def post(self, *args, **kwargs): admin_user_service = AdminUserService() account = self.get_body_argument('account', None) password = self.get_body_argument('password', None) remember = self.get_body_argument('remember', None) code = 0 message = '' result = {'userId': None} if not all([account, password]): code = system_code.PARAM_MISS else: admin_user, code = admin_user_service.login(account, password) if code == 0: code = system_code.SUCCESS # 登录设置token token = admin_user_service.create_user_token( admin_user.admin_user_id, 'website') if token: self.set_secure_cookie('token_id', token) session_service = SessionService() session_service.set_session(self.session_id, 'user_id', admin_user.admin_user_id) result['userId'] = admin_user.admin_user_id self.redirect('/index') return else: code = system_code.USER_LOGIN_ERROR self.render_json(result, code, message) return
def get(self, *args, **kwargs): request_service = RequestService() user_info_service = UserInfoService() zone_service = ZoneService() user_id = self.get_query_argument('userId', None) callback = self.get_body_argument('callback', None) if user_id: user_id = utils.val_to_int(user_id) result = dict() if user_id: if not user_id: user_id = self.current_user if user_id: remain_request = request_service.get_remain_request(self.request.remote_ip, user_id) if remain_request < 0: yield gen.sleep(3) if remain_request > -5: is_me = (user_id == self.current_user) user, code = user_info_service.get_user(user_id) zone, code = zone_service.get_owned_zone_ids(user_id) if user: session_service = SessionService() avatar = session_service.get_session(self.session_id, 'avatar') if not avatar: avatar = random.choice(USER_AVATAR_LIST) session_service.set_session(self.session_id, 'avatar', avatar) result['isMe'] = is_me result['user'] = { 'userId': user_id, 'account': user.get('user').zone_source_account, 'nickname': user.get('user').zone_source_nickname, 'qq': user.get('user').zone_source_qq, 'avatar': avatar } else: yield gen.sleep(10) code = system_code.SERVER_ERROR else: code = system_code.PARAM_ERROR else: code = system_code.PARAM_ERROR if callback: self.render_jsonp(callback, result, code) else: self.render_json(result, code) return
def initialize(self): self.__admin_user_info_service = AdminUserInfoService() self.__session_service = SessionService() self.__set_session() self.__set_header()
class BaseWebsiteHandler(tornado.web.RequestHandler): # session_id __session_id = None __device_id = None __user_info_service = None __session_service = None def initialize(self): self.__admin_user_info_service = AdminUserInfoService() self.__session_service = SessionService() self.__set_session() self.__set_header() def __set_header(self): ALLOW_ORIGIN = [ 'http://127.0.0.1:3000', # me 'http://192.168.2.97:3000', # me 'http://192.168.2.97' # nginx ] self.set_header('Access-Control-Allow-Methods', 'POST, PUT, GET, OPTIONS, DELETE') origin = self.request.headers.get('Origin') if origin in ALLOW_ORIGIN: self.set_header('Access-Control-Allow-Origin', origin) self.set_header('Access-Control-Allow-Credentials', 'true') self.set_header( 'Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization' ) # self.set_header('Content-Type', 'application/json; charset="utf-8"') self.set_header('Content-Type', 'text/html; charset="utf-8"') self.set_header('Server', 'HuaduServer') self.set_header('Cache-Control', 'private') self.set_header('Version', 'v1.0') def __set_session(self): """ 初始化session :return: """ self.__session_id = self.get_secure_cookie('session_id') if not self.__session_id: self.__session_id = self.__session_service.generage_session_id() self.set_secure_cookie('session_id', self.__session_id, expires_days=None, httponly=True) @property def session_id(self): if self.__session_id is None: self.__set_session() return self.__session_id @property def device_id(self): if self.__device_id is None: self.__device_id = self.request.headers.get('deviceId', None) return self.__device_id def render_json(self, data=None, code=0, message=''): if message == '': message = system_code.MSG.get(code, system_code.MSG.get(system_code.SERVER_ERROR)) result = { 'data': data if data else None, 'code': code, 'message': message } self.write(json.dumps(result, ensure_ascii=False)) def render_jsonp(self, callback, data=None, code=0, message=''): if message == '': message = system_code.MSG.get(code, system_code.MSG.get(system_code.SERVER_ERROR)) result = { 'data': data if data else None, 'code': code, 'message': message } result = '%s(%s)' % (str(callback), json.dumps(result, ensure_ascii=False)) self.write(result) def get_current_user(self): user_id = self.__session_service.get_session(self.session_id, 'user_id') token = self.get_secure_cookie("token_id") user_id = self.__admin_user_info_service.get_current_user( self.session_id, user_id, token ) if user_id: return user_id else: return None def render(self, template_name, **kwargs): request_time = '' if self.request.request_time(): request_time = self.request.request_time() * 1000 request_time = int(request_time) request_time = str(request_time) + 'ms' if self.current_user: super(BaseWebsiteHandler, self).render( template_name, admin_user_id=self.current_user, request_time=request_time, xsrf_form_html=self.xsrf_form_html, int=val_to_int, reverse_url=self.reverse_url, static_url=self.static_url, image_base_url=IMAGE_BASE_URL, **kwargs ) else: super(BaseWebsiteHandler, self).render( template_name, request_time=request_time, image_base_url=IMAGE_BASE_URL, int=val_to_int, reverse_url=self.reverse_url, xsrf_form_html=self.xsrf_form_html, static_url=self.static_url, **kwargs )
def post(self, *args, **kwargs): check_service = CheckService() session_service = SessionService() user_service = UserService() account = self.get_body_argument('account', None) password = self.get_body_argument('password', None) password_confirm = self.get_body_argument('passwordConfirm', None) nickname = self.get_body_argument('nickname', None) email = self.get_body_argument('email', None) qq = self.get_body_argument('qq', None) mobile = self.get_body_argument('mobile', None) fee_account_name = self.get_body_argument('feeAccountName', None) fee_account_num = self.get_body_argument('feeAccountNum', None) callback = self.get_body_argument('callback', None) code = 0 message = '' result = {'token': None, 'userId': None} if not all([ account, password, password_confirm, nickname, email, qq, fee_account_name, fee_account_num ]): code = system_code.PARAM_MISS elif password != password_confirm: code = system_code.USER_PWD_CONFIRM_NOT_MATCH else: # 用户名检查 account_flag = check_service.check_account(account) # 昵称检查 nickname_flag = check_service.check_nickname(nickname) # 密码检查 password_flag = check_service.check_password(password) # 邮箱检查 email_flag = check_service.check_email(email) # QQ检查 qq_flag = check_service.check_qq(qq) # 手机号检查 mobile_flag = check_service.check_mobile(mobile) if sum([ account_flag, nickname_flag, password_flag, email_flag, qq_flag, mobile_flag ]) == 0: # 创建用户 user_id, token = user_service.create_user( account, password, nickname, email, qq, mobile, fee_account_name, fee_account_num) if user_id and token: self.set_secure_cookie('token_id', token, expires_days=365) session_service.set_session(self.session_id, 'user_id', user_id) result['userId'] = user_id result['token'] = token code = system_code.SUCCESS else: # 用户名 if account_flag == 1: code = system_code.USER_ACCOUNT_TOO_SHORT elif account_flag == 2: code = system_code.USER_ACCOUNT_CHAR_NOT_ALLOWED elif account_flag == 3: code = system_code.USER_IS_EXIST # 昵称 elif nickname_flag == 1: code = system_code.USER_NICKNAME_CHAR_NOT_ALLOWED # 密码 elif password_flag == 1: code = system_code.USER_PWD_TOO_SHORT elif password_flag == 2: code = system_code.USER_PWD_DISABLED # 邮箱 elif email_flag == 1: code = system_code.USER_EMAIL_DISABLED # QQ elif qq_flag == 1: code = system_code.USER_QQ_DISABLED # 手机 elif mobile_flag == 1: code = system_code.USER_MOBILE_DISABLED if callback: self.render_jsonp(callback, result, code, message) else: self.render_json(result, code, message) return
def __init__(self): super(Service, self).__init__() self.__session_service = SessionService() self.__admin_user_data_factory = AdminUserDataFactory()
def __init__(self): super(Service, self).__init__() self.__session_service = SessionService()
class VerificationCodeService(Service): __session_service = None def __init__(self): super(Service, self).__init__() self.__session_service = SessionService() @classmethod def generate_verification_code(cls, number=6): """ 生成指定位数验证码 :param number: 位数 :return: """ return ''.join([ random.choice(string.digits + string.ascii_letters) for x in range(number) ]) def check_verification_code(self, session_id, code): """ 验证图形验证码 :param session_id: :param code: :return: """ sms_code = self.__session_service.get_session(session_id, SMS_CODE) if sms_code and code.lower() == sms_code.lower(): return True else: return False def get_verification_code_image(self, session_id): code = self.generate_verification_code(4) self.__session_service.set_session(session_id, SMS_CODE, code) sms_times = self.__session_service.set_incr_session( session_id, SMS_TIMES) if sms_times > 100: return False else: return self.generate_verify_image(code) # 生成验证码接口 def generate_verify_image( self, code_str, size=(124, 66), img_type="GIF", mode="RGB", bg_color=(255, 255, 255), fg_color=(0, 0, 255), font_size=18, font_type="./yule/service/verification/DejaVuSans.ttf", draw_lines=True, n_line=(1, 2), draw_points=True, point_chance=2): """ 生成验证码图片 :param size: 图片的大小,格式(宽,高),默认为(124, 66) :param code_str: 验证码字符 """ width, height = size img = Image.new(mode, size, bg_color) draw = ImageDraw.Draw(img) def create_lines(): line_num = random.randint(*n_line) for i in range(line_num): begin = (random.randint(0, size[0]), random.randint(0, size[1])) end = (random.randint(0, size[0]), random.randint(0, size[1])) draw.line([begin, end], fill=(0, 0, 0)) def create_points(): chance = min(100, max(0, int(point_chance))) for w in xrange(width): for h in xrange(height): tmp = random.randint(0, 100) if tmp > 100 - chance: draw.point((w, h), fill=(0, 0, 0)) def create_strs(): c_chars = code_str strs = ' %s ' % ' '.join(c_chars) font = ImageFont.truetype(font_type, font_size) font_width, font_height = font.getsize(strs) draw.text(((width - font_width) / 3, (height - font_height) / 3), strs, font=font, fill=fg_color) return ''.join(c_chars) if draw_lines: create_lines() if draw_points: create_points() strs = create_strs() params = [ 1 - float(random.randint(1, 2)) / 100, 0, 0, 0, 1 - float(random.randint(1, 10)) / 100, float(random.randint(1, 2)) / 500, 0.001, float(random.randint(1, 2)) / 500 ] img = img.transform(size, Image.PERSPECTIVE, params) img = img.filter(ImageFilter.EDGE_ENHANCE_MORE) mstream = StringIO.StringIO() img.save(mstream, img_type) return mstream, strs
class SmsService(Service): __session_service = None def __init__(self): super(Service, self).__init__() self.__session_service = SessionService() @classmethod def generate_verification_code(cls, number=6): """ 生成指定位数验证码 :param number: 位数 :return: """ return ''.join([random.choice(string.digits) for x in range(number)]) @gen.coroutine def send_verification_code(self, phone, sms_type, session_id): """ :param phone: 手机号 :param sms_type: 短信类型 :param session_id: session id :return: """ if sms_type == TYPE_REGISTER: result = yield self.__register(session_id, phone) elif sms_type == TYPE_RESETPASS: result = False else: result = False raise gen.Return(result) def check_verification_code(self, session_id, phone, code): """ 验证短信 :param session_id: :param phone: :param code: :return: """ sms_code = self.__session_service.get_session(session_id, SMS_CODE) mobile_num = self.__session_service.get_session( session_id, SMS_MOBILE_NUM) if sms_code and mobile_num and phone == mobile_num and code == sms_code: return True else: return False @gen.coroutine def send_sms_to_aliyun(self, sms_param, mobile, sms_template=None): """ 通过阿里服务发送短信 :param sms_param: 验证码参数 :param mobile: 手机号 :param sms_template: 短信模板 :return: """ if not all([sms_param, mobile, sms_template]): raise gen.Return(False) url = 'http://gw.api.taobao.com/router/rest' data = { 'method': 'alibaba.aliqin.fc.sms.num.send', 'app_key': '23266160', 'timestamp': datetime.strftime(datetime.now(), "%Y-%m-%d %H:%M:%S"), 'v': '2.0', 'sign_method': 'hmac', 'format': 'json', 'sms_type': 'normal', 'sms_free_sign_name': u'第一弹', 'sms_param': json.dumps(sms_param), 'rec_num': mobile, 'sms_template_code': sms_template, } # 计算签名 all_arguments = [] for key in data: all_arguments.append(key + data[key]) all_arguments.sort() # 中文排序的问题,待解决 sign_str = ''.join(all_arguments) # sign_str.replace('sms_free_sign_name', 'sms_free_sign_name第一弹') sig = hmac.new('a7acc795929dd5d8486d4140969d96d6', sign_str.encode('utf-8'), hashlib.md5).hexdigest() sig = sig.upper() data['sign'] = sig data['sms_free_sign_name'] = '第一弹' # 不然后面会有编码问题 result = False body = urllib.urlencode(data) response_body = yield http.send_http_request(url, method="POST", body=body) if not response_body.get('error_response'): if response_body['alibaba_aliqin_fc_sms_num_send_response'][ 'result']['success']: result = True raise gen.Return(result) @gen.coroutine def __register(self, session_id, phone): code = self.generate_verification_code(6) self.__session_service.set_session(session_id, SMS_CODE, code) self.__session_service.set_session(session_id, SMS_MOBILE_NUM, phone) sms_times = self.__session_service.set_incr_session( session_id, SMS_TIMES) if sms_times > 10: raise gen.Return(False) else: sms_param = {'code': code} result = yield self.send_sms_to_aliyun(sms_param, phone, SMS_TEMPLATE_78700021) raise gen.Return(result)
def __init__(self): super(Service, self).__init__() self.__session_service = SessionService() self.__user_data_factory = ZoneSourceDataFactory()