def need_vercode(user_id):
_data = {}
mdb_user.db.user_profile.update({'user_id':user_id}, {"$inc":{"pass_error":1}})
user_p = mdb_user.db.user_profile.find_one({'user_id':user_id})
if user_p and ("pass_error" in user_p) and user_p['pass_error'] >= 5:
_code = create_code()
_data['code'] = _code
return _data
def sign_up():
view_data = {'title': '注册-{}'.format(config['title'].TITLE)}
# 验证码
_code = create_code()
view_data['code'] = _code
return render_template('{}/online/user/sign-up.html'.format(
config['theme'].THEME_NAME),
view_data=view_data)
def retrieve_password():
view_data = {'title': '找回密码-{}'.format(config['title'].TITLE)}
# 验证码
_code = create_code()
view_data['code'] = _code
return render_template('online/user/ret_password.html',
view_data=view_data)
def sign_in():
view_data = {'login_type': 'c', 'title': '登录管理台'}
if current_user.is_authenticated:
return redirect(url_for('admin.index'))
# 验证码
_code = create_code()
view_data['code'] = _code
return render_template('{}/online/sign-in.html'.format(
config['theme'].THEME_NAME),
view_data=view_data)
def retrieve_password():
_data = {}
code = request.form['email_code'].strip()
code_id = request.form['code_id']
email = request.form['email'].strip()
password = request.form['password'].strip()
password2 = request.form['password2'].strip()
if not email:
_data['flash'] = {'msg': '邮箱不能为空!'}
elif not ver_email(email):
_data['flash'] = {'msg': '邮箱格式错误!'}
elif not code:
_data['flash'] = {'msg': '验证码错误'}
elif password != password2:
_data['flash'] = {'msg': '两次密码不一致!'}
else:
_data = p_retrieve_password(email, code, code_id, password, password2)
# 验证码
_code = create_code()
_data['code'] = _code
return jsonify(_data)
def vercode():
# 验证码
_code = create_code()
return jsonify(_code)
def login_sha(adm = False):
_data = {}
if current_user.is_authenticated:
_data['success'] = True
_data['url'] = request.args.get('next') or url_for('online.index')
return jsonify(_data)
# code
username = request.value.all('username').strip()
password = request.value.all('password').strip()
code = request.value.all('vercode').strip()
code_url = request.value.all('code_url').strip()
remember_me = request.value.all('remember_me')
r = verify_code(code_url, code)
vercode_err = False
if not r:
vercode_err = True
vercode_del(code_url)
# name & pass
if "." in username and '@' in username:
user = mdb_user.db.user.find_one({"email":username})
else:
user = mdb_user.db.user.find_one({"username":username})
user = User(user)
is_continue = False
if user and adm:
if user.can(Permission.ADMINISTER):
is_continue = True
elif user:
if not user.can(Permission.ADMINISTER):
is_continue = True
if is_continue:
# 如果验证码错误那就判断用户是否已经3次输错密码
if vercode_err:
user_p = mdb_user.db.user_profile.find_one({'user_id':user.id})
if user_p and 'pass_error' in user_p and user_p['pass_error'] >= 5:
_data['flash'] = {'msg':'验证码错误!', 'type':'e'}
# 验证码
_code = create_code()
_data['code'] = _code
return jsonify(_data)
# 密码验证
if is_continue and user and user.verify_password(password) and not user.is_delete:
if user.is_active():
login_user(user, remember_me)
mdb_user.db.user_profile.update({'user_id':current_user.id}, {"$set":{"pass_error":0}})
# Record the info
login_info = {
'last_login_time':time.time(),
'last_login_ip':request.remote_addr,
}
mdb_user.db.user_profile.update({'user_id':current_user.id}, {'$set':login_info})
_data['success'] = True
return jsonify(_data)
# 未激活
_data['flash'] = {'type':'html','msg':config['email'].VER_HTML.format(
username,
url_for('online.resend_confirmation',email = user.email)
)}
# 验证码
_code = create_code()
_data['code'] = _code
return jsonify(_data)
# 密码错误
_data = need_vercode(user.id)
_data['flash'] = {'type':'e','msg':u'帐号或密码错误哦!'}
else:
_data['flash'] = {'type':'e','msg':u'帐号或密码错误哦!'}
return jsonify(_data)
def sign_up():
_data = {'flash': None}
role = mdb_user.db.role.find_one({"permissions": Permission.AVERABGEUSER})
if role:
role_id = role['_id']
# code
email = request.value.all['email'].strip()
username = request.value.all['username'].strip()
password = request.value.all['password'].strip()
password2 = request.value.all['password2'].strip()
code = request.value.all['vercode'].strip()
code_url = request.value.all['code_url']
r = verify_code(code_url, code)
if not ver_email(email):
_data['flash'] = {'msg': '邮箱格式错误!', 'type': 'e'}
elif not r:
_data['flash'] = {'msg': '验证码错误!', 'type': 'e'}
vercode_del(code_url)
elif password2 != password:
_data['flash'] = {'msg': '两次密码不一致!', 'type': 'e'}
elif mdb_user.db.user.find_one({"email": email}):
_data['flash'] = {'type': 'w', 'msg': u'此邮箱已在该网站注册过哦,请直接登录!'}
elif mdb_user.db.user.find_one({"username": username}):
_data['flash'] = {'type': 'w', 'msg': u'此名号已被使用,请再取一个吧!'}
if not _data['flash']:
names = mdb_sys.db.audit_rules.find_one({'type': 'username'})
try:
t_username = username.upper()
except:
t_username = username
if t_username in names['rule']:
_data['flash'] = {'type': 'w', 'msg': u'此名号已被使用,请再取一个吧!'}
# password--------------------------------------------------------------------------------------------------
if not _data['flash']:
r = password_format(password)
if 'flash' in r:
_data['flash'] = r['flash']
if not _data['flash']:
if is_email(email):
user = user_model(username=username,
email=email,
password=password,
domain=-1,
role_id=role_id)
user_id = mdb_user.db.user.insert(user)
user = User(mdb_user.db.user.find_one({"_id": user_id}))
# 邮箱验证加密链接
token = generate_confirmation_token(user.email)
# profile
avatar_l = len(config['user'].AVATAR_URL)
avatar_url = config['user'].AVATAR_URL[randint(0, avatar_l - 1)]
user_profile = {
'crate_time': time.time(),
'user_id': user.id,
'user_domain': user.id,
'username': user.username,
'info': '',
'email': user.email,
'avatar_url': avatar_url,
'addr': {
'country': None,
'provinces': None,
'city': None,
'district': None
},
'tel_num': None,
"pay": {
'alipay': {
'use': 0
},
'webchatpay': {
'use': 0
}
}
}
mdb_user.db.user_profile.insert(user_profile)
# article type
mdb_cont.db.article_type.insert({'user_id': user.id, 'type': []})
# article tag
mdb_cont.db.article_tag.insert({'user_id': user.id, 'tag': []})
# email token
confirm_url = url_for('online.confirm_email',
token=token,
_external=True)
html = render_template('online/email/activate.html',
confirm_url=confirm_url)
# send email
msg = Message("{}注册验证".format(config['email'].MAIL_PROJECT),
sender=config['email'].MAIL_DEFAULT_SENDER,
recipients=[email])
msg.html = html
send_email(mdb_sys.db, msg)
flash({
'type':
'html',
'msg':
config['email'].REGISTER_VER_HTML.format(
user.email,
url_for('online.resend_confirmation', email=user.email))
})
_data['success'] = True
return jsonify(_data)
else:
_data['flash'] = {'type': 'w', 'msg': '邮箱格式不正确!'}
# 验证码
_code = create_code()
_data['code'] = _code
return jsonify(_data)