def tpl_params(): """模板公共变量 Returns: dict -- 网页底部变量 """ populars = Article.populars(6) footer_address = sys_config('footer_address', ['title', 'value']) telephone = sys_config('telephone', ['title', 'value']) fax = sys_config('fax', ['title', 'value']) email = sys_config('email', ['title', 'value']) site_name = sys_config('site_name') params = { 'footer_address': footer_address, 'telephone': telephone, 'fax': fax, 'email': email, 'populars_left': populars[:3], 'populars_right': populars[3:], 'site_name': site_name, 'ad_thumb_prefix': '', 'article_thumb_prefix': '', 'app_name': 'home', } return params
def get(self, *args, **kwargs): """ 关于我们 """ field = ['title', 'subtitle', 'value'] about_us_a = sys_config('about_us_a', field) about_us_b = sys_config('about_us_b', field) # teams = get_teams({'limit':8}) query = "SELECT `id`, `title`, `description`, `name`, `avatar` FROM `home_team` WHERE `status`=1 ORDER BY `order` ASC LIMIT 8" session = Connector.get_session() # print('session', type(session),session) teams = session.get('master').execute(query).fetchall() # print('teams', type(teams),teams) about_us_b['value'] = about_us_b['value'].replace("\n\n", "\n").replace( "\n", "<br/>") params = { 'about_us_a': about_us_a, 'about_us_b': about_us_b, 'teams': teams, 'new_right': {}, 'flatpage': { 'title': '关于我们', }, } # 合并字典 params.update(tpl_params()) self.render_html('singlepage/about.htm', **params)
def admin_init(xsrf_token): rsa_encrypt = sys_config('login_pwd_rsa_encrypt') public_key = sys_config('login_rsa_pub_key') return { 'rsa_encrypt': int(rsa_encrypt), 'public_key': public_key, 'xsrf_token': xsrf_token, }
def login_post(self, *args, **kwargs): username = self.get_argument('username', '') password = self.get_argument('password', '') code = self.get_argument('code', '') # print('login_post self.request.arguments ', type(self.request.arguments), self.request.arguments) if not username: post_data = self.request.body.decode('utf-8') try: post_data = json_decode(post_data) username = post_data.get('username', '') password = post_data.get('password', '') code = post_data.get('code', '') except Exception as e: pass # print('login_post data ', type(post_data), post_data) # print('login_post ', self.request.headers) if not username or not password: raise JsonError('参数必须') test_verify_switch = sys_config('test_verify_switch') test_verify_switch = 1 if test_verify_switch else 0 if int(test_verify_switch) == 1: if self.__invalid_img_captcha(code): raise JsonError('验证码错误') rsa_encrypt = sys_config('login_pwd_rsa_encrypt') if int(rsa_encrypt) == 1: private_key = sys_config('login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) if password == False: raise JsonError('密码错误') user = AdminUser.Q.filter(AdminUser.username == username).first() if user is None: raise JsonError('用户名或者密码错误') if check_password(password, user.password) is not True: raise JsonError('用户名或者密码错误') if int(user.status) == 0: raise JsonError('用户被“禁用”,请联系客服') AdminUserService.login_success(user, self) self.clear_cookie(settings.valid_code_key) data = { 'username': user.username, 'last_login_at': user.last_login_at, 'login_count': user.login_count, 'is_superadmin': self.super_role(), 'token': 'token' } return self.success('成功', data=data)
def get(self, *args, **kwargs): next = self.get_argument('next', '') if self.current_user: next = next if next else '/member/index' self.redirect(next) params = { 'public_key': sys_config('login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'next': next, 'message': '', } # self.show(self.get_template_path()) self.render('passport/login.html', **params)
def get(self, *args, **kwargs): """Home首页 """ user_id = self.current_user.get('id') member = Member.Q.filter(Member.id==user_id).first() data_info = member.as_dict() params = { 'member': member, 'data_info': data_info, 'public_key': sys_config('login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'active': {'set':'layui-this'}, } self.render('member/set.html', **params)
def unlock_user(user_id, password): is_rsa = sys_config('login_pwd_rsa_encrypt') if int(is_rsa) == 1: private_key = sys_config('login_rsa_priv_key') try: password = RSAEncrypter.decrypt(password, private_key) except Exception as e: raise JsonError(msg='签名失败', code=11) user = AdminUser.Q.filter(AdminUser.id == user_id).first() if user is None: raise JsonError('用户信息出错') if check_password(password, user.password) == False: raise JsonError('密码错误') return True
def case_list_get(self, *args, **kwargs): params = tpl_params() params['index_welcome'] = sys_config('index_welcome', ['title', 'value']) params['friendlinks'] = FriendlinkService.get_list({'status': 1}) params['index_banner'] = AdvertisingService.list_for_category('index_banner', 3) params['index_square'] = AdvertisingService.list_for_category('index_square', 4) self.render('goods_list.htm', **params)
def update(user_id, param, rsa_encrypt=0): """ 保存用户数据 :param user: 用户数据字典 :param rsa_encrypt: :param user_id: :return: """ columns = [i for (i, _) in AdminUser.__table__.columns.items()] param = {k: v for k, v in param.items() if k in columns} if 'updated_at' in columns: param['updated_at'] = utime.timestamp(3) if 'username' in param.keys(): if param['username']: if AdminUserService.check_username(param['username'], user_id): raise JsonError('名称已被占用') else: del param['username'] if 'password' in param.keys(): if param['password']: if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(param['password']) > 4: private_key = sys_config('login_rsa_priv_key') param['password'] = RSAEncrypter.decrypt( param['password'], private_key) param['password'] = make_password(param['password']) else: del param['password'] if 'email' in param.keys(): if param['email']: if AdminUserService.check_email(param['email'], user_id): raise JsonError('邮箱已被占用') else: param['email'] = None if 'mobile' in param.keys(): if param['mobile']: if AdminUserService.check_mobile(param['mobile'], user_id): raise JsonError('电话号码已被占用') else: param['mobile'] = None try: if user_id: AdminUser.Update.filter(AdminUser.id == user_id).update(param) else: obj = AdminUser(**param) AdminUser.session.add(obj) except Exception as e: raise e else: AdminUser.session.commit() return True
def index_get(self, *args, **kwargs): """首页 """ params = tpl_params() params['index_welcome'] = sys_config('index_welcome', ['title', 'value']) params['friendlinks'] = FriendlinkService.get_list({'status': 1}) params['index_banner'] = AdvertisingService.list_for_category('index_banner', 3) params['index_square'] = AdvertisingService.list_for_category('index_square', 4) params['index_goods'] = GoodsService.list_most_importance(4) self.render('index.htm', **params)
def activate_email(self, email): """激活邮箱发送邮件功能 """ if not Func.is_email(email): return self.error('Email格式不正确') user_id = self.current_user.get('id') member = Member.Q.filter(Member.id==user_id).first() if member.email_activated: return self.error('已经激活了,请不要重复操作') token = self.get_secure_cookie(settings.token_key) if token: return self.error('邮件已发送,10分钟后重试') self.success() subject = '[%s]激活邮件' % sys_config('site_name') token = Func.uuid32() action_url = sys_config('site_url') + '/member/activate.html?token=' + token localnow = Func.local_now() + datetime.timedelta(minutes=10) params = { 'username': member.username, 'expires': str(localnow), 'action_url': action_url, 'action_tips': '立即激活邮箱', } tmpl = 'common/email_content.html' content = self.render_string(tmpl, **params) # print('content', content) Func.sendmail({'to_addr': email, 'subject':subject, 'content': content}) save = { 'token':token, 'account': email, 'username': member.username, 'action':'email_reset_pwd', } expires = time.mktime(localnow.timetuple()) self.set_secure_cookie(settings.token_key, str(save), expires=expires) return
def email_reset_pwd(self, email): """使用Email充值密码发送邮件功能 """ if not Func.is_email(email): return self.error('Email格式不正确') token = self.get_secure_cookie(settings.token_key) if token: return self.error('邮件已发送,30分钟后重试') member = Member.Q.filter(Member.email==email).first() if member is None: return self.error('账户没有注册') if member.status==0: return self.error('账户被禁用') self.success() subject = '[%s]找回密码' % sys_config('site_name') token = Func.uuid32() action_url = sys_config('site_url') + '/passport/forget.html?token=' + token localnow = Func.local_now() + datetime.timedelta(minutes=30) params = { 'username': member.username, 'expires': str(localnow), 'action_url': action_url, 'action_tips': '立即重置密码', } tmpl = 'common/email_content.html' content = self.render_string(tmpl, **params) # print('content', content) Func.sendmail({'to_addr': email, 'subject':subject, 'content': content}) save = { 'token':token, 'account': email, 'username': member.username, 'action':'email_reset_pwd', } expires = time.mktime(localnow.timetuple()) self.set_secure_cookie(settings.token_key, str(save), expires=expires) return
def get(self, *args, **kwargs): token = self.get_argument('token', None) token2 = self.get_secure_cookie(settings.token_key) params = { 'public_key': sys_config('login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'token': token, 'reset_pwd': '1', } # print("token2: ", token2) if token and token2: token2 = str(token2, encoding='utf-8') token2 = token2.replace('\'', '"') token2 = json_decode(token2) action = token2.get('action', '') account = token2.get('account', '') if token2.get('token', '')==token: params['reset_pwd'] = '2' params['username'] = token2.get('username', '') self.render('passport/forget.html', **params)
def get(self, *args, **kwargs): """ 联系我们 """ contact = sys_config('contact', ['title', 'subtitle', 'value']) params = { 'contact': contact, 'flatpage': { 'title': '联系我们', }, 'csrf_input': self.xsrf_form_html(), } # 合并字典 params.update(tpl_params()) self.render_html('singlepage/contact.htm', **params)
def get(self, *args, **kwargs): next = self.get_argument('next', '') referrer = self.get_argument('referrer', '') # print(aes_encrypt('de001cb8f0404944994e14f20bf76a02', prefix='')) params = { 'public_key': sys_config('login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'next': next, 'referrer_name': '', 'ref_user_id': '', } if referrer: ref_info = {} try: ref_user_id = aes_decrypt(referrer, prefix='') ref_info = Member.get_info(ref_user_id, 'username') params['referrer_name'] = ref_info.get('username', '') params['ref_user_id'] = ref_user_id except Exception as e: pass # self.show('home/login') self.render('passport/register.html', **params)
def get(self, *args, **kwargs): """首页 """ # ad_list = get_ad(position='index_banner') # 名称中包含 "abc"的人 ad_list = [] welcome = sys_config('index_welcome', ['title', 'value']) offer = sys_config('index_what_we_offer', ['title', 'value']) new_right = sys_config('index_new_right_img', ['title', 'value']) slogan = sys_config('index_slogan', ['title', 'value']) services_1 = sys_config('index_services_1', ['title', 'value']) services_2 = sys_config('index_services_2', ['title', 'value']) services_3 = sys_config('index_services_3', ['title', 'value']) # 公司动态 # company_news = get_article(category='company_news', options={'limit': 2, 'order': '-publish_date'}) company_news = [] params = {} params['category'] = 'activity' params['per_page'] = 3 news_obj = Article.lists(params) print('news_obj ', type(news_obj), news_obj.items) if news_obj and news_obj.items: for item in news_obj.items: company_news.append(item) # 产品展示 # products = get_article(category='products', options={'get_list': True, 'order': '-publish_date', 'limit': 8}) products = [] params = { 'ad_list': ad_list, 'welcome': welcome, 'offer': offer, 'new_right': new_right, 'products_left': products[:4], 'products_right': products[4:], 'slogan': slogan, 'services_1': services_1, 'services_2': services_2, 'services_3': services_3, 'company_news': company_news, } # 合并字典 params.update(tpl_params()) self.render_html('index.htm', **params)
def post(self, *args, **kwargs): """重置密码 """ user_id = self.current_user.get('id') next = self.get_argument('next', '') nowpass = self.get_argument('nowpass', None) password = self.get_argument('password', None) repass = self.get_argument('repass', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) if settings.login_pwd_rsa_encrypt and int(rsa_encrypt)==1 and len(password)>10: private_key = sys_config('login_rsa_priv_key') nowpass = RSAEncrypter.decrypt(nowpass, private_key) password = RSAEncrypter.decrypt(password, private_key) repass = RSAEncrypter.decrypt(repass, private_key) if not nowpass: return self.error('当前密码不能够为空') if not password: return self.error('新密码不能为空') if repass!=password: msg = '两次输入的密码不一致,请重新输入' msg = "%s, %s" %(password, repass) return self.error(msg) member = Member.Q.filter(Member.id==user_id).first() if int(member.status)==0: return self.error('用户被“禁用”,请联系客服') if check_password(nowpass, member.password) is not True: return self.error('当前密码错误') params = { 'password': make_password(password), 'status': 1, } Member.Update.filter(Member.id==user_id).update(params) Member.session.commit() return self.success(next=next)
def post(self, *args, **kwargs): next = self.get_argument('next', '') account = self.get_argument('account', None) password = self.get_argument('password', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) code = self.get_argument('code', '') _ = self.locale.translate if self.invalid_img_captcha(code): return self.error(_('验证码错误')) if settings.login_pwd_rsa_encrypt and int(rsa_encrypt)==1 and len(password)>10: private_key = sys_config('login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) if not account: return self.error('账号不能够为空') if Func.is_mobile(account): member = Member.Q.filter(Member.mobile==account).first() elif Func.is_email(account): member = Member.Q.filter(Member.email==account).first() else: member = Member.Q.filter(Member.username==account).first() if member is None: return self.error('用户名或者密码错误') if int(member.status)==0: return self.error('用户被“禁用”,请联系客服') if check_password(password, member.password) is not True: return self.error('用户名或者密码错误') Member.login_success(member, self) self.clear_cookie(settings.valid_code_key) return self.success(next=next)
def change_pwd(password, rsa_encrypt, admin_id): """ 修改密码 :param password: :param rsa_encrypt: :param admin_id: :return: """ admin = AdminUser.Q.filter(AdminUser.id == admin_id).first() if admin is None: raise JsonError('参数无效') if password: if int(rsa_encrypt) == 1 and password: private_key = sys_config('login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) password = make_password(password) else: raise JsonError('参数无效') AdminUser.Update.filter(AdminUser.id==admin_id)\ .update({'password':password}) AdminUser.session.commit() return True
def tpl_params(): """模板公共变量 Returns: dict -- 网页底部变量 """ working_time = sys_config('working_time', ['title', 'value']) company_hotline = sys_config('company_hotline', ['title', 'value']) company_email = sys_config('company_email', ['title', 'value']) copyright = sys_config('copyright', ['title', 'value']) site_name = sys_config('site_name') site_logo = sys_config('site_logo') params = { 'working_time': working_time, 'company_hotline': company_hotline, 'company_email': company_email, 'site_name': site_name, 'site_logo': site_logo, 'copyright': copyright, 'utime': utime, } return params
def post(self, *args, **kwargs): next = self.get_argument('next', '') email = self.get_argument('email', None) mobile = self.get_argument('mobile', None) username = self.get_argument('username', None) sex = self.get_argument('sex', None) password = self.get_argument('password', None) repass = self.get_argument('repass', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) ref_user_id = self.get_argument('ref_user_id', '') code = self.get_argument('code', '') _ = self.locale.translate if self.invalid_img_captcha(code): return self.error(_('验证码错误')) if not email: return self.error('Email不能为空') if not password: return self.error('密码不能为空') if settings.login_pwd_rsa_encrypt and int(rsa_encrypt)==1 and len(password)>10: private_key = sys_config('login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) repass = RSAEncrypter.decrypt(repass, private_key) if repass!=password: msg = '两次输入的密码不一致,请重新输入' msg = "%s, %s" %(password, repass) return self.error(msg) count = Member.Q.filter(Member.username==username).count() if count>0: return self.error('用户名已被占用') client = 'web' params = { 'username': username, 'password': make_password(password), 'status': 1, 'avatar': 'image/default_avatar.jpg', 'reg_ip': self.request.remote_ip, 'reg_client': client, } if email: params['email'] = email count = Member.Q.filter(Member.email==email).count() if count>0: return self.error('Email已被占用') if mobile: if not Func.mobile(mobile): return self.error('电话号码格式有误') params['mobile'] = mobile count = Member.Q.filter(User.mobile==mobile).count() if count>0: return self.error('电话号码已被占用') if sex: params['sex'] = sex if ref_user_id: params['ref_user_id'] = ref_user_id (code, member) = Member.register(params) if code==0: Member.login_success(member, self, client=client) return self.success(next=next) else: return self.error(member)
def post(self, *args, **kwargs): """重置密码 """ token = self.get_argument('token', None) next = self.get_argument('next', '') password = self.get_argument('password', None) repass = self.get_argument('repass', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) code = self.get_argument('code', '') _ = self.locale.translate if self.invalid_img_captcha(code): return self.error(_('验证码错误')) token2 = self.get_secure_cookie(settings.token_key) if not(token and token2): return self.error('Token不存在或已经过期') token2 = str(token2, encoding='utf-8') token2 = token2.replace('\'', '"') token2 = json_decode(token2) action = token2.get('action', '') account = token2.get('account', '') # print('token2 ', token2.get('token', ''), token) if token2.get('token', '')!=token: return self.error('Token不匹配') if not password: return self.error('新密码不能为空') if settings.login_pwd_rsa_encrypt and int(rsa_encrypt)==1 and len(password)>10: private_key = sys_config('login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) repass = RSAEncrypter.decrypt(repass, private_key) if repass!=password: msg = '两次输入的密码不一致,请重新输入' msg = "%s, %s" %(password, repass) return self.error(msg) member = None if action=='email_reset_pwd': member = Member.Q.filter(Member.email==account).first() else: return self.error('不支持的action') if member is None: return self.error('用户不存在') if int(member.status)==0: return self.error('用户被“禁用”,请联系客服') user_id = member.id params = { 'password': make_password(password), } Member.Update.filter(Member.id==user_id).update(params) Member.session.commit() params = { 'user_id': user_id, 'account': account, 'action': 'email_reset_pwd', 'ip': self.request.remote_ip, 'client': 'web', } MemberOperationLog.add_log(params) self.clear_cookie(settings.token_key) return self.success(next=next)