async def api_change_password(*, email, old_passwd, new_passwd):
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not old_passwd or not _RE_SHA1.match(old_passwd):
raise APIValueError('old passwd')
if not new_passwd or not _RE_SHA1.match(new_passwd):
raise APIValueError('new passwd')
users = await User.findAll('email=?', [email])
if len(users) == 0:
raise APIError('change password:failed', 'email',
'Email is not found.')
user = users[0]
uid = user.getValue('id')
sha1_old_passwd = '%s:%s' % (uid, old_passwd)
if hashlib.sha1(sha1_old_passwd.encode(
'utf-8')).hexdigest() != user.getValue('passwd'):
raise APIError('change password:failed', 'passwd',
'Old password error.')
sha1_new_passwd = '%s:%s' % (uid, new_passwd)
user.passwd = hashlib.sha1(sha1_new_passwd.encode('utf-8')).hexdigest()
await user.update()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMALI.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
user_1 = yield from User.findAll('email=?', [email])
if len(user_1) > 0:
raise APIError('register:failed', 'email', 'Email already used.')
user_2 = yield from User.findAll('name=?', [name])
if len(user_2) > 0:
raise APIError('register:failed', 'name', 'Name already used.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, passwd)
user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
yield from user.save()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_register_user(*, email, name, passwd, key):
if not name or not name.strip():
raise APIValueError("name")
if not email or not _RE_EMAIL.match(email):
raise APIValueError("email")
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError("passwd")
if key != _INVITATION_KEY:
raise APIError("register:failed", "invitation-code",
"Invalid invitation code")
users = await User.findAll("email=?", [email])
if len(users) > 0:
raise APIError("register:failed", "email", "Email is already in use.")
uid = next_id()
sha1_passwd = "%s:%s" % (uid, passwd)
user = User(
id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode("utf-8")).hexdigest(),
image="http://www.gravatar.com/avatar/%s?d=mm&s=120" %
hashlib.md5(email.encode("utf-8")).hexdigest(),
)
await user.save()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = "******"
r.content_type = "application/json"
r.body = json.dumps(user, ensure_ascii=False).encode("utf-8")
return r
def register_user():
i = ctx.request.input(name='', email='', password='')
name = i.name.strip()
email = i.email.strip().lower()
password = i.password
if not name:
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not password or not _RE_MD5.match(password):
raise APIValueError('password')
user = User.find_first('where name=?', name)
if user:
raise APIError('register:failed', 'name', 'Name is already in use.')
user = User.find_first('where email=?', email)
if user:
raise APIError('register:failed', 'email', 'Email is already in use.')
user = User(name=name,
email=email,
password=password,
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email).hexdigest())
user.insert()
# make session cookie:
cookie = make_signed_cookie(user.id, user.password, None)
ctx.response.set_cookie(_COOKIE_NAME, cookie)
return user
def api_blog_edit(request, *, id, name, summary, content):
if request.__user__ is None:
raise APIError('blog', 'edit', 'edit blog before login')
if not name or not name.strip():
raise APIValueError('name', 'name is Null')
if not summary or not summary.strip():
raise APIValueError('summary', 'summary is Null')
if not content or not content.strip():
raise APIValueError('content', 'content is Null')
blog = Blog(name=name,
userid=request.__user__.id,
summary=summary,
content=content,
updatetime=datetime.now().strftime('%Y-%m-%d %H:%M:%S,%f'))
if id:
blog.id = id
res = yield from blog.update()
else:
res = yield from blog.save()
rep = web.Response()
rep.content_type = 'application/json'
if res == 1:
logging.info('save blog sucessed')
rep.body = json.dumps(blog, ensure_ascii=False).encode('utf-8')
else:
logging.info('save blog failed')
raise APIError('edit blog', 'save', 'edit blog failed')
return rep
async def api_register_user(*, name, passwd, email):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
users_by_email = await User.findAll('email=?', [email])
users_by_name = await User.findAll('name=?', [name])
if len(users_by_email) > 0:
raise APIError('register:failed', 'email', 'Email is already in use.')
if len(users_by_name) > 0:
raise APIError('register:failed', 'name', 'Name is already in use.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, passwd)
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image='')
await user.save()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
def authenticate():
i = ctx.request.input()
email = i.email.strip().lower()
password = i.password
user = User.find_first('where email=?', email)
if user is None:
raise APIError('auth:failed', 'email', 'Invalid email.')
elif user.password != password:
raise APIError('auth:failed', 'password', 'Invalid password.')
max_age = 604800
cookie = make_signed_cookie(user.id, user.password, max_age)
ctx.response.set_cookie(_COOKIE_NAME, cookie, max_age=max_age)
user.password = '******'
return user
async def api_create_blog(request, *, name, summary, content):
check_admin(request)
if not name or not name.strip():
APIError('name', 'name cannot be empty.')
if not summary or not summary.strip():
APIError('summary', 'summary cannot be empty.')
if not content or not content.strip():
APIError('content', 'content cannot be content.')
u_id = request.__user__.id
u_name = request.__user__.name
u_image = request.__user__.image
blog = Blog(user_id=u_id, user_name=u_name, user_image=u_image,
name=name.strip(), summary=summary.strip(), content=content.strip())
await blog.save()
return blog
def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
# 判断email是否存在,且是否符合规定的正则表达式
raise APIError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIError('passwd')
users = yield from User.findAll('email=?', [email])
# 查一下库里是否有相同的email地址,如果有的话提示用户email已经被注册过
if len(users):
raise APIError('register:failed', 'email', 'Email is already in use.')
uid = next_id()
# 生成一个当前要注册用户的唯一uid
sha1_passwd = '%s:%s' % (uid, passwd)
admin = False
if email == _ADMIN_EMAIL:
admin = True
# 创建一个用户(密码是通过sha1加密保存)
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest(),
admin=admin)
# 注意数据库中存储的passwd是经过SHA1计算后的40位Hash字符串,所以服务器端并不知道用户的原始口令。
yield from user.save()
# 保存这个用户到数据库用户表
logger.info('save user OK')
r = web.Response()
# 构建返回信息
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
# 86400代表24小时
user.passwd = '******'
# 只把要返回的实例的密码改成'******',库里的密码依然是正确的,以保证真实的密码不会因返回而暴漏
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False,
default=lambda o: o.__dict__).encode('utf-8')
return r
async def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
# 该邮箱是否已注册
users = await User.findAll('email=?', [email])
if len(users) > 0:
raise APIError('register:failed', 'email', 'Email is already in use.')
uid = next_id()
# 数据库中存储的passwd是经过SHA1计算后的40位Hash字符串,所以服务器端并不知道用户的原始口令。
sha1_passwd = '%s:%s' % (uid, passwd)
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest())
await user.save()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '********'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
users = await User.findAll('email=?', [email])
if len(users) > 0:
raise APIError('register:failed', 'email', 'Email is already in user.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, passwd)
user = User(
id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image=
'https://avatars3.githubusercontent.com/u/8428950?s=460&u=6b4aabf88ef78f759f12672b5cd57e06a2234389&v=4'
)
await user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
def api_register_user(*, email, passwd):
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
members = yield from Members.findAll('email=?', [email])
if len(members) > 0:
raise APIError('register:failed', 'email', 'Email is already in use.')
interviewers = yield from Interviewers.findAll('email=?', [email])
if len(interviewers) == 0:
raise APIValueError('register:failed', 'You have not sign up')
if interviewers[0].passed == False:
raise APIValueError('register:failed', 'You have not passed the interview')
interviewers = yield from Interviewers.findAll('email=?', [email])
interviewer = interviewers[0]
stu_id = interviewer.stu_id
sha1_passwd = '%s:%s' % (stu_id, passwd)
member = Members(stu_id=stu_id, name=interviewer.name.strip(), email=email, sex=interviewer.sex, school=interviewer.school, phone=interviewer.phone, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), voice_part='N', department='N', image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
yield from member.save()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME, user2cookie(member, 86400), max_age=86400, httponly=True)
member.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(member, ensure_ascii=False).encode('utf-8')
return r
async def api_register_user(*, email, name, passwd):
# email, name, paawd are required for registaration
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
users = await User.findAll('email=?', [email])
if len(users) > 0:
raise APIError('register: failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, passwd)
user = User(
id=uid,
# id is not necessarily assigned since the default value of 'id' is next_id()
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest())
await user.save()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_register_user(*, name, email, password, image):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not password or not _RE_SHA1.match(password):
raise APIValueError('password')
users = await User.findAll('email=?', [email])
# 判断邮箱是否已被注册
if len(users)>0:
raise APIError('register: failed', 'email', 'Email is already in use.')
uid=next_id()
user = User(
id=uid,
name=name.strip(),
email=email,
password=password,
# Gravatar是一个第三方头像服务商,能把头像和邮件地址相关联。用户可以到http://www.gravatar.com注册并上传头像。
# 也可以通过直接在http://www.gravatar.com/avatar/地址后面加上邮箱的MD5散列值获取默认头像。
image=image
)
#保存注册用户
await user.save()
# 制作cookie返回
r = web.Response()
r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
user.password = '******' # 在上下文环境中掩盖user对象的password字段,并不影响数据库中password字段
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
users = yield from User.findAll('email=?', [email])
if len(users) > 0:
raise APIError('register:failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_passwd = "%s:%s" % (uid, passwd)
## ============================= check piont ====================================================
# logging.info("save"+"<<<register>>>"+sha1_passwd)
# logging.info(hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest())
## ============================= end check ======================================================
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest())
yield from user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_register_user(*, email, name, password):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not password or not _RE_SHA1.match(password):
raise APIValueError('password')
users = await User.findAll('email=?', [email])
if len(users) > 0:
raise APIError('register:failed', 'email', 'email is already used')
uid = next_id()
user = User(id=uid,
name=name.strip(),
admin=False,
email=email,
password=password.encode('utf8'),
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest())
await user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.password = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf8')
return r
async def api_register_user(*, email, name, passwd):
"""kw var : email, name, passwd"""
if not email or not _reEmail.match(email): #判断该邮箱是否符合自己的规范
raise APIValueError('email')
if not name or not name.strip(): # 移除字符串头尾的空格
raise APIValueError(
'name'
) #如果名字是空格或没有返错,这里感觉not name可以省去,因为在web框架中的RequsetHandler已经验证过一遍了
if not passwd or not _reSha1.match(passwd):
raise APIValueError('passwd')
users = await User.findAll('email=?', [email]
) # 对应 where, args 参数 #查询邮箱是否已注册,查看ORM框架源码
if len(users) > 0:
raise APIError('注册失败', email, '邮箱已经被使用')
uid = next_id() #随机生成一个主键
sha1Passwd = '%s:%s' % (uid, passwd) #进行密码加密 ,密码再加密
user = User(id=uid,
email=email,
passwd=hashlib.sha1(sha1Passwd.encode('utf-8')).hexdigest(),
name=name.strip(),
image='about:blank')
await user.save() #进行注册
# cookie的制作
r = web.Response() #设置cookie
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True) # httponly指定JS不能获取COOKIE
user.passwd = '******' # 清理内存中的passwd
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8') # 转换成JSON格式
return r
async def api_regist(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email:
raise APIValueError('email')
if not passwd:
raise APIValueError('passwd')
users = await User.findAll('email=?', [email])
if len(users) > 0:
return APIError('email has exit')
uid = next_id()
user = User(uuid=uid,
email=email,
name=name.strip(),
passwd=passwd,
image='http://www.gravatar.com/avatar/')
await user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
def api_register_authenticate(*, username, password):
if not username:
raise APIValueError('username', 'Invalid username')
if not password or not _RE_SHA1.match(password):
raise APIValueError('password', 'Invalid password')
# users = yield from User.findAll('username=?', username)
# if len(users)> 0:
# raise APIError('register:failed', 'email', 'Email is already in use.')
users = yield from User.findAll('username=?', username)
if len(users) > 0:
raise APIError('register:failed', 'username',
'Username is already in use.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, password)
user = User(id=uid,
username=username.strip(),
password=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest())
yield from user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.password = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
d = dict()
d['email'] = email
users = await User.findAll(**d)
if len(users) > 0:
raise APIError('register:failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, passwd)
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image='about:blank')
await user.save()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
r.content_type = 'text/plain;charset=utf-8'
r.body = 'register:success'.encode('utf-8')
return r
def api_register_user(*, email, name, passwd):
if not name or name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
users = yield from User.findAll('email = ?', [email])
if len(users) > 0:
raise APIError('register failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, passwd)
user = yield from User(
id=uid,
name=name.strip(),
email=email,
password=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image='http://net.120askimages.com/images/no_avatar.gif')
yield from user.save()
# make session cookie
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_register_user(*, name, email, passwd):
if not name or not name.strip():
raise APIValueError("name")
if not email or not _RE_SHA1.match(passwd):
raise APIValueError("email")
if not passwd and not _RE_SHA1.match(passwd):
raise APIValueError("password")
users = await User.findAll(where="email=?", args=[email])
# check whether the email has been registered
if len(users) > 0:
raise APIError("register failed", "email", "Email is already in use")
uid = next_id()
sha1_passwd = "{}:{}".format(uid, passwd)
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode("utf-8")).hexdigest(),
image="http://www.gravatar.com/avatar/{}?d=mm&s=120".format(
hashlib.md5(email.encode("utf-8")).hexdigest()))
await user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = "*******"
r.content_type = "application/json"
r.body = json.dumps(user, ensure_ascii=False).encode("utf-8")
return r
def register():
if request.method == 'GET':
return render_template('register.html')
if request.method == 'POST':
data = request.get_json()
name = data['name']
email = data['email']
passwd = data['passwd']
if not name or not name.strip():
raise APIValueError('name')
if not email or not EMAIL_RE.match(email):
raise APIValueError('email')
if not passwd or not PASSWORD_RE.match(passwd):
raise APIValueError('passwd')
users = session.query(User).filter_by(email=email).first()
if users:
raise APIError('register:failed', email, 'Email is already in use.')
else:
pw_hash = make_pw_hash(email, passwd)
email_hash = hashlib.md5(email.encode('utf-8')).hexdigest()
app.logger.error(email_hash)
user = User(name=name.strip(), email=email, passwd=pw_hash,
image='http://www.gravatar.com/avatar/%s?d=monsterid&s=120' % email_hash)
session.add(user)
try:
session.commit()
except:
session.rollback()
# session.close()
r = make_response(jsonify(email))
r.headers['Content-type'] = 'application/json; charset=utf-8'
r.set_cookie('email', make_secure_val(email))
return r
async def api_register_user(*,name,email,passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('password')
#验证用户输入的email是否已经注册过,如果注册过就不能再注册了
users = await User.findAll('email = ?',[email])
if len(users)>0:
raise APIError('register:failed','email','email is already in user!')
uid = next_id()
#数据库存储的密码是sha1(uid:sha1(password))值
sha1_passwd = '%s:%s' %(uid,passwd)
#注册时候需要将用户信息存储进入数据库
user = User(id = uid,name = name,email = email,passwd = hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %hashlib.md5(email.encode('utf-8')).hexdigest())
await user.save()
#make session cookie
r = web.Response()
#注册之后就相当于已经登陆了,所以需要设置cookie
r.set_cookie(COOKIE_NAME,user2cookie(user,86400),max_age=86400,httponly=True)
user.passwd='******'
r.content_type='application/json'
r.body=json.dumps(user,ensure_ascii=False).encode('utf-8')
return r
def api_create_project(request, *, project_id,project_name,project_level):
# 只有管理员可以写博客
#check_admin(request)
#不能为空
if not project_id or not project_id.strip():
raise APIValueError('name', 'name cannot be empty')
if not project_name or not project_name.strip():
raise APIValueError('summary', 'summary cannot be empty')
# 根据传入的信息,构建一条项目数据
project = Project(
project_id=project_id,
project_name=project_name,
#project_status=project_status,
#project_stage=project_stage,
#project_docFlag=project_docFlag,
project_level=project_level,
project_manager=request.__user__.user_name
# project_department=project_department,
# project_resource=project_resource,
# project_environment=project_environment
)
p_r = yield from Project.findAll(where='project_id=?', args=[project_id]) # 查询id是否已注册,查看ORM框架源码
if len(p_r) > 0:
raise APIError('新建项目失败', 'project_id', 'project_id is already in use.')
# 保存
yield from project.save()
return project
async def api_register_user(*, email, name, passwd):
# name.strip()删除空白字符
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('password')
users = await User.findAll('email=?', [email])
if len(users) > 0:
raise APIError('register:failed', 'email', 'Email is already in use.')
uid = next_id()
# 根据用户id:密码,进行SHA1计算之后再存数据库
sha1_password = '******' % (uid, passwd)
encrypt_password = hashlib.sha1(sha1_password.encode('utf-8')).hexdigest()
# 头像用了Gravatar,如果以前注册过就会有这个全球头像
image = 'http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(
email.encode('utf-8')).hexdigest()
user = User(id=uid,
name=name.strip(),
email=email,
password=encrypt_password,
image=image)
await user.save()
# make session cookie
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.password = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def api_register_user(*, email, name, passwd):
if not name:
raise APIValueError('Invalid name.')
if not email:
raise APIValueError('Invalid email.')
if not passwd:
raise APIValueError('Invalid passwd')
users = await User.findAll('email=\'%s\'' % email)
if len(users) > 0:
raise APIError('register:failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, passwd)
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest())
await user.save()
# make session cookie:
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
async def apiCreateUser(*, name, email, passwd):
'''用户注册'''
# 输入验证
if name is None or not name.strip():
raise APIValueError('name', 'invalid name')
if email is None or not _reEmail.match(email):
raise APIValueError('email', 'invalid email')
if passwd is None or not _reSha1.match(passwd):
raise APIValueError('passwd', 'invalid password')
users = await User.findAll('email=?', [email])
if len(users) > 0:
raise APIError('register failed', 'email', 'Email is already in use')
# password 加密
uid = next_id()
sha1Passwd = '%s:%s' % (uid, passwd)
u = User(id=uid,
email=email,
passwd=hashlib.sha1(sha1Passwd.encode('utf-8')).hexdigest(),
name=name,
image='http://www.gravatar.com/avatar/%s?s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest())
await u.save()
# session
resp = web.Response()
resp.set_cookie(COOKIE_NAME,
user2cookie(u, 86400),
max_age=86400,
httponly=True)
u.passwd = '******'
resp.content_type = 'application/json'
resp.body = json.dumps(u, ensure_ascii=False).encode('utf-8')
return resp
async def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not email_regex.match(email):
raise APIValueError('email')
if not passwd or not sha1_regex.match(passwd):
raise APIValueError('passwd')
users = await User.findAll('email=?', [email])
if len(users) > 0:
raise APIError('register:failed', 'email', 'Email is already in use.')
uid = next_id()
sha1_passwd = f'{uid}:{passwd}'
user = User(
id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
# image='http://www.gravatar.com/avatar/%s?d=mm&s=120'
image='some_info :%s' % hashlib.md5(email.encode('utf-8')).hexdigest())
await user.save()
r = web.Response()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
def register_uauser():
i = ctx.request.input(name='', email='', password='')
name = i.name.strip()
email = i.email.strip().lower()
password = i.password
if not name:
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not password or not _RE_MD5.match(password):
raise APIValueError('password')
user = User.find_first('where email=?', email)
if user:
raise APIError('register:failed', 'email', 'Email is already in use.')
user = User(name=name,
email=email,
password=password,
image='/static/img/user-default.png')
user.insert()
cookie = make_signed_cookie(user.id, user.password, None)
ctx.response.set_cookie(_COOKIE_NAME, cookie)
return user
