回
return jsonify(errno=RET.OK, errmsg='登录成功')