Exemple #1
0
def resetPwd():
    if request.method == 'GET':
        return ops_render("user/reset_pwd.html",{'current':'reset-pwd'})
    resp = {'code': 200, 'msg': '操作成功', 'data': {}}
    req = request.values
    old_password = req['old_password'] if 'old_password' in req else ''
    new_password = req['new_password'] if 'new_password' in req else ''
    if old_password is None or len(old_password) < 6:
        resp['code'] = -1
        resp['msg'] = '请输入符合规范的原密码!'
        return jsonify(resp)
    if new_password is None or len(new_password) < 6:
        resp['code'] = -1
        resp['msg'] = '请输入符合规范的新密码!'
        return jsonify(resp)

    if old_password == new_password :
        resp['code'] = -1
        resp['msg'] = '新旧密码不能相同!'
        return jsonify(resp)
    user_info = g.current_user
    user_info.login_pwd = UserService.genePwd(new_password, user_info.login_salt)

    db.session.add(user_info)
    db.session.commit()

    responce = make_response(json.dumps(resp))
    responce.set_cookie(app.config['AUTH_COOKIE_NAME'], '%s#%s' % (UserService.geneAuthCode(user_info), user_info.uid))
    return responce
Exemple #2
0
def set():
    default_pwd = "******"
    if request.method == "GET":
        resp_data = {}
        req = request.args
        uid = int(req.get("id", 0))
        info = None
        if uid:
            info = User.query.filter_by(uid=uid).first()
        resp_data['info'] = info
        return ops_render("account/set.html", resp_data)
    resp = {'code': 200, 'msg': '编辑成功', 'data': {}}
    req = request.values
    nickname = req['nickname'] if 'nickname' in req else ''
    email = req['email'] if 'email' in req else ''
    mobile = req['mobile'] if 'mobile' in req else ''
    login_name = req['login_name'] if 'login_name' in req else ''
    login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
    id = req['id'] if 'id' in req else '0'

    if nickname is None or len(nickname) < 1:
        resp['code'] = -1
        resp['msg'] = "nickname failed"
        return jsonify(resp)

    if email is None or len(email) < 1:
        resp['code'] = -1
        resp['msg'] = "email failed"
        return jsonify(resp)

    has_in = User.query.filter(User.login_name == login_name,
                               User.uid != id).first()
    if has_in:
        resp['code'] = -1
        resp['msg'] = "email failed"
        return jsonify(resp)

    user_info = User.query.filter(User.uid == id).first()
    if user_info:
        model_user = user_info
    else:
        model_user = User()
        model_user.updated_time = getCurrentDate()
        model_user.created_time = getCurrentDate()

    if login_pwd != default_pwd:
        model_user.login_salt = UserService.genSalt()
        model_user.login_pwd = UserService.genePwd(login_pwd,
                                                   model_user.login_salt)

    model_user.nickname = nickname
    model_user.email = email
    model_user.mobile = mobile
    model_user.login_name = login_name

    db.session.add(model_user)
    db.session.commit()
    return jsonify(resp)
Exemple #3
0
def login():
    resp = {'code': 200, 'msg': "success", "data": {}}
    req = request.values
    code = req['code']
    app.logger.info(req)
    if code == None or len(code) < 10:
        resp['code'] = -1
        resp['msg'] = "需要code"
        app.logger.info("need code")
        return jsonify(resp)
    openid = UserService.getWeChatOpenId(code)
    if openid == None:
        resp['code'] = -1
        resp['msg'] = "微信调用登录接口失败"
        app.logger.info("微信调用登录接口失败")
        return jsonify(resp)

    user_model = Users()
    resp["is_user"] = True
    user_info = Users.query.filter_by(openid=openid).first()
    if not user_info:
        user_model.openid = openid
        user_model.nickName = req['nickName']
        user_model.avatarUrl = req['avatarUrl']
        user_model.sex = req['gender']
        user_model.createTime = user_model.updateTime = getCurrentDate()
        db.session.add(user_model)
        db.session.commit()
        db.session.flush()
        resp["is_user"] = False
        user_info = Users.query.filter_by(openid=openid).first()
    resp['data'] = {
        'nickName': user_info.nickName,
        'avatarUrl': user_info.avatarUrl,
        'openid': user_info.openid
    }
    response = make_response(json.dumps(resp))
    response.set_cookie(
        "sunners",
        "%s#%s" % (UserService.geneAuthCode(user_info), user_info.id))
    return response
Exemple #4
0
def index():
    if request.method == 'GET':
        return ops_render("user/login.html")

    resp = {'code':'200', 'msg':'登录成功','data':{}}
    req = request.values
    login_name = req['login_name'] if 'login_name' in req else ''
    login_pwd = req['login_pwd'] if 'login_pwd' in req else ''

    #输入有效性前端js可以不判断,但是后端一定要判断,js只是给用户更好的体验
    if login_name is None or len(login_name) < 1:
        resp['code'] = -1
        resp['msg'] = '登录失败'
        return jsonify(resp)

    if login_pwd is None or len(login_pwd) < 1:
        resp['code'] = -1
        resp['msg'] = '请输入正确的密码'
        return jsonify(resp)

    user_info = User.query.filter_by(login_name = login_name).first()
    if not user_info :
        resp['code'] = -1
        resp['msg'] = "请输入正确的用户名和密码!"
        return jsonify(resp)

    if user_info.login_pwd != UserService.genePwd(login_pwd,user_info.login_salt):
        resp['code'] = -1
        resp['msg'] = "请输入正确的用户名和密码!"
        return jsonify(resp)

    #cookie的使用
    responce = make_response(json.dumps(resp))
    responce.set_cookie(app.config['AUTH_COOKIE_NAME'],'%s#%s'%(UserService.geneAuthCode(user_info),user_info.uid))

    return responce
def login():
    if request.method == "GET":
        resp_data = {}
        config = app.config['APP_MAKER']
        resp_data['config'] = config
        return ops_render("user/login.html", resp_data)

    resp = {'code': 200, 'msg': '登录成功', 'data': {}}
    #这里是获取输入的东西
    req = request.values
    login_name = req['login_name'] if 'login_name' in req else ''
    login_pwd = req['login_pwd'] if 'login_pwd' in req else ''

    #测试是否获得输入值,如果有没输入的就直接返回错误
    #return "%s-%s" %(login_name,login_pwd)测试成功
    if login_name is None or len(login_name) < 1:
        resp['code'] = -1
        resp['msg'] = "请输入正确的登录用户名"
        return jsonify(resp)

    if login_pwd is None or len(login_pwd) < 1:
        resp['code'] = -1
        resp['msg'] = "请输入正确的登录密码"
        return jsonify(resp)

    user_info = User.query.filter_by(login_name=login_name).first()  #查询匹配的方法
    #确认输入的账户是在数据库中存在的
    if not user_info:
        resp['code'] = -1
        resp['msg'] = "请输入正确的登录用户名和密码-1"
        return jsonify(resp)
    #确认密码对的上账户
    #这里是将数据库中的密码(这个密码就是经过MD5与秘钥进行加密过的,不可逆加密) 与 输入的密码通过数据库中的秘钥进行加密得出的密码 进行比对
    #由于数据库中的密码并没有进行加密操作,所以这里的比对先直接进行明文比对
    #if user_info.login_pwd != UserService.genePwd(login_pwd,user_info.login_salt):
    if user_info.login_pwd != login_pwd:
        resp['code'] = -1
        resp['msg'] = "请输入正确的登录用户名和密码-2 "
        return jsonify(resp)

    response = make_response(json.dumps(resp))
    response.set_cookie(app.config['AUTH_COOKIE_NAME'], '%s#%s' %
                        (UserService.geneAuthCode(user_info), user_info.uid),
                        60 * 60 * 24 * 120)  #保存120天
    return response
Exemple #6
0
def check_login():
    cookies = request.cookies
    auth_cookie = cookies[app.config['AUTH_COOKIE_NAME']] if app.config[
        'AUTH_COOKIE_NAME'] in cookies else None
    if auth_cookie is None:
        return False

    auth_info = auth_cookie.split("#")
    if len(auth_info) != 2:
        return False
    try:
        user_info = User.query.filter_by(uid=auth_info[1]).first()
    except Exception:
        return False
    if user_info is None:
        return False
    if auth_info[0] != UserService.geneAuthCode(user_info):
        return False

    return user_info
def reset_Pwd():
    if request.method == "GET":
        return ops_render("user/reset_pwd.html", {"current": "reset_pwd"})

    resp = {'code': 200, 'msg': '操作成功', 'data': {}}
    req = request.values
    old_password = req['old_password'] if 'old_password' in req else ''
    new_password = req['new_password'] if 'new_password' in req else ''
    #参数有效性的再次判断的
    if old_password is None or len(old_password) < 6:
        resp['code'] = -1
        resp['msg'] = "请输入符合规范的原始密码~~"
        return jsonify(resp)

    if new_password is None or len(new_password) < 6:
        resp['code'] = -1
        resp['msg'] = "请输入符合规范的新密码~~"
        return jsonify(resp)

    if old_password == new_password:
        resp['code'] = -1
        resp['msg'] = "请重新输入新密码,新密码不能和原密码相同~~"
        return jsonify(resp)

    user_info = g.current_user
    #更改这里的时候不是简单地更改,需要使用封装的办法进行加密保存更改
    #user_info.login_pwd=UserService.genePwd(new_password,user_info.login_salt)使用新密码和这个人本来加密随机字符串进行保存加密
    #这里为了后面的简单比对并没有进行加密保存,需要注意
    user_info.login_pwd = new_password
    #数据库提交
    db.session.add(user_info)
    db.session.commit()
    #更新cookie值
    response = make_response(json.dumps(resp))
    response.set_cookie(app.config['AUTH_COOKIE_NAME'], '%s#%s' %
                        (UserService.geneAuthCode(user_info), user_info.uid),
                        60 * 60 * 24 * 120)  # 保存120天
    return response
Exemple #8
0
def checkReg():
    resp = {
        'code': 200,
        'msg': "已登录",
    }
    req = request.json
    code = req['code']
    if code == None or len(code) < 10:
        resp['code'] = -1
        resp['msg'] = "code不存在"
        return jsonify(resp)

    openid = UserService.getWeChatOpenId(code)
    if openid == None:
        resp['code'] = -1
        resp['msg'] = "微信调用登录接口失败"
        return jsonify(resp)
    user_info = Users.query.filter_by(openid=openid).first()
    if user_info is None:
        resp['code'] = -1
        resp['msg'] = "该用户没有注册"
        return jsonify(resp)
    return jsonify(resp)
Exemple #9
0
def set():
    default_pwd = "******"
    if request.method == 'GET':
        resp_data = {}
        req = request.args
        uid = int(req.get('id',0))
        user_info = None
        if uid:
            user_info = User.query.filter_by(uid=uid).first()
        resp_data['user_info'] = user_info
        return ops_render("account/set.html", resp_data)

    resp ={'code':200,'msg':"操作成功",'data':{}}
    req = request.values
    id = req['id'] if 'id'in req else 0
    nickname= req['nickname'] if 'nickname' in req else ""
    mobile = req['mobile'] if 'mobile' in req else ""
    email = req['email'] if 'email' in req else ""
    login_name = req['login_name'] if 'login_name' in req else ""
    login_pwd = req['login_pwd'] if 'login_pwd' in req else ""
    if nickname is None or len(nickname)<2:
        resp['code'] = -1
        resp['msg'] = '请输入符合规范的姓名'
        return jsonify(resp)
    if mobile is None or len(mobile)<2:
        resp['code'] = -1
        resp['msg'] = '请输入符合规范的mobile'
        return jsonify(resp)
    if email is None or len(email)<2:
        resp['code'] = -1
        resp['msg'] = '请输入符合规范的email'
        return jsonify(resp)
    if login_name is None or len(login_name)<2:
        resp['code'] = -1
        resp['msg'] = '请输入符合规范login_name'
        return jsonify(resp)
    if login_pwd is None or len(login_pwd)<6:
        resp['code'] = -1
        resp['msg'] = '请输入符合规范的密码'
        return jsonify(resp)

    has_in = User.query.filter(User.login_name == login_name, User.uid!=id).first()
    if has_in:
        resp['code'] = -1
        resp['msg'] = '登录用户名已存在!'
        return jsonify(resp)
    user_info = User.query.filter_by(uid=id).first()
    if user_info:
        #编辑
        model_user = user_info
    else:
        #新增
        model_user = User()
        model_user.created_time = getCurrentDate()
        model_user.login_salt = UserService.geneSalt()

    model_user.nickname = nickname
    model_user.mobile = mobile
    model_user.email = email
    model_user.login_name = login_name
    if login_pwd != default_pwd:
        model_user.login_pwd = UserService.genePwd(login_pwd,model_user.login_salt)
    model_user.updated_time = getCurrentDate()


    db.session.add(model_user)
    db.session.commit()
    return jsonify(resp)