def post(self, *args, **kwargs):
admin_user_service = AdminUserService()
account = self.get_body_argument('account', None)
password = self.get_body_argument('password', None)
remember = self.get_body_argument('remember', None)
code = 0
message = ''
result = {'userId': None}
if not all([account, password]):
code = system_code.PARAM_MISS
else:
admin_user, code = admin_user_service.login(account, password)
if code == 0:
code = system_code.SUCCESS
# 登录设置token
token = admin_user_service.create_user_token(
admin_user.admin_user_id, 'website')
if token:
self.set_secure_cookie('token_id', token)
session_service = SessionService()
session_service.set_session(self.session_id, 'user_id',
admin_user.admin_user_id)
result['userId'] = admin_user.admin_user_id
self.redirect('/index')
return
else:
code = system_code.USER_LOGIN_ERROR
self.render_json(result, code, message)
return
def get(self, *args, **kwargs):
request_service = RequestService()
user_info_service = UserInfoService()
zone_service = ZoneService()
user_id = self.get_query_argument('userId', None)
callback = self.get_body_argument('callback', None)
if user_id:
user_id = utils.val_to_int(user_id)
result = dict()
if user_id:
if not user_id:
user_id = self.current_user
if user_id:
remain_request = request_service.get_remain_request(self.request.remote_ip, user_id)
if remain_request < 0:
yield gen.sleep(3)
if remain_request > -5:
is_me = (user_id == self.current_user)
user, code = user_info_service.get_user(user_id)
zone, code = zone_service.get_owned_zone_ids(user_id)
if user:
session_service = SessionService()
avatar = session_service.get_session(self.session_id, 'avatar')
if not avatar:
avatar = random.choice(USER_AVATAR_LIST)
session_service.set_session(self.session_id, 'avatar', avatar)
result['isMe'] = is_me
result['user'] = {
'userId': user_id,
'account': user.get('user').zone_source_account,
'nickname': user.get('user').zone_source_nickname,
'qq': user.get('user').zone_source_qq,
'avatar': avatar
}
else:
yield gen.sleep(10)
code = system_code.SERVER_ERROR
else:
code = system_code.PARAM_ERROR
else:
code = system_code.PARAM_ERROR
if callback:
self.render_jsonp(callback, result, code)
else:
self.render_json(result, code)
return
def initialize(self):
self.__admin_user_info_service = AdminUserInfoService()
self.__session_service = SessionService()
self.__set_session()
self.__set_header()
class BaseWebsiteHandler(tornado.web.RequestHandler):
# session_id
__session_id = None
__device_id = None
__user_info_service = None
__session_service = None
def initialize(self):
self.__admin_user_info_service = AdminUserInfoService()
self.__session_service = SessionService()
self.__set_session()
self.__set_header()
def __set_header(self):
ALLOW_ORIGIN = [
'http://127.0.0.1:3000', # me
'http://192.168.2.97:3000', # me
'http://192.168.2.97' # nginx
]
self.set_header('Access-Control-Allow-Methods', 'POST, PUT, GET, OPTIONS, DELETE')
origin = self.request.headers.get('Origin')
if origin in ALLOW_ORIGIN:
self.set_header('Access-Control-Allow-Origin', origin)
self.set_header('Access-Control-Allow-Credentials', 'true')
self.set_header(
'Access-Control-Allow-Headers',
'Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization'
)
# self.set_header('Content-Type', 'application/json; charset="utf-8"')
self.set_header('Content-Type', 'text/html; charset="utf-8"')
self.set_header('Server', 'HuaduServer')
self.set_header('Cache-Control', 'private')
self.set_header('Version', 'v1.0')
def __set_session(self):
"""
初始化session
:return:
"""
self.__session_id = self.get_secure_cookie('session_id')
if not self.__session_id:
self.__session_id = self.__session_service.generage_session_id()
self.set_secure_cookie('session_id', self.__session_id, expires_days=None, httponly=True)
@property
def session_id(self):
if self.__session_id is None:
self.__set_session()
return self.__session_id
@property
def device_id(self):
if self.__device_id is None:
self.__device_id = self.request.headers.get('deviceId', None)
return self.__device_id
def render_json(self, data=None, code=0, message=''):
if message == '':
message = system_code.MSG.get(code, system_code.MSG.get(system_code.SERVER_ERROR))
result = {
'data': data if data else None,
'code': code,
'message': message
}
self.write(json.dumps(result, ensure_ascii=False))
def render_jsonp(self, callback, data=None, code=0, message=''):
if message == '':
message = system_code.MSG.get(code, system_code.MSG.get(system_code.SERVER_ERROR))
result = {
'data': data if data else None,
'code': code,
'message': message
}
result = '%s(%s)' % (str(callback), json.dumps(result, ensure_ascii=False))
self.write(result)
def get_current_user(self):
user_id = self.__session_service.get_session(self.session_id, 'user_id')
token = self.get_secure_cookie("token_id")
user_id = self.__admin_user_info_service.get_current_user(
self.session_id,
user_id,
token
)
if user_id:
return user_id
else:
return None
def render(self, template_name, **kwargs):
request_time = ''
if self.request.request_time():
request_time = self.request.request_time() * 1000
request_time = int(request_time)
request_time = str(request_time) + 'ms'
if self.current_user:
super(BaseWebsiteHandler, self).render(
template_name,
admin_user_id=self.current_user,
request_time=request_time,
xsrf_form_html=self.xsrf_form_html,
int=val_to_int,
reverse_url=self.reverse_url,
static_url=self.static_url,
image_base_url=IMAGE_BASE_URL,
**kwargs
)
else:
super(BaseWebsiteHandler, self).render(
template_name,
request_time=request_time,
image_base_url=IMAGE_BASE_URL,
int=val_to_int,
reverse_url=self.reverse_url,
xsrf_form_html=self.xsrf_form_html,
static_url=self.static_url,
**kwargs
)
def post(self, *args, **kwargs):
check_service = CheckService()
session_service = SessionService()
user_service = UserService()
account = self.get_body_argument('account', None)
password = self.get_body_argument('password', None)
password_confirm = self.get_body_argument('passwordConfirm', None)
nickname = self.get_body_argument('nickname', None)
email = self.get_body_argument('email', None)
qq = self.get_body_argument('qq', None)
mobile = self.get_body_argument('mobile', None)
fee_account_name = self.get_body_argument('feeAccountName', None)
fee_account_num = self.get_body_argument('feeAccountNum', None)
callback = self.get_body_argument('callback', None)
code = 0
message = ''
result = {'token': None, 'userId': None}
if not all([
account, password, password_confirm, nickname, email, qq,
fee_account_name, fee_account_num
]):
code = system_code.PARAM_MISS
elif password != password_confirm:
code = system_code.USER_PWD_CONFIRM_NOT_MATCH
else:
# 用户名检查
account_flag = check_service.check_account(account)
# 昵称检查
nickname_flag = check_service.check_nickname(nickname)
# 密码检查
password_flag = check_service.check_password(password)
# 邮箱检查
email_flag = check_service.check_email(email)
# QQ检查
qq_flag = check_service.check_qq(qq)
# 手机号检查
mobile_flag = check_service.check_mobile(mobile)
if sum([
account_flag, nickname_flag, password_flag, email_flag,
qq_flag, mobile_flag
]) == 0:
# 创建用户
user_id, token = user_service.create_user(
account, password, nickname, email, qq, mobile,
fee_account_name, fee_account_num)
if user_id and token:
self.set_secure_cookie('token_id', token, expires_days=365)
session_service.set_session(self.session_id, 'user_id',
user_id)
result['userId'] = user_id
result['token'] = token
code = system_code.SUCCESS
else:
# 用户名
if account_flag == 1:
code = system_code.USER_ACCOUNT_TOO_SHORT
elif account_flag == 2:
code = system_code.USER_ACCOUNT_CHAR_NOT_ALLOWED
elif account_flag == 3:
code = system_code.USER_IS_EXIST
# 昵称
elif nickname_flag == 1:
code = system_code.USER_NICKNAME_CHAR_NOT_ALLOWED
# 密码
elif password_flag == 1:
code = system_code.USER_PWD_TOO_SHORT
elif password_flag == 2:
code = system_code.USER_PWD_DISABLED
# 邮箱
elif email_flag == 1:
code = system_code.USER_EMAIL_DISABLED
# QQ
elif qq_flag == 1:
code = system_code.USER_QQ_DISABLED
# 手机
elif mobile_flag == 1:
code = system_code.USER_MOBILE_DISABLED
if callback:
self.render_jsonp(callback, result, code, message)
else:
self.render_json(result, code, message)
return
def __init__(self):
super(Service, self).__init__()
self.__session_service = SessionService()
self.__admin_user_data_factory = AdminUserDataFactory()
def __init__(self):
super(Service, self).__init__()
self.__session_service = SessionService()
class VerificationCodeService(Service):
__session_service = None
def __init__(self):
super(Service, self).__init__()
self.__session_service = SessionService()
@classmethod
def generate_verification_code(cls, number=6):
"""
生成指定位数验证码
:param number: 位数
:return:
"""
return ''.join([
random.choice(string.digits + string.ascii_letters)
for x in range(number)
])
def check_verification_code(self, session_id, code):
"""
验证图形验证码
:param session_id:
:param code:
:return:
"""
sms_code = self.__session_service.get_session(session_id, SMS_CODE)
if sms_code and code.lower() == sms_code.lower():
return True
else:
return False
def get_verification_code_image(self, session_id):
code = self.generate_verification_code(4)
self.__session_service.set_session(session_id, SMS_CODE, code)
sms_times = self.__session_service.set_incr_session(
session_id, SMS_TIMES)
if sms_times > 100:
return False
else:
return self.generate_verify_image(code)
# 生成验证码接口
def generate_verify_image(
self,
code_str,
size=(124, 66),
img_type="GIF",
mode="RGB",
bg_color=(255, 255, 255),
fg_color=(0, 0, 255),
font_size=18,
font_type="./yule/service/verification/DejaVuSans.ttf",
draw_lines=True,
n_line=(1, 2),
draw_points=True,
point_chance=2):
"""
生成验证码图片
:param size: 图片的大小,格式(宽,高),默认为(124, 66)
:param code_str: 验证码字符
"""
width, height = size
img = Image.new(mode, size, bg_color)
draw = ImageDraw.Draw(img)
def create_lines():
line_num = random.randint(*n_line)
for i in range(line_num):
begin = (random.randint(0,
size[0]), random.randint(0, size[1]))
end = (random.randint(0, size[0]), random.randint(0, size[1]))
draw.line([begin, end], fill=(0, 0, 0))
def create_points():
chance = min(100, max(0, int(point_chance)))
for w in xrange(width):
for h in xrange(height):
tmp = random.randint(0, 100)
if tmp > 100 - chance:
draw.point((w, h), fill=(0, 0, 0))
def create_strs():
c_chars = code_str
strs = ' %s ' % ' '.join(c_chars)
font = ImageFont.truetype(font_type, font_size)
font_width, font_height = font.getsize(strs)
draw.text(((width - font_width) / 3, (height - font_height) / 3),
strs,
font=font,
fill=fg_color)
return ''.join(c_chars)
if draw_lines:
create_lines()
if draw_points:
create_points()
strs = create_strs()
params = [
1 - float(random.randint(1, 2)) / 100, 0, 0, 0,
1 - float(random.randint(1, 10)) / 100,
float(random.randint(1, 2)) / 500, 0.001,
float(random.randint(1, 2)) / 500
]
img = img.transform(size, Image.PERSPECTIVE, params)
img = img.filter(ImageFilter.EDGE_ENHANCE_MORE)
mstream = StringIO.StringIO()
img.save(mstream, img_type)
return mstream, strs
class SmsService(Service):
__session_service = None
def __init__(self):
super(Service, self).__init__()
self.__session_service = SessionService()
@classmethod
def generate_verification_code(cls, number=6):
"""
生成指定位数验证码
:param number: 位数
:return:
"""
return ''.join([random.choice(string.digits) for x in range(number)])
@gen.coroutine
def send_verification_code(self, phone, sms_type, session_id):
"""
:param phone: 手机号
:param sms_type: 短信类型
:param session_id: session id
:return:
"""
if sms_type == TYPE_REGISTER:
result = yield self.__register(session_id, phone)
elif sms_type == TYPE_RESETPASS:
result = False
else:
result = False
raise gen.Return(result)
def check_verification_code(self, session_id, phone, code):
"""
验证短信
:param session_id:
:param phone:
:param code:
:return:
"""
sms_code = self.__session_service.get_session(session_id, SMS_CODE)
mobile_num = self.__session_service.get_session(
session_id, SMS_MOBILE_NUM)
if sms_code and mobile_num and phone == mobile_num and code == sms_code:
return True
else:
return False
@gen.coroutine
def send_sms_to_aliyun(self, sms_param, mobile, sms_template=None):
"""
通过阿里服务发送短信
:param sms_param: 验证码参数
:param mobile: 手机号
:param sms_template: 短信模板
:return:
"""
if not all([sms_param, mobile, sms_template]):
raise gen.Return(False)
url = 'http://gw.api.taobao.com/router/rest'
data = {
'method': 'alibaba.aliqin.fc.sms.num.send',
'app_key': '23266160',
'timestamp': datetime.strftime(datetime.now(),
"%Y-%m-%d %H:%M:%S"),
'v': '2.0',
'sign_method': 'hmac',
'format': 'json',
'sms_type': 'normal',
'sms_free_sign_name': u'第一弹',
'sms_param': json.dumps(sms_param),
'rec_num': mobile,
'sms_template_code': sms_template,
}
# 计算签名
all_arguments = []
for key in data:
all_arguments.append(key + data[key])
all_arguments.sort()
# 中文排序的问题,待解决
sign_str = ''.join(all_arguments)
# sign_str.replace('sms_free_sign_name', 'sms_free_sign_name第一弹')
sig = hmac.new('a7acc795929dd5d8486d4140969d96d6',
sign_str.encode('utf-8'), hashlib.md5).hexdigest()
sig = sig.upper()
data['sign'] = sig
data['sms_free_sign_name'] = '第一弹' # 不然后面会有编码问题
result = False
body = urllib.urlencode(data)
response_body = yield http.send_http_request(url,
method="POST",
body=body)
if not response_body.get('error_response'):
if response_body['alibaba_aliqin_fc_sms_num_send_response'][
'result']['success']:
result = True
raise gen.Return(result)
@gen.coroutine
def __register(self, session_id, phone):
code = self.generate_verification_code(6)
self.__session_service.set_session(session_id, SMS_CODE, code)
self.__session_service.set_session(session_id, SMS_MOBILE_NUM, phone)
sms_times = self.__session_service.set_incr_session(
session_id, SMS_TIMES)
if sms_times > 10:
raise gen.Return(False)
else:
sms_param = {'code': code}
result = yield self.send_sms_to_aliyun(sms_param, phone,
SMS_TEMPLATE_78700021)
raise gen.Return(result)
def __init__(self):
super(Service, self).__init__()
self.__session_service = SessionService()
self.__user_data_factory = ZoneSourceDataFactory()