def resetPwd(): if request.method == "GET": return render_template_ops("user/reset_pwd.html", {'current': 'reset-pwd'}) resp = {'code': 200, 'msg': '操作成功~', 'data': {}} req = request.values user_info = g.current_user old_password = req['old_password'] if 'old_password' in req else '' new_password = req['new_password'] if 'new_password' in req else '' if user_info.login_pwd != UserService.getPwd(old_password, user_info.login_salt): resp['code'] = -1 resp['msg'] = "原密码输入错误~~" return jsonify(resp) if old_password is None or len(old_password) < 6: resp['code'] = -1 resp['msg'] = "请输入符合规范的原密码~~" return jsonify(resp) if new_password is None or len(new_password) < 6: resp['code'] = -1 resp['msg'] = "请输入符合规范的新密码~~" return jsonify(resp) if old_password == new_password: resp['code'] = -1 resp['msg'] = "请重新输入一个吧,新密码和原密码不能相同哦~~" return jsonify(resp) user_info = g.current_user # if user_info.uid == 1: # resp['code'] = -1 # resp['msg'] = "该用户是演示账号,不准修改密码和登录用户名~~" # return jsonify(resp) user_info.login_pwd = UserService.getPwd(new_password, user_info.login_salt) db.session.add(user_info) db.session.commit() # 为了防止修改密码后直接退出 更新cookie response = make_response(json.dumps(resp)) response.set_cookie(app.config['AUTH_COOKIE_NAME'], '%s#%s' % (UserService.setAuthcode(user_info), user_info.uid), 60 * 60 * 24) # 保存1天 return response
def login(): if request.method == "GET": if g.current_user: return redirect(UrlManager.buildUrl("/")) return render_template_ops("user/login.html", {'SEO_TITLE': app.config['SEO_TITLE']}) resp = {'code': 200, 'msg': '登录成功', 'data': {}} req = request.values login_name = req.get("login_name", '') login_pwd = req.get("login_pwd", '') if not login_name or len(login_name) < 5: resp['code'] = -1 resp['msg'] = "请输入正确的用户名" return jsonify(resp) if not login_pwd or len(login_pwd) < 6: resp['code'] = -1 resp['msg'] = "请输入正确的密码" return jsonify(resp) user_info = User.query.filter_by(login_name=login_name).first() if not user_info: resp['code'] = -1 resp['msg'] = "请输入正确的用户名密码" return jsonify(resp) if user_info.login_pwd != UserService.getPwd(login_pwd, user_info.login_salt): resp['code'] = -2 resp['msg'] = "请输入正确的用户名密码" return jsonify(resp) if user_info.status != 1: resp['code'] = -3 resp['msg'] = "账号被禁用" return jsonify(resp) response = make_response(json.dumps(resp)) # expires=time.time() + 10 设置过期时间 10s response.set_cookie( app.config['AUTH_COOKIE_NAME'], "%s#%s" % (UserService.setAuthcode(user_info), user_info.uid)) return response
def set(): default_pwd = "******" if request.method == "GET": resp_data = {} req = request.args uid = int(req.get("id", 0)) info = None if uid: info = User.query.filter_by(uid=uid).first() resp_data['info'] = info return render_template_ops("account/set.html", resp_data) resp = {'code': 200, 'msg': '操作成功~~', 'data': {}} req = request.values id = req['id'] if 'id' in req else 0 nickname = req['nickname'] if 'nickname' in req else '' mobile = req['mobile'] if 'mobile' in req else '' email = req['email'] if 'email' in req else '' login_name = req['login_name'] if 'login_name' in req else '' login_pwd = req['login_pwd'] if 'login_pwd' in req else '' if nickname is None or len(nickname) < 1: resp['code'] = -1 resp['msg'] = "请输入符合规范的姓名~~" return jsonify(resp) if mobile is None or len(mobile) < 1: resp['code'] = -1 resp['msg'] = "请输入符合规范的手机号码~~" return jsonify(resp) if email is None or len(email) < 1: resp['code'] = -1 resp['msg'] = "请输入符合规范的邮箱~~" return jsonify(resp) if login_name is None or len(login_name) < 1: resp['code'] = -1 resp['msg'] = "请输入符合规范的登录用户名~~" return jsonify(resp) if login_pwd is None or len(email) < 6: resp['code'] = -1 resp['msg'] = "请输入符合规范的登录密码~~" return jsonify(resp) has_in = User.query.filter(User.login_name == login_name, User.uid != id).first() if has_in: resp['code'] = -1 resp['msg'] = "该登录名已存在,请换一个试试~~" return jsonify(resp) user_info = User.query.filter_by(uid=id).first() if user_info: model_user = user_info else: model_user = User() model_user.created_time = getCurrentDate() model_user.login_salt = UserService.setSalt() model_user.nickname = nickname model_user.mobile = mobile model_user.email = email model_user.login_name = login_name if login_pwd != default_pwd: model_user.login_pwd = UserService.getPwd(login_pwd, model_user.login_salt) model_user.updated_time = getCurrentDate() db.session.add(model_user) db.session.commit() return jsonify(resp)