def initialize(self): self.init() self.muser = MUser() self.mclass = MPycateCatalog() if self.get_current_user(): self.userinfo = self.muser.get_by_id(self.get_current_user()) else: self.userinfo = None
def init(self): self.tmpl_name = 'doc' self.muser = MUser() if self.get_current_user(): self.userinfo = self.muser.get_by_id(self.get_current_user()) else: self.userinfo = None
def __init__(self): self.tab = TabUsage try: TabUsage.create_table() except: pass self.mapp2catalog = MApp2Catalog() self.muser = MUser()
class BaseHandler(tornado.web.RequestHandler): def init(self): self.muser = MUser() if self.get_current_user(): self.userinfo = self.muser.get_by_id(self.get_current_user()) else: self.userinfo = None def parse_url(self, url_str): url_str = url_str.strip() url_arr = [] if len(url_str) == 0 else url_str.split('/') return url_arr def check_doc_priv(self, userinfo): priv_dic = { 'ADD': False, 'EDIT': False, 'DELETE': False, 'ADMIN': False } if userinfo: pass else: return priv_dic if userinfo.privilege[1] >= '1': priv_dic['ADD'] = True if userinfo.privilege[1] >= '2': priv_dic['EDIT'] = True if userinfo.privilege[1] >= '4': priv_dic['DELETE'] = True if userinfo.privilege[1] >= '7': priv_dic['ADMIN'] = True return priv_dic def get_current_user(self): return self.get_secure_cookie("user") def is_admin(self): if self.userinfo and self.check_doc_priv(self.userinfo)['ADMIN']: return True else: return False def editable(self): # Deprecated. if self.get_current_user(): return 1 else: return 0
class BaseHandler(tornado.web.RequestHandler, TemplateRendring): def init(self): self.tmpl_name = 'doc' self.muser = MUser() if self.get_current_user(): self.userinfo = self.muser.get_by_id(self.get_current_user()) else: self.userinfo = None def parse_url(self, url_str): url_str = url_str.strip() url_arr = [] if len(url_str) == 0 else url_str.split('/') return url_arr def get_current_user(self): return self.get_secure_cookie("user") def is_admin(self): if self.userinfo and self.userinfo.privilege[4] == '1': return True return False def editable(self): # Deprecated. if self.get_current_user(): return 1 else: return 0 def render_jinja2(self, template_name, **kwargs): kwargs.update({ 'settings': self.settings, 'STATIC_URL': self.settings.get('static_url_prefix', '/static/'), 'request': self.request, 'current_user': self.current_user, 'xsrf_token': self.xsrf_token, 'xsrf_form_html': self.xsrf_form_html, }) content = self.render_template(template_name, **kwargs) self.write(content)
def initialize(self): self.init() self.muser = MUser() self.user_name = self.get_current_user() self.tmpl_router = 'user'
class UserHandler(BaseHandler): def initialize(self): self.init() self.muser = MUser() self.user_name = self.get_current_user() self.tmpl_router = 'user' def get(self, url_str): url_arr = self.parse_url(url_str) if url_str == 'regist': if self.get_current_user(): self.redirect('/') else: self.__to_register__() elif url_str == 'login': self.to_login() elif url_str == 'info': self.show_info() elif url_str == 'logout': self.logout() elif url_str == 'reset-password': self.to_reset_password() elif url_str == 'changepass': self.changepass() elif url_str == 'changeinfo': self.change_info() elif url_str == 'reset-passwd': if self.gen_passwd(): pass else: self.redirect(config.site_url) elif url_arr[0] == 'changeprivilege': self.change_privilege(url_arr[1]) elif url_str == 'find': if self.tmpl_router == "user": self.to_find() else: self.p_to_find() elif url_arr[0] == 'find': self.find(url_arr[1]) elif url_arr[0] == 'delete_user': self.delete(url_arr[1]) def post(self, url_str): url_arr = self.parse_url(url_str) if url_str == 'regist': self.register() elif url_str == 'login': self.login() elif url_str == 'changepass': self.changepassword() elif url_arr[0] == 'changepass': self.p_changepassword() elif url_str == 'changeinfo': self.changeinfo() elif url_arr[0] == 'changeinfo': self.p_changeinfo() elif url_str == 'find': self.post_find() elif url_arr[0] == 'find': self.find(url_arr[1]) elif url_str == 'reset-password': self.reset_password() elif url_arr[0] == 'changeprivilege': self.changeprivilege(url_arr[1]) @tornado.web.authenticated def p_changepassword(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) uu = self.muser.check_user(self.user_name, post_data['rawpass'][0]) if uu == 1: self.muser.update_pass(self.user_name, post_data['user_pass'][0]) output = { 'changepass ': uu, } else: output = { 'changepass ': 0, } return json.dump(output, self) @tornado.web.authenticated def p_changeinfo(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) uu = self.muser.check_user(self.user_name, post_data['rawpass'][0]) if uu == 1: self.muser.update_info(self.user_name, post_data['user_email'][0]) output = { 'changeinfo ': uu, } else: output = { 'changeinfo ': 0, } return json.dump(output, self) @tornado.web.authenticated def changepassword(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) uu = self.muser.check_user(self.user_name, post_data['rawpass'][0]) if uu == 1: self.muser.update_pass(self.user_name, post_data['user_pass'][0]) self.redirect(('/{0}/info').format(self.tmpl_router)) else: return False @tornado.web.authenticated def changeinfo(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) uu = self.muser.check_user(self.user_name, post_data['rawpass'][0]) if uu == 1: self.muser.update_info(self.user_name, post_data['user_email'][0]) self.redirect(('/user/info')) else: return False @tornado.web.authenticated def changeprivilege(self, xg_username): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) if self.tmpl_router == "user": self.muser.update_privilege(xg_username, post_data['privilege'][0]) self.redirect(('/user/info')) else: if self.muser.update_privilege(xg_username, post_data['privilege'][0]): output = { 'del_category ': 1, } else: output = { 'del_category ': 0, } return json.dump(output, self) @tornado.web.authenticated def logout(self): self.clear_all_cookies() self.redirect('/') @tornado.web.authenticated def changepass(self): self.render('{0}/{1}/changepass.html'.format(self.tmpl_name, self.tmpl_router), user_info=self.muser.get_by_id(self.user_name)) @tornado.web.authenticated def change_info(self): self.render('{0}/{1}/changeinfo.html'.format(self.tmpl_name, self.tmpl_router), user_info=self.muser.get_by_id(self.user_name)) @tornado.web.authenticated def change_privilege(self, xg_username): self.render('{0}/{1}/changeprivilege.html'.format(self.tmpl_name, self.tmpl_router), user_info=self.muser.get_by_id(xg_username)) @tornado.web.authenticated def show_info(self): self.render('{0}/{1}/info.html'.format(self.tmpl_name, self.tmpl_router), user_info=self.muser.get_by_id(self.user_name), userinfo=self.muser.get_by_id(self.user_name), ) def to_reset_password(self): self.render('{0}/{1}/reset_password.html'.format(self.tmpl_name, self.tmpl_router)) def to_login(self): if self.get_current_user(): self.redirect('/') else: kwd = { 'pager': '', } self.render('{0}/{1}/login.html'.format(self.tmpl_name, self.tmpl_router), kwd=kwd, userinfo = None, ) def register(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) form = SumForm(self.request.arguments) if form.validate(): if self.muser.insert_data(post_data): self.redirect('/user/login') else: kwd = { 'info': '注册不成功', } self.set_status(400) self.render('html/404.html', cfg = config.cfg, kwd=kwd, userinfo = None,) else: kwd = { 'info': '注册不成功', } self.set_status(400) self.render('html/404.html', cfg = config.cfg, kwd=kwd, userinfo = None,) def __to_register__(self): kwd = { 'pager': '', } self.render('{0}/{1}/regist.html'.format(self.tmpl_name, self.tmpl_router), cfg = config.cfg, userinfo = None, kwd=kwd) def login(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) if 'next' in post_data: next_url = post_data['next'][0] else: next_url = '/' u_name = post_data['user_name'][0] u_pass = post_data['user_pass'][0] kwd = { 'pager': '', } result = self.muser.check_user(u_name, u_pass) if result == 1: self.set_secure_cookie("user", u_name) self.redirect("{0}".format(next_url)) elif result == 0: self.set_status(401) kwd = { 'info': '密码验证出错,请<a href="/user/login">重新登陆</a>。' } self.render('html/404.html', cfg = config.cfg, kwd=kwd, userinfo = self.userinfo,) elif result == -1: self.set_status(401) kwd = { 'info': '没有这个用户' } self.render('html/404.html', cfg = config.cfg, kwd=kwd, userinfo = self.userinfo,) else: self.set_status(305) self.redirect("{0}".format(next_url)) def to_find(self, ): kwd = { 'pager': '', } self.render('{0}/{1}/find.html'.format(self.tmpl_name, self.tmpl_router), cfg = config.cfg, kwd=kwd, userinfo = self.userinfo, ) def p_to_find(self, ): kwd = { 'pager': '', } self.render('{0}/{1}/find_list.html'.format(self.tmpl_name, self.tmpl_router), kwd=kwd, view=self.muser.get_by_keyword(""), cfg = config.cfg, userinfo = self.userinfo, ) def find(self, keyword): kwd = { 'pager': '', 'unescape': tornado.escape.xhtml_unescape, 'title': '查找结果', } if self.tmpl_router == "user": self.render('{0}/{1}/find_list.html'.format(self.tmpl_name, self.tmpl_router), kwd=kwd, view=self.muser.get_by_keyword(keyword), cfg = config.cfg, userinfo = self.userinfo, ) else: result=self.muser.get_by_keyword(keyword) if result: output = { 'find': result } else: output = { 'find': 0, } return json.dump(output, self) def delete(self, del_id): if self.tmpl_router == "user": is_deleted = self.muser.delete(del_id) if is_deleted: self.redirect('/user/find') else: return False else: if self.muser.delete(del_id): output = { 'del_category': 1 } else: output = { 'del_category': 0, } return json.dump(output, self) def post_find(self): keyword = self.get_argument('keyword') self.find(keyword) def reset_password(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) if 'email' in post_data: userinfo = self.muser.get_by_email(post_data['email'][0]) if tools.timestamp() - userinfo.reset_passwd_timestamp < 70: self.set_status(400) kwd = { 'info': '两次重置密码时间应该大于1分钟', } self.render('html/404.html', kwd=kwd, userinfo = self.userinfo) return False if userinfo: timestamp = tools.timestamp() passwd = userinfo.user_pass username = userinfo.user_name hash_str = tools.md5(username + str(timestamp) + passwd) url_reset = '{0}/user/reset-passwd?u={1}&t={2}&p={3}'.format(config.site_url, username, timestamp, hash_str) email_cnt = ''' <div>请查看下面的信息,并<span style="color:red">谨慎操作</span>:</div> <div>您在"{0}"网站({1})申请了密码重置,如果确定要进行密码重置,请打开下面链接:</div> <div><a href={2}>{2}</a></div> <div>如果无法确定本信息的有效性,请忽略本邮件。</div> '''.format(config.site_name, config.site_url, url_reset) if send_mail([userinfo.user_email], "{0}|密码重置".format(config.site_name), email_cnt): self.muser.update_reset_passwd_timestamp(username, timestamp) self.set_status(200) return True else: self.set_status(400) return False else: self.set_status(400) return False else: self.set_status(400) return False def gen_passwd(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) userinfo = self.muser.get_by_id(post_data['u'][0]) sub_timestamp = int(post_data['t'][0]) cur_timestamp = tools.timestamp() if cur_timestamp - sub_timestamp < 600 and cur_timestamp > sub_timestamp: pass else: kwd = { 'info': '密码重置已超时!', } self.set_status(400) self.render('html/404.html', kwd=kwd, userinfo = self.userinfo) hash_str = tools.md5(userinfo.user_name + post_data['t'][0] + userinfo.user_pass) if hash_str == post_data['p'][0]: pass else: kwd = { 'info': '密码重置验证出错!', } self.set_status(400) self.render('html/404.html', kwd=kwd, userinfo = self.userinfo,) new_passwd = tools.get_uu8d() self.muser.update_pass(userinfo.user_name, new_passwd) kwd = { 'user_name': userinfo.user_name, 'new_pass': new_passwd, } self.render('{0}/{1}/show_pass.html'.format(self.tmpl_name, self.tmpl_router), cfg = config.cfg, kwd=kwd, userinfo = self.userinfo,)
class MaintainPycateCategoryHandler(BaseHandler): def initialize(self): self.init() self.muser = MUser() self.mclass = MPycateCatalog() if self.get_current_user(): self.userinfo = self.muser.get_by_id(self.get_current_user()) else: self.userinfo = None def get(self, url_str=''): url_arr = self.parse_url(url_str) if url_str == 'add': self.to_add_class() elif url_str == 'list': self.recent() elif url_str == 'refresh': self.refresh() elif url_arr[0] == 'modify': self.to_modify(url_arr[1]) elif url_arr[0] == 'delete': self.delete(url_arr[1]) else: kwd = { 'info': '页面未找到', } self.render('html/404.html', kwd=kwd) def post(self, url_str=''): url_arr = self.parse_url(url_str) if len(url_arr) == 1 and url_str.endswith('.html'): self.add_post() if url_arr[0] == 'modify': self.update(url_arr[1]) elif url_str == 'add': self.user_add_class() else: self.redirect('html/404.html') def recent(self): kwd = { 'pager': '', 'unescape': tornado.escape.xhtml_unescape, 'title': '最近文档', } self.render('{0}/maintain/pycatecategory/category_list.html'.format(self.tmpl_name), kwd=kwd, view=self.mclass.query_recent(), format_date=tools.format_date, userinfo=self.userinfo, ) def refresh(self): kwd = { 'pager': '', 'title': '最近文档', } self.render('{0}/maintain/pycatecategory/category_list.html'.format(self.tmpl_name), kwd=kwd, userinfo=self.userinfo, view=self.mclass.query_dated(10), format_date=tools.format_date, unescape=tornado.escape.xhtml_unescape, ) def get_random(self): return self.mclass.query_random() def wiki(self, uid): dbdate = self.mclass.get_by_id(uid) if dbdate: self.viewit(uid) else: self.to_add(uid) def to_add_class(self, ): kwd = { 'pager': '', 'uid': '', } self.render('{0}/maintain/pycatecategory/category_add.html'.format(self.tmpl_name), topmenu='', kwd=kwd, userinfo=self.userinfo, ) @tornado.web.authenticated def to_add(self, uid): if self.is_admin(): pass else: return False kwd = { 'uid': uid, 'pager': '', } self.render('{0}/maintain/pycatecategory/list.html'.format(self.tmpl_name), kwd=kwd, ) @tornado.web.authenticated def update(self, uid): if self.is_admin(): pass else: return False raw_data = self.mclass.get_by_id(uid) post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) post_data['user_name'] = self.get_current_user() self.mclass.update(uid, post_data) self.redirect('/maintain/pycatecategory/list'.format(uid)) @tornado.web.authenticated def to_modify(self, id_rec): a = self.mclass.get_by_id(id_rec) # 用户具有管理权限,或文章是用户自己发布的。 if self.is_admin(): pass else: return False kwd = { 'pager': '', } self.render('{0}/maintain/pycatecategory/category_edit.html'.format(self.tmpl_name), kwd=kwd, unescape=tornado.escape.xhtml_unescape, dbrec=a, userinfo=self.userinfo, ) @tornado.web.authenticated def viewit(self, post_id): rec = self.mclass.get_by_uid(post_id) if not rec: kwd = { 'info': '您要找的分类不存在。', } self.render('html/404.html', kwd=kwd) return False kwd = { 'pager': '', 'editable': self.editable(), } self.render('{0}/maintain/pycatecategory/category_view.html'.format(self.tmpl_name), view=rec, unescape=tornado.escape.xhtml_unescape, kwd=kwd, userinfo=self.userinfo, ) @tornado.web.authenticated def user_add_class(self): if self.is_admin(): pass else: return False post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) post_data['user_name'] = self.get_current_user() self.mclass.insert_data(post_data) self.redirect('/maintain/pycatecategory/list'.format()) @tornado.web.authenticated def delete(self, del_id): if self.is_admin(): pass else: return False is_deleted = self.mclass.delete(del_id) if is_deleted: self.redirect('/maintain/pycatecategory/list') else: return False
def init(self): self.muser = MUser() if self.get_current_user(): self.userinfo = self.muser.get_by_id(self.get_current_user()) else: self.userinfo = None
class BaseHandler(tornado.web.RequestHandler, TemplateRendring): def init(self): self.muser = MUser() if self.get_current_user(): self.userinfo = self.muser.get_by_id(self.get_current_user()) else: self.userinfo = None def parse_url(self, url_str): url_str = url_str.strip() url_arr = [] if len(url_str) == 0 else url_str.split('/') return url_arr def check_doc_priv(self, userinfo): priv_dic = { 'ADD': False, 'EDIT': False, 'DELETE': False, 'ADMIN': False } if userinfo.privilege[1] >= '1': priv_dic['ADD'] = True if userinfo.privilege[1] >= '2': priv_dic['EDIT'] = True if userinfo.privilege[1] >= '4': priv_dic['DELETE'] = True if userinfo.privilege[1] >= '8': priv_dic['ADMIN'] = True return priv_dic def get_current_user(self): return self.get_secure_cookie("user") def is_admin(self): if self.userinfo and self.userinfo.privilege[4] == '1': return True return False def editable(self): # Deprecated. if self.get_current_user(): return 1 else: return 0 def render_jinja2(self, template_name, **kwargs): kwargs.update({ 'settings': self.settings, 'STATIC_URL': self.settings.get('static_url_prefix', '/static/'), 'request': self.request, 'current_user': self.current_user, 'xsrf_token': self.xsrf_token, 'xsrf_form_html': self.xsrf_form_html, }) content = self.render_template(template_name, **kwargs) self.write(content)
def initialize(self): self.init() self.muser = MUser() self.user_name = self.get_current_user() self.tmpl_router = 'user_ajax'
class UserHandler(BaseHandler): def initialize(self): self.init() self.muser = MUser() self.user_name = self.get_current_user() self.tmpl_router = 'info' def get(self, url_str): url_arr = self.parse_url(url_str) if url_str == 'regist': if self.get_current_user(): self.redirect('/') else: self.__to_register__() elif url_str == 'login': self.to_login() elif url_str == 'info': self.show_info() elif url_str == 'logout': self.logout() elif url_str == 'reset-password': self.to_reset_password() elif url_str == 'changepass': self.changepass() elif url_str == 'changeinfo': self.change_info() elif url_str == 'reset-passwd': if self.gen_passwd(): pass else: self.redirect(config.site_url) elif url_arr[0] == 'changeprivilege': self.change_privilege(url_arr[1]) elif url_str == 'find': if self.tmpl_router == "user": self.to_find() else: self.p_to_find() elif url_arr[0] == 'find': self.find(url_arr[1]) elif url_arr[0] == 'delete_user': self.delete(url_arr[1]) def post(self, url_str): url_arr = self.parse_url(url_str) if url_str == 'regist': self.register() elif url_str == 'login': self.login() elif url_str == 'changepass': self.changepassword() elif url_arr[0] == 'changepass': self.p_changepassword() elif url_str == 'changeinfo': self.changeinfo() elif url_arr[0] == 'changeinfo': self.p_changeinfo() elif url_str == 'find': self.post_find() elif url_arr[0] == 'find': self.find(url_arr[1]) elif url_str == 'reset-password': self.reset_password() elif url_arr[0] == 'changeprivilege': self.changeprivilege(url_arr[1]) @tornado.web.authenticated def p_changepassword(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) uu = self.muser.check_user(self.user_name, post_data['rawpass'][0]) if uu == 1: self.muser.update_pass(self.user_name, post_data['user_pass'][0]) output = { 'changepass ': uu, } else: output = { 'changepass ': 0, } return json.dump(output, self) @tornado.web.authenticated def p_changeinfo(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) uu = self.muser.check_user(self.user_name, post_data['rawpass'][0]) if uu == 1: self.muser.update_info(self.user_name, post_data['user_email'][0]) output = { 'changeinfo ': uu, } else: output = { 'changeinfo ': 0, } return json.dump(output, self) @tornado.web.authenticated def changepassword(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) uu = self.muser.check_user(self.user_name, post_data['rawpass'][0]) if uu == 1: self.muser.update_pass(self.user_name, post_data['user_pass'][0]) self.redirect(('/{0}/info').format(self.tmpl_router)) else: return False @tornado.web.authenticated def changeinfo(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) uu = self.muser.check_user(self.user_name, post_data['rawpass'][0]) if uu == 1: self.muser.update_info(self.user_name, post_data['user_email'][0]) self.redirect(('/user/info')) else: return False @tornado.web.authenticated def changeprivilege(self, xg_username): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) if self.tmpl_router == "user": self.muser.update_privilege(xg_username, post_data['privilege'][0]) self.redirect(('/user/info')) else: if self.muser.update_privilege(xg_username, post_data['privilege'][0]): output = { 'del_category ': 1, } else: output = { 'del_category ': 0, } return json.dump(output, self) @tornado.web.authenticated def logout(self): self.clear_all_cookies() self.redirect('/') @tornado.web.authenticated def changepass(self): self.render('user/{0}/changepass.html'.format(self.tmpl_router), userinfo=self.muser.get_by_id(self.user_name)) @tornado.web.authenticated def change_info(self): self.render('user/{0}/changeinfo.html'.format(self.tmpl_router), userinfo=self.muser.get_by_id(self.user_name)) @tornado.web.authenticated def change_privilege(self, xg_username): self.render('user/{0}/changeprivilege.html'.format(self.tmpl_router), userinfo=self.muser.get_by_id(xg_username)) @tornado.web.authenticated def show_info(self): self.render('user/{0}/info.html'.format(self.tmpl_router), userinfo=self.muser.get_by_id(self.user_name), ) def to_reset_password(self): self.render('user/{0}/reset_password.html'.format(self.tmpl_router)) def to_login(self): if self.get_current_user(): self.redirect('/') else: kwd = { 'pager': '', } self.render('user/{0}/login.html'.format(self.tmpl_router), kwd=kwd, userinfo=None, ) def register(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) form = SumForm(self.request.arguments) if form.validate(): if self.muser.insert_data(post_data): self.redirect('/user/login') else: kwd = { 'info': '注册不成功', } self.set_status(400) self.render('html/404.html', cfg=config.cfg, kwd=kwd, userinfo=None, ) else: kwd = { 'info': '注册不成功', } self.set_status(400) self.render('html/404.html', cfg=config.cfg, kwd=kwd, userinfo=None, ) def __to_register__(self): kwd = { 'pager': '', } self.render('user/{0}/regist.html'.format(self.tmpl_router), cfg=config.cfg, userinfo=None, kwd=kwd) def login(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) if 'next' in post_data: next_url = post_data['next'][0] else: next_url = '/' u_name = post_data['user_name'][0] u_pass = post_data['user_pass'][0] kwd = { 'pager': '', } result = self.muser.check_user(u_name, u_pass) if result == 1: self.set_secure_cookie("user", u_name) self.redirect("{0}".format(next_url)) elif result == 0: self.set_status(401) kwd = { 'info': '密码验证出错,请<a href="/user/login">重新登陆</a>。' } self.render('html/404.html', cfg=config.cfg, kwd=kwd, userinfo=self.userinfo, ) elif result == -1: self.set_status(401) kwd = { 'info': '没有这个用户' } self.render('html/404.html', cfg=config.cfg, kwd=kwd, userinfo=self.userinfo, ) else: self.set_status(305) self.redirect("{0}".format(next_url)) def to_find(self, ): kwd = { 'pager': '', } self.render('user/{0}/find.html'.format(self.tmpl_router), cfg=config.cfg, kwd=kwd, userinfo=self.userinfo, ) def p_to_find(self, ): kwd = { 'pager': '', } self.render('user/{0}/find_list.html'.format(self.tmpl_router), kwd=kwd, view=self.muser.get_by_keyword(""), cfg=config.cfg, userinfo=self.userinfo, ) def find(self, keyword): kwd = { 'pager': '', 'unescape': tornado.escape.xhtml_unescape, 'title': '查找结果', } if self.tmpl_router == "user": self.render('user/{0}/find_list.html'.format(self.tmpl_router), kwd=kwd, view=self.muser.get_by_keyword(keyword), cfg=config.cfg, userinfo=self.userinfo, ) else: result = self.muser.get_by_keyword(keyword) if result: output = { 'find': result } else: output = { 'find': 0, } return json.dump(output, self) def delete(self, del_id): if self.tmpl_router == "user": is_deleted = self.muser.delete(del_id) if is_deleted: self.redirect('/user/find') else: return False else: if self.muser.delete(del_id): output = { 'del_category': 1 } else: output = { 'del_category': 0, } return json.dump(output, self) def post_find(self): keyword = self.get_argument('keyword') self.find(keyword) def reset_password(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) if 'email' in post_data: userinfo = self.muser.get_by_email(post_data['email'][0]) if tools.timestamp() - userinfo.reset_passwd_timestamp < 70: self.set_status(400) kwd = { 'info': '两次重置密码时间应该大于1分钟', } self.render('html/404.html', kwd=kwd, userinfo=self.userinfo) return False if userinfo: timestamp = tools.timestamp() passwd = userinfo.user_pass username = userinfo.user_name hash_str = tools.md5(username + str(timestamp) + passwd) url_reset = '{0}/user/reset-passwd?u={1}&t={2}&p={3}'.format(config.site_url, username, timestamp, hash_str) email_cnt = ''' <div>请查看下面的信息,并<span style="color:red">谨慎操作</span>:</div> <div>您在"{0}"网站({1})申请了密码重置,如果确定要进行密码重置,请打开下面链接:</div> <div><a href={2}>{2}</a></div> <div>如果无法确定本信息的有效性,请忽略本邮件。</div> '''.format(config.site_name, config.site_url, url_reset) if send_mail([userinfo.user_email], "{0}|密码重置".format(config.site_name), email_cnt): self.muser.update_reset_passwd_timestamp(username, timestamp) self.set_status(200) return True else: self.set_status(400) return False else: self.set_status(400) return False else: self.set_status(400) return False def gen_passwd(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) userinfo = self.muser.get_by_id(post_data['u'][0]) sub_timestamp = int(post_data['t'][0]) cur_timestamp = tools.timestamp() if cur_timestamp - sub_timestamp < 600 and cur_timestamp > sub_timestamp: pass else: kwd = { 'info': '密码重置已超时!', } self.set_status(400) self.render('html/404.html', kwd=kwd, userinfo=self.userinfo) hash_str = tools.md5(userinfo.user_name + post_data['t'][0] + userinfo.user_pass) if hash_str == post_data['p'][0]: pass else: kwd = { 'info': '密码重置验证出错!', } self.set_status(400) self.render('html/404.html', kwd=kwd, userinfo=self.userinfo, ) new_passwd = tools.get_uu8d() self.muser.update_pass(userinfo.user_name, new_passwd) kwd = { 'user_name': userinfo.user_name, 'new_pass': new_passwd, } self.render('user/{0}/show_pass.html'.format(self.tmpl_router), cfg=config.cfg, kwd=kwd, userinfo=self.userinfo, )
class MaintainPycateCategoryHandler(BaseHandler): def initialize(self): self.init() self.muser = MUser() self.mclass = MPycateCatalog() if self.get_current_user(): self.userinfo = self.muser.get_by_id(self.get_current_user()) else: self.userinfo = None def get(self, url_str=''): url_arr = self.parse_url(url_str) if url_str == 'add': self.to_add_class() elif url_str == 'list': self.recent() elif url_str == 'refresh': self.refresh() elif url_arr[0] == 'modify': self.to_modify(url_arr[1]) elif url_arr[0] == 'delete': self.delete(url_arr[1]) else: kwd = { 'info': '页面未找到', } self.render('html/404.html', kwd=kwd) def post(self, url_str=''): url_arr = self.parse_url(url_str) if len(url_arr) == 1 and url_str.endswith('.html'): self.add_post() if url_arr[0] == 'modify': self.update(url_arr[1]) elif url_str == 'add': self.user_add_class() else: self.redirect('html/404.html') def recent(self): kwd = { 'pager': '', 'unescape': tornado.escape.xhtml_unescape, 'title': '最近文档', } self.render( 'doc/maintain/pycatecategory/category_list.html', kwd=kwd, view=self.mclass.query_recent(), format_date=tools.format_date, userinfo=self.userinfo, ) def refresh(self): kwd = { 'pager': '', 'title': '最近文档', } self.render( 'doc/maintain/pycatecategory/category_list.html', kwd=kwd, userinfo=self.userinfo, view=self.mclass.query_dated(10), format_date=tools.format_date, unescape=tornado.escape.xhtml_unescape, ) def get_random(self): return self.mclass.query_random() def wiki(self, uid): dbdate = self.mclass.get_by_id(uid) if dbdate: self.viewit(uid) else: self.to_add(uid) def to_add_class(self, ): kwd = { 'pager': '', 'uid': '', } self.render( 'doc/maintain/pycatecategory/category_add.html', topmenu='', kwd=kwd, userinfo=self.userinfo, ) @tornado.web.authenticated def to_add(self, uid): if self.is_admin(): pass else: return False kwd = { 'uid': uid, 'pager': '', } self.render( 'doc/maintain/pycatecategory/list.html', kwd=kwd, ) @tornado.web.authenticated def update(self, uid): if self.is_admin(): pass else: return False raw_data = self.mclass.get_by_id(uid) post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) post_data['user_name'] = self.get_current_user() self.mclass.update(uid, post_data) self.redirect('/maintain/pycatecategory/list'.format(uid)) @tornado.web.authenticated def to_modify(self, id_rec): a = self.mclass.get_by_id(id_rec) # 用户具有管理权限,或文章是用户自己发布的。 if self.is_admin(): pass else: return False kwd = { 'pager': '', } self.render( 'doc/maintain/pycatecategory/category_edit.html', kwd=kwd, unescape=tornado.escape.xhtml_unescape, dbrec=a, userinfo=self.userinfo, ) @tornado.web.authenticated def viewit(self, post_id): rec = self.mclass.get_by_uid(post_id) if not rec: kwd = { 'info': '您要找的分类不存在。', } self.render('html/404.html', kwd=kwd) return False kwd = { 'pager': '', 'editable': self.editable(), } self.render( 'doc/maintain/pycatecategory/category_view.html', view=rec, unescape=tornado.escape.xhtml_unescape, kwd=kwd, userinfo=self.userinfo, ) @tornado.web.authenticated def user_add_class(self): if self.is_admin(): pass else: return False post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) post_data['user_name'] = self.get_current_user() self.mclass.insert_data(post_data) self.redirect('/maintain/pycatecategory/list'.format()) @tornado.web.authenticated def delete(self, del_id): if self.is_admin(): pass else: return False is_deleted = self.mclass.delete(del_id) if is_deleted: self.redirect('/maintain/pycatecategory/list') else: return False